FundRequest / platform

FundRequest platform code (core)
https://fundrequest.io
MIT License
109 stars 25 forks source link

Bump jsrsasign from 8.0.12 to 8.0.24 in /tweb/src/main/frontend #591

Open dependabot[bot] opened 2 years ago

dependabot[bot] commented 2 years ago

Bumps jsrsasign from 8.0.12 to 8.0.24.

Release notes

Sourced from jsrsasign's releases.

fix SigningCertificate v1 v2 attribute ASN.1 encoding

  • Changes from 8.0.23 to 8.0.24 (2020-Aug-18)
    • KJUR.asn1.cms.{SigningCertificate,SigningCertificateV2} wrong ASN.1 encoding issue was fixed (#448)
    • src/asn1cms.js
      • KJUR.asn1.cms.{SigningCertificate,SigningCertificateV2} ASN.1 encoding issue fixed (#448)
      • added KJUR.asn1.cms.IssuerSerial
    • test/qunit-do-asn1{cms,tsp}.html
      • updated for above issue

add CertificatePolicies BMPString and VisibleString support

  • Changes from 8.0.22 to 8.0.23 (2020-Aug-06)
    • src/asn1x509.js
      • CertificatePolicies class added
      • update Extension.appendByNameToArray for CertificatePolicies
      • PolicyInformation, PolicyQualifierInfo, UserNotice, NoticeReference and DisplayText class added
    • src/asn1.js
      • BMPString and VisibleString class added
      • update ASN1Util.newObject for {BMP,Visible}String
    • src/asn1hex.js
      • update ASN1HEX.dump for {BMP,Visible}String
    • test qunit-do-{asn1,asn1-newobj,asn1x509,asn1hex-dump}.html

ASN1HEX and X509 class minior bug fix

  • Changes from 8.0.21 to 8.0.22 (2020-Aug-05)
    • src/asn1hex.js
      • dump method update for BitString encapsulated
    • src/x509.js
      • getKeyUsageBin bugfix for such keyCertSign and cRLSign only
      • fix to stop raising error when X509 constructor called and asn1x509 doesn't loaded
      • TODO: getKeyUsageBin still has bug when decipherOnly(8) bit exists
    • test
      • qunit-do-{asn1hex-dump,x509-{ext,key}}.html to follow above updates

Donation program started, more RSA-PSS support and add ASN1HEX.get{Idx,TLV,V}byListEx

... (truncated)

Changelog

Sourced from jsrsasign's changelog.

ChangeLog for jsrsasign

small update for OID and JWK

  • Changes from 10.5.1 to 10.5.2 (2022-Feb-08)
    • src/asn1x509.js
      • add OID.{registerOIDs,checkOIDs} method
    • src/keyutil.js
      • getJWK, getJWKFromKey API doc update
    • test/qunit-do-asn1x509.html updated
      • test case added

add KEYUTIL.getJWK, fix EC P-521 concat signature value and add support for P-521 JWS JWK

  • Changes from 10.5.0 to 10.5.1 (2021-Dec-01)
    • fix ECC P-521 curve issues (#528)
      • src/ecdsa-modified.js
        • asn1SigToConcatSig fix P-521 issue
        • concatSigToASN1Sig fix P-521 issue
      • src/jws.js
        • add ES512 support
      • src/keyutil.js
        • fix P-521 issue in getKey,getJWKFromKey,
      • tool/tool_jwt.html
        • add ES512 support
      • test/qunit-do-ecdsamod-s.html
        • add P-521 asn1SigToConcatSig tests
        • add P-521 concatSigToASN1Sig tests
      • test/qunit-do-ecdsamod.html
        • add sha512 tests
      • test/qunit-do-jws-sign.html
        • add signing and verification ES512 test
      • test/qunit-do-keyutil-ec.html
        • add P-521 key test
      • test/qunit-do-keyutil-jwk.html
        • add P-521 private key test
      • test/qunit-do-x509-key.html
        • add P-521 certificate test
    • JWK from X509 certificate (#529)
      • this PR was merged but
        • X509.getPublicKeyJWK was moved to KEYUTIL.getJWK
        • some tests in qunit-do-x509-jwk was moved to qunit-do-keyutil-jwk
        • readCertJWK was removed
    • src/keyutil
      • KEYUTIL.getJWK added and x5c/x5t/x5t#S256/kid member support
      • KEYUTIL.getJWKFromKey now deprecated
    • src/ecdsa-modified.js
      • missing variable definition fix (#527)
    • test/qunit-do-x509.html test error fix
    • Great appreciate for @​cplussharp 's contribution.

... (truncated)

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/FundRequest/platform/network/alerts).