Closed gswalden closed 6 years ago
gswalden
commented
6 years ago maxAge verification option expects seconds or a string describing a time span (i.e: '2 days'). It accepted milliseconds in v7, which did not make sense since JWTs times are expressed in seconds.
I suppose this could affect passport-jwt users, so not sure if this should be a major version or patch.
XVincentX
commented
6 years ago Is this landing anytime soon?
BorntraegerMarc
commented
6 years ago Still no Update?
JulianLaval
commented
6 years ago Any updates on this? The package currently relies on a now-vulnerable version of jsonwebtoken (see #147), so acceptance of this PR would be greatly appreciated! 🙂
XVincentX
commented
6 years ago I am afraid the original author is not going to look at this any time soon.
JulianLaval
commented
6 years ago @XVincentX we've gone ahead and forked this repo & updated the dependency -- feel free to use it: https://github.com/CenterHealth/passport-jwt
kujon
commented
6 years ago @JulianLaval do you mind publishing it to npm please?
JulianLaval
commented
6 years ago @kujon Happy to, although I'm guessing I'd probably revert back to the original if it ever gets updated. Would it maybe be preferable to reference the fork from your package.json?
// In your dependencies
"passport-jwt": "centerhealth/passport-jwt"NPM explicitly supports GitHub URLs, see here.
If you'd still like me to publish on NPM, let me know!
thiagobustamante
commented
6 years ago @themikenicholson Any news?
mikenicholson
commented
6 years ago Updated to 8.2.0.
Didn't merge this PR since I went with the latest version of jsonwebtoken. Thanks for bringing it to my attention.
I'm very sorry for taking so long to get to this. Life got busy for a few months.
The jsonwebtoken migration guide does not note any breaking changes related to this library's usage. All tests pass.
Closes #131