v0.16.0

0.16.0 (2026-02-03)

Features

• compatibility: Expose the Python __LENGTH_HINT__ magic method in PyProtocols. This is used to help identify how many items a particular iterator will possess. (ad6430d)
• compat: mimic python's builtins.callable + builtins.reversed + builtins.NotImplemented for easier porting. (5a21a5a)

Bug Fixes

• add apt-get update for dist-linux step (#23) (1303b01)
• bug: When using a BufferedBlockCipher, check if there's any further buffer left over before calling doFinal. (#311) (d419b6b)
• Dockerfile to reduce vulnerabilities (#247) (e66bc94)
• Dockerfile to reduce vulnerabilities (#376) (4d3625f)
• larky/pom.xml to reduce vulnerabilities (#318) (1606337)
• runlarky/pom.xml to reduce vulnerabilities (#333) (3e41b48)
• SD-4274: gha migration (#696) (2b542ad)
• upgrade com.google.auto.value:auto-value-annotations from 1.8.2 to 1.9 (#236) (4df5084)
• upgrade com.google.crypto.tink:tink from 1.5.0 to 1.6.1 (#174) (cbe6ef8)
• upgrade com.google.flogger:flogger-system-backend from 0.7.1 to 0.7.2 (#233) (b3c5e96)
• upgrade com.google.guava:guava from 30.1-jre to 30.1.1-jre (#98) (e355aae)
• upgrade com.google.re2j:re2j from 1.5 to 1.6 (#94) (9206e2b)
• upgrade junit:junit from 4.13.1 to 4.13.2 (#85) (3f0fa6b)
• upgrade org.bouncycastle:bcprov-debug-jdk15to18 from 1.69 to 1.70 (#229) (8c77aeb)
• upgrade org.projectlombok:lombok from 1.18.20 to 1.18.22 (#193) (0f01e5f)

Miscellaneous Chores

• PoorManGenerator move to larky and rename to DeterministicGenerator (ad6430d)

0.15.1

What's Changed

• [PROXY-3409] Resolve semgrep issues by @viacheslav-rud in #657
• Use correct pattern for JWS validation by @viacheslav-rud in #658
• [CSL3-2889] Add bounded while true functionality to Larky by @mahmoudimus in #655

Full Changelog: 0.15.0...0.15.1

0.15.0

What's Changed

• Bump google.flogger.version from 0.8 to 0.9 by @dependabot[bot] in #609
• Bump com.fasterxml.jackson.core:jackson-databind from 2.19.0 to 2.19.1 by @dependabot[bot] in #617
• [CSL3-2874] Add CyberSource module by @viacheslav-rud in #643

Full Changelog: 0.14.1...0.15.0

0.14.1

What's Changed

• Bump com.fasterxml.jackson.core:jackson-databind from 2.14.0 to 2.19.0 by @dependabot in #607
• [CSL3-2693] Add parameters to choose key for operations by @viacheslav-rud in #608

Full Changelog: 0.14.0...0.14.1

0.14.0

What's Changed

• Bump org.apache.maven.plugins:maven-surefire-plugin from 3.5.2 to 3.5.3 by @dependabot in #595
• Bump org.projectlombok:lombok from 1.18.36 to 1.18.38 by @dependabot in #596
• Bump org.apache.commons:commons-text from 1.13.0 to 1.13.1 by @dependabot in #599
• Bump org.graalvm.sdk:graal-sdk from 24.1.2 to 24.2.1 by @dependabot in #603
• Bump picocli.version from 4.7.6 to 4.7.7 by @dependabot in #604
• Bump com.google.errorprone:error_prone_core from 2.36.0 to 2.38.0 by @dependabot in #605
• [CSL3-2693] OpenPGP BouncyCastle Java implementation by @Agitolyev in #606

Full Changelog: 0.13.10...0.14.0

0.13.10

What's Changed

• SI-203 Test Secret Exception by @dhuckmann in #587
• [PROXY-2514] Address vulnerabilities by @kochniev in #579
• [VAULT-3601] Fix XML tests failing by @vgs-yvoronenko in #592
• [SI-203] Add test secret exceptions by @viacheslav-rud in #594
• [PROXY-2510] Address SHA384, enarmor and timestamp by @kochniev in #583

New Contributors

• @dhuckmann made their first contribution in #587
• @kochniev made their first contribution in #579
• @vgs-yvoronenko made their first contribution in #592

Full Changelog: 0.13.8...0.13.10

0.13.8

What's Changed

• Bump com.google.re2j:re2j from 1.7 to 1.8 by @dependabot in #569
• Bump org.graalvm.sdk:graal-sdk from 24.1.1 to 24.1.2 by @dependabot in #571
• Bump org.jetbrains:annotations from 26.0.1 to 26.0.2 by @dependabot in #572
• Bump org.apache.maven.plugins:maven-compiler-plugin from 3.13.0 to 3.14.0 by @dependabot in #573
• [CSL3-2519] Use correct IV length for AES CBC by @viacheslav-rud in #570

Full Changelog: 0.13.7...0.13.8

0.13.7

What's Changed

• Bump org.mockito:mockito-core from 5.14.1 to 5.14.2 by @dependabot in #548
• Bump com.google.errorprone:error_prone_core from 2.33.0 to 2.34.0 by @dependabot in #550
• Bump org.junit.jupiter:junit-jupiter-api from 5.11.2 to 5.11.3 by @dependabot in #551
• Bump org.junit.vintage:junit-vintage-engine from 5.11.2 to 5.11.3 by @dependabot in #552
• Bump org.graalvm.sdk:graal-sdk from 24.1.0 to 24.1.1 by @dependabot in #549
• Bump com.google.errorprone:error_prone_core from 2.34.0 to 2.35.1 by @dependabot in #553
• Bump org.bouncycastle.version from 1.78.1 to 1.79 by @dependabot in #554
• Bump org.apache.maven.plugins:maven-surefire-plugin from 3.5.1 to 3.5.2 by @dependabot in #555
• Bump org.projectlombok:lombok from 1.18.34 to 1.18.36 by @dependabot in #556
• Bump com.google.errorprone:error_prone_core from 2.35.1 to 2.36.0 by @dependabot in #557
• Bump org.apache.commons:commons-text from 1.12.0 to 1.13.0 by @dependabot in #559
• Update config.yml by @Iapetus999 in #560
• Bump org.junit.jupiter:junit-jupiter-api from 5.11.3 to 5.11.4 by @dependabot in #561
• Bump org.junit.vintage:junit-vintage-engine from 5.11.3 to 5.11.4 by @dependabot in #563
• Bump com.google.guava:guava from 33.3.1-jre to 33.4.0-jre by @dependabot in #562
• Bump org.mockito:mockito-core from 5.14.2 to 5.15.2 by @dependabot in #566
• [CSL3-2519] Fix for block size and encryption with JWK in JOSE by @Iapetus999 in #567

Full Changelog: 0.13.6...0.13.7

0.13.5

What's Changed

• Bump com.google.errorprone:error_prone_core from 2.29.2 to 2.30.0 by @dependabot in #523
• Bump org.junit.jupiter:junit-jupiter-api from 5.10.3 to 5.11.0 by @dependabot in #524
• Bump org.junit.vintage:junit-vintage-engine from 5.10.3 to 5.11.0 by @dependabot in #525
• Bump org.apache.maven.plugins:maven-surefire-plugin from 3.3.1 to 3.4.0 by @dependabot in #526
• Fix digit check in luhn.verify by @Iapetus999 in #528

Full Changelog: 0.13.4...0.13.5

0.13.4

What's Changed

• Bump google.auto.value.version from 1.10.4 to 1.11.0 by @dependabot in #504
• Bump com.google.errorprone:error_prone_core from 2.27.1 to 2.28.0 by @dependabot in #506
• Bump com.google.guava:guava from 33.2.0-jre to 33.2.1-jre by @dependabot in #505
• Bump org.apache.maven.plugins:maven-surefire-plugin from 3.2.5 to 3.3.0 by @dependabot in #508
• Bump org.projectlombok:lombok from 1.18.32 to 1.18.34 by @dependabot in #509
• Bump com.google.truth:truth from 1.4.2 to 1.4.3 by @dependabot in #512
• Bump org.junit.vintage:junit-vintage-engine from 5.10.2 to 5.10.3 by @dependabot in #511
• Bump org.junit.jupiter:junit-jupiter-api from 5.10.2 to 5.10.3 by @dependabot in #510
• Bump org.apache.maven.plugins:maven-surefire-plugin from 3.3.0 to 3.3.1 by @dependabot in #514
• Bump com.google.truth:truth from 1.4.3 to 1.4.4 by @dependabot in #515
• Bump com.google.errorprone:error_prone_core from 2.28.0 to 2.29.0 by @dependabot in #516
• Bump org.graalvm.sdk:graal-sdk from 24.0.1 to 24.0.2 by @dependabot in #517
• Bump com.google.errorprone:error_prone_core from 2.29.0 to 2.29.1 by @dependabot in #518
• Bump com.google.errorprone:error_prone_core from 2.29.1 to 2.29.2 by @dependabot in #519
• [SECENG-329] Fixes issue for installing semgrep via pip by @bryant-quist-vgs in #520
• Add digit check to luhn.verify by @Iapetus999 in #522

New Contributors

• @bryant-quist-vgs made their first contribution in #520

Full Changelog: 0.13.3...0.13.4