Open dependabot[bot] opened 7 months ago
We have created an issue in Pivotal Tracker to manage this. Unfortunately, the Pivotal Tracker project is private so you may be unable to view the contents of the story.
The labels on this github issue will be updated when the story is started.
Dependabot attempted to update this pull request, but because the branch dependabot/go_modules/github.com/dvsekhvalnov/jose2go-1.6.0
is protected it was unable to do so.
Bumps github.com/dvsekhvalnov/jose2go from 1.5.0 to 1.6.0.
Commits
48ba0b7
Merge pull request #32 from dvsekhvalnov/issue-31-security-tuning05eb007
docse0264a2
added helper matchers: Alg and Eng0f6c7c3
MatchAlg helpercf0a53b
docs2995762
docs9a18aff
docs675bb14
docs8e9e0d1
updated p2c limits with new OWASP numbers, docsed5dd96
Unit tests for custom 'p2c' headers min/max limitsYou can trigger a rebase of this PR by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show