Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(deps): update dependency jose to v5 #281

Merged
merged 1 commit into from
Oct 25, 2023
Merged

fix(deps): update dependency jose to v5 #281

merged 1 commit into from
Oct 25, 2023

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Oct 25, 2023

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
jose ^4.13.1 -> ^5.0.0 age adoption passing confidence

Release Notes

panva/jose (jose)

v5.0.1

Compare Source

Fixes
  • also use ES2020 in the CDN bundles (8c4d390)

v5.0.0

Compare Source

⚠ BREAKING CHANGES
  • Node.js: return Uint8Array (not a Buffer) from base64url.decode
  • Browser distribution is now built using ES2020 as a target
  • Node.js distribution is now built using ES2022 as a target
  • types: jwtVerify and jwtDecrypt type argument for the resolved
    KeyLike type is now a second optional type argument following a type
    for the JWT Claims Set (aka payload)
  • PBES2 Key Management Algorithms' use in decrypt
    functions now requires the use of the keyManagementAlgorithms option
    to explicitly opt-in for their use.
  • importJWK "octAsKeyObject" option was removed.
    importJWK will no longer return CryptoKey or KeyObject for "oct" (octet
    sequence) JWK key types, it will instead always return a Uint8Array
    formed from the "k" (Key Value) Parameter regardless of the other JWK
    Parameters that may be present.
  • End-Of-Life versions of Node.js as of October 2023 are
    no longer supported. Node.js 18, 20, and 21 and future releases are
    the ones that remain supported.
  • The JWE "zip" (Compression Algorithm) Header Parameter
    is no longer supported by this JOSE implementation.
Features
  • add Date as valid input to timestamp setting functions (bd830a4)
  • default to an empty payload in JWT producing constructors (98d6ca1)
  • types: add optional Generics for JWT verify and decrypt (61bd2a0), closes #​568
Reverts
  • Revert "test: fix test under lts/erbium" (b64b6c7)
Refactor
  • Browser distribution is now built using ES2020 as a target (1836684)
  • drop support for EOL Node.js versions (b5aee54)
  • importJWK always returns a Uint8Array for symmetric key inputs (163e1b0)
  • Node.js distribution is now built using ES2022 as a target (239697a)
  • Node.js: return Uint8Array (not a Buffer) from base64url.decode (02d5182)
  • PBES2 Algorithms require explicit opt-in during verification (e2da031)
  • remove support for JWE "zip" (Compression Algorithm) Header Parameter (16998b1)
  • types: rename type parameters for the KeyLike returns (eddd400)
  • update allow list error messages (fe8114c)

v4.15.4

Compare Source

Fixes

v4.15.3

Compare Source

v4.15.2

Compare Source

Fixes
  • build: add a node target for jose-browser-runtime releases (abb63d0)

v4.15.1

Compare Source

Fixes
  • resolve missing types for the cryptoRuntime const (1627965)

v4.15.0

Compare Source

Features
  • export the used crypto runtime as a constant (0681dda)

v4.14.6

Compare Source

Fixes
  • build: publish bundle and umd files with jose-browser-runtime module (62fcbcc), closes #​571

v4.14.5

Compare Source

Refactor
  • catch type error when decoding base64url signature (#​569) (935e920)
  • catch type errors when decoding various base64url strings (9024e87)

v4.14.4

Compare Source

Refactor
  • cleanup NODE-ED25519 workerd workarounds (072e83d)

v4.14.3

Compare Source

Reverts
  • Revert "fix(types): headers and payloads may only be JSON values and primitives" (06d8101), closes #​534

v4.14.2

Compare Source

Fixes
  • types: headers and payloads may only be JSON values and primitives (24f306e)

v4.14.1

Compare Source

v4.14.0

Compare Source

Features
  • add requiredClaims JWT validation option (eeea91d)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@codesandbox
Copy link

codesandbox bot commented Oct 25, 2023

Review or Edit in CodeSandbox

Open the branch in Web EditorVS CodeInsiders

Open Preview

@netlify
Copy link

netlify bot commented Oct 25, 2023
edited
Loading

Deploy Preview for contentsgarten ready!

Name Link
🔨 Latest commit ad4feb9
🔍 Latest deploy log https://app.netlify.com/sites/contentsgarten/deploys/6539739b5c6de70008f0a893
😎 Deploy Preview https://deploy-preview-281--contentsgarten.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@renovate renovate bot merged commit 9443c8c into main Oct 25, 2023
6 checks passed
@renovate renovate bot deleted the renovate/jose-5.x branch October 25, 2023 21:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants