Bumps [github.com/go-jose/go-jose/v4](
https://github.com/go-jose/go-jose) from 4.0.5 to 4.1.4.
- [Release notes](
https://github.com/go-jose/go-jose/releases)
- [Commits](
go-jose/go-jose@v4.0.5...v4.1.4)
---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v4
dependency-version: 4.1.4
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Bumps github.com/go-jose/go-jose/v4 from 4.0.5 to 4.1.4.
Release notesSourced from github.com/go-jose/go-jose/v4's releases.
v4.1.3
This release drops Go 1.23 support as that Go release is no longer supported. With that, we can drop x/crypto and no longer have any external dependencies in go-jose outside of the standard library!
This release fixes a bug where a critical b64 header was ignored if in an unprotected header. It is now rejected instead of ignored.
What's Changed
Full Changelog: go-jose/go-jose@v4.1.2...v4.1.3
v4.1.2
What's Changed
go-jose v4.1.2 improves some documentation, errors, and removes the only 3rd-party dependency.
New Contributors
Full Changelog: go-jose/go-jose@v4.1.1...v4.1.2
v4.1.1
What's Changed
New Contributors
Full Changelog: go-jose/go-jose@v4.1.0...v4.1.1
v4.1.0
What's Changed
... (truncated)
CommitsDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and optionsYou can trigger Dependabot actions by commenting on this PR:
You can disable automated security fix PRs for this repo from the Security Alerts page.