search

BHelpful / MomentMeal

MomentMeal is a marketplace for food and recipes. We help you find and create the best recipes and meal plans for you.
https://momentmeal.com/
GNU Affero General Public License v3.0
13 stars 5 forks source link

Bump supertokens-node from 11.1.1 to 12.0.3 #492

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps supertokens-node from 11.1.1 to 12.0.3.

Release notes

Sourced from supertokens-node's releases.

v12.0.0

What's Changed

Full Changelog: https://github.com/supertokens/supertokens-node/compare/v11.3.0...v12.0.0

Changelog

Sourced from supertokens-node's changelog.

[12.0.3] - 2022-09-29

Refactor:

  • clear cookies logic refactored for unauthorised error response

[12.0.2] - 2022-09-22

Bug fix:

  • Properly rethrowing generic errors in email verification endpoints.

[12.0.1] - 2022-09-22

Changed

  • Email verification endpoints will now clear the session if called by a deleted/unknown user

[12.0.0] - 2022-09-14

Bug fix:

  • Makes SuperTokensError extend the built-in Error class to fix serialization issues.

Changed

  • Made the email parameter option in unverifyEmail, revokeEmailVerificationTokens, isEmailVerified, verifyEmailUsingToken, createEmailVerificationToken of the EmailVerification recipe.

Added

  • Support for FDI 1.15
  • Added support for session claims with related interfaces and classes.
  • Added onInvalidClaim optional error handler to send InvalidClaim error responses.
  • Added INVALID_CLAIMS to SessionErrors.
  • Added invalidClaimStatusCode optional config to set the status code of InvalidClaim errors.
  • Added overrideGlobalClaimValidators to options of getSession and verifySession.
  • Added mergeIntoAccessTokenPayload to the Session recipe and session objects which should be preferred to the now deprecated updateAccessTokenPayload.
  • Added EmailVerificationClaim, UserRoleClaim and PermissionClaim. These claims are now added to the access token payload by default by their respective recipes.
  • Added assertClaims, validateClaimsForSessionHandle, validateClaimsInJWTPayload to the Session recipe to support validation of the newly added claims.
  • Added fetchAndSetClaim, getClaimValue, setClaimValue and removeClaim to the Session recipe to manage claims.
  • Added assertClaims, fetchAndSetClaim, getClaimValue, setClaimValue and removeClaim to session objects to manage claims.
  • Added session to the input of generateEmailVerifyTokenPOST, verifyEmailPOST, isEmailVerifiedGET.
  • Adds default userContext for verifySession calls that contains the request object.

Breaking changes

  • Removes support for FDI < 1.15
  • Changed signInUp third party recipe function to accept an email string instead of an object that takes {id: string, isVerified: boolean}.
  • Renames STMP to SMTP everywhere (typo).
  • The frontend SDK should be updated to a version supporting session claims!

... (truncated)

Commits
  • 8e5f169 adding dev-v12.0.3 tag to this commit to ensure building
  • 832a301 fixes tests
  • e4715de adding dev-v12.0.3 tag to this commit to ensure building
  • 0fc9332 refactor: clear cookies unauthorised changes (#399)
  • 07e3ed9 adding dev-v12.0.2 tag to this commit to ensure building
  • 5199ac8 bumps version
  • 391314c fix: rethrow generic errors in isEmailVerifiedGET and verifyEmailPOST (#397)
  • e23e7b6 adding dev-v12.0.1 tag to this commit to ensure building
  • b3368f9 test: skip delete user tests in EV before CDI2.10 (#396)
  • 18b882d adding dev-v12.0.1 tag to this commit to ensure building
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
nx-cloud[bot] commented 1 year ago

☁️ Nx Cloud Report

CI is running/has finished running commands for commit a646af536112b8561251c2f33f978b2dcd3d505c. As they complete they will appear below. Click to see the status, the terminal output, and the build insights.

📂 See all runs for this branch

✅ Successfully ran 2 targets - [`nx affected --target=build --base=origin/master --parallel`](https://cloud.nx.app/runs/QKd0FUg320j) - [`nx affected --target=lint --base=origin/master --parallel`](https://cloud.nx.app/runs/EgJNkHUBZUG)

Sent with 💌 from NxCloud.

sonarcloud[bot] commented 1 year ago

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication