From c781755c6e48a11d5e2f4792848ec60b26835ce2 Mon Sep 17 00:00:00 2001
From: Armin Schrenk <armin.schrenk@skymatic.de>
Date: Mon, 21 Mar 2022 14:02:02 +0100
Subject: [PATCH 1/3] use special sign process for windows exe bundle

---
 .github/workflows/win-exe.yml | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/win-exe.yml b/.github/workflows/win-exe.yml
index f024d7347..9ecf71f56 100644
--- a/.github/workflows/win-exe.yml
+++ b/.github/workflows/win-exe.yml
@@ -217,7 +217,22 @@ jobs:
         run: >
           "${WIX}/bin/light.exe" -b dist/win/ dist/win/bundle/bundleWithWinfsp.wixobj
           -ext WixBalExtension
-          -out installer/Cryptomator.exe
+          -out installer/unsigned/Cryptomator.exe
+      - name: Detach burn engine in preparation to sign
+        run: >
+          "${WIX}/bin/insignia.exe" -ib .\installer\unsigned\Cryptomator.exe -o .\tmp\engine.exe
+      - name: Codesign burn engine
+        uses: skymatic/code-sign-action@v1
+        with:
+          certificate: ${{ secrets.WIN_CODESIGN_P12_BASE64 }}
+          password: ${{ secrets.WIN_CODESIGN_P12_PW }}
+          certificatesha1: FF52240075AD7D14AF25629FDF69635357C7D14B
+          description: Wix Burn Engine
+          timestampUrl: 'http://timestamp.digicert.com'
+          folder: tmp
+      - name: Reattach signed burn engine to installer
+        run : >
+          ${WIX}/bin/insignia.exe" -ab tmp\engine.exe installer\unsigned\Cryptomator.exe -o installer\Cryptomator.exe
       - name: Codesign EXE
         uses: skymatic/code-sign-action@v1
         with:

From d39c3969df32cd46afd79b1360df40754a6aa11b Mon Sep 17 00:00:00 2001
From: Sebastian Stenzel <sebastian.stenzel@gmail.com>
Date: Mon, 21 Mar 2022 14:05:29 +0100
Subject: [PATCH 2/3] share charset configuration

[ci skip]
---
 .gitignore          | 1 -
 .idea/encodings.xml | 6 ++++++
 2 files changed, 6 insertions(+), 1 deletion(-)
 create mode 100644 .idea/encodings.xml

diff --git a/.gitignore b/.gitignore
index 8e239b35e..5c84c0dfb 100644
--- a/.gitignore
+++ b/.gitignore
@@ -21,7 +21,6 @@ pom.xml.versionsBackup
 .idea/dictionaries/**
 !.idea/dictionaries/dict_*
 .idea/compiler.xml
-.idea/encodings.xml
 .idea/jarRepositories.xml
 .idea/uiDesigner.xml
 .idea/**/libraries/
diff --git a/.idea/encodings.xml b/.idea/encodings.xml
new file mode 100644
index 000000000..c2bae49d7
--- /dev/null
+++ b/.idea/encodings.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="Encoding" defaultCharsetForPropertiesFiles="UTF-8">
+    <file url="PROJECT" charset="UTF-8" />
+  </component>
+</project>
\ No newline at end of file

From 19d26de4ec7b43c857be824341b6e744110d752d Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 21 Mar 2022 09:24:22 +0000
Subject: [PATCH 3/3] fix: pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-2421244
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 469ab6398..6b70b6aba 100644
--- a/pom.xml
+++ b/pom.xml
@@ -39,7 +39,7 @@
 		<!-- 3rd party dependencies -->
 		<javafx.version>17.0.2</javafx.version>
 		<commons-lang3.version>3.12.0</commons-lang3.version>
-		<jwt.version>3.18.3</jwt.version>
+		<jwt.version>3.19.0</jwt.version>
 		<easybind.version>2.2</easybind.version>
 		<guava.version>31.0-jre</guava.version>
 		<dagger.version>2.40.3</dagger.version>