Thanks for the quick response and version release for this CVE!
Any chance of getting this backported and getting a 1.15.x release? Updating from 1.15.x to 1.16.x requires a faraday v1 to v2 update -- and for projects which still have dependencies locked to faraday v1.x they won't be able to do this json-jwt update.
Understood if this is not viable, but figured I'd ask.
Thanks for the quick response and version release for this CVE!
Any chance of getting this backported and getting a 1.15.x release? Updating from 1.15.x to 1.16.x requires a faraday v1 to v2 update -- and for projects which still have dependencies locked to faraday v1.x they won't be able to do this
json-jwt
update.Understood if this is not viable, but figured I'd ask.