Bump org.pgpainless:pgpainless-core from 1.6.7 to 1.7.1

[dependabot]

Bumps org.pgpainless:pgpainless-core from 1.6.7 to 1.7.1.

Changelog

Sourced from org.pgpainless:pgpainless-core's changelog.

1.7.1

• Bump sop-java to 10.0.2
• Downgrade logback-core and logback-classic to 1.2.13 (fix CLI spam)

1.7.0

• Bump bcpg-jdk8on to 1.78.1
• Bump bcprov-jdk18on to 1.78.1
• Bump logback-core and logback-classic to 1.4.14
• pgpainless-core
  • Rewrote most of the codebase in Kotlin
  • Removed OpenPgpMetadata (decryptionStream.getResult()) in favor of MessageMetadata (decryptionStream.getMetadata())
  • Removed support for generating EC keys over non-standard curve secp256k1
  • Properly feed EOS tokens to the pushdown automaton when reaching the end of stream (thanks @​iNPUTmice)
  • Do not choke on unknown signature subpackets (thanks @​Jerbell)
  • Prevent timing issues resulting in subkey binding signatures predating the subkey (@​thanks Jerbell)
  • Rename LibrePGP-related Feature enums:
    • GNUPG_AEAD_ENCRYPTED_DATA -> LIBREPGP_OCB_ENCRYPTED_DATA
    • GNUPG_VERSION_5_PUBLIC_KEY -> LIBREPGP_VERSION_5_PUBLIC_KEY
  • Properly reject signatures by non-signing primary keys
  • Add EncryptionBuilder.discardOutput() (useful for detached signing)
  • Remove support for generation of keys over non-standard secp256k1 curve
  • Add base support for padding packets
  • Do not choke on LibrePGP OED packets
  • Supersede addPassphrase()/addDecryptionPassphrase() methods with more clear addMessagePassphrase()
• pgpainless-sop, pgpainless-cli
  • Bump sop-java to 10.0.1, implementing SOP Spec Revision 10
  • Change API of sop.encrypt to return a ReadyWithResult<EncryptionResult> to expose the session key
  • decrypt --verify-with: Fix to not throw NoSignature exception (exit code 3) if VERIFICATIONS is empty
  • Separate signature verification operations into SOPV interface
  • Add version --sopv option
  • Throw BadData error when passing KEYS where CERTS are expected.
  • armor: Remove --label option

Commits

• fac2374 PGPainless 1.7.1
• 60c963f Document logback spam
• ab6cde3 Bump sop-java to 10.0.2
• e5a0617 Fix CLI being spammed by logback by downgrading to logback-core 1.2.13
• 52b6d5c Fix some minor code issues
• fb71ef2 PGPainless 1.7.1-SNAPSHOT
• 8b40062 PGPainless 1.7.0
• 3388d90 Update README
• 62c661e Update SECURITY.md
• 039595f Update changelog
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #2888.