chore(cdk): bump the non-major group across 1 directory with 13 updates

[dependabot]

Bumps the non-major group with 13 updates in the /cdk directory:

Package	From	To
@aws-sdk/client-cloudfront	3.616.0	3.670.0
@aws-sdk/client-secrets-manager	3.616.0	3.674.0
@types/aws-lambda	8.10.141	8.10.145
aws-cdk-lib	2.149.0	2.162.1
constructs	10.3.0	10.4.2
esbuild	0.23.0	0.24.0
jose	5.6.3	5.9.4
jsii	5.4.26	5.5.4
jsii-pacmak	1.101.0	1.104.0
nock	13.5.4	13.5.5
publib	0.2.860	0.2.900
typescript	5.5.3	5.6.3
vitest-mock-extended	2.0.0	2.0.2

Updates @aws-sdk/client-cloudfront from 3.616.0 to 3.670.0

Release notes

Sourced from @​aws-sdk/client-cloudfront's releases.

v3.670.0

3.670.0(2024-10-11)

Chores

• codegen: codegen update for createDefaultUserAgentProvider (#6558) (1f421db3)

Documentation Changes

• client-appflow: Doc only updates for clarification around OAuth2GrantType for Salesforce. (b381b166)
• client-robomaker: Documentation update: added support notices to each API action. (bc47ba41)

New Features

• client-guardduty: Added a new field for network connection details. (6f6d4ac2)
• client-emr: This release provides new parameter "Context" in instance fleet clusters. (bbad3841)
• client-elastic-load-balancing-v2: Add zonal_shift.config.enabled attribute. Add new AdministrativeOverride construct in the describe-target-health API response to include information about the override status applied to a target. (809828e6)

Bug Fixes

• client-s3: correct shape type of two shapes from union to structure (#6561) (9d746f60)
• lib-dynamodb: missing @​aws-sdk/core dependency in lib-dynamodb (#6557) (e4f9d596)

---

For list of updated packages, view updated-packages.md in assets-3.670.0.zip

v3.669.0

3.669.0(2024-10-10)

Chores

• middleware-user-agent: detect cbor, retry, account id features (#6552) (534e028f)

Documentation Changes

• client-elastic-inference: Elastic Inference - Documentation update to add service shutdown notice. (5dbe44b3)
• client-ecs: This is a documentation only release that updates to documentation to let customers know that Amazon Elastic Inference is no longer available. (1ec3fb83)
• client-acm-pca: Documentation updates for AWS Private CA. (70a55d50)

New Features

• client-socialmessaging: This release for AWS End User Messaging includes a public SDK, providing a suite of APIs that enable sending WhatsApp messages to end users. (9e43f51a)
• client-outposts: Adding new "DELIVERED" enum value for Outposts Order status (c9ca8165)
• client-neptune-graph: Support for 16 m-NCU graphs available through account allowlisting (60ba33d6)
• client-route53resolver: Route 53 Resolver Forwarding Rules can now include a server name indication (SNI) in the target address for rules that use the DNS-over-HTTPS (DoH) protocol. When a DoH-enabled Outbound Resolver Endpoint forwards a request to a DoH server, it will provide the SNI in the TLS handshake. (278471b3)
• client-iotfleetwise: Refine campaign related API validations (9695325a)
• client-ec2: This release adds support for assigning the billing of shared Amazon EC2 On-Demand Capacity Reservations. (88ca2562)
• client-database-migration-service: Introduces DescribeDataMigrations, CreateDataMigration, ModifyDataMigration, DeleteDataMigration, StartDataMigration, StopDataMigration operations to SDK. Provides FailedDependencyFault error message. (f4772634)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-cloudfront's changelog.

3.670.0 (2024-10-11)

Note: Version bump only for package @​aws-sdk/client-cloudfront

3.669.0 (2024-10-10)

Note: Version bump only for package @​aws-sdk/client-cloudfront

3.668.0 (2024-10-09)

Note: Version bump only for package @​aws-sdk/client-cloudfront

3.667.0 (2024-10-08)

Note: Version bump only for package @​aws-sdk/client-cloudfront

3.666.0 (2024-10-07)

Note: Version bump only for package @​aws-sdk/client-cloudfront

3.665.0 (2024-10-04)

Note: Version bump only for package @​aws-sdk/client-cloudfront

3.664.0 (2024-10-03)

... (truncated)

Commits

• 375e4e5 Publish v3.670.0
• 1f421db chore(codegen): codegen update for createDefaultUserAgentProvider (#6558)
• 7d63f7a Publish v3.669.0
• 6e61f0e Publish v3.668.0
• fc7effc Publish v3.667.0
• 7a98e5f Publish v3.666.0
• 544120e chore(clients): codegen sync for unset union payloads, header list parsing (#...
• 374ef46 Publish v3.665.0
• de4dc49 Publish v3.664.0
• 2990ea8 feat(middleware-user-agent): add client config for userAgentAppId (#6524)
• Additional commits viewable in compare view

Updates @aws-sdk/client-secrets-manager from 3.616.0 to 3.674.0

Release notes

Sourced from @​aws-sdk/client-secrets-manager's releases.

v3.674.0

3.674.0(2024-10-17)

Chores

• middleware-sdk-s3: add status code 400 for S3 region redirects (#6572) (1f02a268)
• smithy update for smithyVersion=1.51.0 (#6569) (398b45cc)

Documentation Changes

• client-rds: Updates Amazon RDS documentation for TAZ IAM support (e0b3fe43)
• client-ecs: This is an Amazon ECS documentation only update to address tickets. (5933d692)

New Features

• client-bedrock-agent: Removing support for topK property in PromptModelInferenceConfiguration object, Making PromptTemplateConfiguration property as required, Limiting the maximum PromptVariant to 1 (d4d3af5d)
• client-workspaces: Updated the DomainName pattern for Active Directory (f4c52671)
• client-pinpoint-sms-voice-v2: Added the registrations status of REQUIRES_AUTHENTICATION (ba96169c)
• client-dataexchange: This release adds Data Grant support, through which customers can programmatically create data grants to share with other AWS accounts and accept data grants from other AWS accounts. (5180c332)
• client-pipes: This release adds validation to require specifying a SecurityGroup and Subnets in the Vpc object under PipesSourceSelfManagedKafkaParameters. It also adds support for iso-e, iso-f, and other non-commercial partitions in ARN parameters. (98a52823)
• client-quicksight: Add StartDashboardSnapshotJobSchedule API. RestoreAnalysis now supports restoring analysis to folders. (0bfe6e25)

---

For list of updated packages, view updated-packages.md in assets-3.674.0.zip

v3.673.0

3.673.0(2024-10-16)

New Features

• client-s3: Add support for the new optional bucket-region and prefix query parameters in the ListBuckets API. For ListBuckets requests that express pagination, Amazon S3 will now return both the bucket names and associated AWS regions in the response. (e7f10a29)

---

For list of updated packages, view updated-packages.md in assets-3.673.0.zip

v3.672.0

3.672.0(2024-10-15)

Documentation Changes

• client-cloudformation: Documentation update for AWS CloudFormation API Reference. (bc971c98)

New Features

• clients: update client endpoints as of 2024-10-15 (18d2184f)
• client-transcribe-streaming: We are expanding support for 40 new locales in AWS Transcribe Streaming. (73471ab2)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-secrets-manager's changelog.

3.674.0 (2024-10-17)

Note: Version bump only for package @​aws-sdk/client-secrets-manager

3.670.0 (2024-10-11)

Note: Version bump only for package @​aws-sdk/client-secrets-manager

3.669.0 (2024-10-10)

Note: Version bump only for package @​aws-sdk/client-secrets-manager

3.668.0 (2024-10-09)

Note: Version bump only for package @​aws-sdk/client-secrets-manager

3.667.0 (2024-10-08)

Note: Version bump only for package @​aws-sdk/client-secrets-manager

3.666.0 (2024-10-07)

Note: Version bump only for package @​aws-sdk/client-secrets-manager

3.665.0 (2024-10-04)

... (truncated)

Commits

• a535403 Publish v3.674.0
• 398b45c chore: smithy update for smithyVersion=1.51.0 (#6569)
• 375e4e5 Publish v3.670.0
• 1f421db chore(codegen): codegen update for createDefaultUserAgentProvider (#6558)
• 7d63f7a Publish v3.669.0
• 6e61f0e Publish v3.668.0
• fc7effc Publish v3.667.0
• 7a98e5f Publish v3.666.0
• 544120e chore(clients): codegen sync for unset union payloads, header list parsing (#...
• 374ef46 Publish v3.665.0
• Additional commits viewable in compare view

Updates @types/aws-lambda from 8.10.141 to 8.10.145

Commits

• See full diff in compare view

Updates aws-cdk-lib from 2.149.0 to 2.162.1

Release notes

Sourced from aws-cdk-lib's releases.

v2.162.1

Bug Fixes

• cli: cdk import errors with 'S3 error: Access Denied' (#31727) (5c2787a), closes #31597 #31716

---

Alpha modules (2.162.1-alpha.0)

v2.162.0

Features

• appsync: add ownerContact property to the GraphqlApi (#31585) (a8b2f01)
• cdk: expose authorizer id and authorization type (#31622) (daaf0aa), closes #31605
• cli: cdk rollback (#31684) (3e40edc), closes #31407
• ecs: add fargate ephemeral storage encryption to cluster settings (#30759) (642a944), closes #30721
• eks: support eks with k8s 1.31 (#31707) (fc09bc1)
• elasticloadbalancingv2: support TCP idle timeout for Network Load Balancer Listener (#31584) (8d851a9), closes #31310
• update L1 CloudFormation resource definitions (#31688) (b211189)
• rds: enable grantDataApiAccess method for imported database cluster (#31280) (3c92012), closes #31116 /github.com/aws/aws-cdk/blob/main/packages/aws-cdk-lib/aws-rds/lib/cluster.ts#L983 /github.com/aws/aws-cdk/blob/main/packages/aws-cdk-lib/aws-rds/lib/cluster.ts#L523-L526

Bug Fixes

• core: cdk diff on large templates fails when passing in toolkitStackName and qualifier (#31636) (f603c97), closes #29179
• ecs: ecs exec cannot be enabled for ECS Anywhere (ecs.ExternalService) (#31374) (cff1fcd), closes #31181
• elasticloadbalancingv2: http2Enabled with true is ignored in ApplicationLoadBalancer (#31675) (c1b240e), closes #31609
• event-targets: ecsTask uses invalid task definition arn in policy (#31615) (4ada3ea), closes #30390 #30484
• iam: override Role.applyRemovalPolicy for customizeRoles (#31652) (35ed5c6), closes #31651
• s3: unable to update the s3 event notifications on an existing S3 bucket (#31431) (0a56c0d), closes #31303

---

Alpha modules (2.162.0-alpha.0)

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

• kinesisfirehose-alpha: replaced destinations property with destination (singular) and changed the type from array of Destinations to a single Destination. Old behaviour would only allow an array with a single Destination to be passed in anyway.

Features

• iot-alpha: support for account audit configuration (#31661) (fc19571), closes #31663
• pipes-targets: add EventBridge (#30654) (842f49a)

Bug Fixes

• cli-lib: cannot bootstrap specific environment (#31713) (fec4bb1)

Miscellaneous Chores

• kinesisfirehose-alpha: replacedestinations property with destination and change type from array to single IDestination (#31630) (1e2cff1)

v2.161.1

... (truncated)

Changelog

Sourced from aws-cdk-lib's changelog.

2.162.1 (2024-10-11)

Bug Fixes

• cli: cdk import errors with 'S3 error: Access Denied' (#31727) (5c2787a), closes #31597 #31716

2.162.0 (2024-10-10)

Features

• appsync: add ownerContact property to the GraphqlApi (#31585) (a8b2f01)
• cdk: expose authorizer id and authorization type (#31622) (daaf0aa), closes #31605
• cli: cdk rollback (#31684) (3e40edc), closes #31407
• ecs: add fargate ephemeral storage encryption to cluster settings (#30759) (642a944), closes #30721
• eks: support eks with k8s 1.31 (#31707) (fc09bc1)
• elasticloadbalancingv2: support TCP idle timeout for Network Load Balancer Listener (#31584) (8d851a9), closes #31310
• update L1 CloudFormation resource definitions (#31688) (b211189)
• rds: enable grantDataApiAccess method for imported database cluster (#31280) (3c92012), closes #31116 /github.com/aws/aws-cdk/blob/main/packages/aws-cdk-lib/aws-rds/lib/cluster.ts#L983 /github.com/aws/aws-cdk/blob/main/packages/aws-cdk-lib/aws-rds/lib/cluster.ts#L523-L526

Bug Fixes

• core: cdk diff on large templates fails when passing in toolkitStackName and qualifier (#31636) (f603c97), closes #29179
• ecs: ecs exec cannot be enabled for ECS Anywhere (ecs.ExternalService) (#31374) (cff1fcd), closes #31181
• elasticloadbalancingv2: http2Enabled with true is ignored in ApplicationLoadBalancer (#31675) (c1b240e), closes #31609
• event-targets: ecsTask uses invalid task definition arn in policy (#31615) (4ada3ea), closes #30390 #30484
• iam: override Role.applyRemovalPolicy for customizeRoles (#31652) (35ed5c6), closes #31651
• s3: unable to update the s3 event notifications on an existing S3 bucket (#31431) (0a56c0d), closes #31303

2.161.1 (2024-10-05)

Reverts

• feat(cli): cdk rollback (#31407) (#31657) (29bf223)

2.161.0 (2024-10-03)

Features

• update L1 CloudFormation resource definitions (#31640) (79d9c4d), closes /docs.aws.amazon.com/datasync/latest/userguide/create-locations-cli.html#create-location-s3
• bedrock: support meta llama3-2 (#31568) (4ddc702)
• cli: cdk rollback (#31407) (0755561), closes #30546
• cli: notices on bootstrap version (#31555) (b0e4a54)
• ecs: support restart policy for container (#31228) (a22e8cc), closes #31127 #31425
• logs: add metric methods for log group IncomingLogEvents and IncomingBytes (#31535) (2813eb2), closes #30034
• rds: support for local write forwarding in an Aurora Mysql cluster (#31524) (48c4192), closes #31523

... (truncated)

Commits

• c1b240e fix(elasticloadbalancingv2): http2Enabled with true is ignored in Applicati...
• 2d255ea chore(ec2): add kafka interface vpc endpoints (#31565)
• fc09bc1 feat(eks): support eks with k8s 1.31 (#31707)
• daaf0aa feat(cdk): expose authorizer id and authorization type (#31622)
• 8d851a9 feat(elasticloadbalancingv2): support TCP idle timeout for Network Load Balan...
• 35ed5c6 fix(iam): override Role.applyRemovalPolicy for customizeRoles (#31652)
• 81b47b7 docs(events): update link about key policy for event bus (#31674)
• c9481fc docs(route53): fix broken heading (#31693)
• 17b12f2 chore: switch to using @​cdklabs/eslint-plugin (#31682)
• 642a944 feat(ecs): add fargate ephemeral storage encryption to cluster settings (#30759)
• Additional commits viewable in compare view

Updates constructs from 10.3.0 to 10.4.2

Release notes

Sourced from constructs's releases.

v10.4.2

10.4.2 (2024-10-14)

Bug Fixes

• cannot create root construct in python (#2500) (892bb11), closes #2499 #1063

v10.4.1

10.4.1 (2024-10-11)

Bug Fixes

• revert "fix: cannot create root construct in python" (#2499) (3f6a73a), closes aws/constructs#2496

v10.4.0

10.4.0 (2024-10-11)

Features

• stabilize experimental code (#2497) (75f29f4), closes #2267

Bug Fixes

• cannot create root construct in python (#2496) (bb7f237), closes #1063
• unnecessary strict node requirement in engines in package.json (#2498) (e9bf09c), closes #1329

v10.3.2

10.3.2 (2024-10-11)

Bug Fixes

• Python constructs do not implement a compatible interface (#2495) (912158f)

v10.3.1

10.3.1 (2024-10-10)

Bug Fixes

• rootNode.getAllContext() returns empty object (#2483) (1eb4dca), closes #2239

Commits

• 892bb11 fix: cannot create root construct in python (#2500)
• fab93a5 chore(deps): upgrade dev dependencies (#2506)
• b06a17d chore(deps): upgrade dev dependencies (#2504)
• dcae75e chore(deps): upgrade dev dependencies (#2502)
• 3f6a73a fix: revert "fix: cannot create root construct in python" (#2499)
• bb7f237 fix: cannot create root construct in python (#2496)
• 75f29f4 feat: stabilize experimental code (#2497)
• e9bf09c fix: unnecessary strict node requirement in engines in package.json (#2498)
• 912158f fix: Python constructs do not implement a compatible interface (#2495)
• 037cd6a chore(deps): upgrade dev dependencies (#2494)
• Additional commits viewable in compare view

Updates esbuild from 0.23.0 to 0.24.0

Release notes

Sourced from esbuild's releases.

v0.24.0

This release deliberately contains backwards-incompatible changes. To avoid automatically picking up releases like this, you should either be pinning the exact version of esbuild in your package.json file (recommended) or be using a version range syntax that only accepts patch upgrades such as ^0.23.0 or ~0.23.0. See npm's documentation about semver for more information.

• Drop support for older platforms (#3902)

  This release drops support for the following operating system:

  • macOS 10.15 Catalina

  This is because the Go programming language dropped support for this operating system version in Go 1.23, and this release updates esbuild from Go 1.22 to Go 1.23. Go 1.23 now requires macOS 11 Big Sur or later.

  Note that this only affects the binary esbuild executables that are published to the esbuild npm package. It's still possible to compile esbuild's source code for these older operating systems. If you need to, you can compile esbuild for yourself using an older version of the Go compiler (before Go version 1.23). That might look something like this:

  git clone https://github.com/evanw/esbuild.git
  cd esbuild
  go build ./cmd/esbuild
  ./esbuild --version
  

• Fix class field decorators in TypeScript if useDefineForClassFields is false (#3913)

  Setting the useDefineForClassFields flag to false in tsconfig.json means class fields use the legacy TypeScript behavior instead of the standard JavaScript behavior. Specifically they use assign semantics instead of define semantics (e.g. setters are triggered) and fields without an initializer are not initialized at all. However, when this legacy behavior is combined with standard JavaScript decorators, TypeScript switches to always initializing all fields, even those without initializers. Previously esbuild incorrectly continued to omit field initializers for this edge case. These field initializers in this case should now be emitted starting with this release.

• Avoid incorrect cycle warning with tsconfig.json multiple inheritance (#3898)

  TypeScript 5.0 introduced multiple inheritance for tsconfig.json files where extends can be an array of file paths. Previously esbuild would incorrectly treat files encountered more than once when processing separate subtrees of the multiple inheritance hierarchy as an inheritance cycle. With this release, tsconfig.json files containing this edge case should work correctly without generating a warning.

• Handle Yarn Plug'n'Play stack overflow with tsconfig.json (#3915)

  Previously a tsconfig.json file that extends another file in a package with an exports map could cause a stack overflow when Yarn's Plug'n'Play resolution was active. This edge case should work now starting with this release.

• Work around more issues with Deno 1.31+ (#3917)

  This version of Deno broke the stdin and stdout properties on command objects for inherited streams, which matters when you run esbuild's Deno module as the entry point (i.e. when import.meta.main is true). Previously esbuild would crash in Deno 1.31+ if you ran esbuild like that. This should be fixed starting with this release.

  This fix was contributed by @​Joshix-1.

v0.23.1

• Allow using the node: import prefix with es* targets (#3821)

  The node: prefix on imports is an alternate way to import built-in node modules. For example, import fs from "fs" can also be written import fs from "node:fs". This only works with certain newer versions of node, so esbuild removes it when you target older versions of node such as with --target=node14 so that your code still works. With the way esbuild's platform-specific feature compatibility table works, this was added by saying that only newer versions of node support this feature. However, that means that a target such as --target=node18,es2022 removes the node: prefix because none of the es* targets are known to support this feature. This release adds the support for the node: flag to esbuild's internal compatibility table for es* to allow you to use compound targets like this:

  // Original code
  import fs from 'node:fs'
  fs.open
  // Old output (with --bundle --format=esm --platform=node --target=node18,es2022)
  import fs from "fs";

... (truncated)

Changelog

Sourced from esbuild's changelog.

0.24.0

This release deliberately contains backwards-incompatible changes. To avoid automatically picking up releases like this, you should either be pinning the exact version of esbuild in your package.json file (recommended) or be using a version range syntax that only accepts patch upgrades such as ^0.23.0 or ~0.23.0. See npm's documentation about semver for more information.

• Drop support for older platforms (#3902)

  This release drops support for the following operating system:

  • macOS 10.15 Catalina

  This is because the Go programming language dropped support for this operating system version in Go 1.23, and this release updates esbuild from Go 1.22 to Go 1.23. Go 1.23 now requires macOS 11 Big Sur or later.

  Note that this only affects the binary esbuild executables that are published to the esbuild npm package. It's still possible to compile esbuild's source code for these older operating systems. If you need to, you can compile esbuild for yourself using an older version of the Go compiler (before Go version 1.23). That might look something like this:

  git clone https://github.com/evanw/esbuild.git
  cd esbuild
  go build ./cmd/esbuild
  ./esbuild --version
  

• Fix class field decorators in TypeScript if useDefineForClassFields is false (#3913)

  Setting the useDefineForClassFields flag to false in tsconfig.json means class fields use the legacy TypeScript behavior instead of the standard JavaScript behavior. Specifically they use assign semantics instead of define semantics (e.g. setters are triggered) and fields without an initializer are not initialized at all. However, when this legacy behavior is combined with standard JavaScript decorators, TypeScript switches to always initializing all fields, even those without initializers. Previously esbuild incorrectly continued to omit field initializers for this edge case. These field initializers in this case should now be emitted starting with this release.

• Avoid incorrect cycle warning with tsconfig.json multiple inheritance (#3898)

  TypeScript 5.0 introduced multiple inheritance for tsconfig.json files where extends can be an array of file paths. Previously esbuild would incorrectly treat files encountered more than once when processing separate subtrees of the multiple inheritance hierarchy as an inheritance cycle. With this release, tsconfig.json files containing this edge case should work correctly without generating a warning.

• Handle Yarn Plug'n'Play stack overflow with tsconfig.json (#3915)

  Previously a tsconfig.json file that extends another file in a package with an exports map could cause a stack overflow when Yarn's Plug'n'Play resolution was active. This edge case should work now starting with this release.

• Work around more issues with Deno 1.31+ (#3917)

  This version of Deno broke the stdin and stdout properties on command objects for inherited streams, which matters when you run esbuild's Deno module as the entry point (i.e. when import.meta.main is true). Previously esbuild would crash in Deno 1.31+ if you ran esbuild like that. This should be fixed starting with this release.

  This fix was contributed by @​Joshix-1.

0.23.1

• Allow using the node: import prefix with es* targets (#3821)

  The node: prefix on imports is an alternate way to import built-in node modules. For example, import fs from "fs" can also be written import fs from "node:fs". This only works with certain newer versions of node, so esbuild removes it when you target older versions of node such as with --target=node14 so that your code still works. With the way esbuild's platform-specific feature compatibility table works, this was added by saying that only newer versions of node support this feature. However, that means that a target such as --target=node18,es2022 removes the node: prefix because none of the es* targets are known to support this feature. This release adds the support for the node: flag to esbuild's internal compatibility table for es* to allow you to use compound targets like this:

  // Original code
  import fs from 'node:fs'
  fs.open

... (truncated)

Commits

• d34e79e publish 0.24.0 to npm
• 045a87f fix #3887: omit dead export warning for default
• 6e049b8 fix #3913: useDefineForClassFields and decorators
• 9c26f98 lower decorators for useDefineForClassFields #3913
• 46fdb68 fix #3898: incorrect cyclic tsconfig.json warning
• b500443 fix #3917: running esbuild cli with deno
• b125e62 run make update-compat-table
• 112b9aa fix #3915: stack overflow with yarn + tsconfig
• ed5a555 wasm: catch and rethrow stack overflows (#3915)
• 11d3196 fix #3902: update go 1.22.5 => 1.23.1
• Additional commits viewable in compare view

Updates jose from 5.6.3 to 5.9.4

Release notes

Sourced from jose's releases.

v5.9.4

Refactor

• types: update error definitions (510c5ca)

v5.9.3

Refactor

• use as Type for type assertions instead of <Type> (c4dc24d)

v5.9.2

Refactor

• types: remove index signatures from JWK interfaces (ccf0cda)

v5.9.1

Fixes

• types: add missing index signature on the convenience JWK types (90a93dc)

v5.9.0

Features

• allow JWK objects as "key" input to sign and verify (c6302ea)

This method of passing private or public keys does not yield the same performance as passing a CryptoKey or KeyObject instances, its main purpose is for convenience or for when you're not going to be re-using the same set of keys for the operation, in which case you should use one of the import key methods to obtain a CryptoKey or KeyObject.

Example Signing

const alg = "RS256";
const jwk = {
  kty: "RSA",
  n: "whYOFK2Ocbbpb_zVypi9SeKiNUqKQH0zTKN1-6fpCTu6ZalGI82s7XK3tan4dJt90ptUPKD2zvxqTzFNfx4HHHsrYCf2-FMLn1VTJfQazA2BvJqAwcpW1bqRUEty8tS_Yv4hRvWfQPcc2Gc3-_fQOOW57zVy-rNoJc744kb30NjQxdGp03J2S3GLQu7oKtSDDPooQHD38PEMNnITf0pj-KgDPjymkMGoJlO3aKppsjfbt_AH6GGdRghYRLOUwQU-h-ofWHR3lbYiKtXPn5dN24kiHy61e3VAQ9_YAZlwXC_99GGtw_NpghFAuM4P1JDn0DppJldy3PGFC0GfBCZASw",
  e: "AQAB",
  d: "VuVE_KEP6323WjpbBdAIv7HGahGrgGANvbxZsIhm34lsVOPK0XDegZkhAybMZHjRhp-gwVxX5ChC-J3cUpOBH5FNxElgW6HizD2Jcq6t6LoLYgPSrfEHm71iHg8JsgrqfUnGYFzMJmv88C6WdCtpgG_qJV1K00_Ly1G1QKoBffEs-v4fAMJrCbUdCz1qWto-PU-HLMEo-krfEpGgcmtZeRlDADh8cETMQlgQfQX2VWq_aAP4a1SXmo-j0cvRU4W5Fj0RVwNesIpetX2ZFz4p_JmB5sWFEj_fC7h5z2lq-6Bme2T3BHtXkIxoBW0_pYVnASC8P2puO5FnVxDmWuHDYQ",
  p: "07rgXd_tLUhVRF_g1OaqRZh5uZ8hiLWUSU0vu9coOaQcatSqjQlIwLW8UdKv_38GrmpIfgcEVQjzq6rFBowUm9zWBO9Eq6enpasYJBOeD8EMeDK-nsST57HjPVOCvoVC5ZX-cozPXna3iRNZ1TVYBY3smn0IaxysIK-zxESf4pM",
  q: "6qrE9TPhCS5iNR7QrKThunLu6t4H_8CkYRPLbvOIt2MgZyPLiZCsvdkTVSOX76QQEXt7Y0nTNua69q3K3Jhf-YOkPSJsWTxgrfOnjoDvRKzbW3OExIMm7D99fVBODuNWinjYgUwGSqGAsb_3TKhtI-Gr5ls3fn6B6oEjVL0dpmk",
  dp: "mHqjrFdgelT2OyiFRS3dAAPf3cLxJoAGC4gP0UoQyPocEP-Y17sQ7t-ygIanguubBy65iDFLeGXa_g0cmSt2iAzRAHrDzI8P1-pQl2KdWSEg9ssspjBRh_F_AiJLLSPRWn_b3-jySkhawtfxwO8Kte1QsK1My765Y0zFvJnjPws",
  dq: "KmjaV4YcsVAUp4z-IXVa5htHWmLuByaFjpXJOjABEUN0467wZdgjn9vPRp-8Ia8AyGgMkJES_uUL_PDDrMJM9gb4c6P4-NeUkVtreLGMjFjA-_IQmIMrUZ7XywHsWXx0c2oLlrJqoKo3W-hZhR0bPFTYgDUT_mRWjk7wV6wl46E",
  qi: "iYltkV_4PmQDfZfGFpzn2UtYEKyhy-9t3Vy8Mw2VHLAADKGwJvVK5ficQAr2atIF1-agXY2bd6KV-w52zR8rmZfTr0gobzYIyqHczOm13t7uXJv2WygY7QEC2OGjdxa2Fr9RnvS99ozMa5nomZBqTqT7z5QV33czjPRCjvg6FcE",
};
const jwt = await new jose.SignJWT({ "urn:example:claim": true })
.setProtectedHeader({ alg })
.setIssuedAt()
.setIssuer("urn:example:issuer")
.setAudience("urn:example:audience")
.setExpirationTime("2h")
.sign(jwk);
</tr></table>

... (truncated)

Changelog

Sourced from jose's changelog.

5.9.4 (2024-10-11)

Refactor

• types: update error definitions (510c5ca)

5.9.3 (2024-09-22)

Refactor

• use as Type for type assertions instead of (c4dc24d)

5.9.2 (2024-09-14)

Refactor

• types: remove index signatures from JWK interfaces (ccf0cda)

5.9.1 (2024-09-13)

Fixes

• types: add missing index signature on the convenience JWK types (90a93dc)

5.9.0 (2024-09-13)

Features

• allow JWK objects as "key" input to sign and verify (c6302ea)

5.8.0 (2024-08-26)

Features

• add subpath module exports (72ecff6)

Refactor

• omit LocalJWKSet export since it's no longer needed for RemoteJWKSet (c502731)

5.7.0 (2024-08-19)

... (truncated)

Commits

[dependabot]

Superseded by #330.