Describe the feature request?
Are there any plans to migrate off of node-jose? Their library is still reporting vulnerable to the recent uuid issues and it doesn't seem like it's maintained anymore. Since okta-sdk-nodejs has node-jose as a dependency, it's also bringing in the older vulnerable version with it. While it would be nice if it was fixed in node-jose, there doesn't seem to be any traction there in a couple of years so curious if the okta folks have any plans to migrate away from it?
New or Affected Resource(s)
No new or affected resources. Just submitting this as a feature request as bug report didn't seem appropriate either.
Provide a documentation link
No response
Additional Information?
No response
Describe the feature request?
Are there any plans to migrate off of node-jose? Their library is still reporting vulnerable to the recent uuid issues and it doesn't seem like it's maintained anymore. Since okta-sdk-nodejs has node-jose as a dependency, it's also bringing in the older vulnerable version with it. While it would be nice if it was fixed in node-jose, there doesn't seem to be any traction there in a couple of years so curious if the okta folks have any plans to migrate away from it?
New or Affected Resource(s)
No new or affected resources. Just submitting this as a feature request as bug report didn't seem appropriate either.
Provide a documentation link
No response
Additional Information?
No response