Update to the latest go-jose 2.x.

[metlos]

$TITLE

Issue: https://issues.redhat.com/browse/SANDBOX-556

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 77.61%. Comparing base (55e8143) to head (9dc24b1).
Report is 1 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master     #432      +/-   ##
==========================================
+ Coverage   77.47%   77.61%   +0.13%     
==========================================
  Files          49       49              
  Lines        2007     2426     +419     
==========================================
+ Hits         1555     1883     +328     
- Misses        398      489      +91     
  Partials       54       54              

see 44 files with indirect coverage changes

[alexeykazakov]

Looks good. But is the any context? I mean, sure, we want to update dependencies in general but was curious is there is something special in this case.

[MatousJobanek]

is this related to some CVE?

[fbm3307]

I see go-bin data being removed, we use go-bin data at many places , I am not sure if we can remove this directly, and if we can, does the places using go-bin data get an alternative ?

[MatousJobanek]

I guess that this is just a 3rd party dependency, it shouldn't have an effect on the way we process the assets now.

[metlos]

Yep, this is just a consequence of updating go-jose. I just trusted go mod to do the right thing with the rest of the dep changes.

[metlos]

Looks good. But is the any context? I mean, sure, we want to update dependencies in general but was curious is there is something special in this case.

Good point, @alexeykazakov. I added the link to the corresponding issue to the PR description.