Released on May 20, 2025, jwt-bearer-token-vendor v1.1.0 is a maintenance update focused on enhancing the stability and security of the token exchange process. This release ensures that the action remains robust by updating core dependencies.

What’s new

This release primarily focuses on under-the-hood improvements to the action’s network capabilities:

  • Updated HTTP Client: We have updated the undici library to version 5.29.0. This ensures the action benefits from the latest stability and security patches in the Node.js HTTP client used for communicating with OAuth 2.0 servers.

Why it matters

While there are no changes to the user-facing API or configuration, keeping dependencies up to date is critical for a tool that handles sensitive authentication tokens. By updating undici, we ensure that the connection between your GitHub Action and your identity provider remains secure and performant.

Upgrade and Installation

If you are already using the major version tag in your workflow:

- uses: UnitVectorY-Labs/jwt-bearer-token-vendor@v1

You will automatically receive this update in your next workflow run. No changes to your YAML configuration are required.

This post was AI-generated using the model unsloth/gemma-4-31B-it-GGUF:UD-Q5_K_XL. It is based on the jwt-bearer-token-vendor repository, release v1.1.0 released on 2025-05-20. Generated on 2026-04-12 by release-storyteller.