Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): update dependency jwt-decode to v4 #963

Merged
merged 2 commits into from
Nov 7, 2023

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Nov 4, 2023

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
jwt-decode 3.1.2 -> 4.0.0 age adoption passing confidence

Release Notes

auth0/jwt-decode (jwt-decode)

v4.0.0

Compare Source

Full Changelog

A new version of the library, including a couple of improvements:

  • No longer include a polyfill for atob, as this is supported in all major browsers (and node environments > 14).
  • Compile to ES2017, dropping support for anything that does not support ES2017 (which should be very limited according to caniuse)
  • Use Node's atob when running on node.
  • Drop support for Node 14 and 16, add support for Node 20.
  • Add support for package.json's exports field, for better CJS/ESM support
  • Reorganize build artifacts for better CJS/ESM support (cjs and esm needs to be their own directory with a cjs specific package.json file)
  • Drop manual UMD bundle creation in index.standalone.ts, but rely on rollup instead.
  • Infer JwtPayload and JwtHeader default types from the header argument by using overloads.

Even though some users might experience breaking changes, mostly because of the exports field, the majority should be able to update without making any changes, assuming the SDK is used in environments with support for atob.

Migration to v4.0.0

The jwtDecode function is now no longer the default export, and is instead provided as a named export. Make sure to update your code in places where you are importing this function:

-import jwtDecodefrom "jwt-decode";
+import { jwtDecode } from "jwt-decode";

Configuration

📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot added the dependencies Pull requests that update a dependency file label Nov 4, 2023
Copy link

socket-security bot commented Nov 4, 2023

Removed dependencies detected. Learn more about Socket for GitHub ↗︎

🚮 Removed packages: jwt-decode@3.1.2

Copy link
Contributor Author

renovate bot commented Nov 7, 2023

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

Warning: custom changes will be lost.

@IanKrieger IanKrieger merged commit b008b17 into master Nov 7, 2023
6 checks passed
@IanKrieger IanKrieger deleted the renovate/jwt-decode-4.x branch November 7, 2023 14:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant