Update Lua library listing to cdbattags/lua-resty-jwt#921
Update Lua library listing to cdbattags/lua-resty-jwt#921Sambego merged 1 commit intojsonwebtoken:masterfrom
Conversation
|
Just want to be clear that the one y'all are listing has a massive security breach. We should get this on the site quickly. See my advisory here: GHSA-9r96-mgg4-2jf3 |
|
@javiert-okta @christiansamaniego-okta @Sambego trying not to spam but this is kinda urgent. Already seeing attackers in the wild. |
|
@cdbattags, thanks for this PR! We can't merge any PRs with unsigned commits. Could you go ahead and take care of this? |
The previous listing pointed to SkyLothar/lua-resty-jwt, which has been abandoned since 2020. The actively maintained fork at cdbattags/lua-resty-jwt now has full IANA JOSE algorithm coverage (v0.3.0), OpenSSL 3.x support, and a CVE fix.
cdbattags
force-pushed
the
update-lua-library-listing
branch
from
46979f8 to
ebd389f
Compare
Should be all set! |
|
@cdbattags, the changes have been deployed. Thanks again for keeping jwt.io up-to-date! |
|
@Sambego I just realized I didn't update the star count. How often is that generator running? Ideally, y'all should kick that process? |
|
@cdbattags I've created a small pr #922 to address this manually until it's automated. |
|
Ok, let me know if you'd like me to review. |
|
@cdbattags, all good, it's merged and deployed. Your stars are now up-to-date. |
|
@Sambego You da man! Gotta have an honest start count 😉 |
2 participants
Updates the Lua library listing from the abandoned
SkyLothar/lua-resty-jwtto the actively maintained forkcdbattags/lua-resty-jwt.Why:
SkyLothar/lua-resty-jwthas been abandoned since May 2020 (70+ open issues, no maintainer activity).cdbattags/lua-resty-jwtis the active fork with full IANA JOSE algorithm coverage as of v0.3.0.Changes:
SkyLothar/lua-resty-jwt->cdbattags/lua-resty-jwtgit clone ...->luarocks install lua-resty-jwteddsa,es256k,typfields to match current schema