search

nuts-foundation / nuts-registry

Distributed registry for storing and querying healthcare care providers their vendors and technical endpoints.
GNU General Public License v3.0
0 stars 0 forks source link

Bump github.com/lestrrat-go/jwx from 1.0.7 to 1.1.1 #189

Closed dependabot-preview[bot] closed 3 years ago

dependabot-preview[bot] commented 3 years ago

Bumps github.com/lestrrat-go/jwx from 1.0.7 to 1.1.1.

Release notes

Sourced from github.com/lestrrat-go/jwx's releases.

v1.1.1

v1.1.1 05 Feb 2021
[New features]
  * Command line tool `jwx` has ben completely reworked, and it is
    now actually useful.

    

  • 

    JWKs can now be serialized into PEM files with ASN.1 DER format
data, which is useful when you need to work between JSON and PEM
data formats.
    

    • 

  • 

    Constants in jwa package now have can be listed via functions
in each category.
    

    • 

  • 

    jwe.Encrypt and jwe.Decrypt can now handle jwk.Key objects

v1.1.0

v1.1.0 31 Jan 2021

v1.1.0 is a release that attempts to fix as many of the quirky APIs
that survived the API breaking change of v0.9.x -> v1.0.0. This is
hopefully the last releases that change backwards compatibility
in a major way, at least for some time to come.


It is unfortunate that we need to introduce API changes, but we
keep learning how the library is being used and the pain points
of using this library. Most of the times these pain points are
things that we initially did not think about, which in turn
requires us to rethink of the API.


If you do not wish to spend the time fixing your usage, make sure
you have your go.mod set up to not automatically track the latest
changes.


However, if you do decide to use the latest version, we believe
the API is more uniform across packages, and generally is easier
to understand. We hope this library helps some of you out there.


[BREAKING CHANGES]


    

  • 

    jwk.Parse(io.Reader), jws.Parse(io.Reader), jwt.Parse(io.Reader),
have all been changed to Parse([]byte). To use an io.Reader,
use ParseReader(io.Reader). jwe.Parse already took []byte, so
has not been changed.
    

    With this change, all four package jwe, jwk, jws, and jwt follow
the same API design, which should make things easier to navigate:
    

    Parse([]byte)
</tr></table>

... (truncated)

Changelog

Sourced from github.com/lestrrat-go/jwx's changelog.

v1.1.1 05 Feb 2021 [New features]

  • Command line tool jwx has ben completely reworked, and it is now actually useful.

  • JWKs can now be serialized into PEM files with ASN.1 DER format data, which is useful when you need to work between JSON and PEM data formats.

  • Constants in jwa package now have can be listed via functions in each category.

  • jwe.Encrypt and jwe.Decrypt can now handle jwk.Key objects

v1.1.0 31 Jan 2021 v1.1.0 is a release that attempts to fix as many of the quirky APIs that survived the API breaking change of v0.9.x -> v1.0.0. This is hopefully the last releases that change backwards compatibility in a major way, at least for some time to come.

It is unfortunate that we need to introduce API changes, but we keep learning how the library is being used and the pain points of using this library. Most of the times these pain points are things that we initially did not think about, which in turn requires us to rethink of the API.

If you do not wish to spend the time fixing your usage, make sure you have your go.mod set up to not automatically track the latest changes.

However, if you do decide to use the latest version, we believe the API is more uniform across packages, and generally is easier to understand. We hope this library helps some of you out there.

[BREAKING CHANGES]

  • jwk.Parse(io.Reader), jws.Parse(io.Reader), jwt.Parse(io.Reader), have all been changed to Parse([]byte). To use an io.Reader, use ParseReader(io.Reader). jwe.Parse already took []byte, so has not been changed.

    With this change, all four package jwe, jwk, jws, and jwt follow the same API design, which should make things easier to navigate:

    Parse([]byte) ParseString(string) ParseReader(io.Reader)

  • jwk.Set is now an interface, not a struct. jwk.Set now has a well-defined API to access and modify the jwk.Key objects that it holds.

... (truncated)

Commits
  • 451a45c Merge pull request #328 from lestrrat-go/topic/jwx-command
  • 528f34a Update docs
  • 05678bc I really don't want to add more dependencies to the main jwx module
  • 9593b54 Add jwa, jwe, more standardization across commands
  • 9ed58bc Do not include invalid types
  • 43bae27 Add methods to retrieve all possible values
  • 4c24ea1 tweaks
  • a246b17 rework some options
  • 496d8fe Streamline interface, update docs
  • a0d17db Update README
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)
dependabot-preview[bot] commented 3 years ago

Superseded by #193.