renovate[bot]
commented
3 weeks ago Edited/Blocked Notification
Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.
You can manually request rebase by checking the rebase/retry box above.
⚠️ Warning: custom changes will be lost.
This PR contains the following updates:
20.1.5->21.0.0Release Notes
supertokens/supertokens-node (supertokens-node)
### [`v21.0.0`](https://redirect.github.com/supertokens/supertokens-node/blob/HEAD/CHANGELOG.md#2100---2024-10-07) [Compare Source](https://redirect.github.com/supertokens/supertokens-node/compare/v20.1.5...v21.0.0) - Added OAuth2Provider recipe - Added a way to run CI on unmerged PRs - Added support for FDIs: 3.1 and 4.0. Required by: auth-react >=0.48.0 and web-js>=0.14.0 - The `networkInterceptor` now also gets a new `params` prop in the request config. - Adds `customFramework` util functions to minimize code required in custom frameworks like remix, astro etc. - Replicates `fastify` types based on requirement for the SDK instead of using the original module. - Improved type definitions for `TypeProvider` ##### Breaking change - Changes type of value in formField object to be `unknown` instead of `string` to add support for accepting any type of value in form fields. - Only supporting CDI 5.2, Compatible with Core version >= 9.3 - Removed the `overwriteSessionDuringSignInUp` option. - Added a new `shouldTryLinkingWithSessionUser` to sign in/up related APIs (and the related recipe functions) - This will default to false on the API - This will be set to true in function calls if you pass a session, otherwise it is set to false - By setting this to true you can enable MFA flows (trying to connect to the session user) - If set to false, the sign-in/up will be considered a first-factor - Changed APIs: - `EmailPassword.signInPOST` - `EmailPassword.signUpPOST` - `ThirdParty.signInUpPOST` - `Passwordless.createCodePOST` - `Passwordless.consumeCodePOST` - `Passwordless.resendCodePOST` - Changed functions: - `EmailPassword.signIn` - `EmailPassword.signUp` - `ThirdParty.signInUp` - `ThirdPary.manuallyCreateOrUpdateUser` - `Passwordless.createCode` - `Passwordless.consumeCode` - We no longer try to load the session if `shouldTryLinkingWithSessionUser` is set to false. - Changed the return type of `getOpenIdConfiguration` and `getOpenIdDiscoveryConfigurationGET`, and added the following props: - authorization_endpoint - token_endpoint - userinfo_endpoint - revocation_endpoint - token_introspection_endpoint - end_session_endpoint - subject_types_supported - id_token_signing_alg_values_supported - response_types_supported - Exposing the OpenId recipe separately and remove it from the Session recipe - This means that we removed `override.openIdFeature` from the Session recipe configuration - Removed `getJWKS` from the OpenId recipe, as it is already exposed by the JWT recipe - We now automatically initialize the OpenId and JWT recipes even if you do not use the Session recipe - `getAppDirRequestHandler` for `nextjs` will no longer accept a Response object. ##### Migration ##### Separating the OpenId recipe from Session recipe If you used to use the `openIdFeature` in the Session recipe, you should now use the OpenId recipe directly instead: Before: ```tsx import SuperTokens from "supertokens-node"; import Session from "supertokens-node/recipe/session"; SuperTokens.init({ appInfo: { apiDomain: "...", appName: "...", websiteDomain: "...", }, recipeList: [ Session.init({ override: { openIdFeature: { jwtFeature: { functions: originalImplementation => ({ ...originalImplementation, getJWKS: async (input) => { console.log("getJWKS called"); return originalImplementation.getJWKS(input); }, }) }, functions: originalImplementation => ({ ...originalImplementation, getOpenIdDiscoveryConfiguration: async (input) => ({ issuer: "your issuer", jwks_uri: "https://your.api.domain/auth/jwt/jwks.json", status: "OK" }), }) } } }); ], }); ``` After: ```tsx import SuperTokens from "supertokens-node"; import Session from "supertokens-node/recipe/session"; import OpenId from "supertokens-node/recipe/openid"; import JWT from "supertokens-node/recipe/jwt"; SuperTokens.init({ appInfo: { apiDomain: "...", appName: "...", websiteDomain: "...", }, recipeList: [ Session.init(), JWT.init({ override: { functions: originalImplementation => ({ ...originalImplementation, getJWKS: async (input) => { console.log("getJWKS called"); return originalImplementation.getJWKS(input); }, }) } }), OpenId.init({ override: { functions: originalImplementation => ({ ...originalImplementation, getOpenIdDiscoveryConfiguration: async (input) => ({ issuer: "your issuer", jwks_uri: "https://your.api.domain/auth/jwt/jwks.json", status: "OK" }), }) } }); ], }); ``` ##### Using updated `getAppDirRequestHandler` for next.js Before: ```ts import { getAppDirRequestHandler } from "supertokens-node/nextjs"; import { NextResponse } from "next/server"; const handleCall = getAppDirRequestHandler(NextResponse); ``` After: ```ts import { getAppDirRequestHandler } from "supertokens-node/nextjs"; const handleCall = getAppDirRequestHandler(); ```Configuration
📅 Schedule: Branch creation - "after 5am on Saturday" in timezone Asia/Tokyo, Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.