mirror of https://github.com/hashicorp/consul
Browse Source
security: Bump github.com/golang-jwt/jwt/v4 to 4.5.0 This version is accepted by Prisma/Twistlock, resolving scan results for issue PRISMA-2022-0270. Chosen over later versions to avoid a major version with breaking changes that is otherwise unnecessary. Note that in practice this is a false positive (see https://github.com/golang-jwt/jwt/issues/258), but we should update the version to aid customers relying on scanners that flag it.pull/19742/head
Michael Zalimeni
1 year ago
committed by
GitHub
3 changed files with 6 additions and 2 deletions
@ -0,0 +1,3 @@ |
|||||||
|
```release-note:security |
||||||
|
Update `github.com/golang-jwt/jwt/v4` to v4.5.0 to address [PRISMA-2022-0270](https://github.com/golang-jwt/jwt/issues/258). |
||||||
|
``` |
Loading…
Reference in new issue