[Snyk] Upgrade jwt-decode from 3.1.2 to 4.0.0

[mo-auto]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade jwt-decode from 3.1.2 to 4.0.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

Warning: This is a major version upgrade, and may be a breaking change.

• The recommended version is 6 versions ahead of your current version.
• The recommended version was released a month ago, on 2023-10-27.

Release notes

Package name: jwt-decode

• 4.0.0 - 2023-10-27
  

  A new version of the library, including a couple of improvements:

  • No longer include a polyfill for atob, as this is supported in all major browsers (and node environments > 14).
  • Compile to ES2017, dropping support for anything that does not support ES2017 (which should be very limited according to caniuse)
  • Use Node's atob when running on node.
  • Drop support for Node 14 and 16, add support for Node 20.
  • Add support for package.json's exports field, for better CJS/ESM support
  • Reorganize build artifacts for better CJS/ESM support (cjs and esm needs to be their own directory with a cjs specific package.json file)
  • Drop manual UMD bundle creation in index.standalone.ts, but rely on rollup instead.
  • Infer JwtPayload and JwtHeader default types from the header argument by using overloads.

  Even though some users might experience breaking changes, mostly because of the exports field, the majority should be able to update without making any changes, assuming the SDK is used in environments with support for atob.

  Migration to v4.0.0

  The jwtDecode function is now no longer the default export, and is instead provided as a named export. Make sure to update your code in places where you are importing this function:

  -import jwtDecodefrom "jwt-decode";
  +import { jwtDecode } from "jwt-decode";

• 4.0.0-beta.4 - 2023-09-05
  

  Breaking changes

  • Raise minimum Node.js version to 18 #209 (jonkoops)

  Fixed

  • fix default condition should be the last one #199 (frederikprijck)
• 4.0.0-beta.3 - 2023-08-16
  

  Breaking changes

  • Drop UMD bundle #193 (frederikprijck)

  Changed

  • Use modern JavaScript syntax #187 (jonkoops)
  • Use ESNext as default module system #188 (jonkoops)
  • Avoid using any bundlers but use tsc instead #192 (frederikprijck)
• 4.0.0-beta.2 - 2023-08-04
  

  Changed

  • Avoid using default exports #175 (frederikprijck)
  • Make options optional no default function parameter initializer #179 (cristobal)

  Fixed

  • Ensure types are bundled and correctly linked #174 (jonkoops)
• 4.0.0-beta.1 - 2023-07-29
  

  Fixed

  • Ensure build is run on prepack #167 (frederikprijck)
• 4.0.0-beta.0 - 2023-07-28
  

  A new version of the library, including a couple of improvements:

  • No longer include a polyfill for atob, as this is supported in all major browsers (and node environments > 14).
  • Compile to ES2017, dropping support for anything that does not support ES2017 (which should be very limited according to caniuse)
  • Use Node's atob when running on node.
  • Drop support for Node 14, add support for Node 20.
  • Add support for package.json's exports field, for better CJS/ESM support
  • Reorganize build artifacts for better CJS/ESM support (cjs and esm needs to be their own directory with a cjs specific package.json file)
  • Drop manual UMD bundle creation in index.standalone.ts, but rely on rollup instead.
  • Infer JwtPayload and JwtHeader default types from the header argument by using overloads.

  Additionally, this PR ensures the file size is decreased:

  • ESM and CJS decreased by 22%
  • UMD decreased by 37%

  Even though some users might experience breaking changes, mostly because of the exports field, the majority should be able to update without making any changes, assuming the SDK is used in environments with support for atob.

• 3.1.2 - 2020-11-16
  

  3.1.2

from jwt-decode GitHub release notes

Commit messages

Package name: jwt-decode

• bd50db0 Release v4.0.0 (fix(admin-ui): fix loader on api key page #232)
• bcfd7da Bump actions/checkout from 3 to 4 (fix(flex-cn-setup): update ingress defs #228)
• 6ec1cba Bump concurrently from 8.2.0 to 8.2.2 (feat: casa administrable lockfile #226)
• 807d123 Bump @ typescript-eslint/eslint-plugin from 6.4.1 to 6.9.0 (feat: adjust ownership and permission to avoid bloated images (#219) #229)
• f68e292 Bump eslint-plugin-import from 2.28.1 to 2.29.0 (fix(admin-ui): put loader and make AuthProvider a functional Component #230)
• b2e7489 Bump eslint-import-resolver-typescript from 3.6.0 to 3.6.1 (fix(admin-ui): missing authentication method from Token Endpoint in the ui #225)
• ccb6488 Bump lint-staged from 14.0.1 to 15.0.2 (feat(docker-admin-ui): separate image builder and runner layers #231)
• cf3cd4f Bump actions/setup-node from 3 to 4 ([Snyk] Upgrade com.fasterxml.jackson.core:jackson-databind from 2.13.2.1 to 2.13.2.2 #227)
• 0ce8017 pin babel/core to recent version and bump jest
• 9a3d0bc Delete .circleci directory (feat(relative path): update import path using relative path webpack aliases #220)
• 8e368f1 Add registry-url to actions/setup-node (feat(docker): review ownership and permission #219)
• 57e4e80 Keep GitHub Actions dependencies up-to-date with Dependabot (chore(deps): bump docker/login-action from 1 to 2 #212)
• 672f075 Clean up debug HTML for development (fix(admin-ui): back button is not working in admin-ui #216)
• 5be0715 Fall back to Jest defaults where possible (feat: admin-ui updated dependencies and manifests #208)
• 4c0a517 Update lockfile to match supported Node.js (chore(deps): bump docker/build-push-action from 2 to 3 #214)
• 02553f3 Install dependencies prior to publishing (feat(admin-ui): fields to be shown on OIDC clients list page #211)
• 0e282d6 Release v4.0.0-beta.4 ([Snyk] Upgrade com.unboundid:unboundid-ldapsdk from 5.1.4 to 6.0.4 #210)
• dbda787 Create `package.json` after cleaning `build` directory (fix(admin-ui): typo fix for licence details page #206)
• d7d2514 Raise minimum Node.js version to 18 ([Snyk] Upgrade com.nimbusds:oauth2-oidc-sdk from 9.19 to 9.32 #209)
• d74ced1 Use built-in version of NPM on CI (fix(admin-ui): fix client name not showing and edit issue in OCID client #207)
• 301ff9c Add `lint-staged` to Husky (fix (admin-ui): issues oidc client page #205)
• 1042008 Add npm publish to GitHub actions (Flex linux setup fixes for rafactored jans installer #203)
• 2a104b0 Various review feedback for ESLint configuration (feat (admin-ui): fields to be shown on oidc clients list page #204)
• ee066bc Add Github Actions Integration (feat: casa updated dependencies and manifests #202)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[sonarcloud]

[flex_admin_ui] Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
0.0% Duplication

[sonarcloud]

Quality Gate passed for 'flex_admin_ui'

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[jv18creator]

Ref: Migration to v4.0.0