Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(deps): update module github.com/micahparks/keyfunc to v3 #27

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix(deps): update module github.com/micahparks/keyfunc to v3 #27

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Dec 16, 2023
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
github.com/MicahParks/keyfunc v1.9.0 -> v3.3.5 age adoption passing confidence

Release Notes

MicahParks/keyfunc (github.com/MicahParks/keyfunc)

v3.3.5

Compare Source

v3.3.4

Compare Source

v3.3.3

Compare Source

v3.3.2: Allow for user provided ctx during parse

Compare Source

The purpose of this release is to add a new method, .KeyfuncCtx.

This new method accepts a context.Context, then returns a jwt.Keyfunc. This user provided context.Context is used during JWK lookup in the github.com/MicahParks/jwkset package when parsing JWTs. Passing a request scoped context allows the JWT parsing and JWK retrieval to cancel according to the given context.Context behavior instead of the default context.Context, which was provided at keyfunc.Keyfunc initialization.

In practice, this is used to prevent situations where many JWTs with kid not in a remote JWK Set are attempting to be parsed over a long period of time.

Relevant issues:

Relevant pull requests:

v3.3.1

Compare Source

v3.3.0

Compare Source

v3.2.9

Compare Source

v3.2.8

Compare Source

v3.2.7

Compare Source

v3.2.6

Compare Source

v3.2.5

Compare Source

v3.2.4

Compare Source

v3.2.3: Wrap errors where appropriate

Compare Source

The purpose of this pull request is to wrap errors with errors.Join where appropriate.

Relevant issues:

Relevant pull requests:

v3.1.2: X.509 Thumbprint bug fix

Compare Source

JWK Sets have two X.509 thumbprint parameters that are optional. A bug in github.com/MicahParks/jwkset made these parameters required in circumstances that affect the keyfunc project. This release updates this dependency to the latest version.

Thank you, @​joshkaplinsky, for reporting this bug!

Please see the below release for details:
https://github.com/MicahParks/jwkset/releases/tag/v0.5.5

v3.1.1

Compare Source

v3.1.0

Compare Source

v3.0.0: V3 simplify API by using github.com/MicahParks/jwkset

Compare Source

This upgrade removes most of the code in this repository and outsources JWK and JWK Set related code to the updated github.com/MicahParks/jwkset package. The exported assets from the keyfunc project has been vastly reduced as well, with the intention of making it easier to use for the majority of use cases.

[!NOTE]
A superset of features from V1 and V2 is available.

v2.1.0: Tolerate initial JWK Set HTTP Error

Compare Source

The purpose of this release is to add a new feature that allows keyfunc.Get to continue without error even if the initial HTTP request to the JWK Set fails. This supports the use case of multiple JWK Sets when a subset are undergoing maintenance, among others.

This is done through the new TolerateInitialJWKHTTPError field on the keyfunc.Options data structure. If the initial HTTP request fails, the resulting *keyfunc.JWKS will contain no keys, but have the opportunity to be populated by a future background goroutine refresh.

Relevant issues:

Relevant pull requests:

v2.0.3

Compare Source

The purpose of this release is to correct a comment and error text.

Relevant pull requests:

v2.0.2

Compare Source

The purpose of this release is to change the limitation for creating a MultipleJWKS from requiring 2 or more JWK Set URLs to 1 JWK Set URLs. It appears there was no technical reason for this limitation and it is more convenient to use the Multi JWK Set implementation in some use cases.

Related issues:

Related pull requests:

v2.0.1: Fix bug with context option

Compare Source

The purpose of this pull request is to fix a bug that prevents the context.Context passed in keyfunc.Options from behaving as described. The described behavior was that the background goroutine would be closed when the context was cancelled, however, the context was immediately overwritten with context.Background() causing its value to be ignored.

Thank you to our new contributor @​tho!

Related issues:

Related pull requests:

v2.0.0

Compare Source

The purpose of this release is to move support from [github.com/golang-jwt/jwt/v4](http://github.com/golang-jwt/jwt/v4) to [github.com/golang-jwt/jwt/v5](http://github.com/golang-jwt/jwt/v5).

The biggest breaking change is the upstream JWT package version. The other breaking change is that the following deprecated functions have been overwritten by those with the same name plus the WithOptions suffix.

  • NewGivenCustom
  • NewGivenECDSA
  • NewGivenEdDSA
  • NewGivenHMAC
  • NewGivenRSA

If you need to use [github.com/golang-jwt/jwt/v4](http://github.com/golang-jwt/jwt/v4), the last version of this project to support it is v1.9.0. Should there be a necessary change to this project for /v4 users, it will be located in the separate [github.com/MicahParks/compatibility-keyfunc](http://github.com/MicahParks/compatibility-keyfunc) project.

Relevant pull requests:

Relevant issues:

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot force-pushed the renovate/github.com-micahparks-keyfunc-3.x branch from b213dab to 1e21d6e Compare January 4, 2024 04:04
@renovate renovate bot force-pushed the renovate/github.com-micahparks-keyfunc-3.x branch 2 times, most recently from 1758c12 to c3fb8ee Compare January 18, 2024 03:06
@renovate renovate bot force-pushed the renovate/github.com-micahparks-keyfunc-3.x branch from c3fb8ee to e15773d Compare February 1, 2024 01:52
@renovate renovate bot force-pushed the renovate/github.com-micahparks-keyfunc-3.x branch from e15773d to 3c12ba8 Compare February 13, 2024 20:57
@renovate renovate bot force-pushed the renovate/github.com-micahparks-keyfunc-3.x branch from 3c12ba8 to bbc6c15 Compare February 25, 2024 10:59
@renovate renovate bot force-pushed the renovate/github.com-micahparks-keyfunc-3.x branch 3 times, most recently from bbb48fc to c376e7b Compare March 12, 2024 02:20
@renovate renovate bot force-pushed the renovate/github.com-micahparks-keyfunc-3.x branch from c376e7b to b109eed Compare March 25, 2024 16:01
@renovate renovate bot force-pushed the renovate/github.com-micahparks-keyfunc-3.x branch from b109eed to f699628 Compare April 14, 2024 09:26
@renovate renovate bot force-pushed the renovate/github.com-micahparks-keyfunc-3.x branch from f699628 to 53979e5 Compare April 25, 2024 06:15
@renovate renovate bot force-pushed the renovate/github.com-micahparks-keyfunc-3.x branch 2 times, most recently from f72ebab to 65f85a8 Compare May 16, 2024 02:11
@renovate Renovate
Copy link
Contributor Author

renovate bot commented Jun 4, 2024
edited
Loading

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • The go directive was updated for compatibility reasons

Details:

Package Change
go 1.20 -> 1.23.4

@renovate renovate bot force-pushed the renovate/github.com-micahparks-keyfunc-3.x branch from 65f85a8 to 68bfee0 Compare June 17, 2024 13:36
@renovate renovate bot force-pushed the renovate/github.com-micahparks-keyfunc-3.x branch from 68bfee0 to 5a28ea9 Compare July 14, 2024 08:38
@renovate renovate bot force-pushed the renovate/github.com-micahparks-keyfunc-3.x branch 2 times, most recently from 83bffc1 to 36e6495 Compare September 15, 2024 16:39
@renovate renovate bot force-pushed the renovate/github.com-micahparks-keyfunc-3.x branch from 36e6495 to 92e72c6 Compare November 17, 2024 15:30
@renovate renovate bot changed the title fix(deps): update module github.com/micahparks/keyfunc to v3 fix(deps): update module github.com/micahparks/keyfunc to v3 - autoclosed Nov 23, 2024
@renovate renovate bot closed this Nov 23, 2024
@renovate renovate bot deleted the renovate/github.com-micahparks-keyfunc-3.x branch November 23, 2024 23:12
@renovate renovate bot changed the title fix(deps): update module github.com/micahparks/keyfunc to v3 - autoclosed fix(deps): update module github.com/micahparks/keyfunc to v3 Nov 24, 2024
@renovate renovate bot reopened this Nov 24, 2024
@renovate renovate bot force-pushed the renovate/github.com-micahparks-keyfunc-3.x branch from 92e72c6 to 536f4c1 Compare December 22, 2024 19:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants