search

nuts-foundation / nuts-registry

Distributed registry for storing and querying healthcare care providers their vendors and technical endpoints.
GNU General Public License v3.0
0 stars 0 forks source link

Bump github.com/lestrrat-go/jwx from 1.0.7 to 1.1.0 #187

Closed dependabot-preview[bot] closed 3 years ago

dependabot-preview[bot] commented 3 years ago

Bumps github.com/lestrrat-go/jwx from 1.0.7 to 1.1.0.

Release notes

Sourced from github.com/lestrrat-go/jwx's releases.

v1.1.0

v1.1.0 31 Jan 2021

v1.1.0 is a release that attempts to fix as many of the quirky APIs
that survived the API breaking change of v0.9.x -> v1.0.0. This is
hopefully the last releases that change backwards compatibility
in a major way, at least for some time to come.


It is unfortunate that we need to introduce API changes, but we
keep learning how the library is being used and the pain points
of using this library. Most of the times these pain points are
things that we initially did not think about, which in turn
requires us to rethink of the API.


If you do not wish to spend the time fixing your usage, make sure
you have your go.mod set up to not automatically track the latest
changes.


However, if you do decide to use the latest version, we believe
the API is more uniform across packages, and generally is easier
to understand. We hope this library helps some of you out there.


[BREAKING CHANGES]


    

  • 

    jwk.Parse(io.Reader), jws.Parse(io.Reader), jwt.Parse(io.Reader),
have all been changed to Parse([]byte). To use an io.Reader,
use ParseReader(io.Reader). jwe.Parse already took []byte, so
has not been changed.
    

    With this change, all four package jwe, jwk, jws, and jwt follow
the same API design, which should make things easier to navigate:
    

    Parse([]byte)
ParseString(string)
ParseReader(io.Reader)
    

    • 

  • 

    jwk.Set is now an interface, not a struct. jwk.Set now has a
well-defined API to access and modify the jwk.Key objects that it holds.
    

    Add(jwk.Key) bool
Clear()
Get(int) (jwk.Key, bool)
Index(jwk.Key) int
Len() int
LookupKeyID() (jwk.Key, bool) // Read the section about it below
Remove(jwk.Key) bool
Iterate(context.Context) KeyIterator
    

    • 

  • 

    (jwk.Set).LookupKeyID() no longer returns an array of jwk.Key.
Instead, only the first key matching the given key ID will be returned.
</tr></table>

... (truncated)

Changelog

Sourced from github.com/lestrrat-go/jwx's changelog.

v1.1.0 31 Jan 2021 v1.1.0 is a release that attempts to fix as many of the quirky APIs that survived the API breaking change of v0.9.x -> v1.0.0. This is hopefully the last releases that change backwards compatibility in a major way, at least for some time to come.

It is unfortunate that we need to introduce API changes, but we keep learning how the library is being used and the pain points of using this library. Most of the times these pain points are things that we initially did not think about, which in turn requires us to rethink of the API.

If you do not wish to spend the time fixing your usage, make sure you have your go.mod set up to not automatically track the latest changes.

However, if you do decide to use the latest version, we believe the API is more uniform across packages, and generally is easier to understand. We hope this library helps some of you out there.

[BREAKING CHANGES]

  • jwk.Parse(io.Reader), jws.Parse(io.Reader), jwt.Parse(io.Reader), have all been changed to Parse([]byte). To use an io.Reader, use ParseReader(io.Reader). jwe.Parse already took []byte, so has not been changed.

    With this change, all four package jwe, jwk, jws, and jwt follow the same API design, which should make things easier to navigate:

    Parse([]byte) ParseString(string) ParseReader(io.Reader)

  • jwk.Set is now an interface, not a struct. jwk.Set now has a well-defined API to access and modify the jwk.Key objects that it holds.

    Add(jwk.Key) bool Clear() Get(int) (jwk.Key, bool) Index(jwk.Key) int Len() int LookupKeyID() (jwk.Key, bool) // Read the section about it below Remove(jwk.Key) bool Iterate(context.Context) KeyIterator

  • (jwk.Set).LookupKeyID() no longer returns an array of jwk.Key. Instead, only the first key matching the given key ID will be returned. If you need to work with multiple keys, use (jwk.Set).Iterate() or (jwk.Set).Get() to look for matching keys.

... (truncated)

Commits
  • 7f69ac9 Update Changes date
  • 1af511a Merge pull request #306 from lestrrat-go/develop/v1.1.0
  • 803f506 Update benchmark
  • fcd5933 Merge pull request #326 from lestrrat-go/topic/coverage
  • 80ad47b appease linter
  • 8651ae5 jwt.Remove, fix Iterate, remove jwt.Size, add jwt.Clone
  • ef64bbe Merge branch 'develop/v1.1.0' of ssh://github.com/lestrrat-go/jwx into develo...
  • 049268d Failf
  • 5b7bf53 Failf
  • bc93d52 Merge pull request #325 from lestrrat-go/topic/coverage
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)
dependabot-preview[bot] commented 3 years ago

Superseded by #189.