stefanberger
commented
4 months ago Can you please rebase on latest main branch so we can get rid of the test error.
Closed siretart closed 4 months ago
stefanberger
commented
4 months ago Can you please rebase on latest main branch so we can get rid of the test error.
stefanberger
commented
4 months ago @siretart Still there? Can you rebase on latest master so that the CI/CD tests are passing?
siretart
commented
4 months ago @stefanberger thanks for the ping, I've just force-pushed that rebase.
stefanberger
commented
4 months ago Thanks. Merged.
The main change in go-jose/v4 is the requirement to specify accepted "alg" and "enc" parameters. This is to enhance security, like for instance "the billion hashes attach" presented at BlackHat 2023.
Note that go-jose/v4 requires go 1.21
References: https://github.com/go-jose/go-jose/issues/64#issuecomment-1809152412 Signed-off-by: Reinhard Tartler siretart@tauware.de