Node.js: return Uint8Array (not a Buffer) from base64url.decode
Browser distribution is now built using ES2020 as a target
Node.js distribution is now built using ES2022 as a target
types: jwtVerify and jwtDecrypt type argument for the resolved KeyLike type is now a second optional type argument following a type for the JWT Claims Set (aka payload)
PBES2 Key Management Algorithms' use in decrypt functions now requires the use of the keyManagementAlgorithms option to explicitly opt-in for their use.
importJWK "octAsKeyObject" option was removed. importJWK will no longer return CryptoKey or KeyObject for "oct" (octet sequence) JWK key types, it will instead always return a Uint8Array formed from the "k" (Key Value) Parameter regardless of the other JWK Parameters that may be present.
End-Of-Life versions of Node.js as of October 2023 are no longer supported. Node.js 18, 20, 21, and future releases are the ones that remain supported.
The JWE "zip" (Compression Algorithm) Header Parameter
is no longer supported by this JOSE implementation.
Features
add Date as valid input to timestamp setting functions (bd830a4)
default to an empty payload in JWT producing constructors (98d6ca1)
types: add optional Generics for JWT verify and decrypt (61bd2a0), closes #568
Reverts
Revert "test: fix test under lts/erbium" (b64b6c7)
Refactor
Browser distribution is now built using ES2020 as a target (1836684)
Node.js: return Uint8Array (not a Buffer) from base64url.decode
Browser distribution is now built using ES2020 as a target
Node.js distribution is now built using ES2022 as a target
types: jwtVerify and jwtDecrypt type argument for the resolved
KeyLike type is now a second optional type argument following a type
for the JWT Claims Set (aka payload)
PBES2 Key Management Algorithms' use in decrypt
functions now requires the use of the keyManagementAlgorithms option
to explicitly opt-in for their use.
importJWK "octAsKeyObject" option was removed.
importJWK will no longer return CryptoKey or KeyObject for "oct" (octet
sequence) JWK key types, it will instead always return a Uint8Array
formed from the "k" (Key Value) Parameter regardless of the other JWK
Parameters that may be present.
End-Of-Life versions of Node.js as of October 2023 are
no longer supported. Node.js 18, 20, and 21 and future releases are
the ones that remain supported.
The JWE "zip" (Compression Algorithm) Header Parameter
is no longer supported by this JOSE implementation.
Features
add Date as valid input to timestamp setting functions (bd830a4)
default to an empty payload in JWT producing constructors (98d6ca1)
types: add optional Generics for JWT verify and decrypt (61bd2a0), closes #568
Reverts
Revert "test: fix test under lts/erbium" (b64b6c7)
Refactor
Browser distribution is now built using ES2020 as a target (1836684)
This version was pushed to npm by panva, a new releaser for jose since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot]
commented
8 months ago
Bumps jose from 2.0.5 to 5.0.1.
Release notes
Sourced from jose's releases.
... (truncated)
Changelog
Sourced from jose's changelog.
... (truncated)
Commits
bee688fchore(release): 5.0.18c4d390fix: also use ES2020 in the CDN bundles7b03843chore: cleanup after releasec7e7756chore(release): 5.0.09b2b725docs: update README.md02d5182refactor(Node.js)!: return Uint8Array (not a Buffer) from base64url.decode66a304achore: unleash prettier on tsconfig files6498b30build: update base lib2742ed4test(deno): use npm-installed qunit over CDN distro1836684refactor!: Browser distribution is now built using ES2020 as a targetMaintainer changes
This version was pushed to npm by panva, a new releaser for jose since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show