Description
The Bouncy Castle lib comes in different variants depending on JDK version. Currently, AWS encryption SDK includes a dependency on org.bouncycastle:bcprov-ext-jdk15on, which is to be read as "JDK 1.5 and forward", not "JDK 15 and forward".
This artifact however seems to have stopped getting releases; the latest version 1.72 does not exist for the jdk15on variant. Instead, there is a jdk18on variant. This should be safe to depend on, since Java 8 (a.k.a Java 1.8) is already a requirement for the AWS encryption SDK.
Our project recently ran into confusing build conflicts that we were unable to resolve without excluding the transitive dependency. This is a difficult problem to really solve, but it seems to me that defaulting on the jdk18on variant would be a better option.