Add jwe.WithCEK #1011

lestrrat · 2023-10-30T04:30:21Z

No description provided.

github-actions · 2023-11-14T02:05:25Z

This PR is stale because it has been open 14 days with no activity. Remove stale label or comment or this will be closed in 14 days.

codecov · 2023-11-15T04:16:52Z

Codecov Report

Attention: 3 lines in your changes are missing coverage. Please review.

Comparison is base (0a15b4d) 72.00% compared to head (070cb80) 72.05%.
Report is 1 commits behind head on develop/v2.

Files	Patch %	Lines
jwe/jwe.go	85.00%	2 Missing and 1 partial ⚠️

Additional details and impacted files

@@              Coverage Diff               @@
##           develop/v2    #1011      +/-   ##
==============================================
+ Coverage       72.00%   72.05%   +0.05%     
==============================================
  Files              93       89       -4     
  Lines           13795    13788       -7     
==============================================
+ Hits             9933     9935       +2     
+ Misses           3044     3035       -9     
  Partials          818      818

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

lestrrat · 2023-11-15T06:00:13Z

Although the original poster has not responded, I think this is not a problematic addition, as long as using the static CEK can't be sneaked in by mistake. so I'll merge it

* Bump golang.org/x/crypto from 0.14.0 to 0.15.0 Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.14.0 to 0.15.0. - [Commits](golang/crypto@v0.14.0...v0.15.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Run gazelle-update-repos * Add jwe.WithCEK (#1011) * Add jwe.WithCEK * Allow using a static CEK via EncryptStatic * appease linter * Update go.sum * Docs * Update generated options * Add test * clarify when jwk.Set.RemoveKey can return error (#1015) * Remove signer instance upon call to jws.UnregisterSigner (#1017) * Delete signer instance upon call to jws.UnregisterSigner * Update Changes * Tweak documentation (#1018) --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shang Jian Ding <[email protected]>

* Bump golang.org/x/crypto from 0.14.0 to 0.15.0 Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.14.0 to 0.15.0. - [Commits](golang/crypto@v0.14.0...v0.15.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Run gazelle-update-repos * Add jwe.WithCEK (#1011) * Add jwe.WithCEK * Allow using a static CEK via EncryptStatic * appease linter * Update go.sum * Docs * Update generated options * Add test * clarify when jwk.Set.RemoveKey can return error (#1015) * Remove signer instance upon call to jws.UnregisterSigner (#1017) * Delete signer instance upon call to jws.UnregisterSigner * Update Changes * Tweak documentation (#1018) * Bump golang.org/x/crypto from 0.15.0 to 0.16.0 (#1020) * Bump golang.org/x/crypto from 0.15.0 to 0.16.0 Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.15.0 to 0.16.0. - [Commits](golang/crypto@v0.15.0...v0.16.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Run bazel and tidy --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Daisuke Maki <[email protected]> * Merge pull request from GHSA-7f9x-gw85-8grf * Update Changes * Appease linter * fix deps.bzl --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shang Jian Ding <[email protected]>

* Bump golang.org/x/crypto from 0.14.0 to 0.15.0 Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.14.0 to 0.15.0. - [Commits](golang/crypto@v0.14.0...v0.15.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Run gazelle-update-repos * Add jwe.WithCEK (#1011) * Add jwe.WithCEK * Allow using a static CEK via EncryptStatic * appease linter * Update go.sum * Docs * Update generated options * Add test * clarify when jwk.Set.RemoveKey can return error (#1015) * Remove signer instance upon call to jws.UnregisterSigner (#1017) * Delete signer instance upon call to jws.UnregisterSigner * Update Changes * Tweak documentation (#1018) * Bump golang.org/x/crypto from 0.15.0 to 0.16.0 (#1020) * Bump golang.org/x/crypto from 0.15.0 to 0.16.0 Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.15.0 to 0.16.0. - [Commits](golang/crypto@v0.15.0...v0.16.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Run bazel and tidy --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Daisuke Maki <[email protected]> * Merge pull request from GHSA-7f9x-gw85-8grf * Update Changes * Appease linter * fix deps.bzl * Bump actions/setup-go from 4 to 5 (#1027) Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@v4...v5) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump actions/stale from 8 to 9 (#1029) Bumps [actions/stale](https://github.com/actions/stale) from 8 to 9. - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](actions/stale@v8...v9) --- updated-dependencies: - dependency-name: actions/stale dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Merge #1044 (#1045) * update all dependencies 12/19/2023 * Run gazelle-update-repos --------- Co-authored-by: Nathan Lacey <[email protected]> * Update go version in go.mod to go1.18, which matches CI (#1046) * Bump github/codeql-action from 2 to 3 (#1031) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v2...v3) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add jws.IsVerificationError (#1049) * Add jws.IsVerificationError * tweak document * Merge pull request from GHSA-pvcr-v8j8-j5q3 * Add tests for empty protected headers * check for sig.protected == nil * Add one more case for missing protected headers in compact form * Update Changes * JWS: Check for sig.protected == nil on non-flattened input --------- Co-authored-by: Fredrik Strupe <[email protected]> * Update Changes * fix typo --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Shang Jian Ding <[email protected]> Co-authored-by: Nathan Lacey <[email protected]> Co-authored-by: Fredrik Strupe <[email protected]>

github-actions bot added the Stale label Nov 14, 2023

lestrrat added 2 commits November 15, 2023 12:37

Add jwe.WithCEK

27d4001

Allow using a static CEK via EncryptStatic

e0e9e1d

lestrrat force-pushed the gh-1001 branch from b8636c0 to e0e9e1d Compare November 15, 2023 04:14

lestrrat removed the Stale label Nov 15, 2023

lestrrat added 5 commits November 15, 2023 13:18

appease linter

ccef56f

Update go.sum

4c4c144

Docs

9996ae9

Update generated options

3ccdcd4

Add test

070cb80

lestrrat marked this pull request as ready for review November 15, 2023 05:59

lestrrat merged commit ea2c632 into develop/v2 Nov 15, 2023

lestrrat deleted the gh-1001 branch November 15, 2023 06:00

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add jwe.WithCEK #1011

Add jwe.WithCEK #1011

lestrrat commented Oct 30, 2023

github-actions bot commented Nov 14, 2023

codecov bot commented Nov 15, 2023 •

edited

Loading

lestrrat commented Nov 15, 2023

Add jwe.WithCEK #1011

Add jwe.WithCEK #1011

Conversation

lestrrat commented Oct 30, 2023

github-actions bot commented Nov 14, 2023

codecov bot commented Nov 15, 2023 • edited Loading

Codecov Report

lestrrat commented Nov 15, 2023

codecov bot commented Nov 15, 2023 •

edited

Loading