Bump auth0-js from 8.7.0 to 9.3.0

[dependabot]

Bumps auth0-js from 8.7.0 to 9.3.0.

Release notes

Sourced from auth0-js's releases.

8.9.2

Full Changelog

Fixed

• Fix passwordlessVerify not sending nonce #489 (luisrudge)

Change Log

8.9.1

Full Changelog

Fixed

• Fixed credentialType url #487 (luisrudge)

Change Log

8.9.0

Full Changelog

Added

• Add flag to retry requests #484 (luisrudge)
• Add cross-origin-auth support to Passwordless #482 (luisrudge)

Changed

• Avoid snake casing of metadata on signup #475 (hzalaz)

Fixed

• Send empty verifier when can't access sessionStorage #470 (luisrudge)

Change Log

8.8.0

Full Changelog

Changed

• Update idtoken-verifier #458 (hzalaz)

Fixed

• Fix passwordless inside hosted login page #459 (hzalaz)

Changelog

Sourced from auth0-js's changelog.

v9.3.0 (2018-02-22)

Full Changelog

Fixed

• Fix CSRF vulnerability when hash.state is empty. Please read more about it here and here. #673 (luisrudge)
• Use WinChan on popup.callback again + adding origin check to keep it secure #669 (luisrudge)
• Fixed error handling for auth in popup mode #668 (luisrudge)
• Fix inconsistent cross origin error handling #667 (luisrudge)

v9.2.3 (2018-02-14)

Full Changelog

Changed

• Use webAuth.login when calling signupAndLogin to support Universal Login Page #664 (luisrudge)

Fixed

• Fix federated param #661 (luisrudge)

v9.2.2 (2018-02-08)

Full Changelog

Fixed

• Making Authentication constructor accept one or two params #657 (luisrudge)

v9.2.1 (2018-02-05)

Full Changelog

Fixed

• Remove origin check from checkSession when redirectUri is empty #653 (luisrudge)

v9.2.0 (2018-02-01)

Full Changelog

Added

• Normalized login and passwordlessLogin usage to make it work in embedded and hosted scenarios #646 (luisrudge)

v9.1.3 (2018-01-29)

Full Changelog

... (truncated)

Commits

• fe920cb v9.3.0
• c193be9 Merge pull request #677 from auth0/prepare-9.3.0
• 4a33fd9 Release v9.3.0
• b93797f Use WinChan on popup.callback again + adding origin check to keep it secure (...
• 2ca7ccf Fix a few typos (#676)
• 85df784 Fixing auth.Management creation docs (#600)
• def9022 Throw error when hash.state is empty (#673)
• 5489232 add renewAuth callback jsdocs (#674)
• 41c5e3e Removed warning notice for HLP (#671)
• 6c2438b Update README.md (#672)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.