Skip to content

Bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4#5451

Merged
aslam-quad merged 3 commits into
developfrom
dependabot/go_modules/github.com/go-jose/go-jose/v4-4.1.4
Apr 7, 2026
Merged

Bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4#5451
aslam-quad merged 3 commits into
developfrom
dependabot/go_modules/github.com/go-jose/go-jose/v4-4.1.4

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Apr 3, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4.

Release notes

Sourced from github.com/go-jose/go-jose/v4's releases.

v4.1.4

What's Changed

Fixes Panic in JWE decryption. See GHSA-78h2-9frx-2jm8

Full Changelog: go-jose/go-jose@v4.1.3...v4.1.4

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Apr 3, 2026
@dependabot dependabot Bot requested review from a team and samskillman as code owners April 3, 2026 04:04
@aslam-quad aslam-quad changed the base branch from main to develop April 3, 2026 04:36
@aslam-quad aslam-quad added the release-chore To not include into release notes label Apr 3, 2026
@aslam-quad

aslam-quad commented Apr 3, 2026

Copy link
Copy Markdown
Contributor

/gcbrun

arpit974
arpit974 previously approved these changes Apr 7, 2026
View reviewed changes
@aslam-quad

aslam-quad commented Apr 7, 2026

Copy link
Copy Markdown
Contributor

@dependabot rebase

@dependabot
Bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4
cd34144 
Bumps [github.com/go-jose/go-jose/v4](https://github.com/go-jose/go-jose) from 4.1.3 to 4.1.4.
- [Release notes](https://github.com/go-jose/go-jose/releases)
- [Commits](go-jose/go-jose@v4.1.3...v4.1.4)

---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v4
  dependency-version: 4.1.4
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the base branch from develop to main April 7, 2026 08:35
@dependabot dependabot Bot dismissed arpit974’s stale review April 7, 2026 08:35

The base branch was changed.

@dependabot dependabot Bot force-pushed the dependabot/go_modules/github.com/go-jose/go-jose/v4-4.1.4 branch from df291ab to cd34144 Compare April 7, 2026 08:35
@github-actions github-actions Bot added the external PR from external contributor label Apr 7, 2026
@aslam-quad aslam-quad changed the base branch from main to develop April 7, 2026 08:36
@aslam-quad

aslam-quad commented Apr 7, 2026

Copy link
Copy Markdown
Contributor

/gcbrun

@aslam-quad aslam-quad requested a review from arpit974 April 7, 2026 08:46
@aslam-quad aslam-quad merged commit 78a54c4 into develop Apr 7, 2026
13 of 80 checks passed
@dependabot dependabot Bot deleted the dependabot/go_modules/github.com/go-jose/go-jose/v4-4.1.4 branch April 7, 2026 09:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@arpit974 arpit974 arpit974 approved these changes

@saara-tyagi27 saara-tyagi27 saara-tyagi27 approved these changes

@samskillman samskillman Awaiting requested review from samskillman

@vikramvs-gg vikramvs-gg Awaiting requested review from vikramvs-gg

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file external PR from external contributor go Pull requests that update Go code release-chore To not include into release notes

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@aslam-quad @arpit974 @saara-tyagi27