Bump com.nimbusds:nimbus-jose-jwt from 10.4.2 to 10.5

[dependabot]

Bumps com.nimbusds:nimbus-jose-jwt from 10.4.2 to 10.5.

Changelog

Sourced from com.nimbusds:nimbus-jose-jwt's changelog.

10.4.2 (2025-08-14) * Updates GSon to 2.13.1. * Updates BouncyCastle to 1.81.

10.5 (2025-09-05) * Support for specifying a ScheduledExecutorService instance in RefreshAheadCachingJWKSetSource and JWKSourceBuilder (iss #592).

Commits

• 584951f Adds support for specifying the ScheduledExecutorService-instance in RefreshA...
• 436fb18 Add tests for JWKSourceBuilder and RefreshAheadCachingJWKSetSource
• 2aa473f [maven-release-plugin] prepare for next development iteration
• d52acf5 Merged in iss592 (pull request #129)
• d1834c6 JWKSourceBuilderTest must target Java 7
• 5fb46ee Change log for 10.5, JavaDoc edits (iss #592)
• 724be14 RefreshAheadCachingJWKSetSource JavaDoc markup fix (iss #592)
• 6be3a17 [maven-release-plugin] prepare release 10.5
• See full diff in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[quarkus-bot]

Status for workflow Quarkus CI

This is the status report for running Quarkus CI on commit 00bc6e1.

Failing Jobs

Status	Name	Step	Failures	Logs	Raw logs	Build scan
✔️	JVM Tests - JDK 17			Logs	Raw logs	🔍
✔️	JVM Tests - JDK 21			Logs	Raw logs	🚧
❌	JVM Tests - JDK 17 Windows	Build	Failures	Logs	Raw logs	🚧

Full information is available in the Build summary check run.
You can consult the Develocity build scans.

Failures

⚙️ JVM Tests - JDK 17 Windows #

- Failing: extensions/vertx-http/deployment 
! Skipped: devtools/bom-descriptor-json devtools/cli extensions/agroal/deployment and 148 more

📦 extensions/vertx-http/deployment

❌ io.quarkus.vertx.http.proxy.TrustedForwarderDnsResolveTest.testTrustedProxyResolved - History - More details - Source on GitHub

java.io.IOException: 
Error while binding on /127.0.0.1:53530
original message : Address already in use: bind
	at org.apache.mina.transport.socket.nio.NioSocketAcceptor.open(NioSocketAcceptor.java:238)
	at org.apache.mina.transport.socket.nio.NioSocketAcceptor.open(NioSocketAcceptor.java:51)
	at org.apache.mina.core.polling.AbstractPollingIoAcceptor.registerHandles(AbstractPollingIoAcceptor.java:585)
	at org.apache.mina.core.polling.AbstractPollingIoAcceptor.access$400(AbstractPollingIoAcceptor.java:71)
	at org.apache.mina.core.polling.AbstractPollingIoAcceptor$Acceptor.run(AbstractPollingIoAcceptor.java:459)