Skip to content

Bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4#1989

Merged
tekton-robot merged 1 commit intomainfrom
dependabot/go_modules/github.com/go-jose/go-jose/v4-4.1.4
Apr 6, 2026
Merged

Bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4#1989
tekton-robot merged 1 commit intomainfrom
dependabot/go_modules/github.com/go-jose/go-jose/v4-4.1.4

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 3, 2026
edited
Loading

Bumps github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4.

Release notes

Sourced from github.com/go-jose/go-jose/v4's releases.

v4.1.4

What's Changed

Fixes Panic in JWE decryption. See GHSA-78h2-9frx-2jm8

Full Changelog: go-jose/go-jose@v4.1.3...v4.1.4

Commits

@dependabot dependabot bot added dependencies Used by dependabot - identifies all PRs created by dependabot kind/misc Categorizes issue or PR as a miscellaneuous one. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesnt merit a release note. labels Apr 3, 2026
@tekton-robot tekton-robot added the size/M Denotes a PR that changes 30-99 lines, ignoring generated files. label Apr 3, 2026
khrm
khrm reviewed Apr 4, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@khrm khrm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve

@tekton-robot
Copy link
Copy Markdown

tekton-robot commented Apr 4, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: khrm

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@tekton-robot tekton-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Apr 4, 2026
@khrm
Copy link
Copy Markdown
Contributor

khrm commented Apr 4, 2026

@dependabot rebase

@tekton-robot
Copy link
Copy Markdown

tekton-robot commented Apr 4, 2026

@dependabot[bot]: rebase

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@tekton-robot tekton-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Apr 4, 2026
khrm
khrm reviewed Apr 4, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@khrm khrm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@tekton-robot tekton-robot added the lgtm Indicates that a PR is ready to be merged. label Apr 4, 2026
@dependabot
Bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4
dfe8189 
Bumps [github.com/go-jose/go-jose/v4](https://github.com/go-jose/go-jose) from 4.1.3 to 4.1.4.
- [Release notes](https://github.com/go-jose/go-jose/releases)
- [Commits](go-jose/go-jose@v4.1.3...v4.1.4)

---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v4
  dependency-version: 4.1.4
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/github.com/go-jose/go-jose/v4-4.1.4 branch from 81e9fdb to dfe8189 Compare April 4, 2026 06:24
@tekton-robot tekton-robot removed lgtm Indicates that a PR is ready to be merged. needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. labels Apr 4, 2026
@khrm
Copy link
Copy Markdown
Contributor

khrm commented Apr 6, 2026

/lgtm

@tekton-robot tekton-robot added the lgtm Indicates that a PR is ready to be merged. label Apr 6, 2026
@tekton-robot tekton-robot merged commit 3886a08 into main Apr 6, 2026
13 checks passed
@dependabot dependabot bot deleted the dependabot/go_modules/github.com/go-jose/go-jose/v4-4.1.4 branch April 6, 2026 10:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@khrm khrm khrm left review comments

@savitaashture savitaashture Awaiting requested review from savitaashture

Assignees

@khrm khrm

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. dependencies Used by dependabot - identifies all PRs created by dependabot kind/misc Categorizes issue or PR as a miscellaneuous one. lgtm Indicates that a PR is ready to be merged. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesnt merit a release note. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@tekton-robot @khrm