Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: lestrrat-go/jwx
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v2.1.0
Choose a base ref
...
head repository: lestrrat-go/jwx
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v2.1.1
Choose a head ref
  • 17 commits
  • 96 files changed
  • 8 contributors

Commits on Jan 9, 2024

  1. v2.0.19 (#1051) 

    * Bump golang.org/x/crypto from 0.14.0 to 0.15.0

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.14.0 to 0.15.0.
- [Commits](golang/crypto@v0.14.0...v0.15.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Run gazelle-update-repos

* Add jwe.WithCEK (#1011)

* Add jwe.WithCEK

* Allow using a static CEK via EncryptStatic

* appease linter

* Update go.sum

* Docs

* Update generated options

* Add test

* clarify when jwk.Set.RemoveKey can return error (#1015)

* Remove signer instance upon call to jws.UnregisterSigner (#1017)

* Delete signer instance upon call to jws.UnregisterSigner

* Update Changes

* Tweak documentation (#1018)

* Bump golang.org/x/crypto from 0.15.0 to 0.16.0 (#1020)

* Bump golang.org/x/crypto from 0.15.0 to 0.16.0

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.15.0 to 0.16.0.
- [Commits](golang/crypto@v0.15.0...v0.16.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Run bazel and tidy

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Daisuke Maki <lestrrat+github@gmail.com>

* Merge pull request from GHSA-7f9x-gw85-8grf

* Update Changes

* Appease linter

* fix deps.bzl

* Bump actions/setup-go from 4 to 5 (#1027)

Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump actions/stale from 8 to 9 (#1029)

Bumps [actions/stale](https://github.com/actions/stale) from 8 to 9.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](actions/stale@v8...v9)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Merge #1044 (#1045)

* update all dependencies 12/19/2023

* Run gazelle-update-repos

---------

Co-authored-by: Nathan Lacey <nlacey@novetta.com>

* Update go version in go.mod to go1.18, which matches CI (#1046)

* Bump github/codeql-action from 2 to 3 (#1031)

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@v2...v3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add jws.IsVerificationError (#1049)

* Add jws.IsVerificationError

* tweak document

* Merge pull request from GHSA-pvcr-v8j8-j5q3

* Add tests for empty protected headers

* check for sig.protected == nil

* Add one more case for missing protected headers in compact form

* Update Changes

* JWS: Check for sig.protected == nil on non-flattened input

---------

Co-authored-by: Fredrik Strupe <fredrik@strupe.net>

* Update Changes

* fix typo

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shang Jian Ding <sding3@ncsu.edu>
Co-authored-by: Nathan Lacey <nlacey@novetta.com>
Co-authored-by: Fredrik Strupe <fredrik@strupe.net>
    @lestrrat @dependabot
    @sding3 @frestr
    5 people authored Jan 9, 2024
    Copy the full SHA
    d69a721 View commit details

Commits on Feb 19, 2024

  1. Merge branch 'develop/v2' into v2

    @lestrrat
    lestrrat committed Feb 19, 2024
    Loading
    Loading status checks…

    Verified

    This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
    GPG key ID: 4AEE18F83AFDEB23
    Expired
    Verified
    Learn about vigilant mode
    Copy the full SHA
    c3b3a17 View commit details

Commits on Mar 7, 2024

  1. Merge pull request #1091 from lestrrat-go/develop/v2 

    [v2] merge for v2.0.21
    @lestrrat
    lestrrat authored Mar 7, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    611d914 View commit details

Commits on Jun 17, 2024

  1. Merge branch 'develop/v2' into v2

    @lestrrat
    lestrrat committed Jun 17, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    b688667 View commit details

Commits on Jun 19, 2024

  1. Add support for RSA-OAEP-384 and RSA-OAEP-512 (#1142)

    @Hannes-Kunnen
    Hannes-Kunnen authored Jun 19, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    84cf8ec View commit details

Commits on Jun 25, 2024

  1. fix: typos (#1145) 

    * fix: typos

* fix: yaml typo
    @maro114510
    maro114510 authored Jun 25, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    91cb085 View commit details

Commits on Jul 12, 2024

  1. Update httprc to v1.0.6 (#1150) 

    * Update httprc to v1.0.6

* Run gazelle update repos
    @lestrrat
    lestrrat authored Jul 12, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    523cc14 View commit details

  2. Improve API for checking algorithm characteristics around symmetry (#… 

    …1151)

* Fix missing imports in genjwa

These imports are not actually missing in the generated files because
the WithFormatCode option adds them automatically. It is better to not
depend on this feature in case of identical package names.

* Fix typo

* Fix documentation

* Add IsSymmetric method for signature algorithms

Add IsSymmetric method to the KeyAlgorithm interface.
Add symmetric indication to element instead of separate map.

* Add IsAssymetric method for signature and key encryption algorithms

Add IsAssymetric method to the Key KeyAlgorithm interface.
Replace symmetric indication of element with a type indication.

* Remove IsAsymmetric methods

Add comment to IsSymmetric method to indicate custom registered
algorithms will always return false.
Add comment to the IsSymmetric method of SignatureAlgorithm to indicate
the special nature of NoSignature.
Remove IsSymmetric from interface and from InvalidKeyAlgorithm.

* Add register with options function

Add tests for register (with options) functions.

* Remove unnecessary RegisterXXXXWithOptions functions

Change the RegisterXXXXWithOptions functions to no longer return an
error.

* Minor tweaks

* Tweak comments
* Use the underlying WithOptions from Register**** function
* remove struct supportedOptions, since it only has one item. it can be
  re-introduced if there are more features to be added

* tweak comment

* Fix bazel

---------

Co-authored-by: Hannes Kunnen <hannes.kunnen1999@gmail.com>
    @lestrrat @Hannes-Kunnen
    lestrrat and Hannes-Kunnen authored Jul 12, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    6e4c9cb View commit details

Commits on Jul 17, 2024

  1. Fix typos/mistakes/wording/links in documentation/comments (#1152) 

    * Fix typos/mistakes/wording/links in documentation

* Revert changing "suboption" to "sub-option"

Change pre-existing use of "sub-option" to "suboption".

* Accept suggestions
    @Hannes-Kunnen
    Hannes-Kunnen authored Jul 17, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    ce127d8 View commit details

Commits on Jul 27, 2024

  1. Apply changes from #1156 to v2 (#1158)

    @lestrrat
    lestrrat authored Jul 27, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    2e6f406 View commit details

  2. Avoid problems on 32-bit systems (#1159) 

    * Apply changes from #1156 to v2

* Avoid problems on 32-bit systems
    @lestrrat
    lestrrat authored Jul 27, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    8f99f17 View commit details

  3. Update minimum required go version to 1.20 (#1161) 

    * Update CI to use go1.20, and use atomi.Int64

* Update go version in go.mod to go 1.20

* stringify the version name
    @lestrrat
    lestrrat authored Jul 27, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    67496fb View commit details

  4. Run CI with minimum go version 1.20 (#1162)

    @lestrrat
    lestrrat authored Jul 27, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    c17d9e9 View commit details

  5. Bump golang.org/x/crypto from 0.24.0 to 0.25.0 (#1149) 

    * Bump golang.org/x/crypto from 0.24.0 to 0.25.0

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.24.0 to 0.25.0.
- [Commits](golang/crypto@v0.24.0...v0.25.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update make tidy / gazelle-update-repos

* Update bazel settings

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Daisuke Maki <lestrrat+github@gmail.com>
    @dependabot @lestrrat
    dependabot[bot] and lestrrat authored Jul 27, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    853dc9c View commit details

  6. Deprecate jws.WithHeaders (#1163) 

    The option never worked since v2, but it was kept around, and the
documentation sometimes refered to this option, which it shouldn't have.
    @lestrrat
    lestrrat authored Jul 27, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    ccef636 View commit details

  7. Update Changes

    @lestrrat
    lestrrat committed Jul 27, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    8c21ee5 View commit details

Commits on Jul 28, 2024

  1. Merge pull request #1164 from lestrrat-go/develop/v2 

    merge develop/v2 to v2
    @lestrrat
    lestrrat authored Jul 28, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    8d1d783 View commit details
Loading