Skip to content

Bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4 in /receiver/googlecloudpubsubpushreceiver#47343

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/receiver/googlecloudpubsubpushreceiver/github.com/go-jose/go-jose/v4-4.1.4
Open

Bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4 in /receiver/googlecloudpubsubpushreceiver#47343
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/receiver/googlecloudpubsubpushreceiver/github.com/go-jose/go-jose/v4-4.1.4

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 3, 2026
edited
Loading

Bumps github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4.

Release notes

Sourced from github.com/go-jose/go-jose/v4's releases.

v4.1.4

What's Changed

Fixes Panic in JWE decryption. See GHSA-78h2-9frx-2jm8

Full Changelog: go-jose/go-jose@v4.1.3...v4.1.4

Commits

@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Apr 3, 2026
@dependabot dependabot bot requested review from a team and axw as code owners April 3, 2026 03:46
@atoulme atoulme closed this Apr 4, 2026
@atoulme atoulme reopened this Apr 4, 2026
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Apr 4, 2026

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot
Bump github.com/go-jose/go-jose/v4
093aef8 
Bumps [github.com/go-jose/go-jose/v4](https://github.com/go-jose/go-jose) from 4.1.3 to 4.1.4.
- [Release notes](https://github.com/go-jose/go-jose/releases)
- [Commits](go-jose/go-jose@v4.1.3...v4.1.4)

---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v4
  dependency-version: 4.1.4
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/receiver/googlecloudpubsubpushreceiver/github.com/go-jose/go-jose/v4-4.1.4 branch from 95c96e0 to 093aef8 Compare April 4, 2026 17:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@axw axw Awaiting requested review from axw axw is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@atoulme