Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Merge #1044 #1045

Merged
merged 2 commits into from
Dec 19, 2023
Merged

Merge #1044 #1045

merged 2 commits into from
Dec 19, 2023

Conversation

lestrrat
Copy link
Collaborator

No description provided.

@codecov Codecov
Copy link

codecov bot commented Dec 19, 2023
edited
Loading

Codecov Report

Attention: 4 lines in your changes are missing coverage. Please review.

Comparison is base (0a15b4d) 72.00% compared to head (18a246d) 72.27%.
Report is 16 commits behind head on develop/v2.

Files Patch % Lines
jwe/jwe.go 91.17% 2 Missing and 1 partial ⚠️
jwe/options_gen.go 88.88% 1 Missing ⚠️
Additional details and impacted files 
@@              Coverage Diff               @@
##           develop/v2    #1045      +/-   ##
==============================================
+ Coverage       72.00%   72.27%   +0.27%     
==============================================
  Files              93       93              
  Lines           13795    13844      +49     
==============================================
+ Hits             9933    10006      +73     
+ Misses           3044     3021      -23     
+ Partials          818      817       -1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@lestrrat lestrrat merged commit 50de553 into develop/v2 Dec 19, 2023
33 checks passed
@lestrrat lestrrat deleted the nlacey-update-deps branch December 19, 2023 23:07
@lestrrat lestrrat mentioned this pull request Dec 19, 2023
Closed
@nlacey
Copy link

nlacey commented Dec 20, 2023

Thanks! can we get a new release? thanks for a great tool!

@lestrrat
Copy link
Collaborator Author

@nlacey I'm kind of waiting for response on #1034, and either way generally we don't do releases as soon as a fix goes in to wait for the dust to settle, so it will take at least a few days if not more (also, end of year holidays...). If you are in a hurry, for the time being I suggest pegging your builds to a commit hash.

lestrrat added a commit that referenced this pull request Jan 9, 2024
@lestrrat @dependabot
@sding3 @frestr
v2.0.19 (#1051)
d69a721 
* Bump golang.org/x/crypto from 0.14.0 to 0.15.0

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.14.0 to 0.15.0.
- [Commits](golang/crypto@v0.14.0...v0.15.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

* Run gazelle-update-repos

* Add jwe.WithCEK (#1011)

* Add jwe.WithCEK

* Allow using a static CEK via EncryptStatic

* appease linter

* Update go.sum

* Docs

* Update generated options

* Add test

* clarify when jwk.Set.RemoveKey can return error (#1015)

* Remove signer instance upon call to jws.UnregisterSigner (#1017)

* Delete signer instance upon call to jws.UnregisterSigner

* Update Changes

* Tweak documentation (#1018)

* Bump golang.org/x/crypto from 0.15.0 to 0.16.0 (#1020)

* Bump golang.org/x/crypto from 0.15.0 to 0.16.0

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.15.0 to 0.16.0.
- [Commits](golang/crypto@v0.15.0...v0.16.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

* Run bazel and tidy

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Daisuke Maki <[email protected]>

* Merge pull request from GHSA-7f9x-gw85-8grf

* Update Changes

* Appease linter

* fix deps.bzl

* Bump actions/setup-go from 4 to 5 (#1027)

Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump actions/stale from 8 to 9 (#1029)

Bumps [actions/stale](https://github.com/actions/stale) from 8 to 9.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](actions/stale@v8...v9)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Merge #1044 (#1045)

* update all dependencies 12/19/2023

* Run gazelle-update-repos

---------

Co-authored-by: Nathan Lacey <[email protected]>

* Update go version in go.mod to go1.18, which matches CI (#1046)

* Bump github/codeql-action from 2 to 3 (#1031)

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@v2...v3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add jws.IsVerificationError (#1049)

* Add jws.IsVerificationError

* tweak document

* Merge pull request from GHSA-pvcr-v8j8-j5q3

* Add tests for empty protected headers

* check for sig.protected == nil

* Add one more case for missing protected headers in compact form

* Update Changes

* JWS: Check for sig.protected == nil on non-flattened input

---------

Co-authored-by: Fredrik Strupe <[email protected]>

* Update Changes

* fix typo

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shang Jian Ding <[email protected]>
Co-authored-by: Nathan Lacey <[email protected]>
Co-authored-by: Fredrik Strupe <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@lestrrat @nlacey