New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(deps): update module github.com/golang-jwt/jwt/v4 to v5 #2535
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
renovate
bot
force-pushed
the
renovate/github.com-golang-jwt-jwt-v4-5.x
branch
from
March 5, 2024 04:29
7c97e89
to
5ed9f08
Compare
renovate
bot
force-pushed
the
renovate/github.com-golang-jwt-jwt-v4-5.x
branch
from
March 6, 2024 05:14
5ed9f08
to
5a15ea5
Compare
ahrav
approved these changes
Mar 7, 2024
haraldh
added a commit
to matter-labs/vault-auth-tee
that referenced
this pull request
Mar 8, 2024
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [trufflesecurity/trufflehog](https://togithub.com/trufflesecurity/trufflehog) | action | minor | `v3.68.5` -> `v3.69.0` | --- ### Release Notes <details> <summary>trufflesecurity/trufflehog (trufflesecurity/trufflehog)</summary> ### [`v3.69.0`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.69.0) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.68.5...v3.69.0) #### What's Changed - add version to extra data + moving existing versioned detectors into subdirectory format by [@​0x1](https://togithub.com/0x1) in [trufflesecurity/trufflehog#2471 - fix(deps): update module github.com/launchdarkly/go-server-sdk/v6 to v7 by [@​renovate](https://togithub.com/renovate) in [trufflesecurity/trufflehog#2499 - fix(deps): update module github.com/golang-jwt/jwt/v4 to v5 by [@​renovate](https://togithub.com/renovate) in [trufflesecurity/trufflehog#2535 - fix(deps): update module github.com/charmbracelet/lipgloss to v0.10.0 by [@​renovate](https://togithub.com/renovate) in [trufflesecurity/trufflehog#2542 - fix(deps): update module github.com/aws/aws-sdk-go to v1.50.34 by [@​renovate](https://togithub.com/renovate) in [trufflesecurity/trufflehog#2541 - fix(deps): update module golang.org/x/crypto to v0.21.0 by [@​renovate](https://togithub.com/renovate) in [trufflesecurity/trufflehog#2544 - fix(deps): update module github.com/xanzy/go-gitlab to v0.99.0 by [@​renovate](https://togithub.com/renovate) in [trufflesecurity/trufflehog#2543 - fix(deps): update module golang.org/x/oauth2 to v0.18.0 by [@​renovate](https://togithub.com/renovate) in [trufflesecurity/trufflehog#2546 - fix(deps): update module google.golang.org/api to v0.169.0 by [@​renovate](https://togithub.com/renovate) in [trufflesecurity/trufflehog#2547 - Canary verification by [@​joeleonjr](https://togithub.com/joeleonjr) in [trufflesecurity/trufflehog#2531 - fix(deps): update testcontainers-go monorepo to v0.29.1 by [@​renovate](https://togithub.com/renovate) in [trufflesecurity/trufflehog#2549 - fix(deps): update module google.golang.org/protobuf to v1.33.0 by [@​renovate](https://togithub.com/renovate) in [trufflesecurity/trufflehog#2548 **Full Changelog**: trufflesecurity/trufflehog@v3.68.5...v3.69.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/matter-labs/vault-auth-tee). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yMzAuMCIsInVwZGF0ZWRJblZlciI6IjM3LjIzMC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
antonbaliasnikov
pushed a commit
to matter-labs/compiler-infra
that referenced
this pull request
Apr 3, 2024
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [trufflesecurity/trufflehog](https://togithub.com/trufflesecurity/trufflehog) | action | minor | `v3.66.1` -> `v3.72.0` | --- ### Release Notes <details> <summary>trufflesecurity/trufflehog (trufflesecurity/trufflehog)</summary> ### [`v3.72.0`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.72.0) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.71.2...v3.72.0) #### What's Changed - fix(deps): update module github.com/aws/aws-sdk-go to v1.51.10 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2636](https://togithub.com/trufflesecurity/trufflehog/pull/2636) - Fix 'toolchair not available' error by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2642](https://togithub.com/trufflesecurity/trufflehog/pull/2642) - Fix GitHub enumeration & rate-limiting logic by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2625](https://togithub.com/trufflesecurity/trufflehog/pull/2625) - fix(deps): update module github.com/launchdarkly/go-server-sdk/v6 to v6.2.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2638](https://togithub.com/trufflesecurity/trufflehog/pull/2638) - fix(deps): update module cloud.google.com/go/storage to v1.40.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2645](https://togithub.com/trufflesecurity/trufflehog/pull/2645) - Add JupiterOne detector by [@​shreyas-sriram](https://togithub.com/shreyas-sriram) in [https://github.com/trufflesecurity/trufflehog/pull/2446](https://togithub.com/trufflesecurity/trufflehog/pull/2446) - fix(deps): update module github.com/aws/aws-sdk-go to v1.51.11 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2646](https://togithub.com/trufflesecurity/trufflehog/pull/2646) - fix(deps): update module github.com/thezeroslave/zapsentry to v1.22.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2648](https://togithub.com/trufflesecurity/trufflehog/pull/2648) - fix(deps): update module github.com/go-git/go-git/v5 to v5.12.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2649](https://togithub.com/trufflesecurity/trufflehog/pull/2649) - add GCP application default credentials detector by [@​kenzht](https://togithub.com/kenzht) in [https://github.com/trufflesecurity/trufflehog/pull/2530](https://togithub.com/trufflesecurity/trufflehog/pull/2530) - fix(deps): update module github.com/aws/aws-sdk-go to v1.51.12 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2651](https://togithub.com/trufflesecurity/trufflehog/pull/2651) - Add GitLab CI Pipeline Example in Documentation by [@​RoseSecurity](https://togithub.com/RoseSecurity) in [https://github.com/trufflesecurity/trufflehog/pull/2601](https://togithub.com/trufflesecurity/trufflehog/pull/2601) - fix(deps): update module github.com/thezeroslave/zapsentry to v1.22.1 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2654](https://togithub.com/trufflesecurity/trufflehog/pull/2654) - fix(deps): update module github.com/aws/aws-sdk-go to v1.51.13 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2655](https://togithub.com/trufflesecurity/trufflehog/pull/2655) - Remove duplicate JiraToken.v2 declaration in `defaults.go` by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2657](https://togithub.com/trufflesecurity/trufflehog/pull/2657) #### New Contributors - [@​kenzht](https://togithub.com/kenzht) made their first contribution in [https://github.com/trufflesecurity/trufflehog/pull/2530](https://togithub.com/trufflesecurity/trufflehog/pull/2530) - [@​RoseSecurity](https://togithub.com/RoseSecurity) made their first contribution in [https://github.com/trufflesecurity/trufflehog/pull/2601](https://togithub.com/trufflesecurity/trufflehog/pull/2601) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.71.2...v3.72.0 ### [`v3.71.2`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.71.2) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.71.1...v3.71.2) #### What's Changed - Link to GitHub contribution guide in CONTRIBUTING by [@​rosecodym](https://togithub.com/rosecodym) in [https://github.com/trufflesecurity/trufflehog/pull/2632](https://togithub.com/trufflesecurity/trufflehog/pull/2632) - Fixing nitro check by [@​dylanTruffle](https://togithub.com/dylanTruffle) in [https://github.com/trufflesecurity/trufflehog/pull/2631](https://togithub.com/trufflesecurity/trufflehog/pull/2631) - fix(deps): update module google.golang.org/api to v0.172.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2634](https://togithub.com/trufflesecurity/trufflehog/pull/2634) - make postman source public by [@​zricethezav](https://togithub.com/zricethezav) in [https://github.com/trufflesecurity/trufflehog/pull/2635](https://togithub.com/trufflesecurity/trufflehog/pull/2635) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.71.1...v3.71.2 ### [`v3.71.1`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.71.1) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.71.0...v3.71.1) #### What's Changed - Fix GitHub panic and test errors by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2608](https://togithub.com/trufflesecurity/trufflehog/pull/2608) - fix(deps): update module github.com/xanzy/go-gitlab to v0.101.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2617](https://togithub.com/trufflesecurity/trufflehog/pull/2617) - fix(deps): update module github.com/aws/aws-sdk-go to v1.51.6 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2615](https://togithub.com/trufflesecurity/trufflehog/pull/2615) - fix(deps): update module github.com/aws/aws-sdk-go to v1.51.7 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2623](https://togithub.com/trufflesecurity/trufflehog/pull/2623) - Fix additional GitHub test errors by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2614](https://togithub.com/trufflesecurity/trufflehog/pull/2614) - \[chore] - upgrade dep by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2618](https://togithub.com/trufflesecurity/trufflehog/pull/2618) - fix(deps): update golang.org/x/exp digest to [`a685a6e`](https://togithub.com/trufflesecurity/trufflehog/commit/a685a6e) by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2621](https://togithub.com/trufflesecurity/trufflehog/pull/2621) - Fix incorrect regular expression with missing closing bracket by [@​fml09](https://togithub.com/fml09) in [https://github.com/trufflesecurity/trufflehog/pull/2616](https://togithub.com/trufflesecurity/trufflehog/pull/2616) - fix(deps): update module github.com/go-sql-driver/mysql to v1.8.1 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2626](https://togithub.com/trufflesecurity/trufflehog/pull/2626) - fix(deps): update module github.com/charmbracelet/glamour to v0.7.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2627](https://togithub.com/trufflesecurity/trufflehog/pull/2627) - \[bugfix] - Update the Anthropic detector by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2629](https://togithub.com/trufflesecurity/trufflehog/pull/2629) - fix(deps): update module github.com/aws/aws-sdk-go to v1.51.8 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2630](https://togithub.com/trufflesecurity/trufflehog/pull/2630) - Use Lstat to identify non-regular files in filesystem source by [@​dustin-decker](https://togithub.com/dustin-decker) in [https://github.com/trufflesecurity/trufflehog/pull/2628](https://togithub.com/trufflesecurity/trufflehog/pull/2628) #### New Contributors - [@​fml09](https://togithub.com/fml09) made their first contribution in [https://github.com/trufflesecurity/trufflehog/pull/2616](https://togithub.com/trufflesecurity/trufflehog/pull/2616) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.71.0...v3.71.1 ### [`v3.71.0`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.71.0) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.70.3...v3.71.0) #### What's Changed - Postman Source by [@​zricethezav](https://togithub.com/zricethezav) in [https://github.com/trufflesecurity/trufflehog/pull/2579](https://togithub.com/trufflesecurity/trufflehog/pull/2579) - fix(deps): update module github.com/aws/aws-sdk-go to v1.51.4 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2604](https://togithub.com/trufflesecurity/trufflehog/pull/2604) - expand keyword checks, and add collection name to keyword by [@​zricethezav](https://togithub.com/zricethezav) in [https://github.com/trufflesecurity/trufflehog/pull/2602](https://togithub.com/trufflesecurity/trufflehog/pull/2602) - \[chore] Fix potential resource leak in postman source by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/2606](https://togithub.com/trufflesecurity/trufflehog/pull/2606) - Bump github.com/docker/docker from 25.0.3+incompatible to 25.0.5+incompatible by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/trufflesecurity/trufflehog/pull/2603](https://togithub.com/trufflesecurity/trufflehog/pull/2603) - Refactor GitHub source by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2379](https://togithub.com/trufflesecurity/trufflehog/pull/2379) - Use go 1.22 by [@​dustin-decker](https://togithub.com/dustin-decker) in [https://github.com/trufflesecurity/trufflehog/pull/2599](https://togithub.com/trufflesecurity/trufflehog/pull/2599) - fix(deps): update module github.com/launchdarkly/go-server-sdk/v6 to v7 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2590](https://togithub.com/trufflesecurity/trufflehog/pull/2590) - fix(deps): update module github.com/brianvoe/gofakeit/v6 to v7 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2524](https://togithub.com/trufflesecurity/trufflehog/pull/2524) - fix(deps): update module google.golang.org/api to v0.171.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2611](https://togithub.com/trufflesecurity/trufflehog/pull/2611) - fix(deps): update module github.com/bradleyfalzon/ghinstallation/v2 to v2.10.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2607](https://togithub.com/trufflesecurity/trufflehog/pull/2607) - Avoid uneeded calls to strconv.Unquote by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2605](https://togithub.com/trufflesecurity/trufflehog/pull/2605) - MaxMind detector uses the right endpoint by [@​faktas2](https://togithub.com/faktas2) in [https://github.com/trufflesecurity/trufflehog/pull/2577](https://togithub.com/trufflesecurity/trufflehog/pull/2577) - Update Snyk detector by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2559](https://togithub.com/trufflesecurity/trufflehog/pull/2559) - fix(deps): update module github.com/brianvoe/gofakeit/v6 to v7 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2612](https://togithub.com/trufflesecurity/trufflehog/pull/2612) - Dockerhub v2 detector by [@​ankushgoel27](https://togithub.com/ankushgoel27) in [https://github.com/trufflesecurity/trufflehog/pull/2361](https://togithub.com/trufflesecurity/trufflehog/pull/2361) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.70.3...v3.71.0 ### [`v3.70.3`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.70.3) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.70.2...v3.70.3) #### What's Changed - \[chore] Replace "Trufflehog" with "TruffleHog" by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/2584](https://togithub.com/trufflesecurity/trufflehog/pull/2584) - fix(deps): update golang.org/x/exp digest to [`a85f2c6`](https://togithub.com/trufflesecurity/trufflehog/commit/a85f2c6) by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2592](https://togithub.com/trufflesecurity/trufflehog/pull/2592) - fix(deps): update module github.com/aws/aws-sdk-go to v1.51.2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2593](https://togithub.com/trufflesecurity/trufflehog/pull/2593) - Make Git work with escaped unicode characcters by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2585](https://togithub.com/trufflesecurity/trufflehog/pull/2585) - fix(deps): update module github.com/aws/aws-sdk-go to v1.51.3 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2594](https://togithub.com/trufflesecurity/trufflehog/pull/2594) - fix(deps): update module cloud.google.com/go/secretmanager to v1.12.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2595](https://togithub.com/trufflesecurity/trufflehog/pull/2595) - fix(deps): update module github.com/wasilibs/go-re2 to v1.5.1 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2596](https://togithub.com/trufflesecurity/trufflehog/pull/2596) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.70.2...v3.70.3 ### [`v3.70.2`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.70.2) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.70.1...v3.70.2) #### What's Changed - fix(deps): update module github.com/launchdarkly/go-server-sdk/v7 to v7.1.1 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2576](https://togithub.com/trufflesecurity/trufflehog/pull/2576) - fix(deps): update module cloud.google.com/go/secretmanager to v1.11.6 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2578](https://togithub.com/trufflesecurity/trufflehog/pull/2578) - fix(deps): update module github.com/google/go-containerregistry to v0.19.1 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2586](https://togithub.com/trufflesecurity/trufflehog/pull/2586) - fix(deps): update module github.com/googleapis/gax-go/v2 to v2.12.3 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2587](https://togithub.com/trufflesecurity/trufflehog/pull/2587) - fix(deps): update module google.golang.org/api to v0.170.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2589](https://togithub.com/trufflesecurity/trufflehog/pull/2589) - fix(deps): update module github.com/aws/aws-sdk-go to v1.51.1 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2588](https://togithub.com/trufflesecurity/trufflehog/pull/2588) - fix(deps): update module github.com/wasilibs/go-re2 to v1.5.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2591](https://togithub.com/trufflesecurity/trufflehog/pull/2591) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.70.1...v3.70.2 ### [`v3.70.1`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.70.1) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.70.0...v3.70.1) #### What's Changed - pull out verification logic from github detectors by [@​0x1](https://togithub.com/0x1) in [https://github.com/trufflesecurity/trufflehog/pull/2554](https://togithub.com/trufflesecurity/trufflehog/pull/2554) - Fix --results not behaving as expected. by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2582](https://togithub.com/trufflesecurity/trufflehog/pull/2582) - Fix GitHub detector npe by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2583](https://togithub.com/trufflesecurity/trufflehog/pull/2583) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.70.0...v3.70.1 ### [`v3.70.0`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.70.0) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.69.0...v3.70.0) #### What's Changed - fix(deps): update module github.com/golang-jwt/jwt/v4 to v5 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2550](https://togithub.com/trufflesecurity/trufflehog/pull/2550) - \[chore] - use custom grow method by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2555](https://togithub.com/trufflesecurity/trufflehog/pull/2555) - fix(deps): update module github.com/google/go-github/v57 to v60 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2551](https://togithub.com/trufflesecurity/trufflehog/pull/2551) - fix(deps): update module github.com/aws/aws-sdk-go to v1.50.35 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2560](https://togithub.com/trufflesecurity/trufflehog/pull/2560) - fix(deps): update module github.com/go-sql-driver/mysql to v1.8.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2561](https://togithub.com/trufflesecurity/trufflehog/pull/2561) - fix(deps): update module cloud.google.com/go/storage to v1.39.1 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2565](https://togithub.com/trufflesecurity/trufflehog/pull/2565) - fix(deps): update module github.com/aws/aws-sdk-go to v1.50.36 - autoclosed by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2566](https://togithub.com/trufflesecurity/trufflehog/pull/2566) - \[chore] - Fix flaky test by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2564](https://togithub.com/trufflesecurity/trufflehog/pull/2564) - \[chore] - Record metrics before reset by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2556](https://togithub.com/trufflesecurity/trufflehog/pull/2556) - fix(deps): update module github.com/launchdarkly/go-server-sdk/v6 to v7 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2568](https://togithub.com/trufflesecurity/trufflehog/pull/2568) - fix(deps): update module github.com/xanzy/go-gitlab to v0.100.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2567](https://togithub.com/trufflesecurity/trufflehog/pull/2567) - fix(deps): update module github.com/aws/aws-sdk-go to v1.50.38 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2572](https://togithub.com/trufflesecurity/trufflehog/pull/2572) - fix(deps): update module github.com/couchbase/gocb/v2 to v2.8.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2573](https://togithub.com/trufflesecurity/trufflehog/pull/2573) - fix(deps): update golang.org/x/exp digest to [`c7f7c64`](https://togithub.com/trufflesecurity/trufflehog/commit/c7f7c64) by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2575](https://togithub.com/trufflesecurity/trufflehog/pull/2575) - Add `--results` flag by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2372](https://togithub.com/trufflesecurity/trufflehog/pull/2372) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.69.0...v3.70.0 ### [`v3.69.0`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.69.0) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.68.5...v3.69.0) #### What's Changed - add version to extra data + moving existing versioned detectors into subdirectory format by [@​0x1](https://togithub.com/0x1) in [https://github.com/trufflesecurity/trufflehog/pull/2471](https://togithub.com/trufflesecurity/trufflehog/pull/2471) - fix(deps): update module github.com/launchdarkly/go-server-sdk/v6 to v7 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2499](https://togithub.com/trufflesecurity/trufflehog/pull/2499) - fix(deps): update module github.com/golang-jwt/jwt/v4 to v5 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2535](https://togithub.com/trufflesecurity/trufflehog/pull/2535) - fix(deps): update module github.com/charmbracelet/lipgloss to v0.10.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2542](https://togithub.com/trufflesecurity/trufflehog/pull/2542) - fix(deps): update module github.com/aws/aws-sdk-go to v1.50.34 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2541](https://togithub.com/trufflesecurity/trufflehog/pull/2541) - fix(deps): update module golang.org/x/crypto to v0.21.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2544](https://togithub.com/trufflesecurity/trufflehog/pull/2544) - fix(deps): update module github.com/xanzy/go-gitlab to v0.99.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2543](https://togithub.com/trufflesecurity/trufflehog/pull/2543) - fix(deps): update module golang.org/x/oauth2 to v0.18.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2546](https://togithub.com/trufflesecurity/trufflehog/pull/2546) - fix(deps): update module google.golang.org/api to v0.169.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2547](https://togithub.com/trufflesecurity/trufflehog/pull/2547) - Canary verification by [@​joeleonjr](https://togithub.com/joeleonjr) in [https://github.com/trufflesecurity/trufflehog/pull/2531](https://togithub.com/trufflesecurity/trufflehog/pull/2531) - fix(deps): update testcontainers-go monorepo to v0.29.1 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2549](https://togithub.com/trufflesecurity/trufflehog/pull/2549) - fix(deps): update module google.golang.org/protobuf to v1.33.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2548](https://togithub.com/trufflesecurity/trufflehog/pull/2548) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.68.5...v3.69.0 ### [`v3.68.5`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.68.5) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.68.4...v3.68.5) #### What's Changed - Create basic escaped unicode decoder by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2456](https://togithub.com/trufflesecurity/trufflehog/pull/2456) - fix(deps): update module github.com/aws/aws-sdk-go to v1.50.30 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2529](https://togithub.com/trufflesecurity/trufflehog/pull/2529) - fix(deps): update module github.com/felixge/fgprof to v0.9.4 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2532](https://togithub.com/trufflesecurity/trufflehog/pull/2532) - fix(deps): update module cloud.google.com/go/storage to v1.39.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2533](https://togithub.com/trufflesecurity/trufflehog/pull/2533) - fix(deps): update module github.com/stretchr/testify to v1.9.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2534](https://togithub.com/trufflesecurity/trufflehog/pull/2534) - Add naive S3 ignorelist by [@​rosecodym](https://togithub.com/rosecodym) in [https://github.com/trufflesecurity/trufflehog/pull/2536](https://togithub.com/trufflesecurity/trufflehog/pull/2536) - Redact secret in git command output by [@​rosecodym](https://togithub.com/rosecodym) in [https://github.com/trufflesecurity/trufflehog/pull/2539](https://togithub.com/trufflesecurity/trufflehog/pull/2539) - Fix timeout param, DB is not needed for ping command by [@​dustin-decker](https://togithub.com/dustin-decker) in [https://github.com/trufflesecurity/trufflehog/pull/2540](https://togithub.com/trufflesecurity/trufflehog/pull/2540) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.68.4...v3.68.5 ### [`v3.68.4`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.68.4) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.68.3...v3.68.4) #### What's Changed - Improve Gitlab default URL handling by [@​trufflesteeeve](https://togithub.com/trufflesteeeve) in [https://github.com/trufflesecurity/trufflehog/pull/2491](https://togithub.com/trufflesecurity/trufflehog/pull/2491) - fix(deps): update module github.com/golang-jwt/jwt/v4 to v5 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2513](https://togithub.com/trufflesecurity/trufflehog/pull/2513) - fix(deps): update module github.com/aws/aws-sdk-go to v1.50.28 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2520](https://togithub.com/trufflesecurity/trufflehog/pull/2520) - fix(deps): update module github.com/googleapis/gax-go/v2 to v2.12.2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2521](https://togithub.com/trufflesecurity/trufflehog/pull/2521) - fix(deps): update module github.com/prometheus/client_golang to v1.19.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2522](https://togithub.com/trufflesecurity/trufflehog/pull/2522) - fix(deps): update module golang.org/x/crypto to v0.20.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2523](https://togithub.com/trufflesecurity/trufflehog/pull/2523) - Remove one filter word by [@​dustin-decker](https://togithub.com/dustin-decker) in [https://github.com/trufflesecurity/trufflehog/pull/2525](https://togithub.com/trufflesecurity/trufflehog/pull/2525) - Fix minor typo by [@​jamesgol](https://togithub.com/jamesgol) in [https://github.com/trufflesecurity/trufflehog/pull/2527](https://togithub.com/trufflesecurity/trufflehog/pull/2527) - Ignore canary IDs in notifications by [@​dxa4481](https://togithub.com/dxa4481) in [https://github.com/trufflesecurity/trufflehog/pull/2526](https://togithub.com/trufflesecurity/trufflehog/pull/2526) - \[feat] - Make the client configurable by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2528](https://togithub.com/trufflesecurity/trufflehog/pull/2528) #### New Contributors - [@​jamesgol](https://togithub.com/jamesgol) made their first contribution in [https://github.com/trufflesecurity/trufflehog/pull/2527](https://togithub.com/trufflesecurity/trufflehog/pull/2527) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.68.3...v3.68.4 ### [`v3.68.3`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.68.3) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.68.2...v3.68.3) #### What's Changed - fix(deps): update module github.com/google/go-github/v57 to v59 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2464](https://togithub.com/trufflesecurity/trufflehog/pull/2464) - fix(deps): update module github.com/golang-jwt/jwt/v4 to v5 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2455](https://togithub.com/trufflesecurity/trufflehog/pull/2455) - fix(deps): update golang.org/x/exp digest to [`814bf88`](https://togithub.com/trufflesecurity/trufflehog/commit/814bf88) by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2508](https://togithub.com/trufflesecurity/trufflehog/pull/2508) - fix(deps): update module github.com/aws/aws-sdk-go to v1.50.25 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2509](https://togithub.com/trufflesecurity/trufflehog/pull/2509) - fix(deps): update module github.com/xanzy/go-gitlab to v0.98.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2511](https://togithub.com/trufflesecurity/trufflehog/pull/2511) - fix(deps): update module google.golang.org/api to v0.167.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2512](https://togithub.com/trufflesecurity/trufflehog/pull/2512) - Improve monogo and snowflake detectors by [@​dustin-decker](https://togithub.com/dustin-decker) in [https://github.com/trufflesecurity/trufflehog/pull/2518](https://togithub.com/trufflesecurity/trufflehog/pull/2518) - JDBC test and parsing improvements by [@​dustin-decker](https://togithub.com/dustin-decker) in [https://github.com/trufflesecurity/trufflehog/pull/2516](https://togithub.com/trufflesecurity/trufflehog/pull/2516) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.68.2...v3.68.3 ### [`v3.68.2`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.68.2) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.68.1...v3.68.2) #### What's Changed - fix prefix check when returning early by [@​dustin-decker](https://togithub.com/dustin-decker) in [https://github.com/trufflesecurity/trufflehog/pull/2503](https://togithub.com/trufflesecurity/trufflehog/pull/2503) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.68.1...v3.68.2 ### [`v3.68.1`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.68.1) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.68.0...v3.68.1) #### What's Changed - Tell git to ignore directory ownership (fixes [#​2495](https://togithub.com/trufflesecurity/trufflehog/issues/2495)) by [@​marksteward](https://togithub.com/marksteward) in [https://github.com/trufflesecurity/trufflehog/pull/2496](https://togithub.com/trufflesecurity/trufflehog/pull/2496) - Gitlab scan targets by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2470](https://togithub.com/trufflesecurity/trufflehog/pull/2470) - Clean up some detectors by [@​dustin-decker](https://togithub.com/dustin-decker) in [https://github.com/trufflesecurity/trufflehog/pull/2501](https://togithub.com/trufflesecurity/trufflehog/pull/2501) #### New Contributors - [@​marksteward](https://togithub.com/marksteward) made their first contribution in [https://github.com/trufflesecurity/trufflehog/pull/2496](https://togithub.com/trufflesecurity/trufflehog/pull/2496) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.68.0...v3.68.1 ### [`v3.68.0`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.68.0) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.67.7...v3.68.0) #### What's Changed - fix(deps): update module github.com/hashicorp/golang-lru to v2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2486](https://togithub.com/trufflesecurity/trufflehog/pull/2486) - fix(deps): update module github.com/aws/aws-sdk-go to v1.50.21 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2489](https://togithub.com/trufflesecurity/trufflehog/pull/2489) - Add Display method to SourceUnit and Kind member to the CommonSourceUnit by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/2450](https://togithub.com/trufflesecurity/trufflehog/pull/2450) - fix(deps): update module github.com/launchdarkly/go-server-sdk/v6 to v7 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2490](https://togithub.com/trufflesecurity/trufflehog/pull/2490) - fix(deps): update module github.com/aws/aws-sdk-go to v1.50.22 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2492](https://togithub.com/trufflesecurity/trufflehog/pull/2492) - fix(deps): update module github.com/couchbase/gocb/v2 to v2.7.2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2493](https://togithub.com/trufflesecurity/trufflehog/pull/2493) - fix(deps): update module github.com/snowflakedb/gosnowflake to v1.8.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2497](https://togithub.com/trufflesecurity/trufflehog/pull/2497) - fix(deps): update module go.uber.org/zap to v1.27.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2498](https://togithub.com/trufflesecurity/trufflehog/pull/2498) - Identify some canary tokens without detonation by [@​dustin-decker](https://togithub.com/dustin-decker) in [https://github.com/trufflesecurity/trufflehog/pull/2500](https://togithub.com/trufflesecurity/trufflehog/pull/2500) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.67.7...v3.68.0 ### [`v3.67.7`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.67.7) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.67.6...v3.67.7) #### What's Changed - \[chore] Add some doc comments to source manager by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/2434](https://togithub.com/trufflesecurity/trufflehog/pull/2434) - fix(deps): update module github.com/golang-jwt/jwt/v4 to v5 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2448](https://togithub.com/trufflesecurity/trufflehog/pull/2448) - fix(deps): update golang.org/x/exp digest to [`ec58324`](https://togithub.com/trufflesecurity/trufflehog/commit/ec58324) by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2452](https://togithub.com/trufflesecurity/trufflehog/pull/2452) - fix(deps): update module github.com/aws/aws-sdk-go to v1.50.17 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2453](https://togithub.com/trufflesecurity/trufflehog/pull/2453) - fix(deps): update module github.com/googleapis/gax-go/v2 to v2.12.1 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2454](https://togithub.com/trufflesecurity/trufflehog/pull/2454) - fix(deps): update module github.com/aymanbagabas/go-osc52 to v2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2447](https://togithub.com/trufflesecurity/trufflehog/pull/2447) - fix(deps): update module github.com/aymanbagabas/go-osc52 to v1.2.2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2457](https://togithub.com/trufflesecurity/trufflehog/pull/2457) - fix(deps): update module go.mongodb.org/mongo-driver to v1.13.2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2458](https://togithub.com/trufflesecurity/trufflehog/pull/2458) - fix(deps): update module github.com/aymanbagabas/go-osc52 to v2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2459](https://togithub.com/trufflesecurity/trufflehog/pull/2459) - fix(deps): update module github.com/aymanbagabas/go-osc52 to v1.2.2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2460](https://togithub.com/trufflesecurity/trufflehog/pull/2460) - fix(deps): update module github.com/google/go-github/v57 to v59 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2449](https://togithub.com/trufflesecurity/trufflehog/pull/2449) - fix(deps): update module github.com/aws/aws-sdk-go to v1.50.18 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2463](https://togithub.com/trufflesecurity/trufflehog/pull/2463) - Remove some noisy / less useful detectors by [@​dustin-decker](https://togithub.com/dustin-decker) in [https://github.com/trufflesecurity/trufflehog/pull/2467](https://togithub.com/trufflesecurity/trufflehog/pull/2467) - add missing prefixregex to GuardianAPI by [@​zricethezav](https://togithub.com/zricethezav) in [https://github.com/trufflesecurity/trufflehog/pull/2468](https://togithub.com/trufflesecurity/trufflehog/pull/2468) - update gitlab proto by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2469](https://togithub.com/trufflesecurity/trufflehog/pull/2469) - \[cleanup] - Extract buffer logic by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2409](https://togithub.com/trufflesecurity/trufflehog/pull/2409) - add lazy quantifier to prefixregex by [@​zricethezav](https://togithub.com/zricethezav) in [https://github.com/trufflesecurity/trufflehog/pull/2466](https://togithub.com/trufflesecurity/trufflehog/pull/2466) - \[chore] Increase TestMaxDiffSize timeout by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/2472](https://togithub.com/trufflesecurity/trufflehog/pull/2472) - \[chore] - tighten keyword match by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2473](https://togithub.com/trufflesecurity/trufflehog/pull/2473) - move clenaup outside the engine by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2475](https://togithub.com/trufflesecurity/trufflehog/pull/2475) - fix(deps): update module github.com/hashicorp/golang-lru to v2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2462](https://togithub.com/trufflesecurity/trufflehog/pull/2462) - fix(deps): update module github.com/aws/aws-sdk-go to v1.50.20 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2477](https://togithub.com/trufflesecurity/trufflehog/pull/2477) - fix(deps): update module github.com/hashicorp/golang-lru to v0.6.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2478](https://togithub.com/trufflesecurity/trufflehog/pull/2478) - fix(deps): update module go.mongodb.org/mongo-driver to v1.14.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2479](https://togithub.com/trufflesecurity/trufflehog/pull/2479) - fix(deps): update module google.golang.org/api to v0.165.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2480](https://togithub.com/trufflesecurity/trufflehog/pull/2480) - fix(deps): update module github.com/hashicorp/golang-lru to v2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2481](https://togithub.com/trufflesecurity/trufflehog/pull/2481) - fix(deps): update module github.com/hashicorp/golang-lru to v0.6.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2482](https://togithub.com/trufflesecurity/trufflehog/pull/2482) - fix(deps): update module github.com/hashicorp/golang-lru to v2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2483](https://togithub.com/trufflesecurity/trufflehog/pull/2483) - fix(deps): update module github.com/azuread/microsoft-authentication-library-for-go to v1.2.2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2484](https://togithub.com/trufflesecurity/trufflehog/pull/2484) - \[chore] - upgrade lru cache version by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2487](https://togithub.com/trufflesecurity/trufflehog/pull/2487) - \[chore] - use read full by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2474](https://togithub.com/trufflesecurity/trufflehog/pull/2474) - concurrency uint8 to int by [@​zricethezav](https://togithub.com/zricethezav) in [https://github.com/trufflesecurity/trufflehog/pull/2488](https://togithub.com/trufflesecurity/trufflehog/pull/2488) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.67.6...v3.67.7 ### [`v3.67.6`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.67.6) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.67.5...v3.67.6) #### What's Changed - Disable secret scans for community PRs by [@​zricethezav](https://togithub.com/zricethezav) in [https://github.com/trufflesecurity/trufflehog/pull/2401](https://togithub.com/trufflesecurity/trufflehog/pull/2401) - Refactor UnitHook to block the scan if finished metrics aren't handled by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/2309](https://togithub.com/trufflesecurity/trufflehog/pull/2309) - Update brew install instructions by [@​zricethezav](https://togithub.com/zricethezav) in [https://github.com/trufflesecurity/trufflehog/pull/2404](https://togithub.com/trufflesecurity/trufflehog/pull/2404) - Implement SourceUnitEnumChunker for GitLab by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/2367](https://togithub.com/trufflesecurity/trufflehog/pull/2367) - Add flag to write job reports to disk by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/2298](https://togithub.com/trufflesecurity/trufflehog/pull/2298) - \[chore] Rename file to legacy_reporters.go by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/2406](https://togithub.com/trufflesecurity/trufflehog/pull/2406) - \[chore] Ensure Postgres detector respects context deadline by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/2408](https://togithub.com/trufflesecurity/trufflehog/pull/2408) - fix(deps): update module github.com/charmbracelet/bubbletea to v0.25.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2326](https://togithub.com/trufflesecurity/trufflehog/pull/2326) - fix(deps): update module github.com/charmbracelet/bubbles to v0.18.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2296](https://togithub.com/trufflesecurity/trufflehog/pull/2296) - fix(deps): update module github.com/aymanbagabas/go-osc52 to v2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2048](https://togithub.com/trufflesecurity/trufflehog/pull/2048) - fix(deps): update github.com/lrstanley/bubblezone digest to [`b7bafc4`](https://togithub.com/trufflesecurity/trufflehog/commit/b7bafc4) by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2411](https://togithub.com/trufflesecurity/trufflehog/pull/2411) - fix(deps): update golang.org/x/exp digest to [`2c58cdc`](https://togithub.com/trufflesecurity/trufflehog/commit/2c58cdc) by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2412](https://togithub.com/trufflesecurity/trufflehog/pull/2412) - fix(deps): update module cloud.google.com/go/secretmanager to v1.11.5 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2414](https://togithub.com/trufflesecurity/trufflehog/pull/2414) - fix(deps): update module github.com/aws/aws-sdk-go to v1.50.15 - autoclosed by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2415](https://togithub.com/trufflesecurity/trufflehog/pull/2415) - fix(deps): update module github.com/mattn/go-sqlite3 to v1.14.22 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2417](https://togithub.com/trufflesecurity/trufflehog/pull/2417) - fix(deps): update module github.com/aymanbagabas/go-osc52 to v1.2.2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2416](https://togithub.com/trufflesecurity/trufflehog/pull/2416) - chore(deps): update golang docker tag to v1.22 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2420](https://togithub.com/trufflesecurity/trufflehog/pull/2420) - chore(deps): update sigstore/cosign-installer action to v3.4.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2421](https://togithub.com/trufflesecurity/trufflehog/pull/2421) - fix(deps): update module cloud.google.com/go/storage to v1.37.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2423](https://togithub.com/trufflesecurity/trufflehog/pull/2423) - fix(deps): update module github.com/getsentry/sentry-go to v0.27.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2424](https://togithub.com/trufflesecurity/trufflehog/pull/2424) - fix(deps): update module github.com/google/go-containerregistry to v0.19.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2425](https://togithub.com/trufflesecurity/trufflehog/pull/2425) - \[fix] Add unit information to error returned by ChunkUnit by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/2410](https://togithub.com/trufflesecurity/trufflehog/pull/2410) - Ignore Kubernetes GCP test credentials by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2413](https://togithub.com/trufflesecurity/trufflehog/pull/2413) - fix(deps): update module github.com/google/uuid to v1.6.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2427](https://togithub.com/trufflesecurity/trufflehog/pull/2427) - fix(deps): update module github.com/hashicorp/golang-lru to v0.6.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2428](https://togithub.com/trufflesecurity/trufflehog/pull/2428) - fix(deps): update module github.com/thezeroslave/zapsentry to v1.20.2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2431](https://togithub.com/trufflesecurity/trufflehog/pull/2431) - fix(deps): update module github.com/snowflakedb/gosnowflake to v1.7.2 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2430](https://togithub.com/trufflesecurity/trufflehog/pull/2430) - fix(deps): update module github.com/prometheus/client_golang to v1.18.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2429](https://togithub.com/trufflesecurity/trufflehog/pull/2429) - fix(deps): update module github.com/xanzy/go-gitlab to v0.97.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2432](https://togithub.com/trufflesecurity/trufflehog/pull/2432) - fix(deps): update module go.mongodb.org/mongo-driver to v1.13.1 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2433](https://togithub.com/trufflesecurity/trufflehog/pull/2433) - fix(deps): update module go.uber.org/mock to v0.4.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2437](https://togithub.com/trufflesecurity/trufflehog/pull/2437) - fix(deps): update module github.com/aws/aws-sdk-go to v1.50.16 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2436](https://togithub.com/trufflesecurity/trufflehog/pull/2436) - fix(deps): update module cloud.google.com/go/storage to v1.38.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2438](https://togithub.com/trufflesecurity/trufflehog/pull/2438) - fix(deps): update module golang.org/x/crypto to v0.19.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2439](https://togithub.com/trufflesecurity/trufflehog/pull/2439) - fix(deps): update module golang.org/x/net to v0.21.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2440](https://togithub.com/trufflesecurity/trufflehog/pull/2440) - chore(deps): update actions/setup-go action to v5 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2443](https://togithub.com/trufflesecurity/trufflehog/pull/2443) - fix(deps): update module golang.org/x/oauth2 to v0.17.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2441](https://togithub.com/trufflesecurity/trufflehog/pull/2441) - fix(deps): update module google.golang.org/api to v0.164.0 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2442](https://togithub.com/trufflesecurity/trufflehog/pull/2442) - chore(deps): update github/codeql-action action to v3 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2444](https://togithub.com/trufflesecurity/trufflehog/pull/2444) - chore(deps): update golangci/golangci-lint-action action to v4 by [@​renovate](https://togithub.com/renovate) in [https://github.com/trufflesecurity/trufflehog/pull/2445](https://togithub.com/trufflesecurity/trufflehog/pull/2445) - Update custom detector example by [@​zricethezav](https://togithub.com/zricethezav) in [https://github.com/trufflesecurity/trufflehog/pull/2435](https://togithub.com/trufflesecurity/trufflehog/pull/2435) - 2396 since commit stopped working by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2402](https://togithub.com/trufflesecurity/trufflehog/pull/2402) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.67.5...v3.67.6 ### [`v3.67.5`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.67.5) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.67.4...v3.67.5) #### What's Changed - Fix handling of GitHub ratelimit information by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2041](https://togithub.com/trufflesecurity/trufflehog/pull/2041) - Set GHA workdir by [@​zricethezav](https://togithub.com/zricethezav) in [https://github.com/trufflesecurity/trufflehog/pull/2393](https://togithub.com/trufflesecurity/trufflehog/pull/2393) - Allow CLI version pinning in GHA ([#​2397](https://togithub.com/trufflesecurity/trufflehog/issues/2397)) by [@​skeweredlogic](https://togithub.com/skeweredlogic) in [https://github.com/trufflesecurity/trufflehog/pull/2398](https://togithub.com/trufflesecurity/trufflehog/pull/2398) - \[bug] - prevent concurrent map writes by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2399](https://togithub.com/trufflesecurity/trufflehog/pull/2399) - Allow multiple domains for Forager by [@​dustin-decker](https://togithub.com/dustin-decker) in [https://github.com/trufflesecurity/trufflehog/pull/2400](https://togithub.com/trufflesecurity/trufflehog/pull/2400) - Update GitParse to handle quoted binary filenames by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2391](https://togithub.com/trufflesecurity/trufflehog/pull/2391) - \[feat] - buffered file writer metrics by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2395](https://togithub.com/trufflesecurity/trufflehog/pull/2395) #### New Contributors - [@​skeweredlogic](https://togithub.com/skeweredlogic) made their first contribution in [https://github.com/trufflesecurity/trufflehog/pull/2398](https://togithub.com/trufflesecurity/trufflehog/pull/2398) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.67.4...v3.67.5 ### [`v3.67.4`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.67.4) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.67.3...v3.67.4) #### What's Changed - \[feat] - use diff chan by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2387](https://togithub.com/trufflesecurity/trufflehog/pull/2387) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.67.3...v3.67.4 ### [`v3.67.3`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.67.3) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.67.2...v3.67.3) #### What's Changed - Disable GitHub wiki scanning by default by [@​rosecodym](https://togithub.com/rosecodym) in [https://github.com/trufflesecurity/trufflehog/pull/2386](https://togithub.com/trufflesecurity/trufflehog/pull/2386) - Fix binary file hanging bug in git sources by [@​mcastorina](https://togithub.com/mcastorina) in [https://github.com/trufflesecurity/trufflehog/pull/2388](https://togithub.com/trufflesecurity/trufflehog/pull/2388) - tightening opsgenie detection and verification by [@​dylanTruffle](https://togithub.com/dylanTruffle) in [https://github.com/trufflesecurity/trufflehog/pull/2389](https://togithub.com/trufflesecurity/trufflehog/pull/2389) - Make `SkipFile` case-insensitive by [@​rgmz](https://togithub.com/rgmz) in [https://github.com/trufflesecurity/trufflehog/pull/2383](https://togithub.com/trufflesecurity/trufflehog/pull/2383) - \[not-fixup] - Reduce memory consumption for Buffered File Writer by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2377](https://togithub.com/trufflesecurity/trufflehog/pull/2377) **Full Changelog**: https://github.com/trufflesecurity/trufflehog/compare/v3.67.2...v3.67.3 ### [`v3.67.2`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.67.2) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.67.1...v3.67.2) #### What's Changed - \[bug] - unhashable map key by [@​ahrav](https://togithub.com/ahrav) in [https://github.com/trufflesecurity/trufflehog/pull/2374](https://togithub.com/trufflesecurity/trufflehog/pull/2374) - custom detector docs improvement by [@​dxa4481](https://togithub.com/dxa4481) in [https://github.com/trufflesecurity/trufflehog/pull/2376](https://togithub.com/tru </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/matter-labs/compiler-infra). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xNTMuMiIsInVwZGF0ZWRJblZlciI6IjM3LjI2OS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Open
1 task
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v4.5.0
->v5.2.1
Warning
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Release Notes
golang-jwt/jwt (github.com/golang-jwt/jwt/v4)
v5.2.1
Compare Source
What's Changed
New Contributors
Full Changelog: golang-jwt/jwt@v5.2.0...v5.2.1
v5.2.0
Compare Source
What's Changed
NewValidator
by @oxisto in https://github.com/golang-jwt/jwt/pull/349New Contributors
Full Changelog: golang-jwt/jwt@v5.1.0...v5.2.0
v5.1.0
Compare Source
What's Changed
ErrInvalidType
instead ofjson.UnsupportedTypeError
by @oxisto in https://github.com/golang-jwt/jwt/pull/316New Contributors
Full Changelog: golang-jwt/jwt@v5.0.0...v5.1.0
v5.0.0
Compare Source
🚀 New Major Version
v5
🚀It's finally here, the release you have been waiting for! We don't take breaking changes lightly, but the changes outlined below were necessary to address some of the challenges of the previous API. A big thanks for @mfridman for all the reviews, all contributors for their commits and of course @dgrijalva for the original code. I hope we kept some of the spirit of your original
v4
branch alive in the approach we have taken here.~@oxisto, on behalf of @golang-jwt/maintainers
Version
v5
contains a major rework of core functionalities in thejwt-go
library. This includes support for several validation options as well as a re-design of theClaims
interface. Lastly, we reworked how errors work under the hood, which should provide a better overall developer experience.Starting from v5.0.0, the import path will be:
For most users, changing the import path should suffice. However, since we intentionally changed and cleaned some of the public API, existing programs might need to be updated. The following sections describe significant changes and corresponding updates for existing programs.
Parsing and Validation Options
Under the hood, a new
validator
struct takes care of validating the claims. A long awaited feature has been the option to fine-tune the validation of tokens. This is now possible with severalParserOption
functions that can be appended to mostParse
functions, such asParseWithClaims
. The most important options and changes are:WithLeeway
to support specifying the leeway that is allowed when validating time-based claims, such asexp
ornbf
.iat
claim. Usage of this claim is OPTIONAL according to the JWT RFC. The claim itself is also purely informational according to the RFC, so a strict validation failure is not recommended. If you want to check for sensible values in these claims, please use theWithIssuedAt
parser option.WithAudience
,WithSubject
andWithIssuer
to support checking for expectedaud
,sub
andiss
.WithStrictDecoding
andWithPaddingAllowed
options to allow previously global settings to enable base64 strict encoding and the parsing of base64 strings with padding. The latter is strictly speaking against the standard, but unfortunately some of the major identity providers issue some of these incorrect tokens. Both options are disabled by default.Changes to the
Claims
interfaceComplete Restructuring
Previously, the claims interface was satisfied with an implementation of a
Valid() error
function. This had several issues:Since all the validation functionality is now extracted into the validator, all
VerifyXXX
andValid
functions have been removed from theClaims
interface. Instead, the interface now represents a list of getters to retrieve values with a specific meaning. This allows us to completely decouple the validation logic with the underlying storage representation of the claim, which could be a struct, a map or even something stored in a database.Supported Claim Types and Removal of
StandardClaims
The two standard claim types supported by this library,
MapClaims
andRegisteredClaims
both implement the necessary functions of this interface. The oldStandardClaims
struct, which has already been deprecated inv4
is now removed.Users using custom claims, in most cases, will not experience any changes in the behavior as long as they embedded
RegisteredClaims
. If they created a new claim type from scratch, they now need to implemented the proper getter functions.Migrating Application Specific Logic of the old
Valid
Previously, users could override the
Valid
method in a custom claim, for example to extend the validation with application-specific claims. However, this was always very dangerous, since once could easily disable the standard validation and signature checking.In order to avoid that, while still supporting the use-case, a new
ClaimsValidator
interface has been introduced. This interface consists of theValidate() error
function. If the validator sees, that aClaims
struct implements this interface, the errors returned to theValidate
function will be appended to the regular standard validation. It is not possible to disable the standard validation anymore (even only by accident).Usage examples can be found in example_test.go, to build claims structs like the following.
Changes to the
Token
andParser
structThe previously global functions
DecodeSegment
andEncodeSegment
were moved to theParser
andToken
struct respectively. This will allow us in the future to configure the behavior of these two based on options supplied on the parser or the token (creation). This also removes two previously global variables and moves them to parser optionsWithStrictDecoding
andWithPaddingAllowed
.In order to do that, we had to adjust the way signing methods work. Previously they were given a base64 encoded signature in
Verify
and were expected to return a base64 encoded version of the signature inSign
, both as astring
. However, this made it necessary to haveDecodeSegment
andEncodeSegment
global and was a less than perfect design because we were repeating encoding/decoding steps for all signing methods. Now,Sign
andVerify
operate on a decoded signature as a[]byte
, which feels more natural for a cryptographic operation anyway. Lastly,Parse
andSignedString
take care of the final encoding/decoding part.In addition to that, we also changed the
Signature
field onToken
from astring
to[]byte
and this is also now populated with the decoded form. This is also more consistent, because the other parts of the JWT, mainlyHeader
andClaims
were already stored in decoded form inToken
. Only the signature was stored in base64 encoded form, which was redundant with the information in theRaw
field, which contains the complete token as base64.Most (if not all) of these changes should not impact the normal usage of this library. Only users directly accessing the
Signature
field as well as developers of custom signing methods should be affected.What's Changed
StandardClaims
in favor ofRegisteredClaims
by @oxisto in #235v5
Pre-Release by @oxisto in https://github.com/golang-jwt/jwt/pull/234DecodeSegement
toParser
by @oxisto in https://github.com/golang-jwt/jwt/pull/278Verify
&Sign
to detail why string is not an advisable input for key by @dillonstreator in https://github.com/golang-jwt/jwt/pull/249v5
release by @oxisto in https://github.com/golang-jwt/jwt/pull/291New Contributors
Full Changelog: golang-jwt/jwt@v4.5.0...v5.0.0
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.