Merge branch 'next-release' into 'main'

chore(release): prepare for 0.3.0

See merge request unboundsoftware/auth0mock!187

.gitignore

@@ -1,2 +1,3 @@
 node_modules/
 .idea/
+.claude/

.nvmrc

@@ -1 +1 @@
-22
+24

.version

@@ -0,0 +1 @@
+{"version":"0.3.0"}

CHANGELOG.md

@@ -1,7 +1,19 @@
-# Changelog
+## [0.3.0] - 2025-12-28
 
-All notable changes to this project will be documented in this file.
+### 🚀 Features
 
+- Increase resource limits and improve readiness checks
+
+### 🐛 Bug Fixes
+
+- *(deps)* Update dependency debug to v4.4.2
+- Downgrade debug package to version 4.4.1
+- *(deps)* Update dependency debug to v4.4.3
+- *(deps)* Update dependency nodemon to v3.1.11
+- *(deps)* Update dependency body-parser to v2.2.1
+- *(deps)* Update dependency express to v5.2.0
+- *(deps)* Update dependency express to v5.2.1
+- *(deps)* Update dependency jsonwebtoken to v9.0.3
 ## [0.2.0] - 2025-06-29
 
 ### 🚀 Features
@@ -14,7 +26,6 @@ All notable changes to this project will be documented in this file.
 - *(deps)* Update dependency debug to v4.4.1
 - *(deps)* Update dependency serve-favicon to v2.5.1
 - *(k8s)* Update ingress configuration for backend service
-
 ## [0.1.5] - 2025-04-03
 
 ### 🐛 Bug Fixes
@@ -26,13 +37,11 @@ All notable changes to this project will be documented in this file.
 ### ⚙️ Miscellaneous Tasks
 
 - *(Dockerfile)* Update Node.js base image version
-
 ## [0.1.4] - 2025-01-24
 
 ### 🐛 Bug Fixes
 
 - *(k8s)* Update labels to adhere to best practices
-
 ## [0.1.3] - 2024-12-18
 
 ### 🐛 Bug Fixes
@@ -50,7 +59,6 @@ All notable changes to this project will be documented in this file.
 
 - Update renovate configuration to disable auth0mock updates
 - Remove Docker service from build stage configuration
-
 ## [0.1.2] - 2024-10-19
 
 ### 🐛 Bug Fixes
@@ -62,7 +70,6 @@ All notable changes to this project will be documented in this file.
 
 - Update Dockerfile to remove warnings
 - Support issuer in openid-configuration
-
 ## [0.1.1] - 2024-10-05
 
 ### 🐛 Bug Fixes
@@ -84,7 +91,6 @@ All notable changes to this project will be documented in this file.
 ### ⚙️ Miscellaneous Tasks
 
 - Add release flow
-
 ## [0.1.0] - 2024-04-08
 
 ### 🚀 Features
@@ -95,7 +101,6 @@ All notable changes to this project will be documented in this file.
 
 - *(deps)* Update dependency express to v4.19.1
 - *(deps)* Update dependency express to v4.19.2
-
 ## [0.0.17] - 2024-03-11
 
 ### 🚀 Features
@@ -105,37 +110,31 @@ All notable changes to this project will be documented in this file.
 ### 🐛 Bug Fixes
 
 - *(deps)* Update dependency express to v4.18.3
-
 ## [0.0.16] - 2023-06-01
 
 ### 🚀 Features
 
 - Initial users store
-
 ## [0.0.15] - 2023-05-31
 
 ### 🐛 Bug Fixes
 
 - Return empty array
-
 ## [0.0.14] - 2023-05-31
 
 ### 🚀 Features
 
 - Remember created users
-
 ## [0.0.13] - 2023-05-02
 
 ### 🚀 Features
 
 - Add name and email to id token
-
 ## [0.0.12] - 2023-03-10
 
 ### 🐛 Bug Fixes
 
 - Remove session on logout
-
 ## [0.0.11] - 2023-03-10
 
 ### 🐛 Bug Fixes
@@ -148,25 +147,21 @@ All notable changes to this project will be documented in this file.
 - Use Docker DinD version from variable
 - Change Dependabot rebase strategy
 - Format code and add prettier
-
 ## [0.0.9] - 2022-04-28
 
 ### 🚀 Features
 
 - Add support for client id and secret tokens
-
 ## [0.0.8] - 2022-04-26
 
 ### 🚀 Features
 
 - Add dummy-implementation of management API
-
 ## [0.0.7] - 2022-04-26
 
 ### 🐛 Bug Fixes
 
 - Use correct return-variable
-
 ## [0.0.6] - 2022-04-26
 
 ### 🐛 Bug Fixes
@@ -180,25 +175,21 @@ All notable changes to this project will be documented in this file.
 ### ⚙️ Miscellaneous Tasks
 
 - Format code
-
 ## [0.0.5] - 2022-04-26
 
 ### 🐛 Bug Fixes
 
 - Add custom claims to both id and access token
-
 ## [0.0.4] - 2022-04-26
 
 ### 🚀 Features
 
 - Add email custom claim
-
 ## [0.0.3] - 2022-04-26
 
 ### 🚀 Features
 
 - Add env-property for default issuer
-
 ## [0.0.2] - 2022-04-25
 
 ### 💼 Other
@@ -208,7 +199,6 @@ All notable changes to this project will be documented in this file.
 ### ⚙️ Miscellaneous Tasks
 
 - Change admin-handling
-
 ## [0.0.1] - 2022-04-19
 
 ### 🚀 Features
@@ -256,5 +246,3 @@ All notable changes to this project will be documented in this file.
 - Add dependabot config
 - Remove dependabot-standalone
 - Cleanup and remove acctest triggering
-
-<!-- generated by git-cliff -->

CLAUDE.md

@@ -0,0 +1,83 @@
+# CLAUDE.md
+
+This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
+
+## Project Overview
+
+auth0mock is a Node.js/Express application that simulates an Auth0 authentication server for local development. It provides OAuth 2.0 and OpenID Connect (OIDC) endpoints compatible with the Auth0 API, allowing developers to test authentication flows without connecting to the actual Auth0 service.
+
+## Development Commands
+
+```bash
+# Install dependencies
+yarn install
+
+# Start production server (port 3333)
+yarn start
+
+# Development with auto-reload (nodemon)
+yarn dev
+
+# Format code
+yarn lintfix
+
+# Check formatting
+yarn lint
+```
+
+## Architecture
+
+This is a single-file Express application (`app.js`) that implements:
+
+**Authentication Endpoints:**
+
+- `POST /oauth/token` - Token exchange (OAuth 2.0 authorization code flow)
+- `GET /authorize` - Authorization endpoint with HTML login form
+- `POST /code` - Code generation for PKCE flow
+
+**Discovery Endpoints:**
+
+- `GET /.well-known/openid-configuration` - OIDC discovery document
+- `GET /.well-known/jwks.json` - JSON Web Key Set for token verification
+
+**Management API (Auth0-compatible):**
+
+- `GET /api/v2/users-by-email` - Get user by email
+- `POST /api/v2/users` - Create user
+- `PATCH /api/v2/users/:userid` - Update user
+- `POST /api/v2/tickets/password-change` - Password change ticket
+
+**Key Implementation Details:**
+
+- RSA 2048-bit key pair generated at startup using `node-jose`
+- In-memory session and user storage (not persistent)
+- PKCE support with code challenge verification
+- Custom claims for admin (`https://unbound.se/admin`) and email (`https://unbound.se/email`)
+
+## Environment Variables
+
+| Variable     | Default                    | Purpose                          |
+| ------------ | -------------------------- | -------------------------------- |
+| `ISSUER`     | `localhost:3333`           | JWT issuer claim                 |
+| `AUDIENCE`   | `https://generic-audience` | JWT audience claim               |
+| `USERS_FILE` | `./users.json`             | Path to initial users JSON file  |
+| `DEBUG`      | (unset)                    | Debug logging (`app*` to enable) |
+
+## Initial Users
+
+Create a `users.json` file to seed users on startup:
+
+```json
+{
+  "email@test.com": {
+    "given_name": "John",
+    "family_name": "Doe",
+    "user_id": "auth0|email@test.com",
+    "email": "email@test.com"
+  }
+}
+```
+
+## Integration with Shiny
+
+This service is used for local development and acceptance testing of the Shiny platform. The gateway and frontend services are configured to accept tokens signed by this mock server when running locally.

Dockerfile

@@ -1,4 +1,4 @@
-FROM amd64/node:22.17.0@sha256:91cf1cc511d84f34d2c4763ffaea29f9e2f19c1da662740cbbbaf08b1d025eca
+FROM amd64/node:24.12.0@sha256:e8bb5aafe1964147c8344b1ea7698218e3675340407a07a14c49901df97455f6
 ENV AUDIENCE="https://shiny.unbound.se"
 ENV ORIGIN_HOST="auth0mock"
 ENV ORIGIN="https://auth0mock:3333"

app.js

@@ -8,7 +8,7 @@ const Debug = require('debug')
 const path = require('path')
 const cors = require('cors')
 const bodyParser = require('body-parser')
-const jose = require('node-jose');
+const jose = require('node-jose')
 const favicon = require('serve-favicon')
 const initialUsers = require('./users')
 
@@ -128,6 +128,10 @@ app.post('/oauth/token', async (req, res) => {
 
     debug('Signed token for ' + session.email)
 
+    // Clean up session and challenge after successful token exchange
+    delete sessions[code]
+    delete challenges[code]
+
     res.json({
       access_token: accessToken,
       id_token: idToken,
@@ -141,22 +145,6 @@ app.post('/oauth/token', async (req, res) => {
   }
 })
 
-// This route can be used to generate a valid jwt-token.
-app.get('/token/:email', (req, res) => {
-  if (!req.params.email) {
-    debug('No user was given!')
-    return res.status(400).send('user is missing')
-  }
-  const token = jwt.sign(
-    {
-      user_id: 'auth0|' + req.params.email
-    },
-    privateKey
-  )
-  debug('Signed token for ' + req.params.email)
-  res.json({ token })
-})
-
 app.post('/code', (req, res) => {
   if (!req.body.email || !req.body.password || !req.body.codeChallenge) {
     debug('Body is invalid!', req.body)
@@ -301,65 +289,66 @@ app.get('/.well-known/openid-configuration', (req, res) => {
   debug('Fetching OpenID configuration')
   res.contentType('application/json').send(
     JSON.stringify({
-      "issuer":
+      issuer: `${jwksOrigin}`,
-        `${jwksOrigin}`,
+      authorization_endpoint: `${jwksOrigin}authorize`,
-      "authorization_endpoint":
+      token_endpoint: `${jwksOrigin}oauth/token`,
-        `${jwksOrigin}authorize`,
+      token_endpoint_auth_methods_supported: [
-      "token_endpoint":
+        'client_secret_basic',
-        `${jwksOrigin}oauth/token`,
+        'private_key_jwt'
-      "token_endpoint_auth_methods_supported":
+      ],
-        ["client_secret_basic", "private_key_jwt"],
+      token_endpoint_auth_signing_alg_values_supported: ['RS256'],
-      "token_endpoint_auth_signing_alg_values_supported":
+      userinfo_endpoint: `${jwksOrigin}userinfo`,
-        ["RS256"],
+      check_session_iframe: `${jwksOrigin}check_session`,
-      "userinfo_endpoint":
+      end_session_endpoint: `${jwksOrigin}end_session`,
-        `${jwksOrigin}userinfo`,
+      jwks_uri: `${jwksOrigin}.well-known/jwks.json`,
-      "check_session_iframe":
+      registration_endpoint: `${jwksOrigin}register`,
-        `${jwksOrigin}check_session`,
+      scopes_supported: [
-      "end_session_endpoint":
+        'openid',
-        `${jwksOrigin}end_session`,
+        'profile',
-      "jwks_uri":
+        'email',
-        `${jwksOrigin}.well-known/jwks.json`,
+        'address',
-      "registration_endpoint":
+        'phone',
-        `${jwksOrigin}register`,
+        'offline_access'
-      "scopes_supported":
+      ],
-        ["openid", "profile", "email", "address",
+      response_types_supported: [
-          "phone", "offline_access"],
+        'code',
-      "response_types_supported":
+        'code id_token',
-        ["code", "code id_token", "id_token", "id_token token"],
+        'id_token',
-      "acr_values_supported":
+        'id_token token'
-        [],
+      ],
-      "subject_types_supported":
+      acr_values_supported: [],
-        ["public", "pairwise"],
+      subject_types_supported: ['public', 'pairwise'],
-      "userinfo_signing_alg_values_supported":
+      userinfo_signing_alg_values_supported: ['RS256', 'ES256', 'HS256'],
-        ["RS256", "ES256", "HS256"],
+      userinfo_encryption_alg_values_supported: ['RSA-OAEP-256', 'A128KW'],
-      "userinfo_encryption_alg_values_supported":
+      userinfo_encryption_enc_values_supported: ['A128CBC-HS256', 'A128GCM'],
-        ["RSA-OAEP-256", "A128KW"],
+      id_token_signing_alg_values_supported: ['RS256', 'ES256', 'HS256'],
-      "userinfo_encryption_enc_values_supported":
+      id_token_encryption_alg_values_supported: ['RSA-OAEP-256', 'A128KW'],
-        ["A128CBC-HS256", "A128GCM"],
+      id_token_encryption_enc_values_supported: ['A128CBC-HS256', 'A128GCM'],
-      "id_token_signing_alg_values_supported":
+      request_object_signing_alg_values_supported: ['none', 'RS256', 'ES256'],
-        ["RS256", "ES256", "HS256"],
+      display_values_supported: ['page', 'popup'],
-      "id_token_encryption_alg_values_supported":
+      claim_types_supported: ['normal', 'distributed'],
-        ["RSA-OAEP-256", "A128KW"],
+      claims_supported: [
-      "id_token_encryption_enc_values_supported":
+        'sub',
-        ["A128CBC-HS256", "A128GCM"],
+        'iss',
-      "request_object_signing_alg_values_supported":
+        'auth_time',
-        ["none", "RS256", "ES256"],
+        'acr',
-      "display_values_supported":
+        'name',
-        ["page", "popup"],
+        'given_name',
-      "claim_types_supported":
+        'family_name',
-        ["normal", "distributed"],
+        'nickname',
-      "claims_supported":
+        'profile',
-        ["sub", "iss", "auth_time", "acr",
+        'picture',
-          "name", "given_name", "family_name", "nickname",
+        'website',
-          "profile", "picture", "website",
+        'email',
-          "email", "email_verified", "locale", "zoneinfo",
+        'email_verified',
-          "https://unbound.se/email", "https://unbound.se/admin"],
+        'locale',
-      "claims_parameter_supported":
+        'zoneinfo',
-        true,
+        'https://unbound.se/email',
-      "service_documentation":
+        'https://unbound.se/admin'
-        "http://auth0/",
+      ],
-      "ui_locales_supported":
+      claims_parameter_supported: true,
-        ["en-US"]
+      service_documentation: 'http://auth0/',
+      ui_locales_supported: ['en-US']
     })
   )
 })

k8s/deploy.yaml

@@ -18,9 +18,9 @@ spec:
           imagePullPolicy: "IfNotPresent"
           resources:
             requests:
-              memory: 200Mi
+              memory: 256Mi
             limits:
-              memory: 300Mi
+              memory: 512Mi
           ports:
             - containerPort: 3333
           env:
@@ -29,7 +29,13 @@ spec:
           readinessProbe:
             httpGet:
               port: 3333
-              path: .well-known/jwks.json
+              path: /.well-known/jwks.json
+          livenessProbe:
+            httpGet:
+              port: 3333
+              path: /.well-known/jwks.json
+            initialDelaySeconds: 10
+            periodSeconds: 30
 ---
 apiVersion: v1
 kind: Service

package.json

@@ -14,18 +14,18 @@
   "author": "",
   "license": "MIT",
   "dependencies": {
-    "body-parser": "2.2.0",
+    "body-parser": "2.2.1",
     "cookie-parser": "1.4.7",
     "cors": "2.8.5",
-    "debug": "4.4.1",
+    "debug": "4.4.3",
-    "express": "5.1.0",
+    "express": "5.2.1",
     "https-localhost": "4.7.1",
-    "jsonwebtoken": "9.0.2",
+    "jsonwebtoken": "9.0.3",
     "node-jose": "2.2.0",
-    "nodemon": "3.1.10",
+    "nodemon": "3.1.11",
     "serve-favicon": "2.5.1"
   },
   "devDependencies": {
-    "prettier": "3.6.2"
+    "prettier": "3.7.4"
   }
 }

yarn.lock

@@ -74,20 +74,20 @@ body-parser@1.20.3:
     type-is "~1.6.18"
     unpipe "1.0.0"
 
-body-parser@2.2.0, body-parser@^2.2.0:
+body-parser@2.2.1, body-parser@^2.2.1:
-  version "2.2.0"
+  version "2.2.1"
-  resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-2.2.0.tgz#f7a9656de305249a715b549b7b8fd1ab9dfddcfa"
+  resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-2.2.1.tgz#6df606b0eb0a6e3f783dde91dde182c24c82438c"
-  integrity sha512-02qvAaxv8tp7fBa/mw1ga98OGm+eCbqzJOKoRt70sLmfEEi+jyBYVTDGfCL/k06/4EMk/z01gCe7HoCH/f2LTg==
+  integrity sha512-nfDwkulwiZYQIGwxdy0RUmowMhKcFVcYXUU7m4QlKYim1rUtg83xm2yjZ40QjDuc291AJjjeSc9b++AWHSgSHw==
   dependencies:
     bytes "^3.1.2"
     content-type "^1.0.5"
-    debug "^4.4.0"
+    debug "^4.4.3"
     http-errors "^2.0.0"
-    iconv-lite "^0.6.3"
+    iconv-lite "^0.7.0"
     on-finished "^2.4.1"
     qs "^6.14.0"
-    raw-body "^3.0.0"
+    raw-body "^3.0.1"
-    type-is "^2.0.0"
+    type-is "^2.0.1"
 
 brace-expansion@^1.1.7:
   version "1.1.11"
@@ -104,10 +104,10 @@ braces@~3.0.2:
   dependencies:
     fill-range "^7.1.1"
 
-buffer-equal-constant-time@1.0.1:
+buffer-equal-constant-time@^1.0.1:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz#f8e71132f7ffe6e01a5c9697a4c6f3e48d5cc819"
-  integrity sha1-+OcRMvf/5uAaXJaXpMbz5I1cyBk=
+  integrity sha512-zRpUiDwd/xk6ADqPMATG8vc9VPrkck7T07OIx0gnjmJAnHnTVXNQG3vfvWNuiZIkwu9KrKdA1iJKfsfTVxE6NA==
 
 buffer@^6.0.3:
   version "6.0.3"
@@ -122,7 +122,7 @@ bytes@3.0.0:
   resolved "https://registry.yarnpkg.com/bytes/-/bytes-3.0.0.tgz#d32815404d689699f85a4ea4fa8755dd13a96048"
   integrity sha1-0ygVQE1olpn4Wk6k+odV3ROpYEg=
 
-bytes@3.1.2, bytes@^3.1.2:
+bytes@3.1.2, bytes@^3.1.2, bytes@~3.1.2:
   version "3.1.2"
   resolved "https://registry.yarnpkg.com/bytes/-/bytes-3.1.2.tgz#8b0beeb98605adf1b128fa4386403c009e0221a5"
   integrity sha512-/Nf7TyzTx6S3yRJObOAV7956r8cr2+Oj8AC5dt8wSP3BQAoeX58NoHyCU8P8zGkNXStjTSi6fzO6F0pBdcYbEg==
@@ -261,10 +261,10 @@ debug@2.6.9:
   dependencies:
     ms "2.0.0"
 
-debug@4.4.1:
+debug@4.4.3, debug@^4.4.3:
-  version "4.4.1"
+  version "4.4.3"
-  resolved "https://registry.yarnpkg.com/debug/-/debug-4.4.1.tgz#e5a8bc6cbc4c6cd3e64308b0693a3d4fa550189b"
+  resolved "https://registry.yarnpkg.com/debug/-/debug-4.4.3.tgz#c6ae432d9bd9662582fce08709b038c58e9e3d6a"
-  integrity sha512-KcKCqiftBJcZr++7ykoDIEwSa3XWowTfNPo92BYxjXiyYEVrUQh2aLyhxBCwww+heortUFxEJYcRzosstTEBYQ==
+  integrity sha512-RGwwWnwQvkVfavKVt22FGLw+xYSdzARwm0ru6DhTVA3umU5hZc28V3kO4stgYryrTlLpuvgI9GiijltAjNbcqA==
   dependencies:
     ms "^2.1.3"
 
@@ -291,7 +291,7 @@ define-data-property@^1.1.4:
     es-errors "^1.3.0"
     gopd "^1.0.1"
 
-depd@2.0.0, depd@^2.0.0:
+depd@2.0.0, depd@^2.0.0, depd@~2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/depd/-/depd-2.0.0.tgz#b696163cc757560d09cf22cc8fad1571b79e76df"
   integrity sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw==
@@ -376,18 +376,19 @@ etag@^1.8.1, etag@~1.8.1:
   resolved "https://registry.yarnpkg.com/etag/-/etag-1.8.1.tgz#41ae2eeb65efa62268aebfea83ac7d79299b0887"
   integrity sha512-aIL5Fx7mawVa300al2BnEE4iNvo1qETxLrPI/o05L7z6go7fCw1J6EQmbK4FmJ2AS7kgVF/KEZWufBfdClMcPg==
 
-express@5.1.0:
+express@5.2.1:
-  version "5.1.0"
+  version "5.2.1"
-  resolved "https://registry.yarnpkg.com/express/-/express-5.1.0.tgz#d31beaf715a0016f0d53f47d3b4d7acf28c75cc9"
+  resolved "https://registry.yarnpkg.com/express/-/express-5.2.1.tgz#8f21d15b6d327f92b4794ecf8cb08a72f956ac04"
-  integrity sha512-DT9ck5YIRU+8GYzzU5kT3eHGA5iL+1Zd0EutOmTE9Dtk+Tvuzd23VBU+ec7HPNSTxXYO55gPV/hq4pSBJDjFpA==
+  integrity sha512-hIS4idWWai69NezIdRt2xFVofaF4j+6INOpJlVOLDO8zXGpUVEVzIYk12UUi2JzjEzWL3IOAxcTubgz9Po0yXw==
   dependencies:
     accepts "^2.0.0"
-    body-parser "^2.2.0"
+    body-parser "^2.2.1"
     content-disposition "^1.0.0"
     content-type "^1.0.5"
     cookie "^0.7.1"
     cookie-signature "^1.2.1"
     debug "^4.4.0"
+    depd "^2.0.0"
     encodeurl "^2.0.0"
     escape-html "^1.0.3"
     etag "^1.8.1"
@@ -622,6 +623,17 @@ http-errors@2.0.0, http-errors@^2.0.0:
     statuses "2.0.1"
     toidentifier "1.0.1"
 
+http-errors@~2.0.1:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-2.0.1.tgz#36d2f65bc909c8790018dd36fb4d93da6caae06b"
+  integrity sha512-4FbRdAX+bSdmo4AUFuS0WNiPz8NgFt+r8ThgNWmlrjQjt1Q7ZR9+zTlce2859x4KSXrwIsaeTqDoKQmtP8pLmQ==
+  dependencies:
+    depd "~2.0.0"
+    inherits "~2.0.4"
+    setprototypeof "~1.2.0"
+    statuses "~2.0.2"
+    toidentifier "~1.0.1"
+
 https-localhost@4.7.1:
   version "4.7.1"
   resolved "https://registry.yarnpkg.com/https-localhost/-/https-localhost-4.7.1.tgz#0fa4d2671a44ac32f10ae8abccc8d0178e7fcf3e"
@@ -641,10 +653,10 @@ iconv-lite@0.4.24:
   dependencies:
     safer-buffer ">= 2.1.2 < 3"
 
-iconv-lite@0.6.3, iconv-lite@^0.6.3:
+iconv-lite@^0.7.0, iconv-lite@~0.7.0:
-  version "0.6.3"
+  version "0.7.0"
-  resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.6.3.tgz#a52f80bf38da1952eb5c681790719871a1a72501"
+  resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.7.0.tgz#c50cd80e6746ca8115eb98743afa81aa0e147a3e"
-  integrity sha512-4fCk79wshMdzMp2rH06qWrJE4iolqLhCUH+OiuIgU++RB0+94NlDL81atO7GX55uUKueo0txHNtvEyI6D7WdMw==
+  integrity sha512-cf6L2Ds3h57VVmkZe+Pn+5APsT7FpqJtEhhieDCvrE2MK5Qk9MyffgQyuxQTm6BChfeZNtcOLHp9IcWRVcIcBQ==
   dependencies:
     safer-buffer ">= 2.1.2 < 3.0.0"
 
@@ -658,7 +670,7 @@ ignore-by-default@^1.0.1:
   resolved "https://registry.yarnpkg.com/ignore-by-default/-/ignore-by-default-1.0.1.tgz#48ca6d72f6c6a3af00a9ad4ae6876be3889e2b09"
   integrity sha512-Ius2VYcGNk7T90CppJqcIkS5ooHUZyIQK+ClZfMfMNFEF9VSE73Fq+906u/CWu92x4gzZMWOwfFYckPObzdEbA==
 
-inherits@2.0.4:
+inherits@2.0.4, inherits@~2.0.4:
   version "2.0.4"
   resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.4.tgz#0fa2c64f932917c3433a0ded55363aae37416b7c"
   integrity sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==
@@ -707,12 +719,12 @@ isarray@~1.0.0:
   resolved "https://registry.yarnpkg.com/isarray/-/isarray-1.0.0.tgz#bb935d48582cba168c06834957a54a3e07124f11"
   integrity sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE=
 
-jsonwebtoken@9.0.2:
+jsonwebtoken@9.0.3:
-  version "9.0.2"
+  version "9.0.3"
-  resolved "https://registry.yarnpkg.com/jsonwebtoken/-/jsonwebtoken-9.0.2.tgz#65ff91f4abef1784697d40952bb1998c504caaf3"
+  resolved "https://registry.yarnpkg.com/jsonwebtoken/-/jsonwebtoken-9.0.3.tgz#6cd57ab01e9b0ac07cb847d53d3c9b6ee31f7ae2"
-  integrity sha512-PRp66vJ865SSqOlgqS8hujT5U4AOgMfhrwYIuIhfKaoSCZcirrmASQr8CX7cUg+RMih+hgznrjp99o+W4pJLHQ==
+  integrity sha512-MT/xP0CrubFRNLNKvxJ2BYfy53Zkm++5bX9dtuPbqAeQpTVe0MQTFhao8+Cp//EmJp244xt6Drw/GVEGCUj40g==
   dependencies:
-    jws "^3.2.2"
+    jws "^4.0.1"
     lodash.includes "^4.3.0"
     lodash.isboolean "^3.0.3"
     lodash.isinteger "^4.0.4"
@@ -723,21 +735,21 @@ jsonwebtoken@9.0.2:
     ms "^2.1.1"
     semver "^7.5.4"
 
-jwa@^1.4.1:
+jwa@^2.0.1:
-  version "1.4.1"
+  version "2.0.1"
-  resolved "https://registry.yarnpkg.com/jwa/-/jwa-1.4.1.tgz#743c32985cb9e98655530d53641b66c8645b039a"
+  resolved "https://registry.yarnpkg.com/jwa/-/jwa-2.0.1.tgz#bf8176d1ad0cd72e0f3f58338595a13e110bc804"
-  integrity sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA==
+  integrity sha512-hRF04fqJIP8Abbkq5NKGN0Bbr3JxlQ+qhZufXVr0DvujKy93ZCbXZMHDL4EOtodSbCWxOqR8MS1tXA5hwqCXDg==
   dependencies:
-    buffer-equal-constant-time "1.0.1"
+    buffer-equal-constant-time "^1.0.1"
     ecdsa-sig-formatter "1.0.11"
     safe-buffer "^5.0.1"
 
-jws@^3.2.2:
+jws@^4.0.1:
-  version "3.2.2"
+  version "4.0.1"
-  resolved "https://registry.yarnpkg.com/jws/-/jws-3.2.2.tgz#001099f3639468c9414000e99995fa52fb478304"
+  resolved "https://registry.yarnpkg.com/jws/-/jws-4.0.1.tgz#07edc1be8fac20e677b283ece261498bd38f0690"
-  integrity sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==
+  integrity sha512-EKI/M/yqPncGUUh44xz0PxSidXFr/+r0pA70+gIYhjv+et7yxM+s29Y+VGDkovRofQem0fs7Uvf4+YmAdyRduA==
   dependencies:
-    jwa "^1.4.1"
+    jwa "^2.0.1"
     safe-buffer "^5.0.1"
 
 lodash.includes@^4.3.0:
@@ -908,10 +920,10 @@ node-jose@2.2.0:
     process "^0.11.10"
     uuid "^9.0.0"
 
-nodemon@3.1.10:
+nodemon@3.1.11:
-  version "3.1.10"
+  version "3.1.11"
-  resolved "https://registry.yarnpkg.com/nodemon/-/nodemon-3.1.10.tgz#5015c5eb4fffcb24d98cf9454df14f4fecec9bc1"
+  resolved "https://registry.yarnpkg.com/nodemon/-/nodemon-3.1.11.tgz#04a54d1e794fbec9d8f6ffd8bf1ba9ea93a756ed"
-  integrity sha512-WDjw3pJ0/0jMFmyNDp3gvY2YizjLmmOUQo6DEBY+JgdvW/yQ9mEeSw6H5ythl5Ny2ytb7f9C2nIbjSxMNzbJXw==
+  integrity sha512-is96t8F/1//UHAjNPHpbsNY46ELPpftGUoSVNXwUfMk/qdjSylYrWSu1XavVTBOn526kFiOR733ATgNBCQyH0g==
   dependencies:
     chokidar "^3.5.2"
     debug "^4"
@@ -993,10 +1005,10 @@ picomatch@^2.0.4, picomatch@^2.2.1:
   resolved "https://registry.yarnpkg.com/picomatch/-/picomatch-2.3.1.tgz#3ba3833733646d9d3e4995946c1365a67fb07a42"
   integrity sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==
 
-prettier@3.6.2:
+prettier@3.7.4:
-  version "3.6.2"
+  version "3.7.4"
-  resolved "https://registry.yarnpkg.com/prettier/-/prettier-3.6.2.tgz#ccda02a1003ebbb2bfda6f83a074978f608b9393"
+  resolved "https://registry.yarnpkg.com/prettier/-/prettier-3.7.4.tgz#d2f8335d4b1cec47e1c8098645411b0c9dff9c0f"
-  integrity sha512-I7AIg5boAr5R0FFtJ6rCfD+LFsWHp81dolrFD8S79U9tb8Az2nGrJncnMSnys+bpQJfRUzqs9hnA81OAA3hCuQ==
+  integrity sha512-v6UNi1+3hSlVvv8fSaoUbggEM5VErKmmpGA7Pl3HF8V6uKY7rvClBOJlH6yNwQtfTueNkGVpOv/mtWL9L4bgRA==
 
 process-nextick-args@~2.0.0:
   version "2.0.0"
@@ -1050,15 +1062,15 @@ raw-body@2.5.2:
     iconv-lite "0.4.24"
     unpipe "1.0.0"
 
-raw-body@^3.0.0:
+raw-body@^3.0.1:
-  version "3.0.0"
+  version "3.0.2"
-  resolved "https://registry.yarnpkg.com/raw-body/-/raw-body-3.0.0.tgz#25b3476f07a51600619dae3fe82ddc28a36e5e0f"
+  resolved "https://registry.yarnpkg.com/raw-body/-/raw-body-3.0.2.tgz#3e3ada5ae5568f9095d84376fd3a49b8fb000a51"
-  integrity sha512-RmkhL8CAyCRPXCE28MMH0z2PNWQBNk2Q09ZdxM9IOOXwxwZbN+qbWaatPkdkWIKL2ZVDImrN/pK5HTRz2PcS4g==
+  integrity sha512-K5zQjDllxWkf7Z5xJdV0/B0WTNqx6vxG70zJE4N0kBs4LovmEYWJzQGxC9bS9RAKu3bgM40lrd5zoLJ12MQ5BA==
   dependencies:
-    bytes "3.1.2"
+    bytes "~3.1.2"
-    http-errors "2.0.0"
+    http-errors "~2.0.1"
-    iconv-lite "0.6.3"
+    iconv-lite "~0.7.0"
-    unpipe "1.0.0"
+    unpipe "~1.0.0"
 
 readable-stream@^2.0.1:
   version "2.3.6"
@@ -1211,7 +1223,7 @@ set-function-length@^1.2.1:
     gopd "^1.0.1"
     has-property-descriptors "^1.0.2"
 
-setprototypeof@1.2.0:
+setprototypeof@1.2.0, setprototypeof@~1.2.0:
   version "1.2.0"
   resolved "https://registry.yarnpkg.com/setprototypeof/-/setprototypeof-1.2.0.tgz#66c9a24a73f9fc28cbe66b09fed3d33dcaf1b424"
   integrity sha512-E5LDX7Wrp85Kil5bhZv46j8jOeboKq5JMmYM3gVGdGH8xFpPWXUMsNrlODCrkoxMEeNi/XZIwuRvY4XNwYMJpw==
@@ -1301,6 +1313,11 @@ statuses@2.0.1, statuses@^2.0.1:
   resolved "https://registry.yarnpkg.com/statuses/-/statuses-2.0.1.tgz#55cb000ccf1d48728bd23c685a063998cf1a1b63"
   integrity sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ==
 
+statuses@~2.0.2:
+  version "2.0.2"
+  resolved "https://registry.yarnpkg.com/statuses/-/statuses-2.0.2.tgz#8f75eecef765b5e1cfcdc080da59409ed424e382"
+  integrity sha512-DvEy55V3DB7uknRo+4iOGT5fP1slR8wQohVdknigZPMpMstaKJQWhwiYBACJE3Ul2pTnATihhBYnRhZQHGBiRw==
+
 string_decoder@^1.1.1:
   version "1.2.0"
   resolved "https://registry.yarnpkg.com/string_decoder/-/string_decoder-1.2.0.tgz#fe86e738b19544afe70469243b2a1ee9240eae8d"
@@ -1329,7 +1346,7 @@ to-regex-range@^5.0.1:
   dependencies:
     is-number "^7.0.0"
 
-toidentifier@1.0.1:
+toidentifier@1.0.1, toidentifier@~1.0.1:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/toidentifier/-/toidentifier-1.0.1.tgz#3be34321a88a820ed1bd80dfaa33e479fbb8dd35"
   integrity sha512-o5sSPKEkg/DIQNmH43V0/uerLrpzVedkUh8tGNvaeXpfpuwjKenlSox/2O/BTlZUtEe+JG7s5YhEz608PlAHRA==
@@ -1339,7 +1356,7 @@ touch@^3.1.0:
   resolved "https://registry.yarnpkg.com/touch/-/touch-3.1.1.tgz#097a23d7b161476435e5c1344a95c0f75b4a5694"
   integrity sha512-r0eojU4bI8MnHr8c5bNo7lJDdI2qXlWWJk6a9EAFG7vbhTjElYhBVS3/miuE0uOuoLdb8Mc/rVfsmm6eo5o9GA==
 
-type-is@^2.0.0, type-is@^2.0.1:
+type-is@^2.0.1:
   version "2.0.1"
   resolved "https://registry.yarnpkg.com/type-is/-/type-is-2.0.1.tgz#64f6cf03f92fce4015c2b224793f6bdd4b068c97"
   integrity sha512-OZs6gsjF4vMp32qrCbiVSkrFmXtG/AZhY3t0iAMrMBiAZyV9oALtXO8hsrHbMXF9x6L3grlFuwW2oAz7cav+Gw==