awslabs / aws-jwt-verify

JS library for verifying JWTs signed by Amazon Cognito, and any OIDC-compatible IDP that signs JWTs with RS256, RS384, RS512, ES256, ES384, and ES512
Apache License 2.0
632 stars 45 forks source link

Bump fast-xml-parser and @aws-sdk/client-cognito-identity-provider in /tests/cognito #130

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps fast-xml-parser to 4.2.5 and updates ancestor dependency @aws-sdk/client-cognito-identity-provider. These dependencies need to be updated together.

Updates fast-xml-parser from 4.2.4 to 4.2.5

Changelog

Sourced from fast-xml-parser's changelog.

Note: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.

4.2.5 / 2023-06-22

  • change code implementation

4.2.4 / 2023-06-06

  • fix security bug

4.2.3 / 2023-06-05

  • fix security bug

4.2.2 / 2023-04-18

  • fix #562: fix unpaired tag when it comes in last of a nested tag. Also throw error when unpaired tag is used as closing tag

4.2.1 / 2023-04-18

  • fix: jpath after unpaired tags

4.2.0 / 2023-04-09

  • support updateTag parser property

4.1.4 / 2023-04-08

  • update typings to let user create XMLBuilder instance without options (#556) (By Patrick)
  • fix: IsArray option isn't parsing tags with 0 as value correctly #490 (#557) (By Aleksandr Murashkin)
  • feature: support oneListGroup to group repeated children tags udder single group

4.1.3 / 2023-02-26

  • fix #546: Support complex entity value

4.1.2 / 2023-02-12

  • Security Fix

4.1.1 / 2023-02-03

  • Fix #540: ignoreAttributes breaks unpairedTags
  • Refactor XML builder code

4.1.0 / 2023-02-02

  • Fix '' in DTD comment throwing an error. (#533) (By Adam Baker)
  • Set "eNotation" to 'true' as default

4.0.15 / 2023-01-25

  • make "eNotation" optional

4.0.14 / 2023-01-22

  • fixed: add missed typing "eNotation" to parse values

4.0.13 / 2023-01-07

4.0.12 / 2022-11-19

... (truncated)

Commits


Updates @aws-sdk/client-cognito-identity-provider from 3.350.0 to 3.363.0

Release notes

Sourced from @​aws-sdk/client-cognito-identity-provider's releases.

v3.363.0

3.363.0(2023-06-29)

New Features
  • client-chime: The Amazon Chime SDK APIs in the Chime namespace are no longer supported. Customers should use APIs in the dedicated Amazon Chime SDK namespaces: ChimeSDKIdentity, ChimeSDKMediaPipelines, ChimeSDKMeetings, ChimeSDKMessaging, and ChimeSDKVoice. (a6ff65fa)
  • client-appstream: This release introduces app block builder, allowing customers to provision a resource to package applications into an app block (8c61b346)
  • client-sagemaker: Adding support for timeseries forecasting in the CreateAutoMLJobV2 API. (1c2f6f07)
  • client-cleanrooms: This release adds support for the OR operator in RSQL join match conditions and the ability to control which operators (AND, OR) are allowed in a join match condition. (03a2f9ac)
  • client-glue: This release adds support for AWS Glue Crawler with Iceberg Tables, allowing Crawlers to discover Iceberg Tables in S3 and register them in Glue Data Catalog for query engines to query against. (2a11fd8a)
  • client-dynamodb: This release adds ReturnValuesOnConditionCheckFailure parameter to PutItem, UpdateItem, DeleteItem, ExecuteStatement, BatchExecuteStatement and ExecuteTransaction APIs. When set to ALL_OLD, API returns a copy of the item as it was when a conditional write failed (cef0845a)
  • client-gamelift: Amazon GameLift now supports game builds that use the Amazon Linux 2023 (AL2023) operating system. (ce985baa)
  • clients: use migrated @​smithy packages (#4873) (d036e2e4)

v3.362.0

3.362.0(2023-06-28)

Documentation Changes
  • api-reference: deprecation message on TypeDoc api reference (#4894) (2b5a3e46)
New Features
  • client-lambda: Surface ResourceConflictException in DeleteEventSourceMapping (9aafa260)
  • client-internetmonitor: This release adds a new feature for Amazon CloudWatch Internet Monitor that enables customers to set custom thresholds, for performance and availability drops, for triggering when to create a health event. (fb478aae)
  • client-rds: Amazon Relational Database Service (RDS) now supports joining a RDS for SQL Server instance to a self-managed Active Directory. (a3ee38fa)
  • client-sagemaker: This release adds support for Model Cards Model Registry integration. (75339d28)
  • client-kinesis-analytics-v2: Support for new runtime environment in Kinesis Data Analytics Studio: Zeppelin-0.10, Apache Flink-1.15 (bb74957c)
  • client-s3: The S3 LISTObjects, ListObjectsV2 and ListObjectVersions API now supports a new optional header x-amz-optional-object-attributes. If header contains RestoreStatus as the value, then S3 will include Glacier restore status i.e. isRestoreInProgress and RestoreExpiryDate in List response. (54577854)
  • client-omics: Add Common Workflow Language (CWL) as a supported language for Omics workflows (3cb41fa7)
Bug Fixes
  • util-retry: correct attempts count on StandardRetryStrategy (#4891) (63c3e60c)

v3.361.0

3.361.0(2023-06-27)

Documentation Changes
  • client-ssm: Systems Manager doc-only update for June 2023. (e298b14d)
  • client-verifiedpermissions: This update fixes several broken links to the Cedar documentation. (e6fbf506)
New Features
  • client-sagemaker: Introducing TTL for online store records in feature groups. (9e6d60d0)
  • client-ivs: IVS customers can now revoke the viewer session associated with an auth token, to prevent and stop playback using that token. (5e12ed4a)
  • client-macie2: This release adds support for configuring new classification jobs to use the set of managed data identifiers that we recommend for jobs. For the managed data identifier selection type (managedDataIdentifierSelector), specify RECOMMENDED. (5410b900)
  • client-privatenetworks: This release allows Private5G customers to choose different commitment plans (60-days, 1-year, 3-years) when placing new orders, enables automatic renewal option for 1-year and 3-years commitments. It also allows customers to update the commitment plan of an existing radio unit. (c0eca187)
  • client-appfabric: Initial release of AWS AppFabric for connecting SaaS applications for better productivity and security. (bfd0e0cd)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-cognito-identity-provider's changelog.

3.363.0 (2023-06-29)

Features

3.362.0 (2023-06-28)

Note: Version bump only for package @​aws-sdk/client-cognito-identity-provider

3.360.0 (2023-06-26)

Note: Version bump only for package @​aws-sdk/client-cognito-identity-provider

3.359.0 (2023-06-23)

Note: Version bump only for package @​aws-sdk/client-cognito-identity-provider

3.358.0 (2023-06-22)

Note: Version bump only for package @​aws-sdk/client-cognito-identity-provider

3.357.0 (2023-06-21)

Features

  • clients: automatic blob type conversions (#4836) (60ec921)

... (truncated)

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/awslabs/aws-jwt-verify/network/alerts).