You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
github.com/go-jose/go-jose/v3 dependency has made a new github.com/go-jose/go-jose/v4 version. It breaks backwards compatibility to improve security:
This release makes some breaking changes in order to more thoroughly address the vulnerabilities discussed in Three New Attacks Against JSON Web Tokens, "Sign/encrypt confusion", "Billion hash attack", and "Polyglot token".
I think it is not critical, but it would be beneficial to do so sooner than later.
Describe your ideal solution
We upgrade.
Workarounds or alternatives
We do not.
Version
latest master
Additional Context
No response
The text was updated successfully, but these errors were encountered:
Preflight checklist
Ory Network Project
No response
Describe your problem
github.com/go-jose/go-jose/v3
dependency has made a newgithub.com/go-jose/go-jose/v4
version. It breaks backwards compatibility to improve security:I think it is not critical, but it would be beneficial to do so sooner than later.
Describe your ideal solution
We upgrade.
Workarounds or alternatives
We do not.
Version
latest master
Additional Context
No response
The text was updated successfully, but these errors were encountered: