[mce-2.4] HIVE-2787: CVE-2025-22868 x/oauth2/jws => 0.26.openshift.1

[2uasimojo]

Replace x/oauth2 with the openshift fork containing the fix. (The upstream fix in 0.27.0 requires golang 1.23, and bumping in this release would be Hard™.)

https://security.snyk.io/vuln/SNYK-GOLANG-GOLANGORGXOAUTH2JWS-8749594

ACM-18179

(cherry picked from commit 270568c)

[openshift-ci-robot]

@2uasimojo: This pull request references HIVE-2787 which is a valid jira issue.

In response to this:

Replace x/oauth2 with the openshift fork containing the fix. (The upstream fix in 0.27.0 requires golang 1.23, and bumping in this release would be Hard™.)

https://security.snyk.io/vuln/SNYK-GOLANG-GOLANGORGXOAUTH2JWS-8749594

ACM-18179

(cherry picked from commit 270568c)

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 57.64%. Comparing base (39c37dc) to head (b647e53).
Report is 2 commits behind head on mce-2.4.

Additional details and impacted files

@@           Coverage Diff            @@
##           mce-2.4    #2603   +/-   ##
========================================
  Coverage    57.64%   57.64%           
========================================
  Files          186      186           
  Lines        25839    25839           
========================================
  Hits         14894    14894           
  Misses        9699     9699           
  Partials      1246     1246           

🚀 New features to boost your workflow:

• ❄ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[2uasimojo]

/override ci/prow/security

Crypto being addressed via HIVE-2786.

The other requires a k8s bump, which isn't happening in this branch.

[2uasimojo]

/assign @suhanime

[openshift-ci]

@2uasimojo: Overrode contexts on behalf of 2uasimojo: ci/prow/security

In response to this:

/override ci/prow/security

Crypto being addressed via HIVE-2786.

The other requires a k8s bump, which isn't happening in this branch.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[suhanime]

/lgtm

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: 2uasimojo, suhanime

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [2uasimojo,suhanime]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci-robot]

/retest-required

Remaining retests: 0 against base HEAD 39c37dc and 2 for PR HEAD b647e53 in total

[2uasimojo]

/override ci/prow/security

[openshift-ci]

@2uasimojo: Overrode contexts on behalf of 2uasimojo: ci/prow/security

In response to this:

/override ci/prow/security

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[2uasimojo]

Not sure what's happening with prow here. I'm gonna mash the merge button. No sense retesting -- nothing else has happened in this branch.

[openshift-ci]

@2uasimojo: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/security	b647e53	link	true	/test security

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.