Release Overview

On May 7, 2025, we released version v0.3.3 of authzjwtbearerinjector. This is a maintenance release that focuses on keeping the project up-to-date with the latest security patches and dependency versions from our upstream components.

For users running v0.3.2 or earlier, this update provides important dependency updates while maintaining full backward compatibility. No configuration changes are required, and your existing deployments will continue to work seamlessly.

What’s New

This maintenance release includes the following updates:

  • Go Runtime: Updated from 1.24.1 to 1.24.3
  • gRPC Library: Bumped from 1.71.0 to 1.72.0
  • Network Utilities: golang.org/x/net updated from 0.36.0 to 0.38.0
  • Build Infrastructure: Updated GitHub Actions tooling (astral-sh/setup-uv from v5 to v6)

No new features or configuration changes were introduced in this release.

Why It Matters

While this may appear as a straightforward maintenance update, staying current with dependency versions is important for several reasons:

Security: Dependency updates often include upstream security patches from the Go standard library, gRPC framework, and network utility packages. Applying these updates helps ensure your deployment benefits from the latest security hardening.

Stability: Updated dependencies are typically more stable and well-tested. The gRPC library update to v1.72.0 includes improvements and bug fixes from the upstream project that enhance reliability.

Compatibility: Keeping pace with Go runtime updates ensures compatibility with the broader Go ecosystem and helps avoid dependency conflicts when integrating with other tools.

Drop-in Upgrade: This release is a drop-in replacement for v0.3.2. There are no breaking changes, deprecated features, or configuration modifications required. Your existing config.yaml files, environment variables, and Envoy route metadata will continue to work exactly as before.

Upgrading

Upgrading to v0.3.3 is straightforward:

docker pull ghcr.io/unitvectory-labs/authzjwtbearerinjector:v0.3.3

If you’re building from source, ensure you have Go 1.24.3 installed and run the standard build process.

No additional steps are required. Your existing configuration remains valid, and the service behavior is identical to v0.3.2.

Get Started

The authzjwtbearerinjector is a gRPC-based ExtAuthz service for Envoy Proxy that implements the OAuth 2.0 JWT-bearer flow (RFC 7523). It injects authentication credentials into requests sent to backend services, enabling seamless integration with OAuth providers like Google Cloud.

For documentation on setup and configuration, visit the repository README.

This release announcement was AI-generated by release-storyteller using the unsloth/Qwen3.5-122B-A10B-GGUF:Q4_K_M model on 2026-03-18. For details about this release, see the GitHub release page.