Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update java jwt and jwks #62

Merged
merged 3 commits into from Jan 19, 2022
Merged

Update java jwt and jwks #62

merged 3 commits into from Jan 19, 2022

Conversation

poovamraj
Copy link
Contributor

Changes

We are upgrading java-jwt and jwks-rsa-java library dependency to 3.18.3 and 0.20.1 respectively. This is because of their transitive dependency on the vulnerable version of Jackson

References

Link

Testing

Since this is a dependency upgrade, we checked it using our existing unit tests

@poovamraj poovamraj requested a review from a team as a code owner January 19, 2022 09:34
@poovamraj poovamraj mentioned this pull request Jan 19, 2022
Closed
@poovamraj poovamraj closed this Jan 19, 2022
@poovamraj poovamraj reopened this Jan 19, 2022
@stevehobbsdev stevehobbsdev deleted the update-java-jwt-and-jwks branch January 19, 2022 15:07
@stevehobbsdev stevehobbsdev restored the update-java-jwt-and-jwks branch January 19, 2022 15:07
@stevehobbsdev stevehobbsdev reopened this Jan 19, 2022
@poovamraj poovamraj merged commit e6c740b into master Jan 19, 2022
@poovamraj poovamraj modified the milestones: 1., 1.4.2 Jan 19, 2022
This was referenced Jan 19, 2022
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@evansims evansims evansims approved these changes

Assignees
No one assigned
Labels
CH: Security review:tiny Tiny review
Projects
None yet
Milestone
1.4.2
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@poovamraj @evansims @stevehobbsdev