Skip to content

Navigation Menu

Explore
By company size
By use case
By industry
View all solutions
Topics
- AI
- DevOps
- Security
- Software Development
- View all
Explore
- GitHub Sponsors
  Fund open source developers
- The ReadME Project
  GitHub community articles
Repositories
- Enterprise platform
  AI-powered developer platform
Available add-ons
Pricing

Search code, repositories, users, issues, pull requests...

Search

Clear

Search syntax tips

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Name

Query

To see all available qualifiers, see our documentation.

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

yaronf / httpsign Public

Notifications You must be signed in to change notification settings
Fork 2
Star 14

Code
Issues 1
Pull requests
Actions
Projects
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Actions
Projects
Security
Insights

Releases: yaronf/httpsign

Releases · yaronf/httpsign

Bump JWX and Go version to address a CVE

23 Dec 09:55

yaronf

Compare

Choose a tag to compare

Loading

Bump JWX and Go version to address a CVE Latest

Latest

v0.3.2

Recent JWX possibly broken, quote go version

Assets 2

Loading

All reactions

Documentation fixes

11 Jun 14:09

yaronf

Compare

Choose a tag to compare

Loading

Documentation fixes

v0.3.1

Documentation fixes

Assets 2

Loading

All reactions

Key ID no longer mandatory

11 Jun 11:33

yaronf

This commit was created on GitHub.com and signed with GitHub’s verified signature.

GPG key ID: B5690EEEBB952194

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Key ID no longer mandatory

Breaking change: keyid is no longer a Signer/Verifier parameter. Instead if it is needed, include it in SignConfig/VerifyConfig.

Assets 2

Loading

All reactions

Normalize path for @request-target

25 Mar 17:06

yaronf

Compare

Choose a tag to compare

Loading

Normalize path for @request-target

v0.2.2

Normalize an empty path

Assets 2

Loading

All reactions

Bump JWX library

08 Mar 23:52

yaronf

This commit was created on GitHub.com and signed with GitHub’s verified signature.

GPG key ID: B5690EEEBB952194

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

Bump JWX library

No change other than addressing CVE-2024-21319 (which does not apply to our code).

Assets 2

Loading

All reactions

RFC 9421

15 Feb 10:54

yaronf

Compare

Choose a tag to compare

Loading

RFC 9421

Full implementation of the RFC, including test cases.

Assets 2

Loading

All reactions

Draft -17

27 May 15:17

yaronf

Compare

Choose a tag to compare

Loading

Draft -17

Draft -17 made an important change re: encoding of query parameters.

Assets 2

Loading

All reactions

Renamed signature context

27 Nov 22:15

yaronf

Compare

Choose a tag to compare

Loading

Renamed signature context

v0.1.15

Bump GH actions

Assets 2

Loading

All reactions

Draft -12

22 Sep 08:12

yaronf

Compare

Choose a tag to compare

Loading

Draft -12

Binary sequences
Signature context
Updated test vectors, including message transformations
New ECDSA variant
Improved parameter validation on signing

Full Changelog: v0.1.13...v0.1.14

Assets 2

Loading

All reactions

Draft -10

27 May 11:18

yaronf

Compare

Choose a tag to compare

Loading

Draft -10

New way to bind requests and responses.
A bit of security hygiene.

Full Changelog: v0.1.12...v0.1.13

Assets 2

Loading

All reactions

Previous 1 2 3 Next

Previous Next

Footer

© 2025 GitHub, Inc.

Footer navigation

Terms
Privacy
Security
Status
Docs
Contact

You can’t perform that action at this time.