You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This commit was created on GitHub.com and signed with GitHub’s verified signature.
[v3.2.5] - 2026-07-10
Security
Upgrade joserfc to 1.7.2 in the app and cli development dependencies to resolve CVE-2026-49852 and CVE-2026-48990, where HMAC verification could accept an empty key. This is a development-only transitive dependency of the moto test library and is not included in any runtime or release artifact.
Changed
Updated NOTICE.txt with corrected and complete third party license attribution.