diff --git a/.circleci/config.yml b/.circleci/config.yml
index b649d2fc..af3225f8 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -1,4 +1,6 @@
 version: 2.1
+orbs:
+  codecov: codecov/codecov@3
 
 commands:
   checkout-and-build:
@@ -19,10 +21,7 @@ commands:
   run-tests:
     steps:
       - run: ./gradlew check jacocoTestReport --continue --console=plain
-      - run:
-          name: Upload Coverage
-          when: on_success
-          command: bash <(curl -s https://codecov.io/bash) -Z -C $CIRCLE_SHA1
+      - codecov/upload
   run-api-diff:
     steps:
       # run apiDiff task
diff --git a/.shiprc b/.shiprc
new file mode 100644
index 00000000..2bd0fdb3
--- /dev/null
+++ b/.shiprc
@@ -0,0 +1,7 @@
+{
+  "files": {
+    "README.md": [],
+    "lib/build.gradle": ["version[[:blank:]]*=[[:blank:]]*{MAJOR}.{MINOR}.{PATCH}"]
+  },
+  "prefixVersion": false
+}
\ No newline at end of file
diff --git a/CHANGELOG.md b/CHANGELOG.md
index d81f9a18..f22b8da7 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,17 @@
 # Change Log
 
+## [3.19.4](https://github.com/auth0/java-jwt/tree/3.19.4) (2023-01-11)
+[Full Changelog](https://github.com/auth0/java-jwt/compare/3.19.3...3.19.4) 
+
+This patch release does not contain any functional changes, but is being released using an updated signing key for verification as part of our commitment to best security practices.
+Please review [the README note for additional details.](https://github.com/auth0/java-jwt/blob/v3/README.md)
+
+## [3.19.3](https://github.com/auth0/java-jwt/tree/3.19.3) (2022-10-24)
+[Full Changelog](https://github.com/auth0/java-jwt/compare/3.19.2...3.19.3)
+
+**Security**
+- Update com.fasterxml.jackson.core:jackson-databind to 2.13.4.2 [\#631](https://github.com/auth0/java-jwt/pull/631) ([jimmyjames](https://github.com/jimmyjames))
+
 ## [3.19.2](https://github.com/auth0/java-jwt/tree/3.19.2) (2022-05-05)
 [Full Changelog](https://github.com/auth0/java-jwt/compare/3.19.1...3.19.2)
 
diff --git a/README.md b/README.md
index c55fa70c..6f059351 100644
--- a/README.md
+++ b/README.md
@@ -7,6 +7,12 @@
 [![License](https://img.shields.io/:license-mit-blue.svg?style=flat)](https://doge.mit-license.org)
 [![Javadoc](https://javadoc.io/badge2/com.auth0/java-jwt/javadoc.svg)](https://javadoc.io/doc/com.auth0/java-jwt/latest/index.html)
 
+> **Note**
+> As part of our ongoing commitment to best security practices, we have rotated the signing keys used to sign previous releases of this SDK. As a result, new patch builds have been released using the new signing key. Please upgrade at your earliest convenience.
+> 
+> While this change won’t affect most developers, if you have implemented a dependency signature validation step in your build process, you may notice a warning that past releases can’t be verified. This is expected, and a result of the key rotation process. Updating to the latest version will resolve this for you.
+
+
 A Java implementation of [JSON Web Token (JWT) - RFC 7519](https://tools.ietf.org/html/rfc7519).
 
 > :warning:  **Important security note:** JVM has a critical vulnerability for ECDSA Algorithms - [CVE-2022-21449](https://nvd.nist.gov/vuln/detail/CVE-2022-21449). Please review the details of the vulnerability and update your environment.
@@ -25,14 +31,14 @@ The library is available on both Maven Central and Bintray, and the Javadoc is p
 <dependency>
     <groupId>com.auth0</groupId>
     <artifactId>java-jwt</artifactId>
-    <version>3.19.2</version>
+    <version>3.19.4</version>
 </dependency>
 ```
 
 ### Gradle
 
 ```gradle
-implementation 'com.auth0:java-jwt:3.19.2'
+implementation 'com.auth0:java-jwt:3.19.4'
 ```
 
 ## Available Algorithms
diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
index 4d9ca164..d355f4c4 100644
--- a/gradle/wrapper/gradle-wrapper.properties
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -1,5 +1,5 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-6.7.1-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-6.9.3-bin.zip
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
diff --git a/lib/build.gradle b/lib/build.gradle
index fbc88df8..39bd67ec 100644
--- a/lib/build.gradle
+++ b/lib/build.gradle
@@ -1,3 +1,4 @@
+
 plugins {
     id 'java'
     id 'jacoco'
@@ -38,7 +39,7 @@ java {
 compileJava {
     exclude 'module-info.java'
     // Required to be compatible with JDK 8+
-    options.compilerArgs = ['--release', "8"]
+    options.release = 8
 }
 
 javadoc {
@@ -47,7 +48,7 @@ javadoc {
 }
 
 dependencies {
-    implementation 'com.fasterxml.jackson.core:jackson-databind:2.13.2.2'
+    implementation 'com.fasterxml.jackson.core:jackson-databind:2.13.4.2'
     testImplementation 'org.bouncycastle:bcprov-jdk15on:1.60'
     testImplementation 'junit:junit:4.12'
     testImplementation 'net.jodah:concurrentunit:0.4.3'
@@ -93,3 +94,11 @@ jar {
 
 compileModuleInfoJava.dependsOn compileJava
 classes.dependsOn compileModuleInfoJava
+
+// Creates a version.txt file containing the current version of the SDK.
+// This file is picked up and parsed by our Ship Orb to determine the version.
+task exportVersion()  {
+    doLast {
+        new File(rootDir, "version.txt").text = "$version"
+    }
+}
diff --git a/settings.gradle b/settings.gradle
index b614415b..a4cda2d7 100644
--- a/settings.gradle
+++ b/settings.gradle
@@ -3,7 +3,7 @@ pluginManagement {
         gradlePluginPortal()
     }
     plugins {
-        id 'com.auth0.gradle.oss-library.java' version '0.16.0'
+        id 'com.auth0.gradle.oss-library.java' version '0.17.2'
     }
 }