- Notifications
You must be signed in to change notification settings - Fork1k
Commit181c2f0
authored
chore: bump github.com/coreos/go-oidc/v3 from 3.14.1 to 3.15.0 (#19156)
Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc)from 3.14.1 to 3.15.0.<details><summary>Release notes</summary><p><em>Sourced from <ahref="https://github.com/coreos/go-oidc/releases">github.com/coreos/go-oidc/v3'sreleases</a>.</em></p><blockquote><h2>v3.15.0</h2><h2>What's Changed</h2><ul><li>oidc: verify the ID Token's signature before processing claims by <ahref="https://github.com/ericchiang"><code>@ericchiang</code></a> in <ahref="https://redirect.github.com/coreos/go-oidc/pull/464">coreos/go-oidc#464</a></li></ul><p><strong>Full Changelog</strong>: <ahref="https://github.com/coreos/go-oidc/compare/v3.14.1...v3.15.0">https://github.com/coreos/go-oidc/compare/v3.14.1...v3.15.0</a></p></blockquote></details><details><summary>Commits</summary><ul><li><ahref="https://github.com/coreos/go-oidc/commit/8d1e57e7e7fb4db0bac61cc200d43846ba071977"><code>8d1e57e</code></a>oidc: verify the ID Token's signature before processing claims</li><li>See full diff in <ahref="https://github.com/coreos/go-oidc/compare/v3.14.1...v3.15.0">compareview</a></li></ul></details><br />[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)Dependabot will resolve any conflicts with this PR as long as you don'talter it yourself. You can also trigger a rebase manually by commenting`@dependabot rebase`.[//]: # (dependabot-automerge-start)[//]: # (dependabot-automerge-end)---<details><summary>Dependabot commands and options</summary><br />You can trigger Dependabot actions by commenting on this PR:- `@dependabot rebase` will rebase this PR- `@dependabot recreate` will recreate this PR, overwriting any editsthat have been made to it- `@dependabot merge` will merge this PR after your CI passes on it- `@dependabot squash and merge` will squash and merge this PR afteryour CI passes on it- `@dependabot cancel merge` will cancel a previously requested mergeand block automerging- `@dependabot reopen` will reopen this PR if it is closed- `@dependabot close` will close this PR and stop Dependabot recreatingit. You can achieve the same result by closing it manually- `@dependabot show <dependency name> ignore conditions` will show allof the ignore conditions of the specified dependency- `@dependabot ignore this major version` will close this PR and stopDependabot creating any more for this major version (unless you reopenthe PR or upgrade to it yourself)- `@dependabot ignore this minor version` will close this PR and stopDependabot creating any more for this minor version (unless you reopenthe PR or upgrade to it yourself)- `@dependabot ignore this dependency` will close this PR and stopDependabot creating any more for this dependency (unless you reopen thePR or upgrade to it yourself)</details>Signed-off-by: dependabot[bot] <support@github.com>Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>1 parentce9b208 commit181c2f0
2 files changed
+3
-3
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
104 | 104 | | |
105 | 105 | | |
106 | 106 | | |
107 | | - | |
| 107 | + | |
108 | 108 | | |
109 | 109 | | |
110 | 110 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
952 | 952 | | |
953 | 953 | | |
954 | 954 | | |
955 | | - | |
956 | | - | |
| 955 | + | |
| 956 | + | |
957 | 957 | | |
958 | 958 | | |
959 | 959 | | |
| |||
0 commit comments
Comments
(0)