jsch-2.28.2

What's Changed

• Fix #1045: RSA certificate auth ignores negotiated signature algorithm by @luigidemasi in #1046

Dependency Updates

• Bump org.junit.jupiter:junit-jupiter from 5.14.3 to 5.14.4 by @dependabot[bot] in #1041
• Bump commons-codec:commons-codec from 1.21.0 to 1.22.0 by @dependabot[bot] in #1043
• Bump commons-io:commons-io from 2.21.0 to 2.22.0 by @dependabot[bot] in #1040
• Bump net.revelc.code:impsort-maven-plugin from 1.12.0 to 1.13.0 by @dependabot[bot] in #1042

Full Changelog: jsch-2.28.1...jsch-2.28.2

jsch-2.28.1

What's Changed

• Bump log4j.version from 2.25.3 to 2.25.4 by @dependabot[bot] in #1028
• Bump actions/cache from 5.0.4 to 5.0.5 by @dependabot[bot] in #1036
• Bump org.testcontainers:testcontainers-junit-jupiter from 2.0.4 to 2.0.5 by @dependabot[bot] in #1039
• 2.28.1 changes by @norrisjeremy in #1027
  • Add impsort-maven-plugin to organize imports correctly according to Google Java Style.
  • Fix unit tests when run in certain timezones.
  • Fix integration test failures on Apple Silicon by using Alpine 3.7.
  • Run tests on Java 26.
  • Update to Maven 3.9.15.
  • Bump org.bouncycastle:bcprov-jdk18on from 1.83 to 1.84
    -- This is cherry-picked from #1035.
  • Update for new deprecations in Bouncy Castle 1.84.
    -- This fixes the deprecation warnings that cause failures for #1035.
  • #1037 deprecate JSch.addIdentity(), KeyPair.decrypt() & Session.setPassword() methods that take String inputs instead of byte[] inputs for passphrases/passwords.
• Bump dependabot/fetch-metadata from 2.5.0 to 3.1.0 by @dependabot[bot] in #1038
• Bump actions/upload-artifact from 7.0.0 to 7.0.1 by @dependabot[bot] in #1034
• Bump github/codeql-action from 4.32.6 to 4.35.2 by @dependabot[bot] in #1033
• Bump errorprone.version from 2.48.0 to 2.49.0 by @dependabot[bot] in #1031

Full Changelog: jsch-2.28.0...jsch-2.28.1

jsch-2.28.0

What's Changed

• Add support for OpenSSH certificates, resolve #31 by @luigidemasi in #901
• Restrict length of decompressed packets by @norrisjeremy in #1018

Dependency Updates

• Bump actions/cache from 5.0.3 to 5.0.4 by @dependabot[bot] in #1019
• Bump org.testcontainers:testcontainers-junit-jupiter from 2.0.3 to 2.0.4 by @dependabot[bot] in #1022
• Bump biz.aQute.bnd:bnd-maven-plugin from 7.2.1 to 7.2.3 by @dependabot[bot] in #1023
• Bump maven Version by @norrisjeremy in #1018

New Contributors

• @luigidemasi made their first contribution in #901

Full Changelog: jsch-2.27.9...jsch-2.28.0

jsch-2.27.9

What's Changed

• ProxySOCKS5 fixes & improvements by @norrisjeremy in #1007
• Improve error message when receiving non-EOF status code during read by @adrianovalente in #1014
• 2.27.9 changes by @norrisjeremy in #1012

Dependancy Updates

• Bump github/codeql-action from 4.32.3 to 4.32.4 by @dependabot[bot] in #1003
• Bump surefire.version from 3.5.4 to 3.5.5 by @dependabot[bot] in #1004
• Bump github/codeql-action from 4.32.4 to 4.32.5 by @dependabot[bot] in #1008
• Bump errorprone.version from 2.47.0 to 2.48.0 by @dependabot[bot] in #1011
• Bump actions/upload-artifact from 6.0.0 to 7.0.0 by @dependabot[bot] in #1010
• Bump actions/download-artifact from 7.0.0 to 8.0.0 by @dependabot[bot] in #1009
• Bump github/codeql-action from 4.32.5 to 4.32.6 by @dependabot[bot] in #1015
• Bump actions/download-artifact from 8.0.0 to 8.0.1 by @dependabot[bot] in #1017
• Bump org.apache.maven.plugins:maven-resources-plugin from 3.4.0 to 3.5.0 by @dependabot[bot] in #1016

New Contributors

• @adrianovalente made their first contribution in #1014

Full Changelog: jsch-2.27.8...jsch-2.27.9

jsch-2.27.8

What's Changed

• Update readme with info about other projects leveraging Jsch by @jjlauer in #954
• Bump JamesIves/github-pages-deploy-action from 4.7.4 to 4.7.6 by @dependabot[bot] in #955
• Bump github/codeql-action from 4.31.5 to 4.31.7 by @dependabot[bot] in #960
• Bump org.apache.maven.plugins:maven-assembly-plugin from 3.7.1 to 3.8.0 by @dependabot[bot] in #962
• Bump actions/setup-java from 5.0.0 to 5.1.0 by @dependabot[bot] in #961
• Bump org.apache.maven.plugins:maven-resources-plugin from 3.3.1 to 3.4.0 by @dependabot[bot] in #959
• Bump errorprone.version from 2.44.0 to 2.45.0 by @dependabot[bot] in #958
• Bump actions/checkout from 6.0.0 to 6.0.1 by @dependabot[bot] in #957
• Bump org.testcontainers:junit-jupiter from 1.21.3 to 1.21.4 by @dependabot[bot] in #968
• Bump log4j.version from 2.25.2 to 2.25.3 by @dependabot[bot] in #969
• Bump github/codeql-action from 4.31.7 to 4.31.9 by @dependabot[bot] in #970
• Bump org.junit.jupiter:junit-jupiter from 5.14.1 to 5.14.2 by @dependabot[bot] in #976
• Bump github/codeql-action from 4.31.9 to 4.31.10 by @dependabot[bot] in #979
• Bump errorprone.version from 2.45.0 to 2.46.0 by @dependabot[bot] in #978
• 2.27.8 changes by @norrisjeremy in #982
• Bump biz.aQute.bnd:bnd-maven-plugin from 7.1.0 to 7.2.1 by @dependabot[bot] in #981
• Bump JamesIves/github-pages-deploy-action from 4.7.6 to 4.8.0 by @dependabot[bot] in #980
• Bump org.sonatype.central:central-publishing-maven-plugin from 0.9.0 to 0.10.0 by @dependabot[bot] in #977
• Bump dependabot/fetch-metadata from 2.4.0 to 2.5.0 by @dependabot[bot] in #975
• Bump actions/upload-artifact from 5.0.0 to 6.0.0 by @dependabot[bot] in #967
• Bump actions/cache from 4.3.0 to 5.0.1 by @dependabot[bot] in #965
• Bump org.apache.maven.plugins:maven-release-plugin from 3.2.0 to 3.3.1 by @dependabot[bot] in #971
• Bump actions/download-artifact from 6.0.0 to 7.0.0 by @dependabot[bot] in #966
• Add support for OpenSSH-Agent on Windows by @bananensplit in #964
• Bump actions/cache from 5.0.1 to 5.0.2 by @dependabot[bot] in #983
• Bump org.codehaus.mojo:templating-maven-plugin from 3.0.0 to 3.1.0 by @dependabot[bot] in #984
• 2.27.8 changes by @norrisjeremy in #985
• Bump actions/checkout from 6.0.1 to 6.0.2 by @dependabot[bot] in #987
• Bump actions/setup-java from 5.1.0 to 5.2.0 by @dependabot[bot] in #986
• Bump github/codeql-action from 4.31.10 to 4.32.0 by @dependabot[bot] in #988
• Bump github/codeql-action from 4.32.0 to 4.32.1 by @dependabot[bot] in #989
• Bump actions/cache from 5.0.2 to 5.0.3 by @dependabot[bot] in #990
• Bump commons-codec:commons-codec from 1.20.0 to 1.21.0 by @dependabot[bot] in #991
• Bump org.apache.maven.plugins:maven-compiler-plugin from 3.14.1 to 3.15.0 by @dependabot[bot] in #992
• Bump github/codeql-action from 4.32.1 to 4.32.2 by @dependabot[bot] in #994
• Bump org.apache.maven.plugins:maven-dependency-plugin from 3.9.0 to 3.10.0 by @dependabot[bot] in #995
• Bump errorprone.version from 2.46.0 to 2.47.0 by @dependabot[bot] in #993
• Fix multi-release jar to avoid API differences between versions. by @norrisjeremy in #996
• Bump github/codeql-action from 4.32.2 to 4.32.3 by @dependabot[bot] in #1000
• Bump org.junit.jupiter:junit-jupiter from 5.14.2 to 5.14.3 by @dependabot[bot] in #999
• Update Error Prone compilerArgs. by @norrisjeremy in #998
• Infinite loop fix on checkServerExtInfo() by @kalithas-sendrayan in #997

New Contributors

• @bananensplit made their first contribution in #964
• @kalithas-sendrayan made their first contribution in #997

Full Changelog: jsch-2.27.7...jsch-2.27.8

jsch-2.27.7

What's Changed

• SftpATTRS constructor should be public by @jjlauer in #950

dependency updates

• Bump commons-codec:commons-codec from 1.19.0 to 1.20.0 by @dependabot[bot] in #945
• Bump errorprone.version from 2.43.0 to 2.44.0 by @dependabot[bot] in #944
• Bump org.apache.maven.plugins:maven-release-plugin from 3.1.1 to 3.2.0 by @dependabot[bot] in #943
• Bump commons-io:commons-io from 2.20.0 to 2.21.0 by @dependabot[bot] in #942
• Bump github/codeql-action from 4.31.2 to 4.31.4 by @dependabot[bot] in #948
• Bump org.apache.maven.plugins:maven-jar-plugin from 3.4.2 to 3.5.0 by @dependabot[bot] in #949
• Bump github/codeql-action from 4.31.4 to 4.31.5 by @dependabot[bot] in #951
• Bump org.bouncycastle:bcprov-jdk18on from 1.82 to 1.83 by @dependabot[bot] in #953
• Bump actions/checkout from 5.0.0 to 6.0.0 by @dependabot[bot] in #952

Full Changelog: jsch-2.27.6...jsch-2.27.7

jsch-2.27.6

What's Changed

• Fix logging a 'port is null' error when parsing openssh config file by @jjlauer in #934

Dependency Updates

• Bump actions/upload-artifact from 4.6.2 to 5.0.0 by @dependabot[bot] in #937
• Bump actions/download-artifact from 5.0.0 to 6.0.0 by @dependabot[bot] in #936
• Bump github/codeql-action from 4.30.9 to 4.31.0 by @dependabot[bot] in #935
• Bump JamesIves/github-pages-deploy-action from 4.7.3 to 4.7.4 by @dependabot[bot] in #939
• Bump org.junit.jupiter:junit-jupiter from 5.14.0 to 5.14.1 by @dependabot[bot] in #940
• Bump github/codeql-action from 4.31.0 to 4.31.2 by @dependabot[bot] in #938

New Contributors

• @jjlauer made their first contribution in #934

Full Changelog: jsch-2.27.5...jsch-2.27.6

jsch-2.27.5

What's Changed

• Throw JSchException if an incorrect passphrase is provided to JSch.addIdentity() by @norrisjeremy in #932

Dependency Updates

• Bump github/codeql-action from 4.30.8 to 4.30.9 by @dependabot[bot] in #931
• Bump errorprone.version from 2.42.0 to 2.43.0 by @dependabot[bot] in #930

Full Changelog: jsch-2.27.4...jsch-2.27.5

jsch-2.27.4

What's Changed

• Slowness due to blocked threads in Channel.getChannel call by @DavidTavoularis in #887
• Update to latest Maven Wrapper by @norrisjeremy in #895
• Switch to using Java 25 for builds by @norrisjeremy in #913
• Update forbiddenapis with newly added support for Java 25 by @norrisjeremy in #926
• fix for infinite looping issue by @code-docker in #922
• Store Channel objects associated with a particular Session with the S… by @norrisjeremy in #889

Dependency Updates

• Bump github/codeql-action from 3.29.9 to 3.29.10 by @dependabot[bot] in #882
• Bump com.github.valfirst:slf4j-test from 3.0.1 to 3.0.2 by @dependabot[bot] in #884
• Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.11.2 to 3.11.3 by @dependabot[bot] in #883
• Bump com.github.valfirst:slf4j-test from 3.0.2 to 3.0.3 by @dependabot[bot] in #891
• Bump github/codeql-action from 3.29.10 to 3.29.11 by @dependabot[bot] in #893
• Bump github/codeql-action from 3.29.11 to 3.30.3 by @dependabot[bot] in #899
• Bump actions/setup-java from 4.7.1 to 5.0.0 by @dependabot[bot] in #892
• Bump s4u/maven-settings-action from 3.1.0 to 4.0.0 by @dependabot[bot] in #897
• Bump net.revelc.code.formatter:formatter-maven-plugin from 2.27.0 to 2.28.0 by @dependabot[bot] in #898
• Bump surefire.version from 3.5.3 to 3.5.4 by @dependabot[bot] in #902
• Bump log4j.version from 2.25.1 to 2.25.2 by @dependabot[bot] in #912
• Bump org.apache.maven.plugins:maven-compiler-plugin from 3.14.0 to 3.14.1 by @dependabot[bot] in #908
• Bump org.codehaus.mojo:flatten-maven-plugin from 1.7.2 to 1.7.3 by @dependabot[bot] in #910
• Bump jna.version from 5.17.0 to 5.18.0 by @dependabot[bot] in #905
• Bump org.sonatype.central:central-publishing-maven-plugin from 0.8.0 to 0.9.0 by @dependabot[bot] in #911
• Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.11.3 to 3.12.0 by @dependabot[bot] in #909
• Bump org.bouncycastle:bcprov-jdk18on from 1.81 to 1.82 by @dependabot[bot] in #903
• Bump net.revelc.code.formatter:formatter-maven-plugin from 2.28.0 to 2.29.0 by @dependabot[bot] in #904
• Bump errorprone.version from 2.41.0 to 2.42.0 by @dependabot[bot] in #906
• Bump actions/cache from 4.2.4 to 4.3.0 by @dependabot[bot] in #907
• Bump github/codeql-action from 3.30.3 to 3.30.5 by @dependabot[bot] in #914
• Bump jna.version from 5.18.0 to 5.18.1 by @dependabot[bot] in #915
• Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.6.1 to 3.6.2 by @dependabot[bot] in #919
• Bump de.thetaphi:forbiddenapis from 3.9 to 3.10 by @dependabot[bot] in #920
• Bump org.apache.maven.plugins:maven-dependency-plugin from 3.8.1 to 3.9.0 by @dependabot[bot] in #921
• Bump github/codeql-action from 3.30.5 to 4.30.7 by @dependabot[bot] in #918
• Bump org.jacoco:jacoco-maven-plugin from 0.8.13 to 0.8.14 by @dependabot[bot] in #924
• Bump github/codeql-action from 4.30.7 to 4.30.8 by @dependabot[bot] in #923
• Bump org.junit.jupiter:junit-jupiter from 5.13.4 to 5.14.0 by @dependabot[bot] in #925

New Contributors

• @DavidTavoularis made their first contribution in #887
• @code-docker made their first contribution in #922

Full Changelog: jsch-2.27.3...jsch-2.27.4

jsch-2.27.3

What's Changed

• 2.27.3 changes by @norrisjeremy in #865
  • Update to Maven 3.9.11.
  • Update to latest Java (24.0.2) release.
  • Ensure that bnd-maven-plugin doesn't add java package imports into OSGi imports.
  • Run Dependabot on Wednesdays since Github is frequently overloaded on Mondays & fails.
• 2.27.3 changes by @norrisjeremy in #877
  • Drop unneeded compiler-annotations dependency.
  • Generate SPDX SBOM.
  • #852 Fix ChannelAgentForwarding when an unknown agent message type is received immediately preceding a known agent message type.
  • Consistently use Temurin JDK for all Github workflows.
  • Add --enable-native-access=ALL-UNNAMED that will be required for JNA and junixsocket to function in future Java releases.
  • Remove additional extraneous dependencies for log4j-core-test.
  • Use toolchains plugin to select JDK to allow eventual Maven 4 support.
    -- Maven 4 will only run on Java 17+, so in order to execute tests with Java 8 & 11 in GHA, we'll need to use the toolchains plugin to allow executing tests with a different JDK than used to execute Maven itself.

Dependency Updates

• Bump org.codehaus.mojo:build-helper-maven-plugin from 3.6.0 to 3.6.1 by @dependabot[bot] in #839
• Bump org.junit.jupiter:junit-jupiter from 5.13.0 to 5.13.1 by @dependabot[bot] in #840
• Bump github/codeql-action from 3.28.18 to 3.28.19 by @dependabot[bot] in #842
• Bump org.testcontainers:junit-jupiter from 1.21.1 to 1.21.2 by @dependabot[bot] in #849
• Bump org.codehaus.mojo:flatten-maven-plugin from 1.7.0 to 1.7.1 by @dependabot[bot] in #851
• Bump org.sonatype.central:central-publishing-maven-plugin from 0.7.0 to 0.8.0 by @dependabot[bot] in #850
• Bump log4j.version from 2.24.3 to 2.25.0 by @dependabot[bot] in #847
• Bump org.bouncycastle:bcprov-jdk18on from 1.80 to 1.81 by @dependabot[bot] in #841
• Bump github/codeql-action from 3.28.19 to 3.29.0 by @dependabot[bot] in #846
• Bump org.junit.jupiter:junit-jupiter from 5.13.1 to 5.13.2 by @dependabot[bot] in #853
• Bump github/codeql-action from 3.29.0 to 3.29.2 by @dependabot[bot] in #856
• Bump org.testcontainers:junit-jupiter from 1.21.2 to 1.21.3 by @dependabot[bot] in #857
• Bump errorprone.version from 2.38.0 to 2.39.0 by @dependabot[bot] in #855
• Bump net.revelc.code.formatter:formatter-maven-plugin from 2.26.0 to 2.27.0 by @dependabot[bot] in #854
• Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.7 to 3.2.8 by @dependabot[bot] in #862
• Bump log4j.version from 2.25.0 to 2.25.1 by @dependabot[bot] in #863
• Bump org.junit.jupiter:junit-jupiter from 5.13.2 to 5.13.3 by @dependabot[bot] in #864
• Bump errorprone.version from 2.39.0 to 2.40.0 by @dependabot[bot] in #861
• Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.5.0 to 3.6.0 by @dependabot[bot] in #860
• Bump github/codeql-action from 3.29.2 to 3.29.4 by @dependabot[bot] in #867
• Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.6.0 to 3.6.1 by @dependabot[bot] in #870
• Bump org.junit.jupiter:junit-jupiter from 5.13.3 to 5.13.4 by @dependabot[bot] in #871
• Bump org.codehaus.mojo:flatten-maven-plugin from 1.7.1 to 1.7.2 by @dependabot[bot] in #872
• Bump commons-io:commons-io from 2.19.0 to 2.20.0 by @dependabot[bot] in #868
• Bump commons-codec:commons-codec from 1.18.0 to 1.19.0 by @dependabot[bot] in #869
• Bump errorprone.version from 2.40.0 to 2.41.0 by @dependabot[bot] in #873
• Bump github/codeql-action from 3.29.4 to 3.29.5 by @dependabot[bot] in #874
• Bump actions/cache from 4.2.3 to 4.2.4 by @dependabot[bot] in #878
• Bump github/codeql-action from 3.29.7 to 3.29.9 by @dependabot[bot] in #879
• Bump actions/download-artifact from 4.3.0 to 5.0.0 by @dependabot[bot] in #875
• Bump actions/checkout from 4.2.2 to 5.0.0 by @dependabot[bot] in #880

Full Changelog: jsch-2.27.2...jsch-2.27.3