Open dependabot[bot] opened 2 months ago
Latest commit: c7c52885681fee668a7ce8c0ec7b8291b8bd398e
Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.
Click here to learn what changesets are, and how to add one.
Click here if you're a maintainer who wants to add a changeset to this PR
Bumps jose from 4.14.4 to 5.6.3.
Release notes
Sourced from jose's releases.
... (truncated)
Changelog
Sourced from jose's changelog.
... (truncated)
Commits
5b66bd4
chore(release): 5.6.3f3aff1c
fix: add sideEffects:false to nested ESM package.json files7d6efb9
chore: bump codeql actionb190d22
chore: add jwt-decode to package.json keywords8d397cb
docs: update UnsecuredJWT.decode variable nameb062a27
chore: cleanup after release084dae1
chore(release): 5.6.2b7920bd
fix: ensure KeyObject type in Web API encrypt/decrypt32b25a5
refactor: weak cache normalized CryptoKey instancesb7751f5
refactor: CryptoKey normalization is not always asyncDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show