We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
This https://nvd.nist.gov/vuln/detail/CVE-2020-26160 is not fixed since over a year now, as the library seems abandoned. We can either use a fixed fork of it (e.g. github.com/form3tech-oss/jwt-go) or look for something different that is actually maintained. This shows up in nancy recently, see e.g. https://app.circleci.com/pipelines/github/ory/keto/1112/workflows/e646084f-2afa-455f-8437-445d1dac190a/jobs/7654
The text was updated successfully, but these errors were encountered:
Yes we should move to github.com/form3tech-oss/jwt-go . All we have to do really is to replace the dependency.
Sorry, something went wrong.
3803c8c
fix: replace jwt module (ory#1254)
f27b366
Closes ory#1250
Benehiko
No branches or pull requests
This https://nvd.nist.gov/vuln/detail/CVE-2020-26160 is not fixed since over a year now, as the library seems abandoned. We can either use a fixed fork of it (e.g. github.com/form3tech-oss/jwt-go) or look for something different that is actually maintained.
This shows up in nancy recently, see e.g. https://app.circleci.com/pipelines/github/ory/keto/1112/workflows/e646084f-2afa-455f-8437-445d1dac190a/jobs/7654
The text was updated successfully, but these errors were encountered: