chore(deps): bump jsonwebtoken from 9.0.1 to 9.0.2 #75

Merged

argoyle merged 1 commits from dependabot-npm_and_yarn-jsonwebtoken-9.0.2 into main 2023-08-31 06:54:18 +00:00

Conversation 0 Commits 1 Files Changed 2

+48 -12

argoyle commented 2023-08-31 06:53:08 +00:00 (Migrated from gitlab.com)

Copy Link

Copy Source

Bumps jsonwebtoken from 9.0.1 to 9.0.2.

Changelog

Sourced from jsonwebtoken's changelog.

9.0.2 - 2023-08-30

• security: updating semver to 7.5.4 to resolve CVE-2022-25883, closes #921.
• refactor: reduce library size by using lodash specific dependencies, closes #878.

Commits

• bc28861 Release 9.0.2 (#935)
• 96b8906 refactor: use specific lodash packages (#933)
• ed35062 security: Updating semver to 7.5.4 to resolve CVE-2022-25883 (#932)
• See full diff in compare view

Maintainer changes

This version was pushed to npm by charlesrea, a new releaser for jsonwebtoken since your current version.

---

Dependabot commands

You can trigger Dependabot actions by commenting on this MR

• $dependabot recreate will recreate this MR rewriting all the manual changes and resolving conflicts

Bumps [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) from 9.0.1 to 9.0.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/auth0/node-jsonwebtoken/blob/master/CHANGELOG.md">jsonwebtoken's changelog</a>.</em></p> <blockquote> <h2>9.0.2 - 2023-08-30</h2> <ul> <li>security: updating semver to 7.5.4 to resolve CVE-2022-25883, closes <a href="https://github.com/auth0/node-jsonwebtoken/issues/921">#921</a>.</li> <li>refactor: reduce library size by using lodash specific dependencies, closes <a href="https://github.com/auth0/node-jsonwebtoken/issues/878">#878</a>.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/auth0/node-jsonwebtoken/commit/bc28861f1fa981ed9c009e29c044a19760a0b128"><code>bc28861</code></a> Release 9.0.2 (<a href="https://github.com/auth0/node-jsonwebtoken/issues/935">#935</a>)</li> <li><a href="https://github.com/auth0/node-jsonwebtoken/commit/96b89060cfc19272a7d853f53cb28c42580a6a67"><code>96b8906</code></a> refactor: use specific lodash packages (<a href="https://github.com/auth0/node-jsonwebtoken/issues/933">#933</a>)</li> <li><a href="https://github.com/auth0/node-jsonwebtoken/commit/ed35062239c0195d4341025d4699cc39608b435e"><code>ed35062</code></a> security: Updating semver to 7.5.4 to resolve CVE-2022-25883 (<a href="https://github.com/auth0/node-jsonwebtoken/issues/932">#932</a>)</li> <li>See full diff in <a href="https://github.com/auth0/node-jsonwebtoken/compare/v9.0.1...v9.0.2">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~charlesrea">charlesrea</a>, a new releaser for jsonwebtoken since your current version.</p> </details> <br /> --- <details> <summary>Dependabot commands</summary> <br /> You can trigger Dependabot actions by commenting on this MR - `$dependabot recreate` will recreate this MR rewriting all the manual changes and resolving conflicts </details>

argoyle (Migrated from gitlab.com) scheduled this pull request to auto merge when all checks succeed 2023-08-31 06:53:50 +00:00

argoyle (Migrated from gitlab.com) merged commit into main 2023-08-31 06:54:18 +00:00

Sign in to join this conversation.

Reviewers

No Reviewers

Labels

Clear labels

dependencies

Pull requests that update a dependency file

docker

javascript

security

Pull requests that address a security vulnerability

severity:moderate

No Label dependencies javascript

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

acctest (Shiny Acctest) argoyle (Joakim Olsson) buildtools (Buildtools) kubernetes (Kubernetes) peter releaser (Unbound Releaser) renovate (Renovate Bot)

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: unboundsoftware/auth0mock#75