Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

github.com/go-jose/go-jose/v4

Ecosystem:
go
Package URL:
pkg:golang/github.com/go-jose/go-jose/v4
Total PRs:
768 Dependabot PRs
Latest PR:
5 days ago
Unique Repositories:
348 repositories
Unique Repos (30 days):
15 repositories
Security Advisories
DoS in go-jose Parsing
GHSA-c6gw-w398-hv78 CVE-2025-27144 MODERATE published 9 months ago • updated 3 days ago
### Impact When parsing compact JWS or JWE input, go-jose could use excessive memory. The code used strings.Split(token, ".") to split JWT tokens, ...
Go JOSE vulnerable to Improper Handling of Highly Compressed Data (Data Amplification)
GHSA-c5q2-7r4c-mv6g CVE-2024-28180 MODERATE published over 1 year ago • updated 3 days ago
### Impact An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or Decryp...
Recent PRs
RSS Feed
Bump the go-modules group across 1 directory with 43 updates

paketo-buildpacks/vsdbg #581

4.1.2 → 4.1.3 Patch PR
Closed 5 days ago 1 comment
paketo-buildpacks
Bump the go-modules group across 1 directory with 38 updates

paketo-buildpacks/dotnet-publish #846

4.1.2 → 4.1.3 Patch PR
Closed 5 days ago 1 comment
paketo-buildpacks
build(deps): Bump the go_modules group across 1 directory with 6 updates

bourgeoisie78Boojie/BillionMail #2

4.0.4 → 4.1.1 Minor PR
Open 5 days ago 1 comment
bourgeoisie78Boojie
chore: bump the go_modules group across 1 directory with 8 updates

khulnasoft/devsecdb #61

4.0.1 → 4.0.5 Patch PR
Open 5 days ago 1 comment
khulnasoft
Bump the go-modules group across 1 directory with 36 updates

paketo-buildpacks/dotnet-publish #844

4.1.2 → 4.1.3 Patch PR
Closed 5 days ago 1 comment
paketo-buildpacks
:arrow_up: Bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5

gardener/etcd-druid #1219

4.0.4 → 4.0.5 Patch PR
Open 6 days ago 4 comments
gardener
Bump the go-modules group with 30 updates

paketo-buildpacks/httpd #988

4.0.5 → 4.1.1 Minor PR
Closed 11 days ago 2 comments
paketo-buildpacks
Bump the gomod group across 1 directory with 15 updates

thomasbscj/Korifi-Mod #10

4.1.2 → 4.1.3 Patch PR
Open 11 days ago 1 comment
thomasbscj
Bump the go-modules group across 1 directory with 28 updates

paketo-buildpacks/vsdbg #576

4.1.2 → 4.1.3 Patch PR
Closed 12 days ago 1 comment
paketo-buildpacks
Bump the go-modules group across 1 directory with 25 updates

paketo-buildpacks/dotnet-publish #836

4.1.2 → 4.1.3 Patch PR
Closed 13 days ago 1 comment
paketo-buildpacks
build(deps): bump the go-modules group across 1 directory with 93 updates

cyrillesondag/paketo-buildpacks-pnpm #59

4.1.1 → 4.1.3 Patch PR
Closed 13 days ago 1 comment
cyrillesondag
Bump the go-modules group across 1 directory with 17 updates

paketo-buildpacks/vsdbg #572

4.1.2 → 4.1.3 Patch PR
Closed 14 days ago 1 comment
paketo-buildpacks
build(deps): bump the go-modules group across 1 directory with 91 updates

cyrillesondag/paketo-buildpacks-pnpm #57

4.1.1 → 4.1.3 Patch PR
Closed 18 days ago 1 comment
cyrillesondag
chore(deps): bump the dependencies group across 1 directory with 22 updates

mbergo/Bat-Inc #66

4.1.1 → 4.1.3 Patch PR
Open 19 days ago 1 comment
mbergo
Bump the go-modules group with 40 updates

paketo-buildpacks/dotnet-publish #825

4.0.5 → 4.1.1 Minor PR
Closed 20 days ago 1 comment
paketo-buildpacks
Bump the go group across 1 directory with 87 updates

gravitational/teleport #60972

4.1.2 → 4.1.3 Patch PR
Open 21 days ago 2 comments
gravitational
build(deps): bump the go-modules group across 1 directory with 88 updates

cyrillesondag/paketo-buildpacks-pnpm #51

4.1.1 → 4.1.3 Patch PR
Closed 21 days ago 1 comment
cyrillesondag
chore(deps): bump github.com/go-jose/go-jose/v4 from 4.1.2 to 4.1.3

flipt-io/flipt #4980

4.1.2 → 4.1.3 Patch PR
Open 22 days ago 1 comment
flipt-io
Bump the go group across 1 directory with 90 updates

soitun/teleport #819

4.1.2 → 4.1.3 Patch PR
Open 23 days ago 1 comment
soitun
Bump the go group with 86 updates

gravitational/teleport #60924

4.1.2 → 4.1.3 Patch PR
Closed 24 days ago 2 comments
gravitational
Bump the go group with 90 updates

psy-repos-go/teleport #482

4.1.2 → 4.1.3 Patch PR
Open 24 days ago 2 comments
psy-repos-go
Bump the go group across 1 directory with 90 updates

sigtrap/teleport #3499

4.1.2 → 4.1.3 Patch PR
Open 24 days ago 2 comments
sigtrap
chore: bump github.com/go-jose/go-jose/v4 from 4.0.5 to 4.1.3

klosraf/coder #76

4.0.5 → 4.1.3 Minor PR
Closed 28 days ago 1 comment
klosraf
chore(deps): bump the go-mod group across 1 directory with 8 updates

DIMO-Network/telemetry-api #224

4.1.1 → 4.1.3 Patch PR
Closed about 1 month ago 1 comment
DIMO-Network
Bump the go-modules group across 1 directory with 63 updates

paketo-buildpacks/npm-install #1043

4.1.2 → 4.1.3 Patch PR
Open about 1 month ago 1 comment
paketo-buildpacks
build(deps): bump the go-modules group across 1 directory with 86 updates

cyrillesondag/paketo-buildpacks-pnpm #48

4.1.1 → 4.1.3 Patch PR
Closed about 1 month ago 1 comment
cyrillesondag
Bump github.com/go-jose/go-jose/v4 from 4.0.2 to 4.0.5

gitpod-io/leeway #254

4.0.2 → 4.0.5 Patch PR
Closed about 1 month ago 1 comment
gitpod-io
Bump the go-modules group across 1 directory with 63 updates

paketo-buildpacks/npm-install #1040

4.1.2 → 4.1.3 Patch PR
Closed about 1 month ago 1 comment
paketo-buildpacks
build(deps): Bump the gomod group across 5 directories with 5 updates

bobcallaway/sigstore #1241

4.1.2 → 4.1.3 Patch PR
Closed about 1 month ago 1 comment
bobcallaway
Bump the go-modules group across 1 directory with 30 updates

paketo-buildpacks/yarn-install #1060

4.1.2 → 4.1.3 Patch PR
Closed about 1 month ago 1 comment
paketo-buildpacks
Bump the go-modules group across 1 directory with 59 updates

paketo-buildpacks/npm-install #1038

4.1.2 → 4.1.3 Patch PR
Closed about 1 month ago 1 comment
paketo-buildpacks
Bump the third-party group across 1 directory with 21 updates

openziti/ziti #3316

4.1.2 → 4.1.3 Patch PR
Closed about 1 month ago 1 comment
openziti
chore(deps): bump the go-mod group across 1 directory with 12 updates

DIMO-Network/telemetry-api #219

4.1.1 → 4.1.3 Patch PR
Closed about 1 month ago 1 comment
DIMO-Network
build(deps): bump the go-modules group across 1 directory with 84 updates

cyrillesondag/paketo-buildpacks-pnpm #46

4.1.1 → 4.1.3 Patch PR
Closed about 1 month ago 1 comment
cyrillesondag
Bump the go-modules group across 1 directory with 29 updates

paketo-buildpacks/yarn-install #1059

4.1.2 → 4.1.3 Patch PR
Closed about 1 month ago 1 comment
paketo-buildpacks
Bump the go-modules group across 1 directory with 34 updates

paketo-buildpacks/pipenv #731

4.1.2 → 4.1.3 Patch PR
Closed about 1 month ago 1 comment
paketo-buildpacks
Bump the go-modules group across 1 directory with 32 updates

paketo-buildpacks/pipenv #729

4.1.2 → 4.1.3 Patch PR
Closed about 1 month ago 1 comment
paketo-buildpacks
chore(deps): bump the dependencies group across 1 directory with 20 updates

mbergo/Bat-Inc #58

4.1.1 → 4.1.3 Patch PR
Open about 1 month ago 1 comment
mbergo
build(deps): bump the dependencies group across 1 directory with 20 updates

ai4design/batteries-included #58

4.1.0 → 4.1.3 Patch PR
Open about 1 month ago 1 comment
ai4design
chore(deps): bump the go-mod group across 1 directory with 6 updates

DIMO-Network/vehicle-triggers-api #76

4.1.2 → 4.1.3 Patch PR
Closed about 1 month ago 1 comment
DIMO-Network
Bump the go group across 1 directory with 52 updates

psy-repos-go/teleport #427

4.1.2 → 4.1.3 Patch PR
Open about 1 month ago 1 comment
psy-repos-go
Bump the go-modules group across 1 directory with 27 updates

paketo-buildpacks/yarn-install #1057

4.1.2 → 4.1.3 Patch PR
Closed about 1 month ago 1 comment
paketo-buildpacks
build(deps): bump the go_modules group across 1 directory with 4 updates

shibaone/go-ethereum #1

4.0.4 → 4.0.5 Patch PR
Open about 1 month ago 1 comment
shibaone
Bump the go-modules group across 1 directory with 24 updates

paketo-buildpacks/node-engine #1325

4.1.2 → 4.1.3 Patch PR
Open about 2 months ago
paketo-buildpacks
Bump the go-modules group across 1 directory with 20 updates

paketo-buildpacks/pip-install #524

4.1.2 → 4.1.3 Patch PR
Open about 2 months ago
paketo-buildpacks
Bump the go-modules group across 1 directory with 18 updates

paketo-buildpacks/pip-install #523

4.1.2 → 4.1.3 Patch PR
Open about 2 months ago
paketo-buildpacks
Bump the go-modules group across 1 directory with 21 updates

paketo-buildpacks/pip #774

4.1.2 → 4.1.3 Patch PR
Open about 2 months ago
paketo-buildpacks
Bump the go-modules group across 1 directory with 11 updates

paketo-buildpacks/yarn-install #1050

4.1.2 → 4.1.3 Patch PR
Open about 2 months ago
paketo-buildpacks
build(deps): bump github.com/go-jose/go-jose/v4 from 4.1.2 to 4.1.3

kiali/kiali-mcp-server #4

4.1.2 → 4.1.3 Patch PR
Closed about 2 months ago 1 comment
kiali
Bump the go-modules group across 1 directory with 17 updates

paketo-buildpacks/pipenv #723

4.1.2 → 4.1.3 Patch PR
Open about 2 months ago
paketo-buildpacks
Package Details
Name: github.com/go-jose/go-jose/v4
Ecosystem: go
PURL Type: golang
Package URL: pkg:golang/github.com/go-jose/go-jose/v4
JSON API: View JSON
Security Advisories

2

Active advisories
MODERATE 2
View All golang Advisories
Package Information
Description:

Package jose aims to provide an implementation of the Javascript Object Signing and Encryption set of standards. It implements encryption and signing based on the JSON Web Encryption and JSON Web Signature standards, with optional JSON Web Token support available in a sub-package. The library supports both the compact and JWS/JWE JSON Serialization formats, and has optional support for multiple recipients.

Repository: https://github.com/go-jose/go-jose
Homepage: https://github.com/go-jose/go-jose
Latest Release: v4.1.0
8 months ago
Dependent Repos: 0
Dependent Packages: 270
Ranking: Top 10.8009% by dependent repos Top 9.5756% by dependent pkgs
PR Status
Open 346 (45.1%)
Merged 142 (18.5%)
Closed 215 (28.0%)
PR Types
Minor 118 (15.4%)
Patch 585 (76.3%)