Bump the passport group in /generators/node-server/resources with 5 updates

[dependabot[bot]]

Bumps the passport group in /generators/node-server/resources with 5 updates:

Package	From	To
@nestjs/passport	7.1.0	10.0.3
jwt-decode	3.1.1	4.0.0
passport	0.4.1	0.7.0
passport-jwt	4.0.0	4.0.1
@types/passport-jwt	3.0.3	4.0.1

Updates @nestjs/passport from 7.1.0 to 10.0.3

Release notes

Sourced from @​nestjs/passport's releases.

Release 10.0.3

• Merge pull request #1455 from nestjs/renovate/cimg-node-21.x (fe6ad2e)
• Merge pull request #1502 from nestjs/renovate/passport-0.x (f46ffb9)
• chore(deps): update dependency lint-staged to v15.2.0 (46b4f69)
• chore(deps): update dependency @​types/node to v20.10.3 (d213a85)
• chore(deps): update dependency eslint-config-prettier to v9.1.0 (69bb1f6)
• chore(deps): update dependency eslint to v8.55.0 (f5fa401)
• chore(deps): update dependency @​types/node to v20.10.2 (1e9cad1)
• chore(deps): update dependency @​types/node to v20.10.1 (145ecda)
• chore(deps): update typescript-eslint monorepo to v6.13.1 (70a908f)
• chore(deps): update typescript-eslint monorepo to v6.13.0 (c73d48e)
• chore(deps): update dependency passport to v0.7.0 (d0b9a60)
• chore(deps): update dependency @​types/node to v20.10.0 (4f3245d)
• chore(deps): update dependency @​types/node to v20.9.5 (114a3b6)
• chore(deps): update dependency @​types/node to v20.9.4 (4002acc)
• chore(deps): update dependency @​types/jest to v29.5.10 (6dc6c09)
• chore(deps): update dependency @​types/passport to v1.0.16 (502554c)
• chore(deps): update dependency @​types/node to v20.9.3 (82c77c4)
• chore(deps): update commitlint monorepo to v18.4.3 (1dae894)
• chore(deps): update dependency @​types/jest to v29.5.9 (b1e0fa8)
• chore(deps): update typescript-eslint monorepo to v6.12.0 (7d4dc10)
• chore(deps): update dependency typescript to v5.3.2 (96cb3ea)
• chore(deps): update nest monorepo to v10.2.10 (d8313ed)
• chore(deps): update dependency @​types/node to v20.9.2 (dd750ce)
• chore(deps): update dependency eslint to v8.54.0 (b7c9666)
• chore(deps): update nest monorepo to v10.2.9 (3b9472f)
• chore(deps): update dependency @​types/node to v20.9.1 (b80e559)
• chore(deps): update commitlint monorepo to v18.4.2 (6678d6a)
• chore(deps): update node.js to v21 (68cebed)
• chore(deps): update typescript-eslint monorepo to v6.11.0 (c98e1e4)
• chore(deps): update dependency prettier to v3.1.0 (6fbd769)
• chore(deps): update dependency @​commitlint/cli to v18.4.1 (d13e432)
• chore(deps): update dependency lint-staged to v15.1.0 (156f7fc)
• chore(deps): update dependency release-it to v17 (7ae90f1)
• chore(deps): update commitlint monorepo to v18.4.0 (9aff968)
• chore(deps): update dependency @​nestjs/jwt to v10.2.0 (e32dc20)
• chore(deps): update dependency @​types/node to v20.9.0 (3348f7b)
• chore(deps): update dependency @​types/jest to v29.5.8 (1a097ac)
• chore(deps): update dependency @​types/passport-local to v1.0.38 (2ba1dff)
• chore(deps): update dependency @​types/passport-jwt to v3.0.13 (68e04ca)
• chore(deps): update dependency @​types/passport to v1.0.15 (d01a44c)
• chore(deps): update typescript-eslint monorepo to v6.10.0 (4d90057)
• chore(deps): update dependency eslint to v8.53.0 (15a3ce9)
• chore(deps): update nest monorepo to v10.2.8 (a318101)
• chore(deps): update dependency @​types/node to v20.8.10 (87a27a1)
• chore(deps): update dependency @​types/jest to v29.5.7 (791cefb)
• chore(deps): update typescript-eslint monorepo to v6.9.1 (087cdaa)
• chore(deps): update dependency @​types/passport-jwt to v3.0.12 (0fdec75)
• chore(deps): update dependency @​commitlint/cli to v18.2.0 (a4e907f)
• chore(deps): update dependency @​types/node to v20.8.9 (1a53236)

... (truncated)

Commits

• 653ff8e chore(): release v10.0.3
• fe6ad2e Merge pull request #1455 from nestjs/renovate/cimg-node-21.x
• f46ffb9 Merge pull request #1502 from nestjs/renovate/passport-0.x
• 46b4f69 chore(deps): update dependency lint-staged to v15.2.0
• d213a85 chore(deps): update dependency @​types/node to v20.10.3
• 69bb1f6 chore(deps): update dependency eslint-config-prettier to v9.1.0
• f5fa401 chore(deps): update dependency eslint to v8.55.0
• 1e9cad1 chore(deps): update dependency @​types/node to v20.10.2
• 145ecda chore(deps): update dependency @​types/node to v20.10.1
• 70a908f chore(deps): update typescript-eslint monorepo to v6.13.1
• Additional commits viewable in compare view

Updates jwt-decode from 3.1.1 to 4.0.0

Release notes

Sourced from jwt-decode's releases.

v4.0.0

A new version of the library, including a couple of improvements:

• No longer include a polyfill for atob, as this is supported in all major browsers (and node environments > 14).
• Compile to ES2017, dropping support for anything that does not support ES2017 (which should be very limited according to caniuse)
• Use Node's atob when running on node.
• Drop support for Node 14 and 16, add support for Node 20.
• Add support for package.json's exports field, for better CJS/ESM support
• Reorganize build artifacts for better CJS/ESM support (cjs and esm needs to be their own directory with a cjs specific package.json file)
• Drop manual UMD bundle creation in index.standalone.ts, but rely on rollup instead.
• Infer JwtPayload and JwtHeader default types from the header argument by using overloads.

Even though some users might experience breaking changes, mostly because of the exports field, the majority should be able to update without making any changes, assuming the SDK is used in environments with support for atob.

Migration to v4.0.0

The jwtDecode function is now no longer the default export, and is instead provided as a named export. Make sure to update your code in places where you are importing this function:

-import jwtDecodefrom "jwt-decode";
+import { jwtDecode } from "jwt-decode";

v4.0.0-beta.4

Breaking changes

• Raise minimum Node.js version to 18 #209 (jonkoops)

Fixed

• fix default condition should be the last one #199 (frederikprijck)

v4.0.0-beta.3

Breaking changes

• Drop UMD bundle #193 (frederikprijck)

Changed

• Use modern JavaScript syntax #187 (jonkoops)
• Use ESNext as default module system #188 (jonkoops)
• Avoid using any bundlers but use tsc instead #192 (frederikprijck)

v4.0.0-beta.2

Changed

• Avoid using default exports #175 (frederikprijck)
• Make options optional no default function parameter initializer #179 (cristobal)

Fixed

• Ensure types are bundled and correctly linked #174 (jonkoops)

v4.0.0-beta.1

Fixed

• Ensure build is run on prepack #167 (frederikprijck)

... (truncated)

Changelog

Sourced from jwt-decode's changelog.

Version 4.0.0

Full Changelog

A new version of the library, including a couple of improvements:

• No longer include a polyfill for atob, as this is supported in all major browsers (and node environments > 14).
• Compile to ES2017, dropping support for anything that does not support ES2017 (which should be very limited according to caniuse)
• Use Node's atob when running on node.
• Drop support for Node 14 and 16, add support for Node 20.
• Add support for package.json's exports field, for better CJS/ESM support
• Reorganize build artifacts for better CJS/ESM support (cjs and esm needs to be their own directory with a cjs specific package.json file)
• Drop manual UMD bundle creation in index.standalone.ts, but rely on rollup instead.
• Infer JwtPayload and JwtHeader default types from the header argument by using overloads.

Even though some users might experience breaking changes, mostly because of the exports field, the majority should be able to update without making any changes, assuming the SDK is used in environments with support for atob.

Migration to v4.0.0

The jwtDecode function is now no longer the default export, and is instead provided as a named export. Make sure to update your code in places where you are importing this function:

-import jwtDecode from "jwt-decode";
+import { jwtDecode } from "jwt-decode";

Version 4.0.0-beta.4

Full Changelog

Breaking changes

• Raise minimum Node.js version to 18 #209 (jonkoops)

Fixed

• fix default condition should be the last one #199 (frederikprijck)

Version 4.0.0-beta.3

Full Changelog

Breaking changes

• Drop UMD bundle #193 (frederikprijck)

Changed

• Use modern JavaScript syntax #187 (jonkoops)
• Use ESNext as default module system #188 (jonkoops)
• Avoid using any bundlers but use tsc instead #192 (frederikprijck)

Version 4.0.0-beta.2

... (truncated)

Commits

• 3b2d105 Update CHANGELOG.md
• bd50db0 Release v4.0.0 (#232)
• bcfd7da Bump actions/checkout from 3 to 4 (#228)
• 6ec1cba Bump concurrently from 8.2.0 to 8.2.2 (#226)
• 807d123 Bump @​typescript-eslint/eslint-plugin from 6.4.1 to 6.9.0 (#229)
• f68e292 Bump eslint-plugin-import from 2.28.1 to 2.29.0 (#230)
• b2e7489 Bump eslint-import-resolver-typescript from 3.6.0 to 3.6.1 (#225)
• ccb6488 Bump lint-staged from 14.0.1 to 15.0.2 (#231)
• cf3cd4f Bump actions/setup-node from 3 to 4 (#227)
• 0ce8017 pin babel/core to recent version and bump jest
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by auth0-oss, a new releaser for jwt-decode since your current version.

Updates passport from 0.4.1 to 0.7.0

Changelog

Sourced from passport's changelog.

[0.7.0] - 2023-11-27

Changed

• Set req.authInfo by default when using the assignProperty option to authenticate() middleware. This makes the behavior the same as when not using the option, and can be disabled by setting authInfo option to false.

[0.6.0] - 2022-05-20

Added

• authenticate(), req#login, and req#logout accept a keepSessionInfo: true option to keep session information after regenerating the session.

Changed

• req#login() and req#logout() regenerate the the session and clear session information by default.
• req#logout() is now an asynchronous function and requires a callback function as the last argument.

Security

• Improved robustness against session fixation attacks in cases where there is physical access to the same system or the application is susceptible to cross-site scripting (XSS).

[0.5.3] - 2022-05-16

Fixed

• initialize() middleware extends request with login(), logIn(), logout(), logOut(), isAuthenticated(), and isUnauthenticated() functions again, reverting change from 0.5.1.

[0.5.2] - 2021-12-16

Fixed

• Introduced a compatibility layer for strategies that depend directly on passport@0.4.x or earlier (such as passport-azure-ad), which were broken by the removal of private variables in passport@0.5.1.

[0.5.1] - 2021-12-15

Added

• Informative error message in session strategy if session support is not available.

Changed

• authenticate() middleware, rather than initialize() middleware, extends request with login(), logIn(), logout(), logOut(), isAuthenticated(), and isUnauthenticated() functions.

[0.5.0] - 2021-09-23

... (truncated)

Commits

• 33b92f9 0.7.0
• 8dd8ec5 Update changelog.
• 2815dc9 Merge pull request #1012 from jaredhanson/authinfo-assignprop
• 0f2f81c Fix test to allow setting of authInfo with assignProperty.
• b4e4cff Fix test to allow setting of authInfo from authorize call.
• da379a0 Merge branch 'master' into authinfo-assignprop
• cfdbd4a Update sponsors.
• 6cc8a7c Update sponsors.
• b6ab747 Update sponsors.
• c521bc8 Add FusionAuth as sponsor.
• Additional commits viewable in compare view

Updates passport-jwt from 4.0.0 to 4.0.1

Commits

• fed94fa 4.0.1 release
• cfb5566 Merge pull request #248 from mikenicholson/update-minmatch
• 8e4ad5b Address minmatch vulnerability
• e9cf2ce Merge pull request #247 from mikenicholson/jsonwebtoken-9
• bfbc6cc Update jsonwebtoken to 9.0.0
• a49b43e Update minimist due to prototype pollution vulnerability in previous version
• a5137c6 Merge pull request #192 from markhoney/patch-1
• ea824cd Update jsonwebtoken and run npm audit fix
• 8e57eec Remove older node versions shiping npm without support for "ci"
• 3ab9305 Add CI workflow in GitHub Actions
• Additional commits viewable in compare view

Updates @types/passport-jwt from 3.0.3 to 4.0.1

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[dependabot[bot]]

Looks like these dependencies are updatable in another way, so this is no longer needed.