fix(deps): update dependency oidc-provider to v8.5.1 #167

renovate · 2022-12-04T20:49:57Z

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
oidc-provider	`8.0.0` -> `8.5.1`
@types/oidc-provider (source)	`7.14.0` -> `8.5.1`

Release Notes

panva/node-oidc-provider (oidc-provider)

`v8.5.1`

Compare Source

Documentation

update README.md (41a7a0b)

Refactor

build: export Provider also as a named export (083c7c4)

`v8.5.0`

Compare Source

Features

add a Client static validate() method (d1f7d73)
add a helper allowing custom claims parameter validations (ec2a1f5)
add experimental support for RFC9396 - Rich Authorization Requests (e9fb573)
add response_modes client metadata allow list (76f9af0)
allow extraParams to define validations for extra parameters (b7d3322)
DPoP: add a setting to disable DPoP Proof Replay Detection (2744fc8)
DPoP: send a dpop-nonce when the proof's iat check fails and nonces are configured but not required (1b073c0)
FAPI: add FAPI 2.0 profile behaviours (5212609)
JAR: add a helper allowing custom JWT claim and header validations (be9242a)
PAR: add a setting to allow use of unregistered redirect_uri values (a7e73fa)
update Web Message Response Mode and remove its Relay Mode (a91add8)

Fixes

DPoP,mTLS: reject client configuration in which binding is required but response types include an implicit token response (cd7e0f4)

Refactor

deprecate FAPI 1.0 ID2, lax request objects, plain PKCE (3e8a784)
don't use overwrite cookie option by default (dfbcb94)
DPoP: move the accepted timespan into a constant (a8e8006)
DPoP: omit sending the dpop-nonce header if the existing one used is fresh (4d635e2)
ensure param-assigned max_age from client.defaultMaxAge is a string (0c52469)
FAPI: deprecate FAPI profile hardcoded PKCE checks (56641ec)
JAR: authorization requests with JAR now require a client_id parameter (9131cd5)
JAR: Request Objects are no longer checked for one time use (18efa70)
PAR: consume PAR after user interactions instead of before (53babe6)
store claims value parsed in non-JAR PAR (9cd865b)
use invalid_request instead of unauthorized_client (7947d87)

`v8.4.7`

Compare Source

Fixes

include ID Token auth_time when client's default_max_age is zero (bebda04)

`v8.4.6`

Compare Source

Documentation

adds events and debugging recipe (#1246) (0bf7696)
fix client_secret_basic special characters encoding example (73baae1)
re-run update docs (99cc84a)

Refactor

avoid iteration resource iteration in client_credentials (e306640)
avoid use of prototype attributes in object-hash (270af1d)
use logical or assignment (8f55588)

Fixes

ensure each individual resource indicator is a valid URI (d9e1ad2)

`v8.4.5`

Compare Source

Refactor

use doc argument in web_message js code (da3198b)

Fixes

add missing opening html tags (23997c5)
DPoP: mark defaulted dpop_jkt parameter as trusted (ee633f3)

`v8.4.4`

Compare Source

Refactor

test decoded basic auth tokens for their VSCHAR pattern (3f86cc0)

Fixes

DPoP,PAR,JAR: validate DPoP before invalidating JAR during PAR (ca0f999)

`v8.4.3`

Compare Source

`v8.4.2`

Compare Source

Fixes

reject client JSON Web Key Set null value (#1237) (cce6d43)

`v8.4.1`

Compare Source

`v8.4.0`

Compare Source

Features

DPoP: remove experimental flag, DPoP is now RFC9449 (89d133e)

`v8.3.2`

Compare Source

Fixes

assign extraTokenClaims return to the model (e296dc7)

`v8.3.1`

Compare Source

Fixes

DPoP: compare htu scheme and hostname case independent (b72d668)

`v8.3.0`

Compare Source

Features

allow specifying the user-agent header for outgoing requests (95f24ef)

`v8.2.2`

Compare Source

Fixes

ignore non-existent resource scopes during refresh (#1222) (bdf23ba)

`v8.2.1`

Compare Source

Fixes

ignore post_logout_redirect_uris when logout is disabled (#1221) (d7dd6cf)

`v8.2.0`

Compare Source

Features

add correlation identifier to interactions (#1218) (c072352)

Features

mTLS.getCertificate helper can return a X509Certificate object (be3f47f)

Configuration

📅 Schedule: Branch creation - "after 9pm,before 6am" in timezone Europe/Zurich, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

renovate bot added the dependencies Dependency Upgrades from Renovate Bot label Dec 4, 2022

renovate bot force-pushed the renovate/oidc-provider-8.x branch 9 times, most recently from adf92d4 to 316e43c Compare December 12, 2022 23:35

renovate bot force-pushed the renovate/oidc-provider-8.x branch 5 times, most recently from 4ada149 to d277f5d Compare December 16, 2022 23:40

renovate bot changed the title ~~chore(deps): update dependency @types/oidc-provider to v8~~ Update dependency @types/oidc-provider to v8 Dec 17, 2022

renovate bot changed the title ~~Update dependency @types/oidc-provider to v8~~ chore(deps): update dependency @types/oidc-provider to v8 Dec 17, 2022

renovate bot force-pushed the renovate/oidc-provider-8.x branch 4 times, most recently from f13c5d3 to de2eb0c Compare December 24, 2022 23:01

renovate bot force-pushed the renovate/oidc-provider-8.x branch 2 times, most recently from 8344e63 to 4dfde01 Compare December 31, 2022 23:22

renovate bot force-pushed the renovate/oidc-provider-8.x branch 4 times, most recently from 0b4472d to 1f28ee8 Compare January 13, 2023 06:31

renovate bot force-pushed the renovate/oidc-provider-8.x branch 2 times, most recently from 33cd365 to fb2fd97 Compare January 21, 2023 02:49

renovate bot force-pushed the renovate/oidc-provider-8.x branch from fb2fd97 to d026c1a Compare January 23, 2023 13:23

renovate bot force-pushed the renovate/oidc-provider-8.x branch 5 times, most recently from 6e1d1ee to 668caa7 Compare June 4, 2024 04:08

renovate bot force-pushed the renovate/oidc-provider-8.x branch 3 times, most recently from 8f61bc0 to 565b620 Compare June 6, 2024 03:58

renovate bot force-pushed the renovate/oidc-provider-8.x branch 6 times, most recently from cacf393 to 2728dd3 Compare June 20, 2024 09:59

renovate bot changed the title ~~fix(deps): update dependency oidc-provider to v8.4.6~~ fix(deps): update dependency oidc-provider to v8.4.7 Jun 20, 2024

renovate bot force-pushed the renovate/oidc-provider-8.x branch 4 times, most recently from f602c4e to 3f54ebf Compare June 26, 2024 01:59

renovate bot force-pushed the renovate/oidc-provider-8.x branch from 3f54ebf to 15c3c4b Compare June 28, 2024 23:08

renovate bot changed the title ~~fix(deps): update dependency oidc-provider to v8.4.7~~ fix(deps): update dependency oidc-provider to v8.5.0 Jun 28, 2024

renovate bot force-pushed the renovate/oidc-provider-8.x branch 4 times, most recently from 0ccd357 to e264f86 Compare July 3, 2024 12:06

renovate bot changed the title ~~fix(deps): update dependency oidc-provider to v8.5.0~~ fix(deps): update dependency oidc-provider to v8.5.1 Jul 3, 2024

fix(deps): update dependency oidc-provider to v8.5.1

bb6ae66

renovate bot force-pushed the renovate/oidc-provider-8.x branch from e264f86 to bb6ae66 Compare July 3, 2024 15:44

renovate bot merged commit 7a8ec43 into main Jul 3, 2024
5 checks passed

renovate bot deleted the renovate/oidc-provider-8.x branch July 3, 2024 15:45

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix(deps): update dependency oidc-provider to v8.5.1 #167

fix(deps): update dependency oidc-provider to v8.5.1 #167

renovate bot commented Dec 4, 2022 •

edited

Loading

fix(deps): update dependency oidc-provider to v8.5.1 #167

fix(deps): update dependency oidc-provider to v8.5.1 #167

Conversation

renovate bot commented Dec 4, 2022 • edited Loading

Release Notes

Documentation

Refactor

Features

Fixes

Refactor

Fixes

Documentation

Refactor

Fixes

Refactor

Fixes

Refactor

Fixes

Fixes

Features

Fixes

Fixes

Features

Fixes

Fixes

Features

Features

Configuration

renovate bot commented Dec 4, 2022 •

edited

Loading