This upgrade changes the dgrijalva/jwt-go v3.2.0 to use form3tech-oss/jwt-go v3.2.1, a fork which as addressed the high severity security vulnerability.
There has been a lot of conversation about this fix in https://github.com/dgrijalva/jwt-go/issues/428, but this project is not maintained by its authors and a fix to this project seems unlikely given this conversation.
This upgrade changes the
dgrijalva/jwt-go v3.2.0
to useform3tech-oss/jwt-go v3.2.1
, a fork which as addressed the high severity security vulnerability.There has been a lot of conversation about this fix in https://github.com/dgrijalva/jwt-go/issues/428, but this project is not maintained by its authors and a fix to this project seems unlikely given this conversation.