We are using the SAML component in our project, which pulls in golang-jwt/jwt v4.5.0 as a transitive dependency.
Since this dependency is not referenced directly in our codebase and is managed internally by the SAML component, we are unable to upgrade golang-jwt/jwt independently from our side.
We request the maintainers to update golang-jwt/jwt to a newer, supported version within the SAML component to address dependency freshness and potential security concerns.
Please let us know if any additional information is required from our side.
Thanks in advance for your support.
We are using the SAML component in our project, which pulls in golang-jwt/jwt v4.5.0 as a transitive dependency.
Since this dependency is not referenced directly in our codebase and is managed internally by the SAML component, we are unable to upgrade golang-jwt/jwt independently from our side.
We request the maintainers to update golang-jwt/jwt to a newer, supported version within the SAML component to address dependency freshness and potential security concerns.
Please let us know if any additional information is required from our side.
Thanks in advance for your support.