search

GluuFederation / gluu-passport

Gluu interface to Passport.js to support social login and inbound identity.
Apache License 2.0
6 stars 17 forks source link

build(deps): bump jose from 2.0.5 to 4.3.8 #404

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Bumps jose from 2.0.5 to 4.3.8.

Release notes

Sourced from jose's releases.

v4.3.8

This release contains only code refactoring and documentation updates.

v4.3.7

Fixes

  • typescript: b64: true is fine to use in JWT, its useless, but allowed (#324) (ee401c9)

v4.3.6

Fixes

  • electron: rsa-pss keys are never supported (188c1f7)

v4.3.5

Fixes

v4.3.4

Fixes

  • Compact JWS verification handles a zero-length payload string (7c70e7b)

v4.3.3

Fixes

  • typescript: apply updated compact and jwt headers to compact/jwt verify and decrypt results (0c1946c)

v4.3.2

Fixes

  • createRemoteJWKSet handles all JWS syntaxes (aaba8f3)
  • typescript: Compact JWS Header Parameters has alg and enc as required (0fa87af)
  • typescript: Compact JWS Header Parameters has alg as required (c7fabd0)
  • typescript: Signed JWT Header Parameters has alg as required and b64 as never (79cbd82)

v4.3.0

Features

  • add GeneralSign signature and GeneralEncrypt recipient builder chaining (cfc93f5)

v4.2.1

Fixes

  • node: dont mention CryptoKey in versions without webcrypto (401cabf)

v4.2.0

Features

... (truncated)

Changelog

Sourced from jose's changelog.

4.3.8 (2022-01-09)

4.3.7 (2021-11-18)

Fixes

  • typescript: b64: true is fine to use in JWT, its useless, but allowed (#324) (ee401c9)

4.3.6 (2021-11-16)

Fixes

  • electron: rsa-pss keys are never supported (188c1f7)

4.3.5 (2021-11-12)

Fixes

4.3.4 (2021-11-12)

Fixes

  • Compact JWS verification handles a zero-length payload string (7c70e7b)

4.3.3 (2021-11-11)

Fixes

  • typescript: apply updated compact and jwt headers to compact/jwt verify and decrypt results (0c1946c)

4.3.2 (2021-11-11)

Fixes

  • createRemoteJWKSet handles all JWS syntaxes (aaba8f3)
  • typescript: Compact JWS Header Parameters has alg and enc as required (0fa87af)
  • typescript: Compact JWS Header Parameters has alg as required (c7fabd0)
  • typescript: Signed JWT Header Parameters has alg as required and b64 as never (79cbd82)

4.3.0 (2021-11-11)

... (truncated)

Commits
  • 6a575fc chore(release): 4.3.8
  • 1a87245 chore: update bug-report.yml
  • 6275c91 test(deno): disable timeout test for now
  • 972653b chore(style): prettier
  • 8dfcf60 chore(build): upgrade esbuild
  • 80741cb refactor: substr > slice
  • 624df66 refactor: src/runtime/browser
  • 6abb5b4 refactor: src/runtime
  • f71e583 refactor: src/runtime/ecdhes.ts
  • 8738325 refactor: src/runtime/browser/asn1.ts
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
christian-hawk commented 2 years ago

Can one of the admins verify this patch?

codecov[bot] commented 2 years ago

Codecov Report

Merging #404 (044c42f) into master (f222f07) will not change coverage. The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master     #404   +/-   ##
=======================================
  Coverage   78.58%   78.58%           
=======================================
  Files          36       36           
  Lines         780      780           
=======================================
  Hits          613      613           
  Misses        167      167

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update f222f07...044c42f. Read the comment docs.

christian-hawk commented 2 years ago

@depndabot rebase

christian-hawk commented 2 years ago

@dependabot rebase

christian-hawk commented 2 years ago

@dependabot recreate

dependabot[bot] commented 2 years ago

Superseded by #416.