build(deps): bump com.nimbusds:nimbus-jose-jwt from 9.37.3 to 9.40

[dependabot]

Bumps com.nimbusds:nimbus-jose-jwt from 9.37.3 to 9.40.

Changelog

Sourced from com.nimbusds:nimbus-jose-jwt's changelog.

version 1.0 (2012-03-01)

• First version based on the OpenInfoCard JWT, JWS and JWE code base.

version 1.1 (2012-03-06)

• Introduces type-safe enumeration of the JSON Web Algorithms (JWA).
• Refactors the JWT class.

version 1.2 (2012-03-08)

• Moves JWS and JWE code into separate classes.

version 1.3 (2012-03-09)

• Switches to Apache Commons Codec for Base64URL encoding and decoding
• Consolidates the crypto utilities within the package.
• Introduces a JWT content serialiser class.

version 1.4 (2012-03-09)

• Refactoring of JWT class and JUnit tests.

version 1.5 (2012-03-18)

• Switches to JSON Smart for JSON serialisation and parsing.
• Introduces claims set class with JSON objects, string, Base64URL and byte array views.

version 1.6 (2012-03-20)

• Creates class for representing, serialising and parsing JSON Web Keys (JWK).
• Introduces separate class for representing JWT headers.

version 1.7 (2012-04-01)

• Introduces separate classes for plain, JWS and JWE headers.
• Introduces separate classes for plain, signed and encrypted JWTs.
• Removes the JWTContent class.
• Removes password-based (PE820) encryption support.

version 1.8 (2012-04-03)

• Adds support for the ZIP JWE header parameter.
• Removes unsupported algorithms from the JWA enumeration.

version 1.9 (2012-04-03)

• Renames JWEHeader.{get|set}EncryptionAlgorithm() to JWEHeader.{get|set}EncryptionMethod().

version 1.9.1 (2012-04-03)

• Upgrades JSON Smart JAR to 1.1.1.

version 1.10 (2012-04-14)

• Introduces serialize() method to base abstract JWT class.

version 1.11 (2012-05-13)

• JWT.serialize() throws checked JWTException instead of

... (truncated)

Commits

• 4320e1f Disables tests incompatible with BC "fips" profile
• caf5b9f Change log edits
• 0fcdc21 SignedJWT, EncryptedJWT and PlainJWT must serialise JWTClaimsSet claims with ...
• cb37910 JWEObject.decrypt must reject cipher texts of compressed plain text that are ...
• f470497 Chane log edits for 9.38
• 57f268d [maven-release-plugin] prepare release 9.38
• 4409b5f [maven-release-plugin] prepare for next development iteration
• 6820c9d Merged connect2id/nimbus-jose-jwt into master
• f14e944 Bumped Maven plugins
• bd59d30 Adds JSONObjectUtils.getEpochSecondAsDate, JWTClaimsSet.parse must handle nul...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)