Comments (3)
lggomez
commented on July 27, 2024
fredbi commented on Sep 6, 2019
Attention: notice that this breaks compatibility with older golang versions.
I don't think that keeping a compatibility promise back to versions older than 1.7 brings much value.
This PR imposes golang 1.7+.
from jwt.
oxisto
commented on July 27, 2024
Thanks for all the effort @lggomez :)
I am inclined to close this as "won't fix". I would argue that keeping this library with 0 dependencies is one of the best, not the best feature of this library. Especially looking at the other libraries that tend to have quite a few deps.
from jwt.
lggomez
commented on July 27, 2024
Thanks for all the effort @lggomez :)
Thanks! trying to get rid of some management debt in here since I'm not very active on the repo due to schedule
I am inclined to close this as "won't fix". I would argue that keeping this library with 0 dependencies is one of the best, not the best feature of this library. Especially looking at the other libraries that tend to have quite a few deps.
I agree that possibly the best feature is the premise of strict stdlib dependency but I still found this issue interesting to discuss. The json marshaler overhead is almost neglegible on signing time since all of that CPU load goes to crypto but it'd be interesting to see how the parser performs (I see there aren't any benchmarks on that part yet)
from jwt.
Related Issues (20)
- Is it possible to parse JWT without verifying signature?
- I've mad a small library to help with JWT
- v5.0.0/request/request.go: with WithLeeway support? HOT 2
- SigningString produces a string without a signature HOT 2
- RSA-PSS (RSASSA-PSS) keys are unusable in Go language
- Let KeyFunc take Context as parameter HOT 3
- Customize the unit of timestamp/exp in payload HOT 1
- ECDSA signature is invalid
- I found an error message "token has invalid claims: token is expired"
- Only some registered claims can be optionally required HOT 1
- I have no RegisteredClaims. I have error key is invalid HOT 4
- Question / FR: Subsequent Verification of an Unverified Token
- Consider validating key length HOT 5
- 希望可以校验token格式 I hope that the token format can be verified HOT 3
- token signature is invalid: signature is invalid HOT 11
- Still trying to understand 'ParseRSAPublicKeyFromPEM' HOT 11
- Documentation around Parse()
- Is it possible to just parse a JWT without verifying its signature? HOT 2
- Permit only certain errors on parsing
- Version v5 not found HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from jwt.