8000 Update JWT library to golang-jwt/jwt by lucacome · Pull Request #2074 · nginx/kubernetes-ingress · GitHub
[go: up one dir, main page]
Skip to content

Update JWT library to golang-jwt/jwt #2074

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 12, 2021
Merged

Update JWT library to golang-jwt/jwt #2074

merged 1 commit into from
Oct 12, 2021

Conversation

lucacome
Copy link

https://github.com/dgrijalva/jwt-go is no longer maintained, the development has moved to https://github.com/golang-jwt/jwt.

This PR replaces the old library with the new one. Also added some simple unit tests for claims validation.

@lucacome lucacome requested a review from a team October 12, 2021 02:51
@lucacome lucacome self-assigned this Oct 12, 2021
@lucacome lucacome requested review from ciarams87, soneillf5 and pleshakov and removed request for a team October 12, 2021 02:52
@github-actions github-actions bot added the dependencies Pull requests that update a dependency file label Oct 12, 2021
soneillf5
soneillf5 reviewed Oct 12, 2021
View reviewed changes
cmd/nginx-ingress/aws.go
@@ -1,4 +1,4 @@
// +build aws
//go:build aws
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

which tool uses this tag? I'm not familiar with it

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it's standard go https://pkg.go.dev/cmd/go#hdr-Build_constraints. I think they changed the syntax at some point and replaced + with go:. If it wasn't for VS Code that automatically changed it, I probably wouldn't have noticed 😄

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So you can do something like go build -tags=aws github.com/nginxinc/kubernetes-ingress/cmd/nginx-ingress (and GoReleaser does the same)

@lucacome lucacome force-pushed the deps/update-jwt-library branch from 311d64d to 8e58cd0 Compare October 12, 2021 21:45
@lucacome lucacome changed the base branch from master to release-2.0 October 12, 2021 21:45
@lucacome
Copy link
Author

Merging this to release-2.0 since it's going to be included in 2.0.2

@lucacome lucacome merged commit 706c9c1 into release-2.0 Oct 12, 2021
@lucacome lucacome deleted the deps/update-jwt-library branch October 12, 2021 21:48
lucacome added a commit that referenced this pull request Oct 14, 2021
@lucacome @ciarams87 @pleshakov
Merge release to master (#2093)
d6f890f 
* Update JWT library to golang-jwt/jwt (#2074)

* Update packages for CVE-2021-37750

* Remove nap plus version override

* Use release specific repo for NAP on Debian (#2082)

* Release 2.0.2 (#2085)

Co-authored-by: Michael Pleshakov <pleshakov@users.noreply.github.com>
Co-authored-by: Luca Comellini <luca.com@gmail.com>

Co-authored-by: Ciara Stacke <c.stacke@f5.com>
Co-authored-by: Ciara Stacke <18287516+ciarams87@users.noreply.github.com>
Co-authored-by: Michael Pleshakov <pleshakov@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ciarams87 ciarams87 ciarams87 approved these changes

@pleshakov pleshakov Awaiting requested review from pleshakov

+1 more reviewer

@soneillf5 soneillf5 soneillf5 approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees

@lucacome lucacome

Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@lucacome @ciarams87 @soneillf5
0