Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the server-major-dependencies group across 1 directory with 2 updates #1846

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the server-major-dependencies group across 1 directory with 2 updates #1846

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 23, 2025

Bumps the server-major-dependencies group with 2 updates in the /server directory: jsdom and openid-client.

Updates jsdom from 25.0.1 to 26.0.0

Release notes

Sourced from jsdom's releases.

Version 26.0.0

Breaking change: canvas peer dependency requirement has been upgraded from v2 to v3. (sebastianwachter)

Other changes:

  • Added AbortSignal.any(). (jdbevan)
  • Added initial support for form-associated custom elements, in particular making them labelable and supporting the ElementInternals labels property. The form-associated callbacks are not yet supported. (hesxenon)
  • Updated whatwg-url, adding support for URL.parse().
  • Updated cssstyle and rrweb-cssom, to improve CSS parsing capabilities.
  • Updated nwsapi, improving CSS selector matching.
  • Updated parse5, fixing a bug around <noframes> elements and HTML entity decoding.
  • Fixed JSDOM.fromURL() to properly reject the returned promise if the server redirects to an invalid URL, instead of causing an uncaught exception.
Changelog

Sourced from jsdom's changelog.

26.0.0

Breaking change: canvas peer dependency requirement has been upgraded from v2 to v3. (sebastianwachter)

Other changes:

  • Added AbortSignal.any(). (jdbevan)
  • Added initial support for form-associated custom elements, in particular making them labelable and supporting the ElementInternals labels property. The form-associated callbacks are not yet supported. (hesxenon)
  • Updated whatwg-url, adding support for URL.parse().
  • Updated cssstyle and rrweb-cssom, to improve CSS parsing capabilities.
  • Updated nwsapi, improving CSS selector matching.
  • Updated parse5, fixing a bug around <noframes> elements and HTML entity decoding.
  • Fixed JSDOM.fromURL() to properly reject the returned promise if the server redirects to an invalid URL, instead of causing an uncaught exception.
Commits
  • 3644055 Version 26.0.0
  • 8ebaee9 Update dependencies and dev dependencies
  • 5984ace Catch invalid redirect URLs
  • d5abcd1 Make querySelectorAll follow the always-impl rule
  • 56f27c2 Add support for ElementInternals's labels property
  • 854ae1b Implement AbortSignal.any()
  • 7cc3500 Update optional peer dependency canvas to v3
  • 8955c99 Add support for canvas v3
  • 8dfe288 Add Node 22 to CI test matrix
  • See full diff in compare view

Updates openid-client from 5.7.0 to 6.3.1

Release notes

Sourced from openid-client's releases.

v6.3.1

Refactor

  • passport: allow dpop handle to be retrieved with an async function (4491f70)
  • passport: bind authorization code to a DPoP Key (b536d0a)
  • passport: use the supportsPKCE() metadata helper (e13fb37)

v6.3.0

Features

  • add a helper to DPoPHandle to calculate dpop_jkt (e99a9d9)

Documentation

  • add DPoP example (2fb51e1)
  • reword buildAuthorizationUrl methods for more clarity (7e987d9)
  • update CIBA docs (35ff0f5)
  • update example diffs (2e152d9)
  • update JWT Introspection Response references to RFC 9701 (d742709)
  • update README.md (8dbb921)
  • update README.md (546b651)

v6.2.0

Features

  • add Client-Initiated Backchannel Authentication (fe6d996)

Documentation

  • explain more discovery() behaviours (271ac5b)
  • re-run docs (17b531a)
  • update buildAuthorizationUrl parameters description (23fb405)
  • update buildAuthorizationUrl parameters description (db9fd94)

Fixes

  • types: fix typo in DeviceAuthorizationGrantPollOptions (d3629c9)

v6.1.7

Refactor

  • types: move customFetch options into its own interface (57d8355)

v6.1.6

Fixes

  • handle scope, prompt, and passReqToCallback from generic passport types (cc92a36), closes #735

... (truncated)

Changelog

Sourced from openid-client's changelog.

6.3.1 (2025-02-20)

Refactor

  • passport: allow dpop handle to be retrieved with an async function (4491f70)
  • passport: bind authorization code to a DPoP Key (b536d0a)
  • passport: use the supportsPKCE() metadata helper (e13fb37)

6.3.0 (2025-02-18)

Features

  • add a helper to DPoPHandle to calculate dpop_jkt (e99a9d9)

Documentation

  • add DPoP example (2fb51e1)
  • reword buildAuthorizationUrl methods for more clarity (7e987d9)
  • update CIBA docs (35ff0f5)
  • update example diffs (2e152d9)
  • update JWT Introspection Response references to RFC 9701 (d742709)
  • update README.md (8dbb921)
  • update README.md (546b651)

6.2.0 (2025-02-17)

Features

  • add Client-Initiated Backchannel Authentication (fe6d996)

Documentation

  • explain more discovery() behaviours (271ac5b)
  • re-run docs (17b531a)
  • update buildAuthorizationUrl parameters description (23fb405)
  • update buildAuthorizationUrl parameters description (db9fd94)

Fixes

  • types: fix typo in DeviceAuthorizationGrantPollOptions (d3629c9)

6.1.7 (2024-12-02)

... (truncated)

Commits
  • 7779f84 chore(release): 6.3.1
  • e13fb37 refactor(passport): use the supportsPKCE() metadata helper
  • dde4b44 test: show warnings
  • d595b79 test(node): stop testing lts/hydrogen
  • a8e0203 chore: add ciba to package keywords
  • 1364cbd example: update passport example
  • 4491f70 refactor(passport): allow dpop handle to be retrieved with an async function
  • b536d0a refactor(passport): bind authorization code to a DPoP Key
  • 5b2156d chore: cleanup after release
  • ea6c782 chore(release): 6.3.0
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the server-major-dependencies group across 1 directory with 2 up…
886e739 
…dates

Bumps the server-major-dependencies group with 2 updates in the /server directory: [jsdom](https://github.com/jsdom/jsdom) and [openid-client](https://github.com/panva/openid-client).


Updates `jsdom` from 25.0.1 to 26.0.0
- [Release notes](https://github.com/jsdom/jsdom/releases)
- [Changelog](https://github.com/jsdom/jsdom/blob/main/Changelog.md)
- [Commits](jsdom/jsdom@25.0.1...26.0.0)

Updates `openid-client` from 5.7.0 to 6.3.1
- [Release notes](https://github.com/panva/openid-client/releases)
- [Changelog](https://github.com/panva/openid-client/blob/main/CHANGELOG.md)
- [Commits](panva/openid-client@v5.7.0...v6.3.1)

---
updated-dependencies:
- dependency-name: jsdom
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: server-major-dependencies
- dependency-name: openid-client
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: server-major-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from a team as a code owner February 23, 2025 04:29
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Feb 23, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants