[Snyk] Upgrade jose from 4.9.3 to 4.14.4

[ozamarripa]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade jose from 4.9.3 to 4.14.4.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 21 versions ahead of your current version.
• The recommended version was released 2 months ago, on 2023-04-30.

Release notes

Package name: jose

• 4.14.4 - 2023-04-30
  

  Refactor

  • cleanup NODE-ED25519 workerd workarounds (072e83d)
• 4.14.3 - 2023-04-27
  

  Reverts

  • Revert "fix(types): headers and payloads may only be JSON values and primitives" (06d8101), closes #534
• 4.14.2 - 2023-04-26
  

  Fixes

  • types: headers and payloads may only be JSON values and primitives (24f306e)
• 4.14.1 - 2023-04-20
  

  This release is to start using provenance statements.

• 4.14.0 - 2023-04-14
  

  Features

  • add requiredClaims JWT validation option (eeea91d)
• 4.13.2 - 2023-04-12
  

  This release contains only minor code refactoring, documentation, and IntelliSense updates.

• 4.13.1 - 2023-03-02
  

  Fixes

  • workerd: avoid "The script will never generate a response" edge cases completely (96a8c99), closes #355 #509
• 4.13.0 - 2023-02-27
  

  Features

  • types: allow generics to aid in CryptoKey or KeyObject narrowing of KeyLike (6effa4d)

  Fixes

  • make jose.EmbeddedJWK arguments optional (20610a9)
• 4.12.2 - 2023-02-27
  

  Fixes

  • types: declare explicit return from EmbeddedJWK (46934ac)
• 4.12.1 - 2023-02-27
  

  Refactor

  • clarify when alg is used and required on key imports (19e525f)
  • node: have node:crypto deal with x509 parsing (45bb45d)
• 4.12.0 - 2023-02-15
• 4.11.4 - 2023-02-07
• 4.11.3 - 2023-02-07
• 4.11.2 - 2023-01-01
• 4.11.1 - 2022-11-22
• 4.11.0 - 2022-11-08
• 4.10.4 - 2022-10-28
• 4.10.3 - 2022-10-20
• 4.10.2 - 2022-10-20
• 4.10.1 - 2022-10-20
• 4.10.0 - 2022-09-27
• 4.9.3 - 2022-09-15

from jose GitHub release notes

Commit messages

Package name: jose

• 2b607e9 chore(release): 4.14.4
• 072e83d refactor: cleanup NODE-ED25519 workerd workarounds
• 9b234dd chore: bump dev deps
• 7777f2f test: update workerd expectations
• a8ede7f chore: bump dev deps
• 433d2cd docs: drop support for v1.x and v3.x
• d3d6f17 chore: bump dev deps
• d9db56c chore: update package.json
• 001d255 chore: cleanup after release
• 008c1c8 chore(release): 4.14.3
• 8fd1f29 build: add reverts to changelog
• 06d8101 revert: Revert "fix(types): headers and payloads may only be JSON values and primitives"
• ec4762d build,ci: dont run test.yml and browserstack.yml workflows on tag pushes
• 490e892 chore: cleanup after release
• f079ca3 chore(release): 4.14.2
• 24f306e fix(types): headers and payloads may only be JSON values and primitives
• a60399f chore: bump dev deps
• 5bef71e chore: bump dev deps
• 623152c build: refactor cleanup job
• c1619d2 docs: update README.md and docs/README.md
• 63655e2 build: no need to npm i -g npm for provenance on lts/hydrogen
• c4be36b build: add default title to gh release
• 5a9a03f build: dont continue on error
• 6e32597 build: update postrelease message

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs