summaryrefslogtreecommitdiff
path: root/vendor/github.com/golang-jwt/jwt/v5/SECURITY.md
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/github.com/golang-jwt/jwt/v5/SECURITY.md')
-rw-r--r--vendor/github.com/golang-jwt/jwt/v5/SECURITY.md4
1 files changed, 2 insertions, 2 deletions
diff --git a/vendor/github.com/golang-jwt/jwt/v5/SECURITY.md b/vendor/github.com/golang-jwt/jwt/v5/SECURITY.md
index b08402c34..2740597f1 100644
--- a/vendor/github.com/golang-jwt/jwt/v5/SECURITY.md
+++ b/vendor/github.com/golang-jwt/jwt/v5/SECURITY.md
@@ -2,11 +2,11 @@
## Supported Versions
-As of February 2022 (and until this document is updated), the latest version `v4` is supported.
+As of November 2024 (and until this document is updated), the latest version `v5` is supported. In critical cases, we might supply back-ported patches for `v4`.
## Reporting a Vulnerability
-If you think you found a vulnerability, and even if you are not sure, please report it to jwt-go-security@googlegroups.com or one of the other [golang-jwt maintainers](https://github.com/orgs/golang-jwt/people). Please try be explicit, describe steps to reproduce the security issue with code example(s).
+If you think you found a vulnerability, and even if you are not sure, please report it a [GitHub Security Advisory](https://github.com/golang-jwt/jwt/security/advisories/new). Please try be explicit, describe steps to reproduce the security issue with code example(s).
You will receive a response within a timely manner. If the issue is confirmed, we will do our best to release a patch as soon as possible given the complexity of the problem.
generated by cgit v1.2.3 (git 2.46.0) at 2025-12-02 13:30:09 +0000