search

moneyhub / moneyhub-api-client

Node.JS Client for the Moneyhub API
10 stars 7 forks source link

[Snyk] Upgrade jose from 4.9.3 to 4.14.4 #65

Open ozamarripa opened 1 year ago

ozamarripa commented 1 year ago

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade jose from 4.9.3 to 4.14.4.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **21 versions** ahead of your current version. - The recommended version was released **2 months ago**, on 2023-04-30.
Release notes
Package name: jose
  • 4.14.4 - 2023-04-30

    Refactor

    • cleanup NODE-ED25519 workerd workarounds (072e83d)
  • 4.14.3 - 2023-04-27

    Reverts

    • Revert "fix(types): headers and payloads may only be JSON values and primitives" (06d8101), closes #534
  • 4.14.2 - 2023-04-26

    Fixes

    • types: headers and payloads may only be JSON values and primitives (24f306e)
  • 4.14.1 - 2023-04-20

    This release is to start using provenance statements.

      </li>
  <li>
    <b>4.14.0</b> - <a href="https://snyk.io/redirect/github/panva/jose/releases/tag/v4.14.0">2023-04-14</a></br><h3>Features</h3>
    • add requiredClaims JWT validation option (eeea91d)
      </li>
  <li>
    <b>4.13.2</b> - <a href="https://snyk.io/redirect/github/panva/jose/releases/tag/v4.13.2">2023-04-12</a></br><p>This release contains only minor code refactoring, documentation, and IntelliSense updates.</p>
  </li>
  <li>
    <b>4.13.1</b> - <a href="https://snyk.io/redirect/github/panva/jose/releases/tag/v4.13.1">2023-03-02</a></br><h3>Fixes</h3>
    • workerd: avoid "The script will never generate a response" edge cases completely (96a8c99), closes #355 #509
      </li>
  <li>
    <b>4.13.0</b> - <a href="https://snyk.io/redirect/github/panva/jose/releases/tag/v4.13.0">2023-02-27</a></br><h3>Features</h3>
    • types: allow generics to aid in CryptoKey or KeyObject narrowing of KeyLike (6effa4d)

    Fixes

    • make jose.EmbeddedJWK arguments optional (20610a9)
      </li>
  <li>
    <b>4.12.2</b> - <a href="https://snyk.io/redirect/github/panva/jose/releases/tag/v4.12.2">2023-02-27</a></br><h3>Fixes</h3>
    • types: declare explicit return from EmbeddedJWK (46934ac)
      </li>
  <li>
    <b>4.12.1</b> - <a href="https://snyk.io/redirect/github/panva/jose/releases/tag/v4.12.1">2023-02-27</a></br><h3>Refactor</h3>
    • clarify when alg is used and required on key imports (19e525f)
    • node: have node:crypto deal with x509 parsing (45bb45d)
      </li>
  <li>
    <b>4.12.0</b> - 2023-02-15
  </li>
  <li>
    <b>4.11.4</b> - 2023-02-07
  </li>
  <li>
    <b>4.11.3</b> - 2023-02-07
  </li>
  <li>
    <b>4.11.2</b> - 2023-01-01
  </li>
  <li>
    <b>4.11.1</b> - 2022-11-22
  </li>
  <li>
    <b>4.11.0</b> - 2022-11-08
  </li>
  <li>
    <b>4.10.4</b> - 2022-10-28
  </li>
  <li>
    <b>4.10.3</b> - 2022-10-20
  </li>
  <li>
    <b>4.10.2</b> - 2022-10-20
  </li>
  <li>
    <b>4.10.1</b> - 2022-10-20
  </li>
  <li>
    <b>4.10.0</b> - 2022-09-27
  </li>
  <li>
    <b>4.9.3</b> - 2022-09-15
  </li>
</ul>
from <a href="https://snyk.io/redirect/github/panva/jose/releases">jose GitHub release notes</a>

Commit messages
Package name: jose
  • 2b607e9 chore(release): 4.14.4
  • 072e83d refactor: cleanup NODE-ED25519 workerd workarounds
  • 9b234dd chore: bump dev deps
  • 7777f2f test: update workerd expectations
  • a8ede7f chore: bump dev deps
  • 433d2cd docs: drop support for v1.x and v3.x
  • d3d6f17 chore: bump dev deps
  • d9db56c chore: update package.json
  • 001d255 chore: cleanup after release
  • 008c1c8 chore(release): 4.14.3
  • 8fd1f29 build: add reverts to changelog
  • 06d8101 revert: Revert "fix(types): headers and payloads may only be JSON values and primitives"
  • ec4762d build,ci: dont run test.yml and browserstack.yml workflows on tag pushes
  • 490e892 chore: cleanup after release
  • f079ca3 chore(release): 4.14.2
  • 24f306e fix(types): headers and payloads may only be JSON values and primitives
  • a60399f chore: bump dev deps
  • 5bef71e chore: bump dev deps
  • 623152c build: refactor cleanup job
  • c1619d2 docs: update README.md and docs/README.md
  • 63655e2 build: no need to npm i -g npm for provenance on lts/hydrogen
  • c4be36b build: add default title to gh release
  • 5a9a03f build: dont continue on error
  • 6e32597 build: update postrelease message
Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

šŸ§ View latest project report

šŸ›  Adjust upgrade PR settings

šŸ”• Ignore this dependency or unsubscribe from future upgrade PRs