Bump github.com/go-jose/go-jose/v4 from 4.0.1 to 4.0.5 (#4126)

Bumps
[github.com/go-jose/go-jose/v4](https://github.com/go-jose/go-jose) from
4.0.1 to 4.0.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/go-jose/go-jose/releases">github.com/go-jose/go-jose/v4's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.5</h2>
<h2>What's Changed</h2>
<ul>
<li>Don't allow unbounded amounts of splits by <a
href="https://github.com/mcpherrinm"><code>@​mcpherrinm</code></a> in <a
href="https://redirect.github.com/go-jose/go-jose/pull/167">go-jose/go-jose#167</a></li>
</ul>
<p>Fixes <a
href="https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78">https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78</a></p>
<p>Various other dependency updates, small fixes, and documentation
updates in the full changelog</p>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/tgeoghegan"><code>@​tgeoghegan</code></a> made
their first contribution in <a
href="https://redirect.github.com/go-jose/go-jose/pull/161">go-jose/go-jose#161</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/go-jose/go-jose/compare/v4.0.4...v4.0.5">https://github.com/go-jose/go-jose/compare/v4.0.4...v4.0.5</a></p>
<h2>Version 4.0.4</h2>
<h1>Fixed</h1>
<ul>
<li>Reverted &quot;Allow unmarshalling JSONWebKeySets with unsupported
key types&quot; as a breaking change. See <a
href="https://redirect.github.com/go-jose/go-jose/issues/136">#136</a> /
<a
href="https://redirect.github.com/go-jose/go-jose/issues/137">#137</a>.</li>
</ul>
<h2>Version 4.0.3</h2>
<h2>Changed</h2>
<ul>
<li>Allow unmarshalling JSONWebKeySets with unsupported key types (<a
href="https://redirect.github.com/go-jose/go-jose/issues/130">#130</a>)</li>
<li>Document that OpaqueKeyEncrypter can't be implemented (for now) (<a
href="https://redirect.github.com/go-jose/go-jose/issues/129">#129</a>)</li>
<li>Dependency updates</li>
</ul>
<h2>Version 4.0.2</h2>
<h2>What's Changed</h2>
<ul>
<li><a
href="https://redirect.github.com/go-jose/go-jose/pull/104">Improved
documentation</a> of Verify() to note that JSONWebKeySet is a supported
argument type</li>
<li><a
href="https://redirect.github.com/go-jose/go-jose/pull/117">Defined
exported error values</a> for missing x5c header and unsupported
elliptic curves error cases</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/mitar"><code>@​mitar</code></a> made
their first contribution in <a
href="https://redirect.github.com/go-jose/go-jose/pull/104">go-jose/go-jose#104</a></li>
<li><a
href="https://github.com/milosgajdos"><code>@​milosgajdos</code></a>
made their first contribution in <a
href="https://redirect.github.com/go-jose/go-jose/pull/117">go-jose/go-jose#117</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/go-jose/go-jose/compare/v4.0.1...v4.0.2">https://github.com/go-jose/go-jose/compare/v4.0.1...v4.0.2</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/go-jose/go-jose/blob/main/CHANGELOG.md">github.com/go-jose/go-jose/v4's
changelog</a>.</em></p>
<blockquote>
<h1>v4.0.4</h1>
<h2>Fixed</h2>
<ul>
<li>Reverted &quot;Allow unmarshalling JSONWebKeySets with unsupported
key types&quot; as a
breaking change. See <a
href="https://redirect.github.com/go-jose/go-jose/issues/136">#136</a> /
<a
href="https://redirect.github.com/go-jose/go-jose/issues/137">#137</a>.</li>
</ul>
<h1>v4.0.3</h1>
<h2>Changed</h2>
<ul>
<li>Allow unmarshalling JSONWebKeySets with unsupported key types (<a
href="https://redirect.github.com/go-jose/go-jose/issues/130">#130</a>)</li>
<li>Document that OpaqueKeyEncrypter can't be implemented (for now) (<a
href="https://redirect.github.com/go-jose/go-jose/issues/129">#129</a>)</li>
<li>Dependency updates</li>
</ul>
<h1>v4.0.2</h1>
<h2>Changed</h2>
<ul>
<li>Improved documentation of Verify() to note that JSONWebKeySet is a
supported
argument type (<a
href="https://redirect.github.com/go-jose/go-jose/issues/104">#104</a>)</li>
<li>Defined exported error values for missing x5c header and unsupported
elliptic
curves error cases (<a
href="https://redirect.github.com/go-jose/go-jose/issues/117">#117</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/go-jose/go-jose/commit/99b346cec4e86d102284642c5dcbe9bb0cacfc22"><code>99b346c</code></a>
Don't allow unbounded amounts of splits (<a
href="https://redirect.github.com/go-jose/go-jose/issues/167">#167</a>)</li>
<li><a
href="https://github.com/go-jose/go-jose/commit/22811e77bac0d484ff060d5c4351b7e295df92fb"><code>22811e7</code></a>
Fix broken link in README.md (<a
href="https://redirect.github.com/go-jose/go-jose/issues/161">#161</a>)</li>
<li><a
href="https://github.com/go-jose/go-jose/commit/9dde8493b25c1b301ca97110f57c7774513f572c"><code>9dde849</code></a>
Remove CLA mentions from CONTRIBUTING.md (<a
href="https://redirect.github.com/go-jose/go-jose/issues/160">#160</a>)</li>
<li><a
href="https://github.com/go-jose/go-jose/commit/89172c5b51f2a7492b6fc2ea22d03777c4673bbe"><code>89172c5</code></a>
Bump golang.org/x/crypto from 0.31.0 to 0.32.0 (<a
href="https://redirect.github.com/go-jose/go-jose/issues/158">#158</a>)</li>
<li><a
href="https://github.com/go-jose/go-jose/commit/ee05e015574c7d4c55b9a802e9637327d7d2606a"><code>ee05e01</code></a>
Bump github.com/stretchr/testify from 1.9.0 to 1.10.0 (<a
href="https://redirect.github.com/go-jose/go-jose/issues/157">#157</a>)</li>
<li><a
href="https://github.com/go-jose/go-jose/commit/c0aef3ef5eaf5ad5fdfae9de426ebea91778f3e4"><code>c0aef3e</code></a>
Bump golang.org/x/crypto from 0.25.0 to 0.31.0 (<a
href="https://redirect.github.com/go-jose/go-jose/issues/156">#156</a>)</li>
<li><a
href="https://github.com/go-jose/go-jose/commit/fdc2ceb0bbe2a29c582edfe07ea914c8dacd7e1b"><code>fdc2ceb</code></a>
Remove export disclaimer (<a
href="https://redirect.github.com/go-jose/go-jose/issues/146">#146</a>)</li>
<li><a
href="https://github.com/go-jose/go-jose/commit/10c69ef86e2b6997b25552aa391b48f1240cfe66"><code>10c69ef</code></a>
Short circuit return errors from <code>JSONWebKey.UnmarshalJSON()</code>
(<a
href="https://redirect.github.com/go-jose/go-jose/issues/141">#141</a>)</li>
<li><a
href="https://github.com/go-jose/go-jose/commit/15bc4c2ac4575ad865f078390db61d44530f985d"><code>15bc4c2</code></a>
Update CHANGELOG for 4.0.4 (<a
href="https://redirect.github.com/go-jose/go-jose/issues/138">#138</a>)</li>
<li><a
href="https://github.com/go-jose/go-jose/commit/f3534ca2c308b8394677f90d8ab3651be3a16e1c"><code>f3534ca</code></a>
Revert <a
href="https://redirect.github.com/go-jose/go-jose/issues/130">#130</a>:
JSONWebKeySet: ignore unsupported key types (<a
href="https://redirect.github.com/go-jose/go-jose/issues/137">#137</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/go-jose/go-jose/compare/v4.0.1...v4.0.5">compare
view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/go-jose/go-jose/v4&package-manager=go_modules&previous-version=4.0.1&new-version=4.0.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

Author: dependabot[bot]

go.mod

@@ -18,7 +18,7 @@ require (
 	github.com/r3labs/diff/v3 v3.0.1
 	github.com/spf13/cast v1.6.0
 	github.com/stretchr/objx v0.5.2
-	github.com/stretchr/testify v1.9.0
+	github.com/stretchr/testify v1.10.0
 	github.com/xdg/stringprep v1.0.3
 	github.com/yudai/gojsondiff v1.0.0
 	go.uber.org/zap v1.27.0
@@ -47,7 +47,7 @@ require (
 	github.com/evanphx/json-patch v5.9.0+incompatible // indirect
 	github.com/evanphx/json-patch/v5 v5.9.0 // indirect
 	github.com/fsnotify/fsnotify v1.7.0 // indirect
-	github.com/go-jose/go-jose/v4 v4.0.1 // indirect
+	github.com/go-jose/go-jose/v4 v4.0.5 // indirect
 	github.com/go-logr/logr v1.4.2 // indirect
 	github.com/go-openapi/jsonpointer v0.19.6 // indirect
 	github.com/go-openapi/jsonreference v0.20.2 // indirect

go.sum

@@ -29,8 +29,8 @@ github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nos
 github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM=
 github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk=
 github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
-github.com/go-jose/go-jose/v4 v4.0.1 h1:QVEPDE3OluqXBQZDcnNvQrInro2h0e4eqNbnZSWqS6U=
-github.com/go-jose/go-jose/v4 v4.0.1/go.mod h1:WVf9LFMHh/QVrmqrOfqun0C45tMe3RoiKJMPvgWwLfY=
+github.com/go-jose/go-jose/v4 v4.0.5 h1:M6T8+mKZl/+fNNuFHvGIzDz7BTLQPIounk/b9dw3AaE=
+github.com/go-jose/go-jose/v4 v4.0.5/go.mod h1:s3P1lRrkT8igV8D9OjyL4WRyHvjB6a4JSllnOrmmBOA=
 github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY=
 github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
 github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ=
@@ -193,8 +193,8 @@ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
 github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
-github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
+github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 github.com/vmihailenco/msgpack/v5 v5.3.5 h1:5gO0H1iULLWGhs2H5tbAHIZTV8/cYafcFOr9znI5mJU=
 github.com/vmihailenco/msgpack/v5 v5.3.5/go.mod h1:7xyJ9e+0+9SaZT0Wt1RGleJXzli6Q/V5KbhBonMG9jc=
 github.com/vmihailenco/tagparser/v2 v2.0.0 h1:y09buUbR+b5aycVFQs/g70pqKVZNBmxwAhO7/IwNM9g=

licenses.csv

@@ -8,8 +8,8 @@ github.com/emicklei/go-restful/v3,v3.11.0,https://github.com/emicklei/go-restful
 github.com/evanphx/json-patch/v5,v5.9.0,https://github.com/evanphx/json-patch/blob/v5.9.0/v5/LICENSE,BSD-3-Clause
 github.com/fsnotify/fsnotify,v1.7.0,https://github.com/fsnotify/fsnotify/blob/v1.7.0/LICENSE,BSD-3-Clause
 github.com/ghodss/yaml,v1.0.0,https://github.com/ghodss/yaml/blob/v1.0.0/LICENSE,MIT
-github.com/go-jose/go-jose/v4,v4.0.1,https://github.com/go-jose/go-jose/blob/v4.0.1/LICENSE,Apache-2.0
-github.com/go-jose/go-jose/v4/json,v4.0.1,https://github.com/go-jose/go-jose/blob/v4.0.1/json/LICENSE,BSD-3-Clause
+github.com/go-jose/go-jose/v4,v4.0.5,https://github.com/go-jose/go-jose/blob/v4.0.5/LICENSE,Apache-2.0
+github.com/go-jose/go-jose/v4/json,v4.0.5,https://github.com/go-jose/go-jose/blob/v4.0.5/json/LICENSE,BSD-3-Clause
 github.com/go-logr/logr,v1.4.2,https://github.com/go-logr/logr/blob/v1.4.2/LICENSE,Apache-2.0
 github.com/go-logr/zapr,v1.3.0,https://github.com/go-logr/zapr/blob/v1.3.0/LICENSE,Apache-2.0
 github.com/go-openapi/jsonpointer,v0.19.6,https://github.com/go-openapi/jsonpointer/blob/v0.19.6/LICENSE,Apache-2.0
@@ -52,7 +52,7 @@ github.com/ryanuber/go-glob,v1.0.0,https://github.com/ryanuber/go-glob/blob/v1.0
 github.com/spf13/cast,v1.6.0,https://github.com/spf13/cast/blob/v1.6.0/LICENSE,MIT
 github.com/spf13/pflag,v1.0.5,https://github.com/spf13/pflag/blob/v1.0.5/LICENSE,BSD-3-Clause
 github.com/stretchr/objx,v0.5.2,https://github.com/stretchr/objx/blob/v0.5.2/LICENSE,MIT
-github.com/stretchr/testify/assert,v1.9.0,https://github.com/stretchr/testify/blob/v1.9.0/LICENSE,MIT
+github.com/stretchr/testify/assert,v1.10.0,https://github.com/stretchr/testify/blob/v1.10.0/LICENSE,MIT
 github.com/vmihailenco/msgpack/v5,v5.3.5,https://github.com/vmihailenco/msgpack/blob/v5.3.5/LICENSE,BSD-2-Clause
 github.com/vmihailenco/tagparser/v2,v2.0.0,https://github.com/vmihailenco/tagparser/blob/v2.0.0/LICENSE,BSD-2-Clause
 github.com/xdg/stringprep,v1.0.3,https://github.com/xdg/stringprep/blob/v1.0.3/LICENSE,Apache-2.0