chore(cdk): bump the non-major group across 1 directory with 13 updates

[dependabot]

Bumps the non-major group with 13 updates in the /cdk directory:

Package	From	To
@aws-sdk/client-cloudfront	3.616.0	3.675.0
@aws-sdk/client-secrets-manager	3.616.0	3.675.0
@types/aws-lambda	8.10.141	8.10.145
aws-cdk-lib	2.149.0	2.162.1
constructs	10.3.0	10.4.2
esbuild	0.23.0	0.24.0
jose	5.6.3	5.9.6
jsii	5.4.26	5.5.4
jsii-pacmak	1.101.0	1.104.0
nock	13.5.4	13.5.5
publib	0.2.860	0.2.902
typescript	5.5.3	5.6.3
vitest-mock-extended	2.0.0	2.0.2

Updates @aws-sdk/client-cloudfront from 3.616.0 to 3.675.0

Release notes

Sourced from @​aws-sdk/client-cloudfront's releases.

v3.675.0

3.675.0(2024-10-18)

New Features

• client-datazone: Adding the following project member designations: PROJECT_CATALOG_VIEWER, PROJECT_CATALOG_CONSUMER and PROJECT_CATALOG_STEWARD in the CreateProjectMembership API and PROJECT_CATALOG_STEWARD designation in the AddPolicyGrant API. (678f17d8)
• client-athena: Removing FEDERATED from Create/List/Delete/GetDataCatalog API (ca03f0c2)
• client-bedrock: Adding converse support to CMI API's (46406aea)
• client-ec2: RequestSpotInstances and RequestSpotFleet feature release. (a4c04943)
• client-bedrock-runtime: Added converse support for custom imported models (ae2b967a)

Bug Fixes

• util-user-agent-browser: make native interface consistent with browser (#6575) (c03c9a6c)

---

For list of updated packages, view updated-packages.md in assets-3.675.0.zip

v3.674.0

3.674.0(2024-10-17)

Chores

• middleware-sdk-s3: add status code 400 for S3 region redirects (#6572) (1f02a268)
• smithy update for smithyVersion=1.51.0 (#6569) (398b45cc)

Documentation Changes

• client-rds: Updates Amazon RDS documentation for TAZ IAM support (e0b3fe43)
• client-ecs: This is an Amazon ECS documentation only update to address tickets. (5933d692)

New Features

• client-bedrock-agent: Removing support for topK property in PromptModelInferenceConfiguration object, Making PromptTemplateConfiguration property as required, Limiting the maximum PromptVariant to 1 (d4d3af5d)
• client-workspaces: Updated the DomainName pattern for Active Directory (f4c52671)
• client-pinpoint-sms-voice-v2: Added the registrations status of REQUIRES_AUTHENTICATION (ba96169c)
• client-dataexchange: This release adds Data Grant support, through which customers can programmatically create data grants to share with other AWS accounts and accept data grants from other AWS accounts. (5180c332)
• client-pipes: This release adds validation to require specifying a SecurityGroup and Subnets in the Vpc object under PipesSourceSelfManagedKafkaParameters. It also adds support for iso-e, iso-f, and other non-commercial partitions in ARN parameters. (98a52823)
• client-quicksight: Add StartDashboardSnapshotJobSchedule API. RestoreAnalysis now supports restoring analysis to folders. (0bfe6e25)

---

For list of updated packages, view updated-packages.md in assets-3.674.0.zip

v3.673.0

3.673.0(2024-10-16)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-cloudfront's changelog.

3.675.0 (2024-10-18)

Note: Version bump only for package @​aws-sdk/client-cloudfront

3.670.0 (2024-10-11)

Note: Version bump only for package @​aws-sdk/client-cloudfront

3.669.0 (2024-10-10)

Note: Version bump only for package @​aws-sdk/client-cloudfront

3.668.0 (2024-10-09)

Note: Version bump only for package @​aws-sdk/client-cloudfront

3.667.0 (2024-10-08)

Note: Version bump only for package @​aws-sdk/client-cloudfront

3.666.0 (2024-10-07)

Note: Version bump only for package @​aws-sdk/client-cloudfront

3.665.0 (2024-10-04)

... (truncated)

Commits

• 9e92f06 Publish v3.675.0
• 375e4e5 Publish v3.670.0
• 1f421db chore(codegen): codegen update for createDefaultUserAgentProvider (#6558)
• 7d63f7a Publish v3.669.0
• 6e61f0e Publish v3.668.0
• fc7effc Publish v3.667.0
• 7a98e5f Publish v3.666.0
• 544120e chore(clients): codegen sync for unset union payloads, header list parsing (#...
• 374ef46 Publish v3.665.0
• de4dc49 Publish v3.664.0
• Additional commits viewable in compare view

Updates @aws-sdk/client-secrets-manager from 3.616.0 to 3.675.0

Release notes

Sourced from @​aws-sdk/client-secrets-manager's releases.

v3.675.0

3.675.0(2024-10-18)

New Features

• client-datazone: Adding the following project member designations: PROJECT_CATALOG_VIEWER, PROJECT_CATALOG_CONSUMER and PROJECT_CATALOG_STEWARD in the CreateProjectMembership API and PROJECT_CATALOG_STEWARD designation in the AddPolicyGrant API. (678f17d8)
• client-athena: Removing FEDERATED from Create/List/Delete/GetDataCatalog API (ca03f0c2)
• client-bedrock: Adding converse support to CMI API's (46406aea)
• client-ec2: RequestSpotInstances and RequestSpotFleet feature release. (a4c04943)
• client-bedrock-runtime: Added converse support for custom imported models (ae2b967a)

Bug Fixes

• util-user-agent-browser: make native interface consistent with browser (#6575) (c03c9a6c)

---

For list of updated packages, view updated-packages.md in assets-3.675.0.zip

v3.674.0

3.674.0(2024-10-17)

Chores

• middleware-sdk-s3: add status code 400 for S3 region redirects (#6572) (1f02a268)
• smithy update for smithyVersion=1.51.0 (#6569) (398b45cc)

Documentation Changes

• client-rds: Updates Amazon RDS documentation for TAZ IAM support (e0b3fe43)
• client-ecs: This is an Amazon ECS documentation only update to address tickets. (5933d692)

New Features

• client-bedrock-agent: Removing support for topK property in PromptModelInferenceConfiguration object, Making PromptTemplateConfiguration property as required, Limiting the maximum PromptVariant to 1 (d4d3af5d)
• client-workspaces: Updated the DomainName pattern for Active Directory (f4c52671)
• client-pinpoint-sms-voice-v2: Added the registrations status of REQUIRES_AUTHENTICATION (ba96169c)
• client-dataexchange: This release adds Data Grant support, through which customers can programmatically create data grants to share with other AWS accounts and accept data grants from other AWS accounts. (5180c332)
• client-pipes: This release adds validation to require specifying a SecurityGroup and Subnets in the Vpc object under PipesSourceSelfManagedKafkaParameters. It also adds support for iso-e, iso-f, and other non-commercial partitions in ARN parameters. (98a52823)
• client-quicksight: Add StartDashboardSnapshotJobSchedule API. RestoreAnalysis now supports restoring analysis to folders. (0bfe6e25)

---

For list of updated packages, view updated-packages.md in assets-3.674.0.zip

v3.673.0

3.673.0(2024-10-16)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-secrets-manager's changelog.

3.675.0 (2024-10-18)

Note: Version bump only for package @​aws-sdk/client-secrets-manager

3.674.0 (2024-10-17)

Note: Version bump only for package @​aws-sdk/client-secrets-manager

3.670.0 (2024-10-11)

Note: Version bump only for package @​aws-sdk/client-secrets-manager

3.669.0 (2024-10-10)

Note: Version bump only for package @​aws-sdk/client-secrets-manager

3.668.0 (2024-10-09)

Note: Version bump only for package @​aws-sdk/client-secrets-manager

3.667.0 (2024-10-08)

Note: Version bump only for package @​aws-sdk/client-secrets-manager

3.666.0 (2024-10-07)

... (truncated)

Commits

• 9e92f06 Publish v3.675.0
• a535403 Publish v3.674.0
• 398b45c chore: smithy update for smithyVersion=1.51.0 (#6569)
• 375e4e5 Publish v3.670.0
• 1f421db chore(codegen): codegen update for createDefaultUserAgentProvider (#6558)
• 7d63f7a Publish v3.669.0
• 6e61f0e Publish v3.668.0
• fc7effc Publish v3.667.0
• 7a98e5f Publish v3.666.0
• 544120e chore(clients): codegen sync for unset union payloads, header list parsing (#...
• Additional commits viewable in compare view

Updates @types/aws-lambda from 8.10.141 to 8.10.145

Commits

• See full diff in compare view

Updates aws-cdk-lib from 2.149.0 to 2.162.1

Release notes

Sourced from aws-cdk-lib's releases.

v2.162.1

Bug Fixes

• cli: cdk import errors with 'S3 error: Access Denied' (#31727) (5c2787a), closes #31597 #31716

---

Alpha modules (2.162.1-alpha.0)

v2.162.0

Features

• appsync: add ownerContact property to the GraphqlApi (#31585) (a8b2f01)
• cdk: expose authorizer id and authorization type (#31622) (daaf0aa), closes #31605
• cli: cdk rollback (#31684) (3e40edc), closes #31407
• ecs: add fargate ephemeral storage encryption to cluster settings (#30759) (642a944), closes #30721
• eks: support eks with k8s 1.31 (#31707) (fc09bc1)
• elasticloadbalancingv2: support TCP idle timeout for Network Load Balancer Listener (#31584) (8d851a9), closes #31310
• update L1 CloudFormation resource definitions (#31688) (b211189)
• rds: enable grantDataApiAccess method for imported database cluster (#31280) (3c92012), closes #31116 /github.com/aws/aws-cdk/blob/main/packages/aws-cdk-lib/aws-rds/lib/cluster.ts#L983 /github.com/aws/aws-cdk/blob/main/packages/aws-cdk-lib/aws-rds/lib/cluster.ts#L523-L526

Bug Fixes

• core: cdk diff on large templates fails when passing in toolkitStackName and qualifier (#31636) (f603c97), closes #29179
• ecs: ecs exec cannot be enabled for ECS Anywhere (ecs.ExternalService) (#31374) (cff1fcd), closes #31181
• elasticloadbalancingv2: http2Enabled with true is ignored in ApplicationLoadBalancer (#31675) (c1b240e), closes #31609
• event-targets: ecsTask uses invalid task definition arn in policy (#31615) (4ada3ea), closes #30390 #30484
• iam: override Role.applyRemovalPolicy for customizeRoles (#31652) (35ed5c6), closes #31651
• s3: unable to update the s3 event notifications on an existing S3 bucket (#31431) (0a56c0d), closes #31303

---

Alpha modules (2.162.0-alpha.0)

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

• kinesisfirehose-alpha: replaced destinations property with destination (singular) and changed the type from array of Destinations to a single Destination. Old behaviour would only allow an array with a single Destination to be passed in anyway.

Features

• iot-alpha: support for account audit configuration (#31661) (fc19571), closes #31663
• pipes-targets: add EventBridge (#30654) (842f49a)

Bug Fixes

• cli-lib: cannot bootstrap specific environment (#31713) (fec4bb1)

Miscellaneous Chores

• kinesisfirehose-alpha: replacedestinations property with destination and change type from array to single IDestination (#31630) (1e2cff1)

v2.161.1

... (truncated)

Changelog

Sourced from aws-cdk-lib's changelog.

2.162.1 (2024-10-11)

Bug Fixes

• cli: cdk import errors with 'S3 error: Access Denied' (#31727) (5c2787a), closes #31597 #31716

2.162.0 (2024-10-10)

Features

• appsync: add ownerContact property to the GraphqlApi (#31585) (a8b2f01)
• cdk: expose authorizer id and authorization type (#31622) (daaf0aa), closes #31605
• cli: cdk rollback (#31684) (3e40edc), closes #31407
• ecs: add fargate ephemeral storage encryption to cluster settings (#30759) (642a944), closes #30721
• eks: support eks with k8s 1.31 (#31707) (fc09bc1)
• elasticloadbalancingv2: support TCP idle timeout for Network Load Balancer Listener (#31584) (8d851a9), closes #31310
• update L1 CloudFormation resource definitions (#31688) (b211189)
• rds: enable grantDataApiAccess method for imported database cluster (#31280) (3c92012), closes #31116 /github.com/aws/aws-cdk/blob/main/packages/aws-cdk-lib/aws-rds/lib/cluster.ts#L983 /github.com/aws/aws-cdk/blob/main/packages/aws-cdk-lib/aws-rds/lib/cluster.ts#L523-L526

Bug Fixes

• core: cdk diff on large templates fails when passing in toolkitStackName and qualifier (#31636) (f603c97), closes #29179
• ecs: ecs exec cannot be enabled for ECS Anywhere (ecs.ExternalService) (#31374) (cff1fcd), closes #31181
• elasticloadbalancingv2: http2Enabled with true is ignored in ApplicationLoadBalancer (#31675) (c1b240e), closes #31609
• event-targets: ecsTask uses invalid task definition arn in policy (#31615) (4ada3ea), closes #30390 #30484
• iam: override Role.applyRemovalPolicy for customizeRoles (#31652) (35ed5c6), closes #31651
• s3: unable to update the s3 event notifications on an existing S3 bucket (#31431) (0a56c0d), closes #31303

2.161.1 (2024-10-05)

Reverts

• feat(cli): cdk rollback (#31407) (#31657) (29bf223)

2.161.0 (2024-10-03)

Features

• update L1 CloudFormation resource definitions (#31640) (79d9c4d), closes /docs.aws.amazon.com/datasync/latest/userguide/create-locations-cli.html#create-location-s3
• bedrock: support meta llama3-2 (#31568) (4ddc702)
• cli: cdk rollback (#31407) (0755561), closes #30546
• cli: notices on bootstrap version (#31555) (b0e4a54)
• ecs: support restart policy for container (#31228) (a22e8cc), closes #31127 #31425
• logs: add metric methods for log group IncomingLogEvents and IncomingBytes (#31535) (2813eb2), closes #30034
• rds: support for local write forwarding in an Aurora Mysql cluster (#31524) (48c4192), closes #31523

... (truncated)

Commits

• c1b240e fix(elasticloadbalancingv2): http2Enabled with true is ignored in Applicati...
• 2d255ea chore(ec2): add kafka interface vpc endpoints (#31565)
• fc09bc1 feat(eks): support eks with k8s 1.31 (#31707)
• daaf0aa feat(cdk): expose authorizer id and authorization type (#31622)
• 8d851a9 feat(elasticloadbalancingv2): support TCP idle timeout for Network Load Balan...
• 35ed5c6 fix(iam): override Role.applyRemovalPolicy for customizeRoles (#31652)
• 81b47b7 docs(events): update link about key policy for event bus (#31674)
• c9481fc docs(route53): fix broken heading (#31693)
• 17b12f2 chore: switch to using @​cdklabs/eslint-plugin (#31682)
• 642a944 feat(ecs): add fargate ephemeral storage encryption to cluster settings (#30759)
• Additional commits viewable in compare view

Updates constructs from 10.3.0 to 10.4.2

Release notes

Sourced from constructs's releases.

v10.4.2

10.4.2 (2024-10-14)

Bug Fixes

• cannot create root construct in python (#2500) (892bb11), closes #2499 #1063

v10.4.1

10.4.1 (2024-10-11)

Bug Fixes

• revert "fix: cannot create root construct in python" (#2499) (3f6a73a), closes aws/constructs#2496

v10.4.0

10.4.0 (2024-10-11)

Features

• stabilize experimental code (#2497) (75f29f4), closes #2267

Bug Fixes

• cannot create root construct in python (#2496) (bb7f237), closes #1063
• unnecessary strict node requirement in engines in package.json (#2498) (e9bf09c), closes #1329

v10.3.2

10.3.2 (2024-10-11)

Bug Fixes

• Python constructs do not implement a compatible interface (#2495) (912158f)

v10.3.1

10.3.1 (2024-10-10)

Bug Fixes

• rootNode.getAllContext() returns empty object (#2483) (1eb4dca), closes #2239

Commits

• 892bb11 fix: cannot create root construct in python (#2500)
• fab93a5 chore(deps): upgrade dev dependencies (#2506)
• b06a17d chore(deps): upgrade dev dependencies (#2504)
• dcae75e chore(deps): upgrade dev dependencies (#2502)
• 3f6a73a fix: revert "fix: cannot create root construct in python" (#2499)
• bb7f237 fix: cannot create root construct in python (#2496)
• 75f29f4 feat: stabilize experimental code (#2497)
• e9bf09c fix: unnecessary strict node requirement in engines in package.json (#2498)
• 912158f fix: Python constructs do not implement a compatible interface (#2495)
• 037cd6a chore(deps): upgrade dev dependencies (#2494)
• Additional commits viewable in compare view

Updates esbuild from 0.23.0 to 0.24.0

Release notes

Sourced from esbuild's releases.

v0.24.0

This release deliberately contains backwards-incompatible changes. To avoid automatically picking up releases like this, you should either be pinning the exact version of esbuild in your package.json file (recommended) or be using a version range syntax that only accepts patch upgrades such as ^0.23.0 or ~0.23.0. See npm's documentation about semver for more information.

• Drop support for older platforms (#3902)

  This release drops support for the following operating system:

  • macOS 10.15 Catalina

  This is because the Go programming language dropped support for this operating system version in Go 1.23, and this release updates esbuild from Go 1.22 to Go 1.23. Go 1.23 now requires macOS 11 Big Sur or later.

  Note that this only affects the binary esbuild executables that are published to the esbuild npm package. It's still possible to compile esbuild's source code for these older operating systems. If you need to, you can compile esbuild for yourself using an older version of the Go compiler (before Go version 1.23). That might look something like this:

  git clone https://github.com/evanw/esbuild.git
  cd esbuild
  go build ./cmd/esbuild
  ./esbuild --version
  

• Fix class field decorators in TypeScript if useDefineForClassFields is false (#3913)

  Setting the useDefineForClassFields flag to false in tsconfig.json means class fields use the legacy TypeScript behavior instead of the standard JavaScript behavior. Specifically they use assign semantics instead of define semantics (e.g. setters are triggered) and fields without an initializer are not initialized at all. However, when this legacy behavior is combined with standard JavaScript decorators, TypeScript switches to always initializing all fields, even those without initializers. Previously esbuild incorrectly continued to omit field initializers for this edge case. These field initializers in this case should now be emitted starting with this release.

• Avoid incorrect cycle warning with tsconfig.json multiple inheritance (#3898)

  TypeScript 5.0 introduced multiple inheritance for tsconfig.json files where extends can be an array of file paths. Previously esbuild would incorrectly treat files encountered more than once when processing separate subtrees of the multiple inheritance hierarchy as an inheritance cycle. With this release, tsconfig.json files containing this edge case should work correctly without generating a warning.

• Handle Yarn Plug'n'Play stack overflow with tsconfig.json (#3915)

  Previously a tsconfig.json file that extends another file in a package with an exports map could cause a stack overflow when Yarn's Plug'n'Play resolution was active. This edge case should work now starting with this release.

• Work around more issues with Deno 1.31+ (#3917)

  This version of Deno broke the stdin and stdout properties on command objects for inherited streams, which matters when you run esbuild's Deno module as the entry point (i.e. when import.meta.main is true). Previously esbuild would crash in Deno 1.31+ if you ran esbuild like that. This should be fixed starting with this release.

  This fix was contributed by @​Joshix-1.

v0.23.1

• Allow using the node: import prefix with es* targets (#3821)

  The node: prefix on imports is an alternate way to import built-in node modules. For example, import fs from "fs" can also be written import fs from "node:fs". This only works with certain newer versions of node, so esbuild removes it when you target older versions of node such as with --target=node14 so that your code still works. With the way esbuild's platform-specific feature compatibility table works, this was added by saying that only newer versions of node support this feature. However, that means that a target such as --target=node18,es2022 removes the node: prefix because none of the es* targets are known to support this feature. This release adds the support for the node: flag to esbuild's internal compatibility table for es* to allow you to use compound targets like this:

  // Original code
  import fs from 'node:fs'
  fs.open
  // Old output (with --bundle --format=esm --platform=node --target=node18,es2022)
  import fs from "fs";

... (truncated)

Changelog

Sourced from esbuild's changelog.

0.24.0

This release deliberately contains backwards-incompatible changes. To avoid automatically picking up releases like this, you should either be pinning the exact version of esbuild in your package.json file (recommended) or be using a version range syntax that only accepts patch upgrades such as ^0.23.0 or ~0.23.0. See npm's documentation about semver for more information.

• Drop support for older platforms (#3902)

  This release drops support for the following operating system:

  • macOS 10.15 Catalina

  This is because the Go programming language dropped support for this operating system version in Go 1.23, and this release updates esbuild from Go 1.22 to Go 1.23. Go 1.23 now requires macOS 11 Big Sur or later.

  Note that this only affects the binary esbuild executables that are published to the esbuild npm package. It's still possible to compile esbuild's source code for these older operating systems. If you need to, you can compile esbuild for yourself using an older version of the Go compiler (before Go version 1.23). That might look something like this:

  git clone https://github.com/evanw/esbuild.git
  cd esbuild
  go build ./cmd/esbuild
  ./esbuild --version
  

• Fix class field decorators in TypeScript if useDefineForClassFields is false (#3913)

  Setting the useDefineForClassFields flag to false in tsconfig.json means class fields use the legacy TypeScript behavior instead of the standard JavaScript behavior. Specifically they use assign semantics instead of define semantics (e.g. setters are triggered) and fields without an initializer are not initialized at all. However, when this legacy behavior is combined with standard JavaScript decorators, TypeScript switches to always initializing all fields, even those without initializers. Previously esbuild incorrectly continued to omit field initializers for this edge case. These field initializers in this case should now be emitted starting with this release.

• Avoid incorrect cycle warning with tsconfig.json multiple inheritance (#3898)

  TypeScript 5.0 introduced multiple inheritance for tsconfig.json files where extends can be an array of file paths. Previously esbuild would incorrectly treat files encountered more than once when processing separate subtrees of the multiple inheritance hierarchy as an inheritance cycle. With this release, tsconfig.json files containing this edge case should work correctly without generating a warning.

• Handle Yarn Plug'n'Play stack overflow with tsconfig.json (#3915)

  Previously a tsconfig.json file that extends another file in a package with an exports map could cause a stack overflow when Yarn's Plug'n'Play resolution was active. This edge case should work now starting with this release.

• Work around more issues with Deno 1.31+ (#3917)

  This version of Deno broke the stdin and stdout properties on command objects for inherited streams, which matters when you run esbuild's Deno module as the entry point (i.e. when import.meta.main is true). Previously esbuild would crash in Deno 1.31+ if you ran esbuild like that. This should be fixed starting with this release.

  This fix was contributed by @​Joshix-1.

0.23.1

• Allow using the node: import prefix with es* targets (#3821)

  The node: prefix on imports is an alternate way to import built-in node modules. For example, import fs from "fs" can also be written import fs from "node:fs". This only works with certain newer versions of node, so esbuild removes it when you target older versions of node such as with --target=node14 so that your code still works. With the way esbuild's platform-specific feature compatibility table works, this was added by saying that only newer versions of node support this feature. However, that means that a target such as --target=node18,es2022 removes the node: prefix because none of the es* targets are known to support this feature. This release adds the support for the node: flag to esbuild's internal compatibility table for es* to allow you to use compound targets like this:

  // Original code
  import fs from 'node:fs'
  fs.open

... (truncated)

Commits

• d34e79e publish 0.24.0 to npm
• 045a87f fix #3887: omit dead export warning for default
• 6e049b8 fix #3913: useDefineForClassFields and decorators
• 9c26f98 lower decorators for useDefineForClassFields #3913
• 46fdb68 fix #3898: incorrect cyclic tsconfig.json warning
• b500443 fix #3917: running esbuild cli with deno
• b125e62 run make update-compat-table
• 112b9aa fix #3915: stack overflow with yarn + tsconfig
• ed5a555 wasm: catch and rethrow stack overflows (#3915)
• 11d3196 fix #3902: update go 1.22.5 => 1.23.1
• Additional commits viewable in compare view

Updates jose from 5.6.3 to 5.9.6

Release notes

Sourced from jose's releases.

v5.9.6

Reverts

• Revert "refactor(build): simplify package exports" (2ef3a52)

v5.9.4

Refactor

• types: update error definitions (510c5ca)

v5.9.3

Refactor

• use as Type for type assertions instead of <Type> (c4dc24d)

v5.9.2

Refactor

• types: remove index signatures from JWK interfaces (ccf0cda)

v5.9.1

Fixes

• types: add missing index signature on the convenience JWK types (90a93dc)

v5.9.0

Features

• allow JWK objects as "key" input to sign and verify (c6302ea)

This method of passing private or public keys does not yield the same performance as passing a CryptoKey or KeyObject instances, its main purpose is for convenience or for when you're not going to be re-using the same set of keys for the operation, in which case you should use one of the import key methods to obtain a CryptoKey or KeyObject.

Example Signing

const alg = "RS256";
const jwk = {
  kty: "RSA",
  n: "whYOFK2Ocbbpb_zVypi9SeKiNUqKQH0zTKN1-6fpCTu6ZalGI82s7XK3tan4dJt90ptUPKD2zvxqTzFNfx4HHHsrYCf2-FMLn1VTJfQazA2BvJqAwcpW1bqRUEty8tS_Yv4hRvWfQPcc2Gc3-_fQOOW57zVy-rNoJc744kb30NjQxdGp03J2S3GLQu7oKtSDDPooQHD38PEMNnITf0pj-KgDPjymkMGoJlO3aKppsjfbt_AH6GGdRghYRLOUwQU-h-ofWHR3lbYiKtXPn5dN24kiHy61e3VAQ9_YAZlwXC_99GGtw_NpghFAuM4P1JDn0DppJldy3PGFC0GfBCZASw",
  e: "AQAB",
  d: "VuVE_KEP6323WjpbBdAIv7HGahGrgGANvbxZsIhm34lsVOPK0XDegZkhAybMZHjRhp-gwVxX5ChC-J3cUpOBH5FNxElgW6HizD2Jcq6t6LoLYgPSrfEHm71iHg8JsgrqfUnGYFzMJmv88C6WdCtpgG_qJV1K00_Ly1G1QKoBffEs-v4fAMJrCbUdCz1qWto-PU-HLMEo-krfEpGgcmtZeRlDADh8cETMQlgQfQX2VWq_aAP4a1SXmo-j0cvRU4W5Fj0RVwNesIpetX2ZFz4p_JmB5sWFEj_fC7h5z2lq-6Bme2T3BHtXkIxoBW0_pYVnASC8P2puO5FnVxDmWuHDYQ",
  p: "07rgXd_tLUhVRF_g1OaqRZh5uZ8hiLWUSU0vu9coOaQcatSqjQlIwLW8UdKv_38GrmpIfgcEVQjzq6rFBowUm9zWBO9Eq6enpasYJBOeD8EMeDK-nsST57HjPVOCvoVC5ZX-cozPXna3iRNZ1TVYBY3smn0IaxysIK-zxESf4pM",
  q: "6qrE9TPhCS5iNR7QrKThunLu6t4H_8CkYRPLbvOIt2MgZyPLiZCsvdkTVSOX76QQEXt7Y0nTNua69q3K3Jhf-YOkPSJsWTxgrfOnjoDvRKzbW3OExIMm7D99fVBODuNWinjYgUwGSqGAsb_3TKhtI-Gr5ls3fn6B6oEjVL0dpmk",
  dp: "mHqjrFdgelT2OyiFRS3dAAPf3cLxJoAGC4gP0UoQyPocEP-Y17sQ7t-ygIanguubBy65iDFLeGXa_g0cmSt2iAzRAHrDzI8P1-pQl2KdWSEg9ssspjBRh_F_AiJLLSPRWn_b3-jySkhawtfxwO8Kte1QsK1My765Y0zFvJnjPws",
  dq: "KmjaV4YcsVAUp4z-IXVa5htHWmLuByaFjpXJOjABEUN0467wZdgjn9vPRp-8Ia8AyGgMkJES_uUL_PDDrMJM9gb4c6P4-NeUkVtreLGMjFjA-_IQmIMrUZ7XywHsWXx0c2oLlrJqoKo3W-hZhR0bPFTYgDUT_mRWjk7wV6wl46E",
  qi: "iYltkV_4PmQDfZfGFpzn2UtYEKyhy-9t3Vy8Mw2VHLAADKGwJvVK5ficQAr2atIF1-agXY2bd6KV-w52zR8rmZfTr0gobzYIyqHczOm13t7uXJv2WygY7QEC2OGjdxa2Fr9RnvS99ozMa5nomZBqTqT7z5QV33czjPRCjvg6FcE",
};
const jwt = await new jose.SignJWT({ "urn:example:claim": true })
.setProtectedHeader({ alg })
</tr></table>

... (truncated)

Changelog

Sourced from jose's changelog.

5.9.6 (2024-10-20)

Reverts

• Revert "refactor(build): simplify package exports" (2ef3a52)

5.9.5 (2024-10-20)

Refactor

• build: simplify package exports (4783f7f)

5.9.4 (2024-10-11)

Refactor

• types: update error definitions (510c5ca)

5.9.3 (2024-09-22)

Refactor

• use as Type for type assertions instead of (c4dc24d)

5.9.2 (2024-09-14)

Refactor

• types: remove index signatures from JWK interfaces (ccf0cda)

5.9.1 (2024-09-13)

Fixes

• types: add missing index signature on the convenience JWK types (90a93dc)

5.9.0 (2024-09-13)

Features

• allow JWK objects as "key" input to sign and verify (c6302ea)

5.8.0 (2024-08-26)

... (truncated)

Commits

• 27d26a4 chore(release): 5.9.6
• 2ef3a52 Revert "refactor(build): simplify package exports"
• 460a959 chore(release): 5.9.5

[dependabot]

Superseded by #333.