Skip to content

BE: Chore: Overwrite nimbus-jose-jwt temporarily to fix CVE-2025-5386 #1180

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 13, 2025
Merged

BE: Chore: Overwrite nimbus-jose-jwt temporarily to fix CVE-2025-5386 #1180

merged 1 commit into from
Jul 13, 2025

Conversation

@yeikel
Copy link
Collaborator

@yeikel yeikel commented Jul 13, 2025
edited
Loading

What changes did you make? (Give an overview)

Fixes CVE-2025-5386

How Has This Been Tested? (put an "x" (case-sensitive!) next to an item)

  • Covered by existing automation

Checklist (put an "x" (case-sensitive!) next to all the items, otherwise the build will fail)

  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation (e.g. ENVIRONMENT VARIABLES)
  • My changes generate no new warnings (e.g. Sonar is happy)
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes
  • Any dependent changes have been merged

Check out Contributing and Code of Conduct

A picture of a cute animal (not mandatory but encouraged)

@yeikel yeikel requested a review from a team as a code owner July 13, 2025 20:55
@kapybro kapybro bot added status/triage Issues pending maintainers triage status/triage/manual Manual triage in progress status/triage/completed Automatic triage completed and removed status/triage Issues pending maintainers triage labels Jul 13, 2025
@yeikel yeikel changed the title BE: Chore: Overwrite nimbus-jose-jwt temporarily BE: Chore: Overwrite nimbus-jose-jwt temporarily to fix CVE-2025-5386 Jul 13, 2025
@yeikel yeikel mentioned this pull request Jul 13, 2025
Merged
8 tasks
@yeikel yeikel force-pushed the nimbus-jose-jwt branch from 5c2db5b to 4d7f391 Compare July 13, 2025 22:15
@Haarolean Haarolean added scope/backend Related to backend changes type/security Pull requests that address a security vulnerability type/dependencies A pull request/issue dedicated to updating the dependency(-ies) and removed status/triage/manual Manual triage in progress labels Jul 13, 2025
@Haarolean Haarolean added this to the 1.3 milestone Jul 13, 2025
@Haarolean Haarolean enabled auto-merge (squash) July 13, 2025 22:16
@yeikel
Copy link
Collaborator Author

yeikel commented Jul 13, 2025

Thank you @Haarolean 🙏

@Haarolean
Copy link
Member

Haarolean commented Jul 13, 2025

Thank you @Haarolean 🙏

the pleasure is mine!

@Haarolean Haarolean merged commit c74ea21 into kafbat:main Jul 13, 2025
29 of 30 checks passed
@github-project-automation github-project-automation bot moved this from Todo to Done in Release 1.3 Jul 13, 2025
@yeikel yeikel mentioned this pull request Jul 13, 2025
Merged
12 tasks
@yeikel yeikel deleted the nimbus-jose-jwt branch August 22, 2025 22:06
@yeikel yeikel mentioned this pull request Sep 24, 2025
Closed
10 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Haarolean Haarolean Haarolean approved these changes

Assignees

No one assigned

Labels

scope/backend Related to backend changes status/triage/completed Automatic triage completed type/dependencies A pull request/issue dedicated to updating the dependency(-ies) type/security Pull requests that address a security vulnerability

Projects

No open projects
Release 1.3
Status: Done

Milestone

1.3

Development

Successfully merging this pull request may close these issues.

2 participants

@yeikel @Haarolean