search

Inlecom / fastify-casl

A Fastify plugin for employ CASL restraints on the preHook body and preSerialization payload of a request
GNU General Public License v3.0
9 stars 0 forks source link

Bump jsonwebtoken and fastify-jwt #14

Open dependabot[bot] opened 1 year ago

dependabot[bot] commented 1 year ago

Removes jsonwebtoken. It's no longer used after updating ancestor dependency fastify-jwt. These dependencies need to be updated together.

Removes jsonwebtoken

Updates fastify-jwt from 1.2.0 to 4.2.0

Release notes

Sourced from fastify-jwt's releases.

v4.1.3

📚 PR:

  • fix: reply.jwtSign sets wrong exp (#208)

v4.1.2

📚 PR:

  • build(deps-dev): bump @​types/node from 16.11.14 to 17.0.0 (#202)
  • chore: upgrade github-action-merge-dependabot to v3 (#203)
  • chore: upgrade github-action-merge-dependabot to v3 (#204)
  • build(deps): bump http-errors from 1.8.1 to 2.0.0 (#205)
  • chore: remove named export of fastifyJwt (#206)

v4.1.1

📚 PR:

  • build(deps): bump fastify/github-action-merge-dependabot (#199)
  • secret function can also return a Buffer as type (#198)

v4.1.0

📚 PR:

  • build(deps): bump fastify/github-action-merge-dependabot (#197)
  • refactor(definitions): remove duplicate method overloads (#196)
  • chore: Remove JwtHeader type definition (#195)

v4.0.1

What's Changed

New Contributors

Full Changelog: https://github.com/fastify/fastify-jwt/compare/v4.0.0...v4.0.1

v4.0.0

Major Release

In this release we did a major change regarding JWT handling. We moved away from using jsonwebtoken to fast-jwt for singing, decoding and verifying JWTs. This move helped us improve the speed of handling the JWTs by roughly 30%. If you want more information about the fast-jwt package check out their documentation.

What's Changed

New Contributors

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by jsumners, a new releaser for fastify-jwt since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Inlecom/fastify-casl/network/alerts).