cloud-storage-rs icon indicating copy to clipboard operation
cloud-storage-rs copied to clipboard

Published 20 hours ago verified publisher icon ThouCheese

Bump jsonwebtoken version

Open gahag-cw opened this issue 1 year ago • 5 comments

Up to version 7, jsonwebtoken transitively depends on a version of time that has a security vulnerability, which gets reported by dependabot on all Rust repos. As of version 8, this dependency is updated, removing the security warning. This PR solves that by bumping jsonwebtoken to version 8, without changing anything else.

gahag-cw avatar Apr 12 '23 16:04 gahag-cw

@ThouCheese can you please approve the workflow? So I can assure the tests are passing.

gahag-cw avatar Apr 12 '23 16:04 gahag-cw

@ThouCheese can you please approve the workflow? So I can assure the tests are passing.

Sure thing!

ThouCheese avatar Apr 12 '23 22:04 ThouCheese

Should work now! I'll edit the description with the reasoning for this PR.

gahag-cw avatar Apr 12 '23 22:04 gahag-cw

@ThouCheese can you please take a look at this? It's important so that depending on cloud-storage-rs does not trigger dependabot warnings.

gahag-cw avatar Apr 25 '23 13:04 gahag-cw

Tests are failing with:

SERVICE_ACCOUNT file not valid: Error("EOF while parsing a value", line: 2, column: 0)

I believe this is unrelated to my changes...

gahag-cw avatar Apr 25 '23 18:04 gahag-cw