supabase / auth / 11689031479
69%

DEFAULT BRANCH: master
Ran
Jobs 1
Files 132
Run time 1min
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 57.035%. Remained the same
11689031479

push

github

web-flow 
chore(deps): bump github.com/golang-jwt/jwt/v4 from 4.4.3 to 4.5.1 (#1832)

Bumps [github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt)
from 4.4.3 to 4.5.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/golang-jwt/jwt/releases">github.com/golang-jwt/jwt/v4's
releases</a>.</em></p>
<blockquote>
<h2>v4.5.1</h2>
<h1>Security</h1>
<p>Unclear documentation of the error behavior in
<code>ParseWithClaims</code> in &lt;= 4.5.0 could lead to situation
where users are potentially not checking errors in the way they should
be. Especially, if a token is both expired and invalid, the errors
returned by <code>ParseWithClaims</code> return both error codes. If
users only check for the <code>jwt.ErrTokenExpired </code> using
<code>error.Is</code>, they will ignore the embedded
<code>jwt.ErrTokenSignatureInvalid</code> and thus potentially accept
invalid tokens.</p>
<p>This issue was documented in <a
href="https://github.com/golang-jwt/jwt/security/advisories/GHSA-29wx-vh33-7x7r">https://github.com/golang-jwt/jwt/security/advisories/GHSA-29wx-vh33-7x7r</a>
and fixed in this release.</p>
<p>Note: <code>v5</code> was not affected by this issue. So upgrading to
this release version is also recommended.</p>
<h1>What's Changed</h1>
<ul>
<li>Back-ported error-handling logic in <code>ParseWithClaims</code>
from <code>v5</code> branch. This fixes <a
href="https://github.com/golang-jwt/jwt/security/advisories/GHSA-29wx-vh33-7x7r">https://github.com/golang-jwt/jwt/security/advisories/GHSA-29wx-vh33-7x7r</a>.</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/golang-jwt/jwt/compare/v4.5.0...v4.5.1">https://github.com/golang-jwt/jwt/compare/v4.5.0...v4.5.1</a></p>
<h2>v4.5.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Allow strict base64 decoding by <a
href="https://github.com/AlexanderYastrebov"><code>@​AlexanderYastrebov</code></a>
in <a
href="https://redirect.github... (continued)

9546 of 16737 relevant lines covered (57.04%)

54.75 hits per line

Jobs
ID Job ID Ran Files Coverage
1 11689031479.1 132
57.04
 GitHub Action Run
Source Files on build 11689031479