fix(deps): bump com.nimbusds:nimbus-jose-jwt from 10.5 to 10.7

[dependabot]

Bumps com.nimbusds:nimbus-jose-jwt from 10.5 to 10.7.

Changelog

Sourced from com.nimbusds:nimbus-jose-jwt's changelog.

10.5 (2025-09-05) * Support for specifying a ScheduledExecutorService instance in RefreshAheadCachingJWKSetSource and JWKSourceBuilder (iss #592).

10.6 (2025-11-06) * Adds static CollectionUtils.containsNull(Set) method. * DefaultJWTClaimsVerifier accepted "aud" (audience) argument must be compatible with Set.of (iss #499). * The DefaultJWTClaimsVerifier must not include JWT claim values in BadJWTException messages (iss #605).

10.7 (2026-01-08) * Adds MaxCompressedCipherTextLength that implements JWEDecrypterOption, to to configure the maximum allowed length of compressed cipher text. * Adds JWEObject.decrypt(JWEDecrypter, Set) method to support the MaxCompressedCipherTextLength option.

Commits

• dacdb14 [maven-release-plugin] prepare for next development iteration
• d5b9c10 Documents truncation and rounding for float and double getters in JWTClaimsSet
• 86011d2 The DefaultJWTClaimsVerifier must not include JWT claim values in BadJWTExcep...
• 1079a45 Adds JSONObjectUtilsTest.testParseObjectDuplicateMember_object (iss #603)
• 78e86f8 DefaultJWTClaimsVerifier accepted "aud" (audience) argument must be compatibl...
• d4c1e05 [maven-release-plugin] prepare release 10.6
• 6a6d0b3 [maven-release-plugin] prepare for next development iteration
• 72ba7d2 Add configurable max compressed cipher text length for JWE decryption (iss #570)
• 74d1dd1 Merged in feature/configurable-max-compressed-ciphertext-length (pull request...
• 1b4a3eb Edits JavaDocs, CHANGELOG.txt for 10.7 release
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[RicoFactset]

Checkmarx One – Scan Summary & Details – c880f50c-05f5-4f0b-a7ea-796117e96eca

Great job! No new security vulnerabilities introduced in this pull request

---

Use @Checkmarx to interact with Checkmarx PR Assistant.
Examples:
@Checkmarx how are you able to help me?
@Checkmarx rescan this PR

[Filip1x9]

@dependabot squash and merge

[dependabot]

Beginning January 27, 2026, Dependabot will no longer support the @dependabot squash and merge command. Please use GitHub's native pull request controls instead. Please see the changelog announcement for additional details.