-
-
Notifications
You must be signed in to change notification settings - Fork 165
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump golang.org/x/crypto from 0.8.0 to 0.9.0 #919
Merged
lestrrat
merged 2 commits into
develop/v2
from
dependabot/go_modules/develop/v2/golang.org/x/crypto-0.9.0
May 9, 2023
Merged
Bump golang.org/x/crypto from 0.8.0 to 0.9.0 #919
lestrrat
merged 2 commits into
develop/v2
from
dependabot/go_modules/develop/v2/golang.org/x/crypto-0.9.0
May 9, 2023
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.8.0 to 0.9.0. - [Commits](golang/crypto@v0.8.0...v0.9.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependabot
Pull requests that update a dependency file
go
Pull requests that update Go code
labels
May 9, 2023
The following labels could not be found: |
Codecov Report
@@ Coverage Diff @@
## develop/v2 #919 +/- ##
=============================================
Coverage ? 71.61%
=============================================
Files ? 93
Lines ? 13527
Branches ? 0
=============================================
Hits ? 9688
Misses ? 3023
Partials ? 816 |
lestrrat
deleted the
dependabot/go_modules/develop/v2/golang.org/x/crypto-0.9.0
branch
May 9, 2023 11:24
lestrrat
added a commit
that referenced
this pull request
Jun 12, 2023
* Update deps * Protect jws.Verify() and jwe.Encrypt() from panic on go1.19+ (#841) * Protect jws.Verify() from panic on go1.19+ * Same problem, but in jwe * Update Changes * fix example (#843) I have a feeling we inadvertently reverted some commit * Action updates, doc tweaks (#844) * Use tparse (#845) * Use tparse * s/all/alltags/ * fix typo (#846) * fix typo (#847) * Bump kentaro-m/auto-assign-action from 1.2.0 to 1.2.4 (#848) Bumps [kentaro-m/auto-assign-action](https://github.com/kentaro-m/auto-assign-action) from 1.2.0 to 1.2.4. - [Release notes](https://github.com/kentaro-m/auto-assign-action/releases) - [Commits](kentaro-m/auto-assign-action@v1.2.0...v1.2.4) --- updated-dependencies: - dependency-name: kentaro-m/auto-assign-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump codecov/codecov-action from 1 to 3 (#849) Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 1 to 3. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@v1...v3) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Work with invalid JWT buffers better (#851) * Work with invalid JWT buffers better * spelling * Update Changes * typo * Tweak Changes * Update Changes * Bump github.com/goccy/go-json from 0.9.11 to 0.10.0 (#855) Bumps [github.com/goccy/go-json](https://github.com/goccy/go-json) from 0.9.11 to 0.10.0. - [Release notes](https://github.com/goccy/go-json/releases) - [Changelog](https://github.com/goccy/go-json/blob/master/CHANGELOG.md) - [Commits](goccy/go-json@v0.9.11...v0.10.0) --- updated-dependencies: - dependency-name: github.com/goccy/go-json dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/lestrrat-go/option from 1.0.0 to 1.0.1 (#858) Bumps [github.com/lestrrat-go/option](https://github.com/lestrrat-go/option) from 1.0.0 to 1.0.1. - [Release notes](https://github.com/lestrrat-go/option/releases) - [Commits](lestrrat-go/option@v1.0.0...v1.0.1) --- updated-dependencies: - dependency-name: github.com/lestrrat-go/option dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump actions/stale from 6 to 7 (#859) Bumps [actions/stale](https://github.com/actions/stale) from 6 to 7. - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](actions/stale@v6...v7) --- updated-dependencies: - dependency-name: actions/stale dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Tweak v2 tests (#863) * Port changes from #862 * Actually report errors * fix expected result * Unbeknownst to me, benchstat seems to have changed * Update Contribution Guidelines * Fix generated header file comments (#867) The generated file header should match regexp: ^// Code generated .* DO NOT EDIT\.$ See https://golang.org/s/generatedcode. * Remove unused variables in ReadFile (#866) * Bump kentaro-m/auto-assign-action from 1.2.4 to 1.2.5 (#868) Bumps [kentaro-m/auto-assign-action](https://github.com/kentaro-m/auto-assign-action) from 1.2.4 to 1.2.5. - [Release notes](https://github.com/kentaro-m/auto-assign-action/releases) - [Commits](kentaro-m/auto-assign-action@v1.2.4...v1.2.5) --- updated-dependencies: - dependency-name: kentaro-m/auto-assign-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update tool deps (#869) * Try updating tools for genjwt * Update genjws * Update genjwe * Update genjwk * Update genjwa * Update genjwk * Updage genoptions * Update genreadfile * Fix PEM armor for EC private keys when encoding (#876) * Incorporate #875 * Test PEM roundtrip for other key types * Use more constants * Bump golang.org/x/crypto from 0.0.0-20220427172511-eb4f295cb31f to 0.6.0 (#871) * Bump golang.org/x/crypto from 0.0.0-20220427172511-eb4f295cb31f to 0.6.0 Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.0.0-20220427172511-eb4f295cb31f to 0.6.0. - [Release notes](https://github.com/golang/crypto/releases) - [Commits](https://github.com/golang/crypto/commits/v0.6.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * run appropriate `go get` and `go mod tidy` all over --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Daisuke Maki <lestrrat+github@gmail.com> * Bump github.com/stretchr/testify from 1.8.1 to 1.8.2 (#873) * Bump github.com/stretchr/testify from 1.8.1 to 1.8.2 Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.1 to 1.8.2. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.8.1...v1.8.2) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * run appropriate `go get` and `go mod tidy` all over --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Daisuke Maki <lestrrat+github@gmail.com> * Update Changes * Create codeql.yml * Bump golang.org/x/crypto from 0.6.0 to 0.7.0 (#877) * Bump golang.org/x/crypto from 0.6.0 to 0.7.0 Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.6.0 to 0.7.0. - [Release notes](https://github.com/golang/crypto/releases) - [Commits](golang/crypto@v0.6.0...v0.7.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * run go get and make tidy --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Daisuke Maki <lestrrat+github@gmail.com> * Add bazel support (#880) * Attempt to enable bazel * enable bazel building in smoke tests too * tweak order * Add explicit imports * Add deps.bzl * remove unused file reference * Add missing BUILD file * Add missing BUILD file * add missing BUILD.bazel files * add .bazelversion * Add aspect presets * Update Changes/README * Create an auto-merge action for dependabot (#884) * Create an auto-merge action for dependabot * approve and merge * indent * Bump github.com/goccy/go-json from 0.10.0 to 0.10.1 (#882) * Bump github.com/goccy/go-json from 0.10.0 to 0.10.1 Bumps [github.com/goccy/go-json](https://github.com/goccy/go-json) from 0.10.0 to 0.10.1. - [Release notes](https://github.com/goccy/go-json/releases) - [Changelog](https://github.com/goccy/go-json/blob/master/CHANGELOG.md) - [Commits](goccy/go-json@v0.10.0...v0.10.1) --- updated-dependencies: - dependency-name: github.com/goccy/go-json dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Run make tidy + bazel gazelle-update-repos --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Daisuke Maki <lestrrat+github@gmail.com> * Fix jwk cache docs (#885) * Fix example comment * Upon re-reading, this sentence does not need to exist * autodoc updates (#886) Co-authored-by: lestrrat <lestrrat@users.noreply.github.com> * Bump actions/setup-go from 3 to 4 (#887) Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3 to 4. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@v3...v4) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Allow "none" algorithm when signing with explicit option (#890) * Add test case for #888 * Catch the use of "none" when used in conjunction with jws.WithKey * first pass implementing (jwt/jws).Sign that allows alg="none" * regenerate jwt options * appease linter * Check for jws.Sign/Verify * OK to _sign_ using `none`, but no verification * Tweak Changes * typo (#893) * Bump github.com/goccy/go-json from 0.10.1 to 0.10.2 (#892) * Bump github.com/goccy/go-json from 0.10.1 to 0.10.2 Bumps [github.com/goccy/go-json](https://github.com/goccy/go-json) from 0.10.1 to 0.10.2. - [Release notes](https://github.com/goccy/go-json/releases) - [Changelog](https://github.com/goccy/go-json/blob/master/CHANGELOG.md) - [Commits](goccy/go-json@v0.10.1...v0.10.2) --- updated-dependencies: - dependency-name: github.com/goccy/go-json dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Run make tidy + bazel --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Daisuke Maki <lestrrat+github@gmail.com> * Update Changes * Bump github.com/goccy/go-json from 0.9.11 to 0.10.0 (#855) Bumps [github.com/goccy/go-json](https://github.com/goccy/go-json) from 0.9.11 to 0.10.0. - [Release notes](https://github.com/goccy/go-json/releases) - [Changelog](https://github.com/goccy/go-json/blob/master/CHANGELOG.md) - [Commits](goccy/go-json@v0.9.11...v0.10.0) --- updated-dependencies: - dependency-name: github.com/goccy/go-json dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/lestrrat-go/option from 1.0.0 to 1.0.1 (#858) Bumps [github.com/lestrrat-go/option](https://github.com/lestrrat-go/option) from 1.0.0 to 1.0.1. - [Release notes](https://github.com/lestrrat-go/option/releases) - [Commits](lestrrat-go/option@v1.0.0...v1.0.1) --- updated-dependencies: - dependency-name: github.com/lestrrat-go/option dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump actions/stale from 6 to 7 (#859) Bumps [actions/stale](https://github.com/actions/stale) from 6 to 7. - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](actions/stale@v6...v7) --- updated-dependencies: - dependency-name: actions/stale dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Tweak v2 tests (#863) * Port changes from #862 * Actually report errors * fix expected result * Unbeknownst to me, benchstat seems to have changed * Update Contribution Guidelines * Fix generated header file comments (#867) The generated file header should match regexp: ^// Code generated .* DO NOT EDIT\.$ See https://golang.org/s/generatedcode. * Remove unused variables in ReadFile (#866) * Bump kentaro-m/auto-assign-action from 1.2.4 to 1.2.5 (#868) Bumps [kentaro-m/auto-assign-action](https://github.com/kentaro-m/auto-assign-action) from 1.2.4 to 1.2.5. - [Release notes](https://github.com/kentaro-m/auto-assign-action/releases) - [Commits](kentaro-m/auto-assign-action@v1.2.4...v1.2.5) --- updated-dependencies: - dependency-name: kentaro-m/auto-assign-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update tool deps (#869) * Try updating tools for genjwt * Update genjws * Update genjwe * Update genjwk * Update genjwa * Update genjwk * Updage genoptions * Update genreadfile * Fix PEM armor for EC private keys when encoding (#876) * Incorporate #875 * Test PEM roundtrip for other key types * Use more constants * Bump golang.org/x/crypto from 0.0.0-20220427172511-eb4f295cb31f to 0.6.0 (#871) * Bump golang.org/x/crypto from 0.0.0-20220427172511-eb4f295cb31f to 0.6.0 Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.0.0-20220427172511-eb4f295cb31f to 0.6.0. - [Release notes](https://github.com/golang/crypto/releases) - [Commits](https://github.com/golang/crypto/commits/v0.6.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * run appropriate `go get` and `go mod tidy` all over --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Daisuke Maki <lestrrat+github@gmail.com> * Bump github.com/stretchr/testify from 1.8.1 to 1.8.2 (#873) * Bump github.com/stretchr/testify from 1.8.1 to 1.8.2 Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.1 to 1.8.2. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.8.1...v1.8.2) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * run appropriate `go get` and `go mod tidy` all over --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Daisuke Maki <lestrrat+github@gmail.com> * Update Changes * Create codeql.yml * Bump golang.org/x/crypto from 0.6.0 to 0.7.0 (#877) * Bump golang.org/x/crypto from 0.6.0 to 0.7.0 Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.6.0 to 0.7.0. - [Release notes](https://github.com/golang/crypto/releases) - [Commits](golang/crypto@v0.6.0...v0.7.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * run go get and make tidy --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Daisuke Maki <lestrrat+github@gmail.com> * Add bazel support (#880) * Attempt to enable bazel * enable bazel building in smoke tests too * tweak order * Add explicit imports * Add deps.bzl * remove unused file reference * Add missing BUILD file * Add missing BUILD file * add missing BUILD.bazel files * add .bazelversion * Add aspect presets * Update Changes/README * Create an auto-merge action for dependabot (#884) * Create an auto-merge action for dependabot * approve and merge * indent * Bump github.com/goccy/go-json from 0.10.0 to 0.10.1 (#882) * Bump github.com/goccy/go-json from 0.10.0 to 0.10.1 Bumps [github.com/goccy/go-json](https://github.com/goccy/go-json) from 0.10.0 to 0.10.1. - [Release notes](https://github.com/goccy/go-json/releases) - [Changelog](https://github.com/goccy/go-json/blob/master/CHANGELOG.md) - [Commits](goccy/go-json@v0.10.0...v0.10.1) --- updated-dependencies: - dependency-name: github.com/goccy/go-json dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Run make tidy + bazel gazelle-update-repos --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Daisuke Maki <lestrrat+github@gmail.com> * Fix jwk cache docs (#885) * Fix example comment * Upon re-reading, this sentence does not need to exist * autodoc updates (#886) Co-authored-by: lestrrat <lestrrat@users.noreply.github.com> * Bump actions/setup-go from 3 to 4 (#887) Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3 to 4. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@v3...v4) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Allow "none" algorithm when signing with explicit option (#890) * Add test case for #888 * Catch the use of "none" when used in conjunction with jws.WithKey * first pass implementing (jwt/jws).Sign that allows alg="none" * regenerate jwt options * appease linter * Check for jws.Sign/Verify * OK to _sign_ using `none`, but no verification * Tweak Changes * typo (#893) * Bump github.com/goccy/go-json from 0.10.1 to 0.10.2 (#892) * Bump github.com/goccy/go-json from 0.10.1 to 0.10.2 Bumps [github.com/goccy/go-json](https://github.com/goccy/go-json) from 0.10.1 to 0.10.2. - [Release notes](https://github.com/goccy/go-json/releases) - [Changelog](https://github.com/goccy/go-json/blob/master/CHANGELOG.md) - [Commits](goccy/go-json@v0.10.1...v0.10.2) --- updated-dependencies: - dependency-name: github.com/goccy/go-json dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Run make tidy + bazel --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Daisuke Maki <lestrrat+github@gmail.com> * Update Changes * Bump actions/stale from 7 to 8 (#895) Bumps [actions/stale](https://github.com/actions/stale) from 7 to 8. - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](actions/stale@v7...v8) --- updated-dependencies: - dependency-name: actions/stale dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * tweak labels for dependabot (#899) * Bump golang.org/x/crypto from 0.7.0 to 0.8.0 (#897) * Bump golang.org/x/crypto from 0.7.0 to 0.8.0 Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.7.0 to 0.8.0. - [Release notes](https://github.com/golang/crypto/releases) - [Commits](golang/crypto@v0.7.0...v0.8.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Run bazel //:gazelle-update-repos --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Daisuke Maki <lestrrat+github@gmail.com> * Fix typo in "jwt.WithAudience" comment (#908) * Bump github.com/decred/dcrd/dcrec/secp256k1/v4 from 4.1.0 to 4.2.0 (#907) * Bump github.com/decred/dcrd/dcrec/secp256k1/v4 from 4.1.0 to 4.2.0 Bumps [github.com/decred/dcrd/dcrec/secp256k1/v4](https://github.com/decred/dcrd) from 4.1.0 to 4.2.0. - [Release notes](https://github.com/decred/dcrd/releases) - [Changelog](https://github.com/decred/dcrd/blob/master/CHANGES) - [Commits](decred/dcrd@blockchain/v4.1.0...dcrec/secp256k1/v4.2.0) --- updated-dependencies: - dependency-name: github.com/decred/dcrd/dcrec/secp256k1/v4 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * run make tidy + bazel run //:gazelle-update-repos --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Daisuke Maki <lestrrat+github@gmail.com> * Precompute RSA key values so that tests succeed (#913) * Use a symmetric key for example purposes (#914) * autodoc updates (#915) Co-authored-by: lestrrat <lestrrat@users.noreply.github.com> * Hook in jwa.RegisterXXX functions with jws.Register(Signer|Verifier) (#911) * First pass at connecting jws.Register(Signer|Verifier) with jwa.RegisterXXX * Tweak CI * Tweak docs * fix docs * protect access to signer/verifierDB * Update Changes * Allow use of segmentio/asm/base64 (#916) * Enable segmentio/asm/base64 and some internal API for pluggable base64 * Enable asmbase64 in CI * Add missing commands * Update bazel repos * Mention jwx_asmbase64 (#917) * Update README.md (#918) Fixed typo: convetion -> convention * use proper function name (#921) * Bump golang.org/x/crypto from 0.8.0 to 0.9.0 (#919) * Bump golang.org/x/crypto from 0.8.0 to 0.9.0 Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.8.0 to 0.9.0. - [Commits](golang/crypto@v0.8.0...v0.9.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * run gaelle-update-repos --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Daisuke Maki <lestrrat+github@gmail.com> * Bump github.com/cloudflare/circl from 1.1.0 to 1.3.3 in /examples (#923) Bumps [github.com/cloudflare/circl](https://github.com/cloudflare/circl) from 1.1.0 to 1.3.3. - [Release notes](https://github.com/cloudflare/circl/releases) - [Commits](cloudflare/circl@v1.1.0...v1.3.3) --- updated-dependencies: - dependency-name: github.com/cloudflare/circl dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (#927) * Bump github.com/stretchr/testify from 1.8.2 to 1.8.3 Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.2 to 1.8.3. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.8.2...v1.8.3) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Run gazelle-update-repos --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Daisuke Maki <lestrrat+github@gmail.com> * Implement jwk.SetGlobalFetcher (#929) * Implement SetGlobalFetcher * Avoid using atomic.Bool so that it works on older Gos * Appease GitHub code scanner * Bad ineffectual assignment * tweak docs * oops, wrong issue number * Bump github.com/stretchr/testify from 1.8.3 to 1.8.4 (#931) * Bump github.com/stretchr/testify from 1.8.3 to 1.8.4 Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.3 to 1.8.4. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.8.3...v1.8.4) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Update bazel repos * use specific tparse * change minimum go version in smoke tet --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Daisuke Maki <lestrrat+github@gmail.com> * Implement jwe.KeyEncrypter and jwe.KeyDecrypter (#925) * Implement jwe.KeyEncrypter and jwe.KeyDecrypter This allows users to specify a key who can encrypt/decrypt by itself, much like the built-in crypto.Signer interface. * Add experimental label to this feature * Update Changes --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Oleksandr Redko <oleksandr.red+github@gmail.com> Co-authored-by: Mitsuo Heijo <25817501+johejo@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: lestrrat <lestrrat@users.noreply.github.com> Co-authored-by: Alessandro (Ale) Segala <43508+ItalyPaleAle@users.noreply.github.com> Co-authored-by: wscalf <wscalf@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
dependabot
Pull requests that update a dependency file
dependencies
go
Pull requests that update Go code
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps golang.org/x/crypto from 0.8.0 to 0.9.0.
Commits
a4e9841
go.mod: update golang.org/x dependencies3ef8056
ssh/test: enable on solarisa8cc953
ssh: skip unsupported tests on wasip17d6d3f5
ssh/test: skip TestValidTerminalMode on non-Bourne shells1faeef9
cryptobyte: reject Object Identifiers with leading 0x80Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)