diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 000000000..806891736 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1,5 @@ +# Each line is a file pattern followed by one or more owners. +# https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners + +# Default code owner for everything is our aws-crypto-tools group +* @aws/aws-crypto-tools diff --git a/.releaserc b/.releaserc index eaff720af..8f5dd99ba 100644 --- a/.releaserc +++ b/.releaserc @@ -53,11 +53,11 @@ ["@semantic-release/exec", { "prepareCmd": "mvn versions:set -DnewVersion=${nextRelease.version} \ -DautoVersionSubmodules=true && find README.md -type f \ - -exec sed -i '' 's/.*<\\/version>/${nextRelease.version}<\\/version>/g' {} \\;" + -exec sed -i 's/.*<\\/version>/${nextRelease.version}<\\/version>/g' {} \\;" }], ["@semantic-release/git", { "assets": ["./CHANGELOG.md", "./pom.xml", "./README.md"], - "message": "AWS Encryption SDK ${nextRelease.version} Release \n\n${nextRelease.notes}" + "message": "AWS Encryption SDK ${nextRelease.version} Release -- $(date +%Y-%m-%d) \n\n${nextRelease.notes}" }], ], "repositoryUrl": "https://github.com/aws/aws-encryption-sdk-java", diff --git a/CHANGELOG.md b/CHANGELOG.md index 9d6e1f5e9..f6583e06c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,45 @@ # Changelog +### [1.9.2](https://github.com/josecorella/aws-encryption-sdk-java/compare/v1.9.1...v1.9.2) (2022-08-30) + + +### Maintenance + +* Add CODEOWNERS file ([#407](https://github.com/josecorella/aws-encryption-sdk-java/issues/407)) ([cf2c873](https://github.com/josecorella/aws-encryption-sdk-java/commit/cf2c87394b67a487058c854c5b6695067256daff)) +* **deps-dev:** bump junit-vintage-engine from 5.7.1 to 5.8.2 ([#455](https://github.com/josecorella/aws-encryption-sdk-java/issues/455)) ([9342875](https://github.com/josecorella/aws-encryption-sdk-java/commit/9342875ad495abcfc7b612db4233588b52504ca4)) +* **deps-dev:** bump mockito-core from 4.2.0 to 4.3.1 ([#503](https://github.com/josecorella/aws-encryption-sdk-java/issues/503)) ([cae0fe1](https://github.com/josecorella/aws-encryption-sdk-java/commit/cae0fe1c28c90f56af1a2f1ee98332f6a43dc1ac)) +* **deps-dev:** bump mockito-core from 4.3.1 to 4.4.0 ([#574](https://github.com/josecorella/aws-encryption-sdk-java/issues/574)) ([379d9e7](https://github.com/josecorella/aws-encryption-sdk-java/commit/379d9e7fb397914dcae58d21fe9638e3c01e3a51)) +* **deps:** bump annotations from 3.0.1 to 3.0.1u2 ([#443](https://github.com/josecorella/aws-encryption-sdk-java/issues/443)) ([916cd0b](https://github.com/josecorella/aws-encryption-sdk-java/commit/916cd0b43443c61c3dc91be3b904f1c6752b4133)) +* **deps:** bump aws-java-sdk from 1.11.704 to 1.12.129 ([#452](https://github.com/josecorella/aws-encryption-sdk-java/issues/452)) ([19564f0](https://github.com/josecorella/aws-encryption-sdk-java/commit/19564f041a2b888746549ad7db47dc7c13029686)) +* **deps:** bump aws-java-sdk from 1.12.129 to 1.12.131 ([#462](https://github.com/josecorella/aws-encryption-sdk-java/issues/462)) ([f9b3df1](https://github.com/josecorella/aws-encryption-sdk-java/commit/f9b3df1aaa0cdfddad7bd9158d744e162c872dd9)) +* **deps:** bump aws-java-sdk from 1.12.131 to 1.12.150 ([#509](https://github.com/josecorella/aws-encryption-sdk-java/issues/509)) ([f93ddad](https://github.com/josecorella/aws-encryption-sdk-java/commit/f93ddad74dab944fc9106f09f99dd259999f0c64)) +* **deps:** bump aws-java-sdk from 1.12.150 to 1.12.151 ([#511](https://github.com/josecorella/aws-encryption-sdk-java/issues/511)) ([edd4633](https://github.com/josecorella/aws-encryption-sdk-java/commit/edd4633b068c409a17e190fa809a414681c8745e)) +* **deps:** bump aws-java-sdk from 1.12.151 to 1.12.156 ([#522](https://github.com/josecorella/aws-encryption-sdk-java/issues/522)) ([ac37804](https://github.com/josecorella/aws-encryption-sdk-java/commit/ac37804071feeb487133d89f53c2b9a95d7164ef)) +* **deps:** bump aws-java-sdk from 1.12.156 to 1.12.162 ([#542](https://github.com/josecorella/aws-encryption-sdk-java/issues/542)) ([2e03746](https://github.com/josecorella/aws-encryption-sdk-java/commit/2e03746ad0b2707a1aa3479502ba9de1b3b730cf)) +* **deps:** bump bcprov-ext-jdk15on from 1.67 to 1.70 ([#444](https://github.com/josecorella/aws-encryption-sdk-java/issues/444)) ([e9b190c](https://github.com/josecorella/aws-encryption-sdk-java/commit/e9b190cbb3c865f669ba25dc263c1e86764f5c91)) +* **deps:** bump build-helper-maven-plugin from 3.0.0 to 3.2.0 ([#448](https://github.com/josecorella/aws-encryption-sdk-java/issues/448)) ([6f77980](https://github.com/josecorella/aws-encryption-sdk-java/commit/6f77980a8fbd24ae612d51006ab178ea12865296)) +* **deps:** bump build-helper-maven-plugin from 3.2.0 to 3.3.0 ([#475](https://github.com/josecorella/aws-encryption-sdk-java/issues/475)) ([2398e07](https://github.com/josecorella/aws-encryption-sdk-java/commit/2398e07f70093042f6954feb30f99d0628716aac)) +* **deps:** bump commons-lang3 from 3.9 to 3.12.0 ([#451](https://github.com/josecorella/aws-encryption-sdk-java/issues/451)) ([83d7546](https://github.com/josecorella/aws-encryption-sdk-java/commit/83d7546b9f6e48003ba3d04115ddef1a2f0214f9)) +* **deps:** bump fmt-maven-plugin from 2.12 to 2.13 ([#445](https://github.com/josecorella/aws-encryption-sdk-java/issues/445)) ([9dd4ccd](https://github.com/josecorella/aws-encryption-sdk-java/commit/9dd4ccdb311363dfae0b64fa9e829b9ecd2ba80a)) +* **deps:** bump maven-compiler-plugin from 3.8.0 to 3.8.1 ([#449](https://github.com/josecorella/aws-encryption-sdk-java/issues/449)) ([625a044](https://github.com/josecorella/aws-encryption-sdk-java/commit/625a044ef64a7bf4789d52ab679cacfe1978f5ae)) +* **deps:** bump maven-compiler-plugin from 3.8.1 to 3.9.0 ([#482](https://github.com/josecorella/aws-encryption-sdk-java/issues/482)) ([8064de7](https://github.com/josecorella/aws-encryption-sdk-java/commit/8064de716d3d350b71340a51c573cd4f9bd70336)) +* **deps:** bump maven-gpg-plugin from 1.6 to 3.0.1 ([#450](https://github.com/josecorella/aws-encryption-sdk-java/issues/450)) ([f579c8b](https://github.com/josecorella/aws-encryption-sdk-java/commit/f579c8b6f1ec022e51a0b6f9ce7179e593cd393c)) +* **deps:** bump maven-javadoc-plugin from 3.0.1 to 3.3.1 ([#456](https://github.com/josecorella/aws-encryption-sdk-java/issues/456)) ([7007923](https://github.com/josecorella/aws-encryption-sdk-java/commit/7007923eaf59de67897e26f1330e123fa89888e0)) +* **deps:** bump maven-javadoc-plugin from 3.3.1 to 3.3.2 ([#530](https://github.com/josecorella/aws-encryption-sdk-java/issues/530)) ([348fa46](https://github.com/josecorella/aws-encryption-sdk-java/commit/348fa460c2ffe80f8144f4440bb234e21b1ae7b5)) +* **deps:** bump maven-surefire-plugin from 2.22.0 to 2.22.2 ([#442](https://github.com/josecorella/aws-encryption-sdk-java/issues/442)) ([a370271](https://github.com/josecorella/aws-encryption-sdk-java/commit/a3702710dc9b483524996ccc7c93c7a98fd35da6)) +* **deps:** bump nexus-staging-maven-plugin from 1.6.11 to 1.6.12 ([#548](https://github.com/josecorella/aws-encryption-sdk-java/issues/548)) ([66ecef2](https://github.com/josecorella/aws-encryption-sdk-java/commit/66ecef27ccfec66bca834e154769bb29724f5ddb)) +* **deps:** bump nexus-staging-maven-plugin from 1.6.3 to 1.6.8 ([#453](https://github.com/josecorella/aws-encryption-sdk-java/issues/453)) ([53576d7](https://github.com/josecorella/aws-encryption-sdk-java/commit/53576d7e3e4e6f241bd975b7ffddadcf9f1a7186)) +* **deps:** bump nexus-staging-maven-plugin from 1.6.8 to 1.6.11 ([#536](https://github.com/josecorella/aws-encryption-sdk-java/issues/536)) ([ad514b2](https://github.com/josecorella/aws-encryption-sdk-java/commit/ad514b2befe7e07bcadee1b32b714313dac0846f)) +* Mark 1.x as End-of-Support ([#1025](https://github.com/josecorella/aws-encryption-sdk-java/issues/1025)) ([8bb7b28](https://github.com/josecorella/aws-encryption-sdk-java/commit/8bb7b28c8e277b303f6830f194fd0da351d7985b)) +* update mainline-1.x cd ([#413](https://github.com/josecorella/aws-encryption-sdk-java/issues/413)) ([dfefa62](https://github.com/josecorella/aws-encryption-sdk-java/commit/dfefa62833027d619d76322904dfe724cdee7e40)) +* Upgrade mockito to 4.2.0 ([#457](https://github.com/josecorella/aws-encryption-sdk-java/issues/457)) ([a251a22](https://github.com/josecorella/aws-encryption-sdk-java/commit/a251a2240557388c3b0061e00295b6684ff1af6a)) + + +### Fixes + +* **ci:** add correcting signing keys for ci and release process on 1.x ([#1027](https://github.com/josecorella/aws-encryption-sdk-java/issues/1027)) ([803c64f](https://github.com/josecorella/aws-encryption-sdk-java/commit/803c64f894902b03b382e955f5afed62bd22d9db)) +* correct branch in upload_artifacts ([#1031](https://github.com/josecorella/aws-encryption-sdk-java/issues/1031)) ([dfcae50](https://github.com/josecorella/aws-encryption-sdk-java/commit/dfcae5055ec0212f7f4baa759f9c721df54c2b57)) + ### [1.9.1](https://github.com/aws/aws-encryption-sdk-java/compare/v1.9.0...v1.9.1) (2021-10-28) diff --git a/README.md b/README.md index 7c71b5f8e..fa1b13dca 100644 --- a/README.md +++ b/README.md @@ -56,7 +56,7 @@ You can get the latest release from Maven: com.amazonaws aws-encryption-sdk-java - 1.9.0 + 1.9.1 ``` diff --git a/SUPPORT_POLICY.rst b/SUPPORT_POLICY.rst new file mode 100644 index 000000000..42dd3c360 --- /dev/null +++ b/SUPPORT_POLICY.rst @@ -0,0 +1,33 @@ +Overview +======== +This page describes the support policy for the AWS Encryption SDK. We regularly provide the AWS Encryption SDK with updates that may contain support for new or updated APIs, new features, enhancements, bug fixes, security patches, or documentation updates. Updates may also address changes with dependencies, language runtimes, and operating systems. + +We recommend users to stay up-to-date with Encryption SDK releases to keep up with the latest features, security updates, and underlying dependencies. Continued use of an unsupported SDK version is not recommended and is done at the user’s discretion + + +Major Version Lifecycle +======================== +The AWS Encryption SDK follows the same major version lifecycle as the AWS SDK. For details on this lifecycle, see `AWS SDKs and Tools Maintenance Policy`_. + +Version Support Matrix +====================== +This table describes the current support status of each major version of the AWS Encryption SDK for Java. It also shows the next status each major version will transition to, and the date at which that transition will happen. + +.. list-table:: + :widths: 30 50 50 50 + :header-rows: 1 + + * - Major version + - Current status + - Next status + - Next status date + * - 1.x + - End of Support + - + - + * - 2.x + - Generally Available + - + - + +.. _AWS SDKs and Tools Maintenance Policy: https://docs.aws.amazon.com/sdkref/latest/guide/maint-policy.html#version-life-cycle diff --git a/codebuild/ci/release-ci.yml b/codebuild/ci/release-ci.yml index 2e41ffd91..6c4fe2e7e 100644 --- a/codebuild/ci/release-ci.yml +++ b/codebuild/ci/release-ci.yml @@ -12,8 +12,8 @@ env: parameter-store: ACCOUNT: /CodeBuild/AccountIdentity secrets-manager: - GPG_KEY: Maven-GPG-Keys-Credentials:Keyname - GPG_PASS: Maven-GPG-Keys-Credentials:Passphrase + GPG_KEY: Maven-GPG-Keys-CI-Credentials:Keyname + GPG_PASS: Maven-GPG-Keys-CI-Credentials:Passphrase phases: install: @@ -24,7 +24,7 @@ phases: - export SETTINGS_FILE=$(pwd)/codebuild/release/settings.xml - export CODEARTIFACT_TOKEN=$(aws codeartifact get-authorization-token --domain $DOMAIN --domain-owner $ACCOUNT --query authorizationToken --output text --region ${REGION}) - export CODEARTIFACT_REPO_URL=https://${DOMAIN}-${ACCOUNT}.d.codeartifact.${REGION}.amazonaws.com/maven/${REPOSITORY} - - aws secretsmanager get-secret-value --region us-west-2 --secret-id Maven-GPG-Keys --query SecretBinary --output text | base64 -d > ~/mvn_gpg.tgz + - aws secretsmanager get-secret-value --region us-west-2 --secret-id Maven-GPG-Keys-CI --query SecretBinary --output text | base64 -d > ~/mvn_gpg.tgz - tar -xvf ~/mvn_gpg.tgz -C ~ build: commands: diff --git a/codebuild/release/artifact-hunt.yml b/codebuild/release/artifact-hunt.yml new file mode 100644 index 000000000..a5a7beeda --- /dev/null +++ b/codebuild/release/artifact-hunt.yml @@ -0,0 +1,20 @@ +## Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. +## SPDX-License-Identifier: Apache-2.0 + +version: 0.2 + +env: + variables: + BRANCH: "mainline-1.x" + +phases: + install: + runtime-versions: + java: corretto11 + pre_build: + commands: + - git checkout $BRANCH + - export VERSION=$(grep version pom.xml | head -n 1 | sed -n 's/[ \t]*\(.*\)<\/version>/\1/p') + build: + commands: + - ./look_4_version.sh $VERSION diff --git a/codebuild/release/release-prod.yml b/codebuild/release/release-prod.yml index 4fff1e2d2..d67d70122 100644 --- a/codebuild/release/release-prod.yml +++ b/codebuild/release/release-prod.yml @@ -7,8 +7,8 @@ env: variables: BRANCH: "mainline-1.x" secrets-manager: - GPG_KEY: Maven-GPG-Keys-Credentials:Keyname - GPG_PASS: Maven-GPG-Keys-Credentials:Passphrase + GPG_KEY: Maven-GPG-Keys-Release-Credentials:Keyname + GPG_PASS: Maven-GPG-Keys-Release-Credentials:Passphrase SONA_USERNAME: Sonatype-Team-Account:Username SONA_PASSWORD: Sonatype-Team-Account:Password @@ -21,7 +21,7 @@ phases: - git checkout $BRANCH - export VERSION=$(grep version pom.xml | head -n 1 | sed -n 's/[ \t]*\(.*\)<\/version>/\1/p') - export SETTINGS_FILE=$(pwd)/codebuild/release/settings.xml - - aws secretsmanager get-secret-value --region us-west-2 --secret-id Maven-GPG-Keys --query SecretBinary --output text | base64 -d > ~/mvn_gpg.tgz + - aws secretsmanager get-secret-value --region us-west-2 --secret-id Maven-GPG-Keys-Release --query SecretBinary --output text | base64 -d > ~/mvn_gpg.tgz - tar -xvf ~/mvn_gpg.tgz -C ~ build: commands: @@ -38,4 +38,3 @@ phases: -Dsonatype.password="$SONA_PASSWORD" \ --no-transfer-progress \ -s $SETTINGS_FILE - - ./look_4_version.sh $VERSION diff --git a/codebuild/release/release-staging.yml b/codebuild/release/release-staging.yml index 08951c3f5..63fafc424 100644 --- a/codebuild/release/release-staging.yml +++ b/codebuild/release/release-staging.yml @@ -12,8 +12,8 @@ env: parameter-store: ACCOUNT: /CodeBuild/AccountId secrets-manager: - GPG_KEY: Maven-GPG-Keys-Credentials:Keyname - GPG_PASS: Maven-GPG-Keys-Credentials:Passphrase + GPG_KEY: Maven-GPG-Keys-Release-Credentials:Keyname + GPG_PASS: Maven-GPG-Keys-Release-Credentials:Passphrase phases: install: @@ -25,7 +25,7 @@ phases: - export SETTINGS_FILE=$(pwd)/codebuild/release/settings.xml - export CODEARTIFACT_TOKEN=$(aws codeartifact get-authorization-token --domain $DOMAIN --domain-owner $ACCOUNT --query authorizationToken --output text --region ${REGION}) - export CODEARTIFACT_REPO_URL=https://${DOMAIN}-${ACCOUNT}.d.codeartifact.${REGION}.amazonaws.com/maven/${REPOSITORY} - - aws secretsmanager get-secret-value --region us-west-2 --secret-id Maven-GPG-Keys --query SecretBinary --output text | base64 -d > ~/mvn_gpg.tgz + - aws secretsmanager get-secret-value --region us-west-2 --secret-id Maven-GPG-Keys-Release --query SecretBinary --output text | base64 -d > ~/mvn_gpg.tgz - tar -xvf ~/mvn_gpg.tgz -C ~ build: commands: diff --git a/codebuild/release/release.yml b/codebuild/release/release.yml index 3f6dbc252..a123e65a0 100644 --- a/codebuild/release/release.yml +++ b/codebuild/release/release.yml @@ -70,10 +70,18 @@ batch: - version buildspec: codebuild/release/release-prod.yml +# Wait for artifacts to be available + - identifier: availability + depend-on: + - version + buildspec: codebuild/release/artifact-hunt.yml + env: + image: aws/codebuild/standard:5.0 + # Validate Maven Central with supported JDK and Corretto - identifier: validate_prod_release_openjdk8 depend-on: - - publish + - availability buildspec: codebuild/release/validate-prod.yml env: variables: @@ -83,7 +91,7 @@ batch: - identifier: validate_prod_release_openjdk11 depend-on: - - publish + - availability buildspec: codebuild/release/validate-prod.yml env: variables: @@ -93,7 +101,7 @@ batch: - identifier: validate_prod_release_corretto8 depend-on: - - publish + - availability buildspec: codebuild/release/validate-prod.yml env: variables: @@ -103,7 +111,7 @@ batch: - identifier: validate_prod_release_corretto11 depend-on: - - publish + - availability buildspec: codebuild/release/validate-prod.yml env: variables: diff --git a/codebuild/release/upload_artifacts.yml b/codebuild/release/upload_artifacts.yml index ce3261bbf..ee39edcd1 100644 --- a/codebuild/release/upload_artifacts.yml +++ b/codebuild/release/upload_artifacts.yml @@ -8,23 +8,28 @@ env: BRANCH: "mainline-1.x" git-credential-helper: yes secrets-manager: - GH_TOKEN: Github/aws-crypto-tools-ci-bot:personal\ access\ token + GH_TOKEN: Github/aws-crypto-tools-ci-bot:ESDK Release Token phases: pre_build: commands: - - git checkout $BRANCH # get new project version - export VERSION=$(grep version pom.xml | head -n 1 | sed -n 's/[ \t]*\(.*\)<\/version>/\1/p') + - git config --global user.name "aws-crypto-tools-ci-bot" + - git config --global user.email "no-reply@noemail.local" + - echo $GH_TOKEN > token.txt + - export GH_TOKEN= # install gh cli in order to upload artifacts - curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | gpg --dearmor -o /usr/share/keyrings/githubcli-archive-keyring.gpg - echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | tee /etc/apt/sources.list.d/github-cli.list > /dev/null - apt update - apt install gh + - git checkout $BRANCH build: commands: - gh version - - gh auth login --with-token < $GH_TOKEN + - gh auth login --with-token < token.txt + - gh auth status - | mvn org.apache.maven.plugins:maven-dependency-plugin:3.1.2:get \ -DrepoUrl=https://aws.oss.sonatype.org \ @@ -37,4 +42,4 @@ phases: mvn org.apache.maven.plugins:maven-dependency-plugin:3.1.2:get \ -DrepoUrl=https://aws.oss.sonatype.org \ -Dartifact=com.amazonaws:aws-encryption-sdk-java:${VERSION}:jar:javadoc - - gh release upload v${VERSION} ~/.m2/repository/com/amazonaws/aws-encryption-sdk-java/${VERSION}/*.jar + - gh release create v${VERSION} ~/.m2/repository/com/amazonaws/aws-encryption-sdk-java/${VERSION}/*.jar -d -F CHANGELOG.md -t "AWS Encryption SDK ${VERSION} Release -- $(date +%Y-%m-%d)" diff --git a/codebuild/release/version.yml b/codebuild/release/version.yml index 79b1bab41..560b34b25 100644 --- a/codebuild/release/version.yml +++ b/codebuild/release/version.yml @@ -26,5 +26,5 @@ phases: - git checkout $BRANCH build: commands: - - npx semantic-release --branches $BRANCH --no-ci + - npx semantic-release --branches $BRANCH --no-ci diff --git a/look_4_version.sh b/look_4_version.sh old mode 100644 new mode 100755 diff --git a/pom.xml b/pom.xml index 48e90bf4c..babeb0b33 100644 --- a/pom.xml +++ b/pom.xml @@ -4,7 +4,7 @@ com.amazonaws aws-encryption-sdk-java - 1.9.1 + 1.9.2 jar aws-encryption-sdk-java @@ -42,27 +42,27 @@ com.amazonaws aws-java-sdk - 1.11.704 + 1.12.162 true org.bouncycastle bcprov-ext-jdk15on - 1.67 + 1.70 org.mockito mockito-core - 2.28.1 + 4.4.0 test org.junit.vintage junit-vintage-engine - 5.7.1 + 5.8.2 test @@ -83,14 +83,14 @@ com.google.code.findbugs annotations - 3.0.1 + 3.0.1u2 provided org.apache.commons commons-lang3 - 3.9 + 3.12.0 @@ -100,7 +100,7 @@ org.apache.maven.plugins maven-compiler-plugin - 3.8.0 + 3.9.0 1.8 1.8 @@ -110,7 +110,7 @@ org.apache.maven.plugins maven-javadoc-plugin - 3.0.1 + 3.3.2 128m 1024m @@ -122,7 +122,7 @@ org.codehaus.mojo build-helper-maven-plugin - 3.0.0 + 3.3.0 add-test-source @@ -142,7 +142,7 @@ com.coveo fmt-maven-plugin - 2.12 + 2.13 @@ -179,7 +179,7 @@ org.apache.maven.plugins maven-gpg-plugin - 1.6 + 3.0.1 sign-artifacts @@ -215,7 +215,7 @@ org.apache.maven.plugins maven-gpg-plugin - 1.6 + 3.0.1 sign-artifacts @@ -236,7 +236,7 @@ org.sonatype.plugins nexus-staging-maven-plugin - 1.6.3 + 1.6.12 true sonatype-nexus-staging @@ -257,7 +257,7 @@ org.apache.maven.plugins maven-surefire-plugin - 2.22.0 + 2.22.2 **/AllTestsSuite.java @@ -278,7 +278,7 @@ org.apache.maven.plugins maven-surefire-plugin - 2.22.0 + 2.22.2 **/FastTestsOnlySuite.java diff --git a/src/main/java/com/amazonaws/encryptionsdk/AwsCrypto.java b/src/main/java/com/amazonaws/encryptionsdk/AwsCrypto.java index 7ba6af698..72f5913e3 100644 --- a/src/main/java/com/amazonaws/encryptionsdk/AwsCrypto.java +++ b/src/main/java/com/amazonaws/encryptionsdk/AwsCrypto.java @@ -14,6 +14,7 @@ import java.nio.charset.StandardCharsets; import java.util.Collections; import java.util.Map; +import java.util.logging.Logger; /** * Provides the primary entry-point to the AWS Encryption SDK. All encryption and decryption @@ -65,6 +66,7 @@ */ @SuppressWarnings("WeakerAccess") // this is a public API public class AwsCrypto { + private static final Logger LOGGER = Logger.getLogger(AwsCrypto.class.getName()); private static final Map EMPTY_MAP = Collections.emptyMap(); // These are volatile because we allow unsynchronized writes via our setters, @@ -83,6 +85,13 @@ public class AwsCrypto { */ private final int maxEncryptedDataKeys_; + private static void warn_end_of_support() { + LOGGER.warning( + "This major version (1.x) of the AWS Encryption SDK for Java has reached End-of-Support.\n" + + "It will no longer receive security updates or bug fixes.\n" + + "Consider updating to the latest version of the AWS Encryption SDK."); + } + /** * @deprecated This constructor implicitly configures the Aws Crypto client with a commitment * policy that allows reading encrypted messages without commitment values. Use {@link @@ -91,11 +100,13 @@ public class AwsCrypto { */ @Deprecated public AwsCrypto() { + warn_end_of_support(); commitmentPolicy_ = CommitmentPolicy.ForbidEncryptAllowDecrypt; maxEncryptedDataKeys_ = CiphertextHeaders.NO_MAX_ENCRYPTED_DATA_KEYS; } private AwsCrypto(Builder builder) { + warn_end_of_support(); if (builder.commitmentPolicy_ == null) { throw new IllegalArgumentException("Must specify a commitment policy on the client."); } diff --git a/src/test/java/com/amazonaws/encryptionsdk/kms/KmsMasterKeyProviderTest.java b/src/test/java/com/amazonaws/encryptionsdk/kms/KmsMasterKeyProviderTest.java index 854ecaa10..2b1a7eae1 100644 --- a/src/test/java/com/amazonaws/encryptionsdk/kms/KmsMasterKeyProviderTest.java +++ b/src/test/java/com/amazonaws/encryptionsdk/kms/KmsMasterKeyProviderTest.java @@ -17,8 +17,8 @@ import static org.mockito.Mockito.spy; import static org.mockito.Mockito.times; import static org.mockito.Mockito.verify; +import static org.mockito.Mockito.verifyNoInteractions; import static org.mockito.Mockito.verifyNoMoreInteractions; -import static org.mockito.Mockito.verifyZeroInteractions; import static org.mockito.Mockito.when; import com.amazonaws.AmazonServiceException; @@ -402,7 +402,7 @@ public void testDecrypt() throws Exception { () -> mkp.decryptDataKey(ALGORITHM_SUITE, inputEDKs, ENCRYPTION_CONTEXT)); ArgumentCaptor decrypt = ArgumentCaptor.forClass(DecryptRequest.class); - verifyZeroInteractions(client); + verifyNoInteractions(client); return; }