Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix(deps): update dependency jose to v5 (#281)
[](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [jose](https://github.com/panva/jose) | [`^4.13.1` -> `^5.0.0`](https://renovatebot.com/diffs/npm/jose/4.13.2/5.0.1) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>panva/jose (jose)</summary> ### [`v5.0.1`](https://github.com/panva/jose/blob/HEAD/CHANGELOG.md#501-2023-10-25) [Compare Source](https://github.com/panva/jose/compare/v5.0.0...v5.0.1) ##### Fixes - also use ES2020 in the CDN bundles ([8c4d390](https://github.com/panva/jose/commit/8c4d3909db56f2d62cf2bf413e8343c0fdd2b92f)) ### [`v5.0.0`](https://github.com/panva/jose/blob/HEAD/CHANGELOG.md#500-2023-10-25) [Compare Source](https://github.com/panva/jose/compare/v4.15.4...v5.0.0) ##### ⚠ BREAKING CHANGES - **Node.js:** return Uint8Array (not a Buffer) from base64url.decode - Browser distribution is now built using ES2020 as a target - Node.js distribution is now built using ES2022 as a target - **types:** jwtVerify and jwtDecrypt type argument for the resolved KeyLike type is now a second optional type argument following a type for the JWT Claims Set (aka payload) - PBES2 Key Management Algorithms' use in decrypt functions now requires the use of the keyManagementAlgorithms option to explicitly opt-in for their use. - importJWK "octAsKeyObject" option was removed. importJWK will no longer return CryptoKey or KeyObject for "oct" (octet sequence) JWK key types, it will instead always return a Uint8Array formed from the "k" (Key Value) Parameter regardless of the other JWK Parameters that may be present. - End-Of-Life versions of Node.js as of October 2023 are no longer supported. Node.js 18, 20, and 21 and future releases are the ones that remain supported. - The JWE "zip" (Compression Algorithm) Header Parameter is no longer supported by this JOSE implementation. ##### Features - add Date as valid input to timestamp setting functions ([bd830a4](https://github.com/panva/jose/commit/bd830a47979912d4c0775d01a05584c2aa9f0dcd)) - default to an empty payload in JWT producing constructors ([98d6ca1](https://github.com/panva/jose/commit/98d6ca12c448697ed6342b1230b351eb5bfa0df8)) - **types:** add optional Generics for JWT verify and decrypt ([61bd2a0](https://github.com/panva/jose/commit/61bd2a0adb638c1c2469459d78556a99cec697c7)), closes [#​568](https://github.com/panva/jose/issues/568) ##### Reverts - Revert "test: fix test under lts/erbium" ([b64b6c7](https://github.com/panva/jose/commit/b64b6c731c3e2d0e6751e0221804af08d7015bfa)) ##### Refactor - Browser distribution is now built using ES2020 as a target ([1836684](https://github.com/panva/jose/commit/18366840e1ae557b951fe921c5004b17ad56e972)) - drop support for EOL Node.js versions ([b5aee54](https://github.com/panva/jose/commit/b5aee542fb5995dd29e012011f832ce8dfd24e29)) - importJWK always returns a Uint8Array for symmetric key inputs ([163e1b0](https://github.com/panva/jose/commit/163e1b02ed5b64368110d750c9f5f5c3d247042d)) - Node.js distribution is now built using ES2022 as a target ([239697a](https://github.com/panva/jose/commit/239697a17d048b8eb2120d29adff7f98edc0f26e)) - **Node.js:** return Uint8Array (not a Buffer) from base64url.decode ([02d5182](https://github.com/panva/jose/commit/02d51827e24195d650cf83de100ae16cd8b0599e)) - PBES2 Algorithms require explicit opt-in during verification ([e2da031](https://github.com/panva/jose/commit/e2da031381b7c5327ea9a0ccf58f059fa8af7e92)) - remove support for JWE "zip" (Compression Algorithm) Header Parameter ([16998b1](https://github.com/panva/jose/commit/16998b15c75d90b64eb5b0fa0713cfdfa7896757)) - **types:** rename type parameters for the KeyLike returns ([eddd400](https://github.com/panva/jose/commit/eddd400235e84e3d84c1a8471b01915a12d3d866)) - update allow list error messages ([fe8114c](https://github.com/panva/jose/commit/fe8114c82646f2468857effb934f39dd7bc75902)) ### [`v4.15.4`](https://github.com/panva/jose/blob/HEAD/CHANGELOG.md#4154-2023-10-14) [Compare Source](https://github.com/panva/jose/compare/v4.15.3...v4.15.4) ##### Fixes - **types:** export GetKeyFunction ([#​592](https://github.com/panva/jose/issues/592)) ([936c9df](https://github.com/panva/jose/commit/936c9dff2bc124dc5f64906a96f665a28e57392c)), closes [#​591](https://github.com/panva/jose/issues/591) ### [`v4.15.3`](https://github.com/panva/jose/blob/HEAD/CHANGELOG.md#4153-2023-10-11) [Compare Source](https://github.com/panva/jose/compare/v4.15.2...v4.15.3) ### [`v4.15.2`](https://github.com/panva/jose/blob/HEAD/CHANGELOG.md#4152-2023-10-04) [Compare Source](https://github.com/panva/jose/compare/v4.15.1...v4.15.2) ##### Fixes - **build:** add a node target for jose-browser-runtime releases ([abb63d0](https://github.com/panva/jose/commit/abb63d0e8e7a55326dc343eec5f5eee9addc1dcf)) ### [`v4.15.1`](https://github.com/panva/jose/blob/HEAD/CHANGELOG.md#4151-2023-10-02) [Compare Source](https://github.com/panva/jose/compare/v4.15.0...v4.15.1) ##### Fixes - resolve missing types for the cryptoRuntime const ([1627965](https://github.com/panva/jose/commit/16279652a67133fba0db7c9879767f000a8f1662)) ### [`v4.15.0`](https://github.com/panva/jose/blob/HEAD/CHANGELOG.md#4150-2023-10-02) [Compare Source](https://github.com/panva/jose/compare/v4.14.6...v4.15.0) ##### Features - export the used crypto runtime as a constant ([0681dda](https://github.com/panva/jose/commit/0681dda1592a82c22a18981002b3763c502d0fc4)) ### [`v4.14.6`](https://github.com/panva/jose/blob/HEAD/CHANGELOG.md#4146-2023-09-04) [Compare Source](https://github.com/panva/jose/compare/v4.14.5...v4.14.6) ##### Fixes - **build:** publish bundle and umd files with jose-browser-runtime module ([62fcbcc](https://github.com/panva/jose/commit/62fcbcc2170db00f5bbfc817839523dbf970239f)), closes [#​571](https://github.com/panva/jose/issues/571) ### [`v4.14.5`](https://github.com/panva/jose/blob/HEAD/CHANGELOG.md#4145-2023-09-02) [Compare Source](https://github.com/panva/jose/compare/v4.14.4...v4.14.5) ##### Refactor - catch type error when decoding base64url signature ([#​569](https://github.com/panva/jose/issues/569)) ([935e920](https://github.com/panva/jose/commit/935e920d29d242e0446d365b1e4f0449d144c23c)) - catch type errors when decoding various base64url strings ([9024e87](https://github.com/panva/jose/commit/9024e870ece4ef121205dadc733c36d7978b97ab)) ### [`v4.14.4`](https://github.com/panva/jose/blob/HEAD/CHANGELOG.md#4144-2023-04-30) [Compare Source](https://github.com/panva/jose/compare/v4.14.3...v4.14.4) ##### Refactor - cleanup NODE-ED25519 workerd workarounds ([072e83d](https://github.com/panva/jose/commit/072e83de5bf3a15775b0bf25ef8afa8851b8862d)) ### [`v4.14.3`](https://github.com/panva/jose/blob/HEAD/CHANGELOG.md#4143-2023-04-27) [Compare Source](https://github.com/panva/jose/compare/v4.14.2...v4.14.3) ##### Reverts - Revert "fix(types): headers and payloads may only be JSON values and primitives" ([06d8101](https://github.com/panva/jose/commit/06d8101a5827a69bb25c2847b1a10d03f015db03)), closes [#​534](https://github.com/panva/jose/issues/534) ### [`v4.14.2`](https://github.com/panva/jose/blob/HEAD/CHANGELOG.md#4142-2023-04-26) [Compare Source](https://github.com/panva/jose/compare/v4.14.1...v4.14.2) ##### Fixes - **types:** headers and payloads may only be JSON values and primitives ([24f306e](https://github.com/panva/jose/commit/24f306e7f33485daaba1e250dfc97b5f621079ad)) ### [`v4.14.1`](https://github.com/panva/jose/blob/HEAD/CHANGELOG.md#4141-2023-04-20) [Compare Source](https://github.com/panva/jose/compare/v4.14.0...v4.14.1) ### [`v4.14.0`](https://github.com/panva/jose/blob/HEAD/CHANGELOG.md#4140-2023-04-14) [Compare Source](https://github.com/panva/jose/compare/v4.13.2...v4.14.0) ##### Features - add requiredClaims JWT validation option ([eeea91d](https://github.com/panva/jose/commit/eeea91df48cadda84e4fdce6bbba7251ca7af83f)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/creatorsgarten/contentsgarten). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMS41IiwidXBkYXRlZEluVmVyIjoiMzcuMzEuNSIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
](https://renovatebot.com){kind=link}
- Loading branch information
1 parent
af1a44f
commit 9443c8c
9443c8cThere was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.