Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update dependency jose to v5 #183

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): update dependency jose to v5 #183

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Nov 8, 2023
edited
Loading

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
jose 4.15.5 -> 5.6.3 age adoption passing confidence

Release Notes

panva/jose (jose)

v5.6.3

Compare Source

Fixes
  • add sideEffects:false to nested ESM package.json files (f3aff1c)

v5.6.2

Compare Source

Refactor
  • CryptoKey normalization is not always async (b7751f5)
  • weak cache normalized CryptoKey instances (32b25a5)
Fixes
  • ensure KeyObject type in Web API encrypt/decrypt (b7920bd)

v5.6.1

Compare Source

Refactor
  • normalize is always defined for Web API runtimes (7bcb103)
Fixes

v5.6.0

Compare Source

Features
  • support KeyObject inputs in WebCryptoAPI runtimes given compatibility (e178b8f)

v5.5.0

Compare Source

Features

v5.4.1

Compare Source

Fixes
  • ensure latest release on npm is v5.x (a9b2a30)

v5.4.0

Compare Source

Features
  • expose JWT's payload in JWTClaimValidationFailed instances (58bcffb), closes #​680
Refactor
  • add explicit return types everywhere (cc2b2d7)

v5.3.0

Compare Source

Features
  • allow observing remote JWKS resolver state and its manual reload (fa8b639)
Refactor
  • if should not be the only statement in else blocks (a6b716b)

v5.2.4

Compare Source

Refactor
  • use createLocalJWKSet instead of LocalJWKSet in createRemoteJWKSet (a7c566c)

v5.2.3

Compare Source

Refactor
  • move iv generation and optional outputs around (05c4351)

v5.2.2

Compare Source

Fixes
  • types: iv and tag is optional in JSON serializations (53019cd)

v5.2.1

Compare Source

Fixes
  • build: refactor export targets for browser, node cjs, and node esm builds (50cbc65)

v5.2.0

Compare Source

Features
  • extend JWT NumericDate setter syntax (ae363c3)

v5.1.3

Compare Source

v5.1.2

Compare Source

Fixes
  • do not mutate JWTVerifyOptions.requiredClaims (1bf9cec), closes #​610

v5.1.1

Compare Source

Refactor
  • deprecate the RSA1_5 JWE Algorithm (f746da1)

v5.1.0

Compare Source

Features

v5.0.2

Compare Source

Fixes
  • createRemoteJWKSet: ensure a default user-agent header is present (887dd3c), closes #​600

v5.0.1

Compare Source

Fixes
  • also use ES2020 in the CDN bundles (8c4d390)

v5.0.0

Compare Source

⚠ BREAKING CHANGES
  • Node.js: return Uint8Array (not a Buffer) from base64url.decode
  • Browser distribution is now built using ES2020 as a target
  • Node.js distribution is now built using ES2022 as a target
  • types: jwtVerify and jwtDecrypt type argument for the resolved
    KeyLike type is now a second optional type argument following a type
    for the JWT Claims Set (aka payload)
  • PBES2 Key Management Algorithms' use in decrypt
    functions now requires the use of the keyManagementAlgorithms option
    to explicitly opt-in for their use.
  • importJWK "octAsKeyObject" option was removed.
    importJWK will no longer return CryptoKey or KeyObject for "oct" (octet
    sequence) JWK key types, it will instead always return a Uint8Array
    formed from the "k" (Key Value) Parameter regardless of the other JWK
    Parameters that may be present.
  • End-Of-Life versions of Node.js as of October 2023 are
    no longer supported. Node.js 18, 20, and 21 and future releases are
    the ones that remain supported.
  • The JWE "zip" (Compression Algorithm) Header Parameter
    is no longer supported by this JOSE implementation.
Features
  • add Date as valid input to timestamp setting functions (bd830a4)
  • default to an empty payload in JWT producing constructors (98d6ca1)
  • types: add optional Generics for JWT verify and decrypt (61bd2a0), closes #​568
Reverts
  • Revert "test: fix test under lts/erbium" (b64b6c7)
Refactor
  • Browser distribution is now built using ES2020 as a target (1836684)
  • drop support for EOL Node.js versions (b5aee54)
  • importJWK always returns a Uint8Array for symmetric key inputs (163e1b0)
  • Node.js distribution is now built using ES2022 as a target (239697a)
  • Node.js: return Uint8Array (not a Buffer) from base64url.decode (02d5182)
  • PBES2 Algorithms require explicit opt-in during verification (e2da031)
  • remove support for JWE "zip" (Compression Algorithm) Header Parameter (16998b1)
  • types: rename type parameters for the KeyLike returns (eddd400)
  • update allow list error messages (fe8114c)

v4.15.9

Compare Source

Fixes
  • add sideEffects:false to nested ESM package.json files (17eef5f)

v4.15.8

Compare Source

v4.15.7

Compare Source

Fixes
  • add a workerd package.json target (e36d69e)

v4.15.6

Compare Source

Configuration

📅 Schedule: Branch creation - "after 9am on thursday,before 12pm on thursday" in timezone Australia/Melbourne, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot force-pushed the renovate/jose-5.x branch 2 times, most recently from 6a0ee49 to 9c246f4 Compare November 30, 2023 23:10
@renovate renovate bot force-pushed the renovate/jose-5.x branch 2 times, most recently from 19ec20c to 3ea66a2 Compare March 7, 2024 17:31
@renovate renovate bot force-pushed the renovate/jose-5.x branch 2 times, most recently from c23bad3 to 16a2dbc Compare June 6, 2024 22:48
@renovate renovate bot force-pushed the renovate/jose-5.x branch 3 times, most recently from 19987c9 to 484a5e9 Compare June 30, 2024 16:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
0 participants