[Snyk] Upgrade oauth4webapi from 2.10.3 to 2.17.0#348
Open
ralphbean wants to merge 1 commit into
Open
Conversation
Snyk has created this PR to upgrade oauth4webapi from 2.10.3 to 2.17.0. See this package in npm: oauth4webapi See this project in Snyk: https://app.snyk.io/org/developer-red-hat-trusted-application-pipeline/project/62358635-6218-4506-9c5b-1ad33a8f5b3b?utm_source=github&utm_medium=referral&page=upgrade-pr
8fec1dd to
3872360
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade oauth4webapi from 2.10.3 to 2.17.0.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 11 versions ahead of your current version.
The recommended version was released on 3 months ago.
Issues fixed by the recommended upgrade:
SNYK-JS-AXIOS-7361793
SNYK-JS-BODYPARSER-7926860
SNYK-JS-BRACES-6838727
SNYK-JS-CROSSSPAWN-8303230
SNYK-JS-FOLLOWREDIRECTS-6141137
SNYK-JS-SEMVER-3247795
SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555
SNYK-JS-AXIOS-6671926
SNYK-JS-COOKIE-8163060
SNYK-JS-EXPRESS-6474509
SNYK-JS-EXPRESS-7926867
SNYK-JS-FOLLOWREDIRECTS-6444610
SNYK-JS-FOLLOWREDIRECTS-6444610
SNYK-JS-NANOID-8492085
SNYK-JS-PATHTOREGEXP-7925106
SNYK-JS-PATHTOREGEXP-8482416
SNYK-JS-SERIALIZEJAVASCRIPT-6147607
SNYK-JS-WEBPACK-7840298
SNYK-JS-SEND-7926862
SNYK-JS-SERVESTATIC-7926865
Release notes
Package name: oauth4webapi
-
2.17.0 - 2024-09-22
- support client use_mtls_endpoint_aliases metadata (60c9df4)
- fix calculatePKCECodeChallenge description (ac014f2)
- deprecate the useMtlsAlias symbol and options (d2b7cb0)
- use as Type for type assertions instead of (a0ccf56)
-
2.16.0 - 2024-09-16
- add a hook for decrypting JWE assertions (62795a6)
- allow to modify issued JWT headers and payloads before signing (30931ba)
- update docs on useMtlsAlias (006db55)
-
2.15.0 - 2024-09-15
- support generic token endpoint grant requests (2f454b5)
-
2.14.0 - 2024-09-15
- add non-repudiation signature validation methods (0916de2)
- update JSDoc to use more link syntax (d78f090)
- update various comments and documentation (9c3f1ed)
-
2.13.0 - 2024-09-10
- build: add jsr.io distribution (dc6157f)
-
2.12.2 - 2024-09-09
- error msg when ID Token aud is an array and azp is missing (68e0338)
- remove redundant checks (763b3d0)
- remove non-described parameter JSDoc tags (b1507b9)
- update README.md (9d1377b)
-
2.12.1 - 2024-09-03
- use correct "htm" in DPoP Proof via protectedResourceRequest (3ce3be2), closes #132
-
2.12.0 - 2024-08-19
- graduate jwksCache to stable API (0e0e1d2)
- move clockSkew and clockTolerance docs to the symbol (3b5d2ea)
- update clockSkew and clockTolerance docs (c97313a)
-
2.11.1 - 2024-06-20
- allow ID Token auth_time to be present even if client.require_auth_time is false (caa9ab3)
-
2.11.0 - 2024-06-19
- add experimental support for edge compute runtimes JWKS caching (15b7aff)
- update maxAge option type check error message (7fe3454)
- clarify documentation is more an API Reference (c96c8e0)
- update example import (651e8ea)
- updates for readability and consistency (b1b8b7d)
-
2.10.4 - 2024-03-29
-
2.10.3 - 2024-02-07
from oauth4webapi GitHub release notesFeatures
Documentation
Refactor
Features
Documentation
Features
Features
Documentation
Features
Refactor
Documentation
Fixes
Features
Documentation
Fixes
Features
Refactor
Documentation
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information: