Introduction

On January 2, 2025, UnitVectorY-Labs released v0.2.1 of authzjwtbearerinjector. This maintenance release focuses on strengthening security posture through comprehensive dependency updates and enhanced supply chain protections, ensuring users benefit from the latest improvements in gRPC and related libraries.

What’s New

Release v0.2.1 brings important infrastructure updates without changing the core functionality users rely on:

Security-Enhanced Dependencies

  • Updated Go runtime from 1.23.2 to 1.23.4
  • Upgraded gRPC library through multiple versions (1.67.1 → 1.69.2) for improved stability and security
  • Enhanced protocol buffers support (v1.34.2 → v1.35.2)
  • Updated Envoy go-control-plane from v0.13.1 to v0.13.2

Supply Chain Security Improvements

  • Added zizmor security scanning for GitHub Actions workflows, automatically checking for vulnerabilities in CI/CD configurations
  • Upgraded build provenance attestations to v2 for stronger artifact verification
  • Implemented persist-credentials: false across all workflows to prevent credential leakage

Documentation Refinements

  • Corrected “GRPC” to proper “gRPC” capitalization throughout documentation
  • Explicitly documented the default gRPC port (50051) for easier configuration

Why It Matters

This release demonstrates a commitment to proactive security maintenance. While no new features were introduced, the updated dependencies include important security patches from the broader Go and gRPC ecosystems. For production deployments relying on authzjwtbearerinjector to handle JWT authentication flows with Envoy Proxy, staying current with these updates ensures your authorization layer benefits from the latest security improvements.

The addition of zizmor scanning means the project’s own CI/CD infrastructure undergoes regular automated security review—a practice that indirectly benefits users by reducing supply chain risks.

Upgrade Instructions

Upgrading to v0.2.1 is straightforward with no breaking changes or configuration modifications required:

docker pull ghcr.io/unitvectory-labs/authzjwtbearerinjector:v0.2.1

Simply update your deployment to reference the new tag and restart the service. All existing YAML configurations, environment variables, and Envoy route metadata remain fully compatible.

For new deployments, v0.2.1 is the recommended starting point. The service continues to run as a sidecar alongside Envoy Proxy on the default gRPC port 50051, providing JWT-bearer flow authentication for your backend services.

This release announcement was AI-generated using the unsloth/Qwen3.5-122B-A10B-GGUF:Q4_K_M model. For the complete release details, visit the repository or the v0.2.1 release page. Generated on March 17, 2026 by release-storyteller.