Skip to content

build(deps): bump jose from 5.10.0 to 6.2.3#30

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/jose-6.2.3
Open

build(deps): bump jose from 5.10.0 to 6.2.3#30
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/jose-6.2.3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 12, 2026

Copy link
Copy Markdown

Bumps jose from 5.10.0 to 6.2.3.

Release notes

Sourced from jose's releases.

v6.2.3

Refactor

  • cleanly reject invalid PBES2 p2c (0cdb851)

v6.2.2

Fixes

  • reject failed decompression with JWEInvalid error (043b181)

v6.2.1

Refactor

  • reorganize internals, less files, smaller footprint (d4231f9)

v6.2.0

Features

  • re-introduce JWE "zip" (Compression Algorithm) Header Parameter support (b13b446)

Documentation

  • clarify return of general jws and jwe (56682b4)

v6.1.3

Refactor

  • avoid export * as for google closure's compiler sake (6303d98), closes #832

v6.1.2

Refactor

v6.1.1

Documentation

  • add link to RFC9864 (767edde)
  • link to ML-DSA for JOSE (ed4252c)
  • remove mention of Edge Runtime from the readme (94fdde7)
  • update README.md (25098ef)

Refactor

  • eliminate named exports in the source code (f6ae30d)
  • expose setKeyManagementParameters also on a GeneralEncrypt Recipient (16e6b23)
  • faster path for symmetric key checks (a44c2ec)
  • improve en/decoding overheads (daee426)

... (truncated)

Changelog

Sourced from jose's changelog.

6.2.3 (2026-04-27)

Refactor

  • cleanly reject invalid PBES2 p2c (0cdb851)

6.2.2 (2026-03-18)

Fixes

  • reject failed decompression with JWEInvalid error (043b181)

6.2.1 (2026-03-09)

Refactor

  • reorganize internals, less files, smaller footprint (d4231f9)

6.2.0 (2026-03-05)

Features

  • re-introduce JWE "zip" (Compression Algorithm) Header Parameter support (b13b446)

Documentation

  • clarify return of general jws and jwe (56682b4)

6.1.3 (2025-12-02)

Refactor

  • avoid export * as for google closure's compiler sake (6303d98), closes #832

6.1.2 (2025-11-15)

Refactor

6.1.1 (2025-11-09)

... (truncated)

Commits
  • 41ad7e9 chore(release): 6.2.3
  • 988e90f chore: account for commit-and-tag-version instead of standard-version
  • 4b24656 chore: update CHANGELOG.md header
  • 0cdb851 refactor: cleanly reject invalid PBES2 p2c
  • a0b261e test: update Bun expectations
  • b39dc1a chore: use fs.globSync
  • 0675be1 build: replace rollup umd build with a custom esbuild iife wrap
  • 9b03323 chore: bump packages
  • 914b73d chore(deps-dev): bump lodash
  • 9dce817 chore: bump packages
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for jose since your current version.


@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 12, 2026
@dependabot dependabot Bot requested a review from mdtazizulislam as a code owner June 12, 2026 18:36
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 12, 2026
@netlify

netlify Bot commented Jun 12, 2026

Copy link
Copy Markdown

Deploy Preview for ai-powered-cyber ready!

Name Link
🔨 Latest commit 1b2b338
🔍 Latest deploy log https://app.netlify.com/projects/ai-powered-cyber/deploys/6a38b87baaa6340008363dac
😎 Deploy Preview https://deploy-preview-30--ai-powered-cyber.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.
Lighthouse
Lighthouse
1 paths audited
Performance: 97
Accessibility: 99
Best Practices: 100
SEO: 100
PWA: -
View the detailed breakdown and full score reports
🤖 Make changes Run an agent on this branch

To edit notification comments on pull requests, go to your Netlify project configuration.

@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/jose-6.2.3 branch from ba6c4b5 to 3adce7e Compare June 14, 2026 21:59
Bumps [jose](https://github.com/panva/jose) from 5.10.0 to 6.2.3.
- [Release notes](https://github.com/panva/jose/releases)
- [Changelog](https://github.com/panva/jose/blob/main/CHANGELOG.md)
- [Commits](panva/jose@v5.10.0...v6.2.3)

---
updated-dependencies:
- dependency-name: jose
  dependency-version: 6.2.3
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title chore(deps): bump jose from 5.10.0 to 6.2.3 build(deps): bump jose from 5.10.0 to 6.2.3 Jun 22, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/jose-6.2.3 branch from 3adce7e to 1b2b338 Compare June 22, 2026 04:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants