Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SNOW-1017575 github.com/form3tech-oss/jwt-go is deprecated #1037

Closed
tomas-karnagel opened this issue Jan 24, 2024 · 3 comments
Closed

SNOW-1017575 github.com/form3tech-oss/jwt-go is deprecated #1037

tomas-karnagel opened this issue Jan 24, 2024 · 3 comments
Assignees
@sfc-gh-dszmolka
Labels
status-fixed_awaiting_release The issue has been fixed, its PR merged, and now awaiting the next release cycle of the connector. status-triage_done Initial triage done, will be further handled by the driver team

Comments

@tomas-karnagel
Copy link

Hi there,
It's not really a bug but also not a feature request.

We noticed that the snowflake driver uses github.com/form3tech-oss/jwt-go in the auth.go file and this project is deprecated and didn't get any updates in 2.5 years.
This is a potential security risk.

The more up to date thing to use is github.com/golang-jwt/jwt.

Thanks.
Tomas
@tomas-karnagel tomas-karnagel added the bug Erroneous or unexpected behaviour label Jan 24, 2024
@sfc-gh-dszmolka sfc-gh-dszmolka self-assigned this Jan 25, 2024
@sfc-gh-dszmolka sfc-gh-dszmolka changed the title github.com/form3tech-oss/jwt-go is deprecated SNOW-101757 github.com/form3tech-oss/jwt-go is deprecated Jan 25, 2024
@sfc-gh-dszmolka sfc-gh-dszmolka changed the title SNOW-101757 github.com/form3tech-oss/jwt-go is deprecated SNOW-1017575 github.com/form3tech-oss/jwt-go is deprecated Jan 25, 2024
@sfc-gh-dszmolka sfc-gh-dszmolka added status-in_progress Issue is worked on by the driver team and removed bug Erroneous or unexpected behaviour labels Jan 25, 2024
@sfc-gh-dszmolka
Copy link
Contributor

hi and thank you for calling this out, we'll review and see how to best proceed

@sfc-gh-dszmolka sfc-gh-dszmolka added status-triage_done Initial triage done, will be further handled by the driver team and removed status-in_progress Issue is worked on by the driver team labels Feb 11, 2024
@sfc-gh-dszmolka sfc-gh-dszmolka added status-in_progress Issue is worked on by the driver team status-fixed_awaiting_release The issue has been fixed, its PR merged, and now awaiting the next release cycle of the connector. and removed status-in_progress Issue is worked on by the driver team labels Apr 24, 2024
@sfc-gh-dszmolka
Copy link
Contributor

fix on PR #1117 which is now merged and will be part of the next upcoming release cycle of 2024 April, probably around next week

@sfc-gh-dszmolka
Copy link
Contributor

released with 2024 April release cycle, version 1.10.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sfc-gh-dszmolka sfc-gh-dszmolka

Labels
status-fixed_awaiting_release The issue has been fixed, its PR merged, and now awaiting the next release cycle of the connector. status-triage_done Initial triage done, will be further handled by the driver team
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@tomas-karnagel @sfc-gh-dszmolka @sfc-gh-snow-drivers-warsaw-dl