Release 1.5.3 (#81)

jimmyjames · web-flow · commit 39a3f9b0337d · 2023-01-11T10:50:05.000-06:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,14 @@
 # Change Log
 
+## [1.5.3](https://github.com/auth0/auth0-spring-security-api/tree/1.5.3) (2023-01-11)
+[Full Changelog](https://github.com/auth0/auth0-spring-security-api/compare/1.5.2...1.5.3)
+
+This patch release does not contain any functional changes, but is being released using an updated signing key for verification as part of our commitment to best security practices. 
+Please review [the README note for additional details.](https://github.com/auth0/auth0-spring-security-api/blob/master/README.md)
+
+**Security**
+- Update auth0 dependencies [\#80](https://github.com/auth0/auth0-spring-security-api/pull/80) ([jimmyjames](https://github.com/jimmyjames))
+
 ## [1.5.2](https://github.com/auth0/auth0-spring-security-api/tree/1.5.2) (2022-10-26)
 [Full Changelog](https://github.com/auth0/auth0-spring-security-api/compare/1.5.1...1.5.2)
 
diff --git a/README.md b/README.md
@@ -7,6 +7,11 @@
 [![codecov][codecov-badge]][codecov-url]
 [![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Fauth0%2Fauth0-spring-security-api.svg?type=shield)](https://app.fossa.com/projects/git%2Bgithub.com%2Fauth0%2Fauth0-spring-security-api?ref=badge_shield)
 
+> **Note**
+> As part of our ongoing commitment to best security practices, we have rotated the signing keys used to sign previous releases of this SDK. As a result, new patch builds have been released using the new signing key. Please upgrade at your earliest convenience.
+> 
+> While this change won't affect most developers, if you have implemented a dependency signature validation step in your build process, you may notice a warning that past releases can't be verified. This is expected, and a result of the key rotation process. Updating to the latest version will resolve this for you.
+
 Spring Security integration with Auth0 to secure your API with Json Web Tokens (JWT)
 
 > This library targets Spring 4 and Spring Boot 1. If you are using Spring 5 and Spring Boot 2, please see the [Spring Security 5 API Quickstart](https://auth0.com/docs/quickstart/backend/java-spring-security5).
