mirror of
https://github.com/ergochat/ergo.git
synced 2024-11-29 07:29:31 +01:00
ee7f818674
* implement SASL OAUTHBEARER and draft/bearer * Upgrade JWT lib * Fix an edge case in SASL EXTERNAL * Accept longer SASL responses * review fix: allow multiple token definitions * enhance tests * use SASL utilities from irc-go * test expired tokens
875 B
875 B
Security Policy
Supported Versions
As of February 2022 (and until this document is updated), the latest
version v4
is supported.
Reporting a Vulnerability
If you think you found a vulnerability, and even if you are not sure, please report it to jwt-go-security@googlegroups.com or one of the other golang-jwt maintainers. Please try be explicit, describe steps to reproduce the security issue with code example(s).
You will receive a response within a timely manner. If the issue is confirmed, we will do our best to release a patch as soon as possible given the complexity of the problem.
Public Discussions
Please avoid publicly discussing a potential security vulnerability.
Let’s take this offline and find a solution first, this limits the potential impact as much as possible.
We appreciate your help!