chore(cdk): bump the non-major group across 1 directory with 13 updates

[dependabot]

Bumps the non-major group with 13 updates in the /cdk directory:

Package	From	To
@aws-sdk/client-cloudfront	3.616.0	3.682.0
@aws-sdk/client-secrets-manager	3.616.0	3.682.0
@types/aws-lambda	8.10.141	8.10.145
aws-cdk-lib	2.149.0	2.165.0
constructs	10.3.0	10.4.2
esbuild	0.23.0	0.24.0
jose	5.6.3	5.9.6
jsii	5.4.26	5.5.9
jsii-pacmak	1.101.0	1.104.0
nock	13.5.4	13.5.5
publib	0.2.860	0.2.911
typescript	5.5.3	5.6.3
vitest-mock-extended	2.0.0	2.0.2

Updates @aws-sdk/client-cloudfront from 3.616.0 to 3.682.0

Release notes

Sourced from @​aws-sdk/client-cloudfront's releases.

v3.682.0

3.682.0(2024-10-29)

New Features

• clients: update client endpoints as of 2024-10-29 (d7b891c8)
• client-cloudwatch-logs: Added support for new optional baseline parameter in the UpdateAnomaly API. For UpdateAnomaly requests with baseline set to True, The anomaly behavior is then treated as baseline behavior. However, more severe occurrences of this behavior will still be reported as anomalies. (da1de11c)
• client-bedrock: Update Application Inference Profile (cd3a5ec8)
• client-iotfleetwise: Updated BatchCreateVehicle and BatchUpdateVehicle APIs: LimitExceededException has been added and the maximum number of vehicles in a batch has been set to 10 explicitly (820ad6d3)
• client-sagemaker: Adding notebook-al2-v3 as allowed value to SageMaker NotebookInstance PlatformIdentifier attribute (8c8cce53)
• client-redshift-data: Adding a new API GetStatementResultV2 that supports CSV formatted results from ExecuteStatement and BatchExecuteStatement calls. (5943dd5e)
• client-cleanrooms: This release adds the option for customers to configure analytics engine when creating a collaboration, and introduces the new SPARK analytics engine type in addition to maintaining the legacy CLEAN_ROOMS_SQL engine type. (2ccb11c7)
• client-bedrock-runtime: Update Application Inference Profile (aae686f9)

Tests

• temporarily ignore turbo error (#6600) (908ff3c2)
• throw final error in turbo script (#6594) (19abef78)

---

For list of updated packages, view updated-packages.md in assets-3.682.0.zip

v3.681.0

3.681.0(2024-10-28)

Documentation Changes

• client-storage-gateway: Documentation update: Amazon FSx File Gateway will no longer be available to new customers. (1eadcc80)

New Features

• clients: update client endpoints as of 2024-10-28 (de48f9d1)
• client-opensearch: Adds support for provisioning dedicated coordinator nodes. Coordinator nodes can be specified using the new NodeOptions parameter in ClusterConfig. (81e60f67)
• client-mediapackagev2: MediaPackage V2 Live to VOD Harvester is a MediaPackage V2 feature, which is used to export content from an origin endpoint to a S3 bucket. (5755a320)
• client-rds: This release adds support for Enhanced Monitoring and Performance Insights when restoring Aurora Limitless Database DB clusters. It also adds support for the os-upgrade pending maintenance action. (02407f89)

---

For list of updated packages, view updated-packages.md in assets-3.681.0.zip

v3.680.0

3.680.0(2024-10-25)

New Features

• clients: update client endpoints as of 2024-10-25 (20cc81f3)
• client-cloudwatch-logs: Adding inferred token name for dynamic tokens in Anomalies. (1429c432)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-cloudfront's changelog.

3.682.0 (2024-10-29)

Note: Version bump only for package @​aws-sdk/client-cloudfront

3.679.0 (2024-10-24)

Note: Version bump only for package @​aws-sdk/client-cloudfront

3.678.0 (2024-10-23)

Note: Version bump only for package @​aws-sdk/client-cloudfront

3.677.0 (2024-10-22)

Note: Version bump only for package @​aws-sdk/client-cloudfront

3.675.0 (2024-10-18)

Note: Version bump only for package @​aws-sdk/client-cloudfront

3.670.0 (2024-10-11)

Note: Version bump only for package @​aws-sdk/client-cloudfront

3.669.0 (2024-10-10)

... (truncated)

Commits

• 189b398 Publish v3.682.0
• e45fde3 Publish v3.679.0
• 0c74dc7 Publish v3.678.0
• 25443cc Publish v3.677.0
• 9e92f06 Publish v3.675.0
• 375e4e5 Publish v3.670.0
• 1f421db chore(codegen): codegen update for createDefaultUserAgentProvider (#6558)
• 7d63f7a Publish v3.669.0
• 6e61f0e Publish v3.668.0
• fc7effc Publish v3.667.0
• Additional commits viewable in compare view

Updates @aws-sdk/client-secrets-manager from 3.616.0 to 3.682.0

Release notes

Sourced from @​aws-sdk/client-secrets-manager's releases.

v3.682.0

3.682.0(2024-10-29)

New Features

• clients: update client endpoints as of 2024-10-29 (d7b891c8)
• client-cloudwatch-logs: Added support for new optional baseline parameter in the UpdateAnomaly API. For UpdateAnomaly requests with baseline set to True, The anomaly behavior is then treated as baseline behavior. However, more severe occurrences of this behavior will still be reported as anomalies. (da1de11c)
• client-bedrock: Update Application Inference Profile (cd3a5ec8)
• client-iotfleetwise: Updated BatchCreateVehicle and BatchUpdateVehicle APIs: LimitExceededException has been added and the maximum number of vehicles in a batch has been set to 10 explicitly (820ad6d3)
• client-sagemaker: Adding notebook-al2-v3 as allowed value to SageMaker NotebookInstance PlatformIdentifier attribute (8c8cce53)
• client-redshift-data: Adding a new API GetStatementResultV2 that supports CSV formatted results from ExecuteStatement and BatchExecuteStatement calls. (5943dd5e)
• client-cleanrooms: This release adds the option for customers to configure analytics engine when creating a collaboration, and introduces the new SPARK analytics engine type in addition to maintaining the legacy CLEAN_ROOMS_SQL engine type. (2ccb11c7)
• client-bedrock-runtime: Update Application Inference Profile (aae686f9)

Tests

• temporarily ignore turbo error (#6600) (908ff3c2)
• throw final error in turbo script (#6594) (19abef78)

---

For list of updated packages, view updated-packages.md in assets-3.682.0.zip

v3.681.0

3.681.0(2024-10-28)

Documentation Changes

• client-storage-gateway: Documentation update: Amazon FSx File Gateway will no longer be available to new customers. (1eadcc80)

New Features

• clients: update client endpoints as of 2024-10-28 (de48f9d1)
• client-opensearch: Adds support for provisioning dedicated coordinator nodes. Coordinator nodes can be specified using the new NodeOptions parameter in ClusterConfig. (81e60f67)
• client-mediapackagev2: MediaPackage V2 Live to VOD Harvester is a MediaPackage V2 feature, which is used to export content from an origin endpoint to a S3 bucket. (5755a320)
• client-rds: This release adds support for Enhanced Monitoring and Performance Insights when restoring Aurora Limitless Database DB clusters. It also adds support for the os-upgrade pending maintenance action. (02407f89)

---

For list of updated packages, view updated-packages.md in assets-3.681.0.zip

v3.680.0

3.680.0(2024-10-25)

New Features

• clients: update client endpoints as of 2024-10-25 (20cc81f3)
• client-cloudwatch-logs: Adding inferred token name for dynamic tokens in Anomalies. (1429c432)

... (truncated)

Changelog

Sourced from @​aws-sdk/client-secrets-manager's changelog.

3.682.0 (2024-10-29)

Note: Version bump only for package @​aws-sdk/client-secrets-manager

3.679.0 (2024-10-24)

Note: Version bump only for package @​aws-sdk/client-secrets-manager

3.678.0 (2024-10-23)

Note: Version bump only for package @​aws-sdk/client-secrets-manager

3.677.0 (2024-10-22)

Note: Version bump only for package @​aws-sdk/client-secrets-manager

3.675.0 (2024-10-18)

Note: Version bump only for package @​aws-sdk/client-secrets-manager

3.674.0 (2024-10-17)

Note: Version bump only for package @​aws-sdk/client-secrets-manager

3.670.0 (2024-10-11)

... (truncated)

Commits

• 189b398 Publish v3.682.0
• e45fde3 Publish v3.679.0
• 0c74dc7 Publish v3.678.0
• 25443cc Publish v3.677.0
• 9e92f06 Publish v3.675.0
• a535403 Publish v3.674.0
• 398b45c chore: smithy update for smithyVersion=1.51.0 (#6569)
• 375e4e5 Publish v3.670.0
• 1f421db chore(codegen): codegen update for createDefaultUserAgentProvider (#6558)
• 7d63f7a Publish v3.669.0
• Additional commits viewable in compare view

Updates @types/aws-lambda from 8.10.141 to 8.10.145

Commits

• See full diff in compare view

Updates aws-cdk-lib from 2.149.0 to 2.165.0

Release notes

Sourced from aws-cdk-lib's releases.

v2.165.0

Features

• bootstrap: add lifecycle rule to abort multipart uploads after 7 days (#31956) (b800da8), closes #29045
• bootstrap: delete noncurrent versions after 30 days (#31949) (579041e)
• cli: garbage collect ecr assets (under --unstable flag) (#31841) (da85e54), closes #31611
• codebuild: add support of organization webhook in github source (#31740) (8c15b5f), closes #31736
• cognito: support UserPoolGroup (#31351) (408b20f), closes #21026
• update L1 CloudFormation resource definitions (#31917) (8c93291)

Bug Fixes

• assertions: throw error or warn when synth is called multiple times on mutated construct tree (#31865) (a261c9d), closes #24689
• cli: ecr garbage collection hangs when repository has no images (#31951) (a235a9f)
• cli: garbage collection ignores review_in_progress stacks (#31906) (cb3ecfe)
• s3-assets: cannot publish a file without extension (#30597) (ccab485), closes #30471
• sqs: queue with fifo: false does not deploy (#31922) (a9d3b02), closes #8550
• enable node-fips compatible body checksums for S3 (#31883) (4f29c1d)

---

Alpha modules (2.165.0-alpha.0)

⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES

• ec2-alpha: The new VpcCidrBlock L2 construct replaces CfnVPCCidrBlock. This change alters the logical ID of AWS::EC2::VPCCidrBlock resources in CloudFormation templates. Existing deployments will see errors like CIDR range conflicts with x.xx.xx.xx/xx with association ID vpc-cidr-assoc-ABCD. To resolve this, you must recreate your existing stacks to use the new module.

Features

• apprunner: support vpc ingress connection (#30623) (048e753), closes #22850
• ec2-alpha: adding imports for SubnetV2 and VpcV2 (#31765) (d108a80)
• location: support Tracker and TrackerConsumer (#31268) (046f041), closes #30712
• pipes-enrichments: support API Gateway enrichment (#31794) (09052c2), closes #29384
• pipes-targets: add SageMaker (#30696) (a5fdf57)
• redshift-alpha: query execution timeout setting during table creation (#31818) (40f07ae), closes #31329
• kinesisfirehose-alpha: kinesis firehose and kinesis firehose destinations modules are now in Developer Preview (#31952)

Bug Fixes

• location: remove base class from PlaceIndex class (#31287) (bc67866), closes #30711 #30682
• scheduler-alpha: scheduler input always get transformed to string with extra double quotes (#31894) (186b8ab)
• scheduler-alpha: too many KMS permissions granted (#31923) (06678a3), closes #31785

v2.164.1

Bug Fixes

• enable node-fips compatible body checksums for S3 (#31883) (290a499)

---

Alpha modules (2.164.1-alpha.0)

v2.164.0

Features

... (truncated)

Changelog

Sourced from aws-cdk-lib's changelog.

2.165.0 (2024-10-31)

Features

• bootstrap: add lifecycle rule to abort multipart uploads after 7 days (#31956) (b800da8), closes #29045
• bootstrap: delete noncurrent versions after 30 days (#31949) (579041e)
• cli: garbage collect ecr assets (under --unstable flag) (#31841) (da85e54), closes #31611
• codebuild: add support of organization webhook in github source (#31740) (8c15b5f), closes #31736
• cognito: support UserPoolGroup (#31351) (408b20f), closes #21026
• update L1 CloudFormation resource definitions (#31917) (8c93291)

Bug Fixes

• assertions: throw error or warn when synth is called multiple times on mutated construct tree (#31865) (a261c9d), closes #24689
• cli: ecr garbage collection hangs when repository has no images (#31951) (a235a9f)
• cli: garbage collection ignores review_in_progress stacks (#31906) (cb3ecfe)
• s3-assets: cannot publish a file without extension (#30597) (ccab485), closes #30471
• sqs: queue with fifo: false does not deploy (#31922) (a9d3b02), closes #8550
• enable node-fips compatible body checksums for S3 (#31883) (4f29c1d)

2.164.1 (2024-10-25)

Bug Fixes

• enable node-fips compatible body checksums for S3 (#31883) (290a499)

2.164.0 (2024-10-24)

Features

• cli: add ability to configure hotswap properties for ECS (#30511) (fee2cf8), closes #29618
• cognito: support email based MFA (#31816) (f9d6eef), closes #31815
• cognito: the Cognito Identity Pools module is now in Developer Preview (#31854) (b22899f)

Bug Fixes

• cli: cross-account asset publishing doesn't work without bootstrap stack (#31876) (427bf63), closes #31866
• cli: deploy-role is not authorized to perform DescribeStackResources (#31878) (8d06824)
• core: fix policy synthesizer logic for precreated roles (#31710) (aae03c9)
• dynamodb: replication regions are incompatible with resource policies in TableV2 and feature flag (#31513) (0b03eb0), closes #30705
• events-targets: kinesis Stream target with Customer-Managed KMS key causes EventBridge FailedInvocations (#31836) (58dfda0), closes #10996

2.163.1 (2024-10-22)

... (truncated)

Commits

• 408b20f feat(cognito): support UserPoolGroup (#31351)
• a261c9d fix(assertions): throw error or warn when synth is called multiple times on...
• ccab485 fix(s3-assets): cannot publish a file without extension (#30597)
• a9d3b02 fix(sqs): queue with fifo: false does not deploy (#31922)
• 8c15b5f feat(codebuild): add support of organization webhook in github source (#31740)
• 8c93291 feat: update L1 CloudFormation resource definitions (#31917)
• 5c6cc5e chore(ec2): pricing api interface vpc endpoint duplicated (#31912)
• a1eef1d chore(ec2): add missing interface VPC endpoint (#31907)
• 84d71a4 chore(rds): deprecate aurora mysql version 1 for mysql 5.6 (#31551)
• 09256db chore(ec2): add missing interface VPC endpoints (#31882)
• Additional commits viewable in compare view

Updates constructs from 10.3.0 to 10.4.2

Release notes

Sourced from constructs's releases.

v10.4.2

10.4.2 (2024-10-14)

Bug Fixes

• cannot create root construct in python (#2500) (892bb11), closes #2499 #1063

v10.4.1

10.4.1 (2024-10-11)

Bug Fixes

• revert "fix: cannot create root construct in python" (#2499) (3f6a73a), closes aws/constructs#2496

v10.4.0

10.4.0 (2024-10-11)

Features

• stabilize experimental code (#2497) (75f29f4), closes #2267

Bug Fixes

• cannot create root construct in python (#2496) (bb7f237), closes #1063
• unnecessary strict node requirement in engines in package.json (#2498) (e9bf09c), closes #1329

v10.3.2

10.3.2 (2024-10-11)

Bug Fixes

• Python constructs do not implement a compatible interface (#2495) (912158f)

v10.3.1

10.3.1 (2024-10-10)

Bug Fixes

• rootNode.getAllContext() returns empty object (#2483) (1eb4dca), closes #2239

Commits

• 892bb11 fix: cannot create root construct in python (#2500)
• fab93a5 chore(deps): upgrade dev dependencies (#2506)
• b06a17d chore(deps): upgrade dev dependencies (#2504)
• dcae75e chore(deps): upgrade dev dependencies (#2502)
• 3f6a73a fix: revert "fix: cannot create root construct in python" (#2499)
• bb7f237 fix: cannot create root construct in python (#2496)
• 75f29f4 feat: stabilize experimental code (#2497)
• e9bf09c fix: unnecessary strict node requirement in engines in package.json (#2498)
• 912158f fix: Python constructs do not implement a compatible interface (#2495)
• 037cd6a chore(deps): upgrade dev dependencies (#2494)
• Additional commits viewable in compare view

Updates esbuild from 0.23.0 to 0.24.0

Release notes

Sourced from esbuild's releases.

v0.24.0

This release deliberately contains backwards-incompatible changes. To avoid automatically picking up releases like this, you should either be pinning the exact version of esbuild in your package.json file (recommended) or be using a version range syntax that only accepts patch upgrades such as ^0.23.0 or ~0.23.0. See npm's documentation about semver for more information.

• Drop support for older platforms (#3902)

  This release drops support for the following operating system:

  • macOS 10.15 Catalina

  This is because the Go programming language dropped support for this operating system version in Go 1.23, and this release updates esbuild from Go 1.22 to Go 1.23. Go 1.23 now requires macOS 11 Big Sur or later.

  Note that this only affects the binary esbuild executables that are published to the esbuild npm package. It's still possible to compile esbuild's source code for these older operating systems. If you need to, you can compile esbuild for yourself using an older version of the Go compiler (before Go version 1.23). That might look something like this:

  git clone https://github.com/evanw/esbuild.git
  cd esbuild
  go build ./cmd/esbuild
  ./esbuild --version
  

• Fix class field decorators in TypeScript if useDefineForClassFields is false (#3913)

  Setting the useDefineForClassFields flag to false in tsconfig.json means class fields use the legacy TypeScript behavior instead of the standard JavaScript behavior. Specifically they use assign semantics instead of define semantics (e.g. setters are triggered) and fields without an initializer are not initialized at all. However, when this legacy behavior is combined with standard JavaScript decorators, TypeScript switches to always initializing all fields, even those without initializers. Previously esbuild incorrectly continued to omit field initializers for this edge case. These field initializers in this case should now be emitted starting with this release.

• Avoid incorrect cycle warning with tsconfig.json multiple inheritance (#3898)

  TypeScript 5.0 introduced multiple inheritance for tsconfig.json files where extends can be an array of file paths. Previously esbuild would incorrectly treat files encountered more than once when processing separate subtrees of the multiple inheritance hierarchy as an inheritance cycle. With this release, tsconfig.json files containing this edge case should work correctly without generating a warning.

• Handle Yarn Plug'n'Play stack overflow with tsconfig.json (#3915)

  Previously a tsconfig.json file that extends another file in a package with an exports map could cause a stack overflow when Yarn's Plug'n'Play resolution was active. This edge case should work now starting with this release.

• Work around more issues with Deno 1.31+ (#3917)

  This version of Deno broke the stdin and stdout properties on command objects for inherited streams, which matters when you run esbuild's Deno module as the entry point (i.e. when import.meta.main is true). Previously esbuild would crash in Deno 1.31+ if you ran esbuild like that. This should be fixed starting with this release.

  This fix was contributed by @​Joshix-1.

v0.23.1

• Allow using the node: import prefix with es* targets (#3821)

  The node: prefix on imports is an alternate way to import built-in node modules. For example, import fs from "fs" can also be written import fs from "node:fs". This only works with certain newer versions of node, so esbuild removes it when you target older versions of node such as with --target=node14 so that your code still works. With the way esbuild's platform-specific feature compatibility table works, this was added by saying that only newer versions of node support this feature. However, that means that a target such as --target=node18,es2022 removes the node: prefix because none of the es* targets are known to support this feature. This release adds the support for the node: flag to esbuild's internal compatibility table for es* to allow you to use compound targets like this:

  // Original code
  import fs from 'node:fs'
  fs.open
  // Old output (with --bundle --format=esm --platform=node --target=node18,es2022)
  import fs from "fs";

... (truncated)

Changelog

Sourced from esbuild's changelog.

0.24.0

This release deliberately contains backwards-incompatible changes. To avoid automatically picking up releases like this, you should either be pinning the exact version of esbuild in your package.json file (recommended) or be using a version range syntax that only accepts patch upgrades such as ^0.23.0 or ~0.23.0. See npm's documentation about semver for more information.

• Drop support for older platforms (#3902)

  This release drops support for the following operating system:

  • macOS 10.15 Catalina

  This is because the Go programming language dropped support for this operating system version in Go 1.23, and this release updates esbuild from Go 1.22 to Go 1.23. Go 1.23 now requires macOS 11 Big Sur or later.

  Note that this only affects the binary esbuild executables that are published to the esbuild npm package. It's still possible to compile esbuild's source code for these older operating systems. If you need to, you can compile esbuild for yourself using an older version of the Go compiler (before Go version 1.23). That might look something like this:

  git clone https://github.com/evanw/esbuild.git
  cd esbuild
  go build ./cmd/esbuild
  ./esbuild --version
  

• Fix class field decorators in TypeScript if useDefineForClassFields is false (#3913)

  Setting the useDefineForClassFields flag to false in tsconfig.json means class fields use the legacy TypeScript behavior instead of the standard JavaScript behavior. Specifically they use assign semantics instead of define semantics (e.g. setters are triggered) and fields without an initializer are not initialized at all. However, when this legacy behavior is combined with standard JavaScript decorators, TypeScript switches to always initializing all fields, even those without initializers. Previously esbuild incorrectly continued to omit field initializers for this edge case. These field initializers in this case should now be emitted starting with this release.

• Avoid incorrect cycle warning with tsconfig.json multiple inheritance (#3898)

  TypeScript 5.0 introduced multiple inheritance for tsconfig.json files where extends can be an array of file paths. Previously esbuild would incorrectly treat files encountered more than once when processing separate subtrees of the multiple inheritance hierarchy as an inheritance cycle. With this release, tsconfig.json files containing this edge case should work correctly without generating a warning.

• Handle Yarn Plug'n'Play stack overflow with tsconfig.json (#3915)

  Previously a tsconfig.json file that extends another file in a package with an exports map could cause a stack overflow when Yarn's Plug'n'Play resolution was active. This edge case should work now starting with this release.

• Work around more issues with Deno 1.31+ (#3917)

  This version of Deno broke the stdin and stdout properties on command objects for inherited streams, which matters when you run esbuild's Deno module as the entry point (i.e. when import.meta.main is true). Previously esbuild would crash in Deno 1.31+ if you ran esbuild like that. This should be fixed starting with this release.

  This fix was contributed by @​Joshix-1.

0.23.1

• Allow using the node: import prefix with es* targets (#3821)

  The node: prefix on imports is an alternate way to import built-in node modules. For example, import fs from "fs" can also be written import fs from "node:fs". This only works with certain newer versions of node, so esbuild removes it when you target older versions of node such as with --target=node14 so that your code still works. With the way esbuild's platform-specific feature compatibility table works, this was added by saying that only newer versions of node support this feature. However, that means that a target such as --target=node18,es2022 removes the node: prefix because none of the es* targets are known to support this feature. This release adds the support for the node: flag to esbuild's internal compatibility table for es* to allow you to use compound targets like this:

  // Original code
  import fs from 'node:fs'
  fs.open

... (truncated)

Commits

• d34e79e publish 0.24.0 to npm
• 045a87f fix #3887: omit dead export warning for default
• 6e049b8 fix #3913: useDefineForClassFields and decorators
• 9c26f98 lower decorators for useDefineForClassFields #3913
• 46fdb68 fix #3898: incorrect cyclic tsconfig.json warning
• b500443 fix #3917: running esbuild cli with deno
• b125e62 run make update-compat-table
• 112b9aa fix #3915: stack overflow with yarn + tsconfig
• ed5a555 wasm: catch and rethrow stack overflows (#3915)
• 11d3196 fix #3902: update go 1.22.5 => 1.23.1
• Additional commits viewable in compare view

Updates jose from 5.6.3 to 5.9.6

Release notes

Sourced from jose's releases.

v5.9.6

Reverts

• Revert "refactor(build): simplify package exports" (2ef3a52)

v5.9.4

Refactor

• types: update error definitions (510c5ca)

v5.9.3

Refactor

• use as Type for type assertions instead of <Type> (c4dc24d)

v5.9.2

Refactor

• types: remove index signatures from JWK interfaces (ccf0cda)

v5.9.1

Fixes

• types: add missing index signature on the convenience JWK types (90a93dc)

v5.9.0

Features

• allow JWK objects as "key" input to sign and verify (c6302ea)

This method of passing private or public keys does not yield the same performance as passing a CryptoKey or KeyObject instances, its main purpose is for convenience or for when you're not going to be re-using the same set of keys for the operation, in which case you should use one of the import key methods to obtain a CryptoKey or KeyObject.

Example Signing

const alg = "RS256";
const jwk = {
  kty: "RSA",
  n: "whYOFK2Ocbbpb_zVypi9SeKiNUqKQH0zTKN1-6fpCTu6ZalGI82s7XK3tan4dJt90ptUPKD2zvxqTzFNfx4HHHsrYCf2-FMLn1VTJfQazA2BvJqAwcpW1bqRUEty8tS_Yv4hRvWfQPcc2Gc3-_fQOOW57zVy-rNoJc744kb30NjQxdGp03J2S3GLQu7oKtSDDPooQHD38PEMNnITf0pj-KgDPjymkMGoJlO3aKppsjfbt_AH6GGdRghYRLOUwQU-h-ofWHR3lbYiKtXPn5dN24kiHy61e3VAQ9_YAZlwXC_99GGtw_NpghFAuM4P1JDn0DppJldy3PGFC0GfBCZASw",
  e: "AQAB",
  d: "VuVE_KEP6323WjpbBdAIv7HGahGrgGANvbxZsIhm34lsVOPK0XDegZkhAybMZHjRhp-gwVxX5ChC-J3cUpOBH5FNxElgW6HizD2Jcq6t6LoLYgPSrfEHm71iHg8JsgrqfUnGYFzMJmv88C6WdCtpgG_qJV1K00_Ly1G1QKoBffEs-v4fAMJrCbUdCz1qWto-PU-HLMEo-krfEpGgcmtZeRlDADh8cETMQlgQfQX2VWq_aAP4a1SXmo-j0cvRU4W5Fj0RVwNesIpetX2ZFz4p_JmB5sWFEj_fC7h5z2lq-6Bme2T3BHtXkIxoBW0_pYVnASC8P2puO5FnVxDmWuHDYQ",
  p: "07rgXd_tLUhVRF_g1OaqRZh5uZ8hiLWUSU0vu9coOaQcatSqjQlIwLW8UdKv_38GrmpIfgcEVQjzq6rFBowUm9zWBO9Eq6enpasYJBOeD8EMeDK-nsST57HjPVOCvoVC5ZX-cozPXna3iRNZ1TVYBY3smn0IaxysIK-zxESf4pM",
  q: "6qrE9TPhCS5iNR7QrKThunLu6t4H_8CkYRPLbvOIt2MgZyPLiZCsvdkTVSOX76QQEXt7Y0nTNua69q3K3Jhf-YOkPSJsWTxgrfOnjoDvRKzbW3OExIMm7D99fVBODuNWinjYgUwGSqGAsb_3TKhtI-Gr5ls3fn6B6oEjVL0dpmk",
  dp: "mHqjrFdgelT2OyiFRS3dAAPf3cLxJoAGC4gP0UoQyPocEP-Y17sQ7t-ygIanguubBy65iDFLeGXa_g0cmSt2iAzRAHrDzI8P1-pQl2KdWSEg9ssspjBRh_F_AiJLLSPRWn_b3-jySkhawtfxwO8Kte1QsK1My765Y0zFvJnjPws",
  dq: "KmjaV4YcsVAUp4z-IXVa5htHWmLuByaFjpXJOjABEUN0467wZdgjn9vPRp-8Ia8AyGgMkJES_uUL_PDDrMJM9gb4c6P4-NeUkVtreLGMjFjA-_IQmIMrUZ7XywHsWXx0c2oLlrJqoKo3W-hZhR0bPFTYgDUT_mRWjk7wV6wl46E",
  qi: "iYltkV_4PmQDfZfGFpzn2UtYEKyhy-9t3Vy8Mw2VHLAADKGwJvVK5ficQAr2atIF1-agXY2bd6KV-w52zR8rmZfTr0gobzYIyqHczOm13t7uXJv2WygY7QEC2OGjdxa2Fr9RnvS99ozMa5nomZBqTqT7z5QV33czjPRCjvg6FcE",
};
const jwt = await new jose.SignJWT({ "urn:example:claim": true })
.setProtectedHeader({ alg })
</tr></table>

... (truncated)

Changelog

Sourced from jose's changelog.

5.9.6 (2024-10-20)

Reverts

• Revert "refactor(build): simplify package exports" (2ef3a52)

5.9.5 (2024-10-20)

Refactor

• build: simplify package exports (4783f7f)

5.9.4 (2024-10-11)

Refactor

• types: update error definitions (510c5ca)

5.9.3 (2024-09-22)

Refactor

• use as Type for type assertions instead of (c4dc24d)

5.9.2 (2024-09-14)

Refactor

• types: remove index signatures from JWK interfaces (ccf0cda)

5.9.1 (2024-09-13)

Fixes

• types: add missing index signature on the convenience JWK types (90a93dc)

5.9.0 (2024-09-13)

Features

• allow JWK objects as "key" input to sign and verify (c6302ea)

5.8.0 (2024-08-26)

... (truncated)

Commits

• 27d26a4 chore(release): 5.9.6
• 2ef3a52 Revert "refactor(build): simplify package exports"
• 460a959 chore(release): 5.9.5
• 4783f7f refactor(build): simplify package exports
• 7521425 docs: resolve remaining conflict
• 30365fd ci: use default CodeQL
• ea5f212 chore: bump dev deps
• ffad408 docs: update docs building dependencie...

  Description has been truncated

[dependabot]

Superseded by #350.