Bump github.com/lestrrat-go/jwx/v3 from 3.0.10 to 3.0.11

[dependabot]

Bumps github.com/lestrrat-go/jwx/v3 from 3.0.10 to 3.0.11.

Release notes

Sourced from github.com/lestrrat-go/jwx/v3's releases.

v3.0.11

What's Changed

• Bump actions/cache from 4.2.3 to 4.2.4 by @​dependabot[bot] in lestrrat-go/jwx#1438
• Bump golang.org/x/crypto from 0.40.0 to 0.41.0 by @​dependabot[bot] in lestrrat-go/jwx#1436
• [jwe] Work with non X25519 ECDH encryption by @​lestrrat in lestrrat-go/jwx#1442
• Bump actions/checkout from 4.2.2 to 5.0.0 by @​dependabot[bot] in lestrrat-go/jwx#1440
• Separate out signature generation / verification into its own framework by @​lestrrat in lestrrat-go/jwx#1439
• Bump github.com/lestrrat-go/httprc/v3 from 3.0.0 to 3.0.1 by @​dependabot[bot] in lestrrat-go/jwx#1443
• Bump actions/stale from 9.1.0 to 10.0.0 by @​dependabot[bot] in lestrrat-go/jwx#1451
• Bump github.com/stretchr/testify from 1.10.0 to 1.11.1 by @​dependabot[bot] in lestrrat-go/jwx#1447
• Bump golang.org/x/crypto from 0.41.0 to 0.42.0 by @​dependabot[bot] in lestrrat-go/jwx#1456
• Bump actions/setup-go from 5.5.0 to 6.0.0 by @​dependabot[bot] in lestrrat-go/jwx#1449
• Warh40k fix/connection leak by @​lestrrat in lestrrat-go/jwx#1458
• Allow shutting down jwk cache by @​adam-bates in lestrrat-go/jwx#1457

New Contributors

• @​adam-bates made their first contribution in lestrrat-go/jwx#1457

Full Changelog: lestrrat-go/jwx@v3.0.10...v3.0.11

Changelog

Sourced from github.com/lestrrat-go/jwx/v3's changelog.

v3.0.11 14 Sep 2025

• [jwk] Add (jwk.Cache).Shutdown() method that delegates to the httprc controller object, to shutdown the cache.
• [jwk] Change timing of res.Body.Close() call
• [jwe] Previously, ecdh.PrivateKey/ecdh.PublicKey were not properly handled when used for encryption, which has been fixed.
• [jws/jwsbb] (EXPERIMENTAL/BREAKS COMPATIBILITY) Convert most functions into thin wrappers around functions from github.com/lestrrat-go/dsig package. As a related change, HAMCHashFuncFor/RSAHashFuncFor/ECDSAHashFuncFor/RSAPSSOptions have been removed or unexported. Users of this module should be using jwsbb.Sign() and jwsbb.Verify() instead of algorithm specific jwsbb.SignRSA()/jwsbb.VerifyRSA() and such. If you feel the need to use these functions, you should use github.com/lestrrat-go/dsig directly.

Commits

• 9e9c27a Update changes
• 8049c14 allow shutting down jwk cache (#1457)
• 7cbfb96 Warh40k fix/connection leak (#1458)
• 350cacf Bump actions/setup-go from 5.5.0 to 6.0.0 (#1449)
• aff47b2 Bump golang.org/x/crypto from 0.41.0 to 0.42.0 (#1456)
• bef9c5e Bump github.com/stretchr/testify from 1.10.0 to 1.11.1 (#1447)
• 9a00ed4 Bump actions/stale from 9.1.0 to 10.0.0 (#1451)
• 814c6eb Bump github.com/lestrrat-go/httprc/v3 from 3.0.0 to 3.0.1 (#1443)
• 699d388 Separate out signature generation / verification into its own framework (#1439)
• 568c2c8 Bump actions/checkout from 4.2.2 to 5.0.0 (#1440)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 44.64%. Comparing base (f2b6bc3) to head (dec16a6).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1885      +/-   ##
==========================================
+ Coverage   44.59%   44.64%   +0.04%     
==========================================
  Files         203      203              
  Lines       25864    25864              
==========================================
+ Hits        11534    11546      +12     
+ Misses      13428    13410      -18     
- Partials      902      908       +6     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.