iasql icon indicating copy to clipboard operation
iasql copied to clipboard
verified publisher icon alantech

Bump express-jwt from 6.1.1 to 7.5.0

Open dependabot[bot] opened this issue 3 years ago • 5 comments

Bumps express-jwt from 6.1.1 to 7.5.0.

Changelog

Sourced from express-jwt's changelog.

7.5.0 - 2022-04-25

7.4.3 - 2022-04-21

7.4.2 - 2022-04-20

7.4.1 - 2022-04-20

7.4.0 - 2022-04-20

7.3.0 - 2022-04-20

7.2.0 - 2022-04-20

7.1.0 - 2022-04-20

7.0.0 - 2022-04-20

6.1.2 - 2022-04-20

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependabot[bot] avatar Apr 25 '22 21:04 dependabot[bot]

@dependabot rebase

dfellis avatar Apr 26 '22 00:04 dfellis

This PR is blocked on https://github.com/auth0/node-jwks-rsa/pull/297 being merged and we upgrade both of those simultaneously.

dfellis avatar Apr 26 '22 01:04 dfellis

So, putting this PR on hold for now because it blew up staging. It appears the req.user type has changed, too, and our dashboard goes into an infinite loop of errors because of it.

We need to wait for @types/express-jwt to be updated, too, to get this PR over the line.

dfellis avatar Apr 26 '22 21:04 dfellis

A newer version of express-jwt exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.

dependabot[bot] avatar Apr 30 '22 15:04 dependabot[bot]

Attempted to tackle this again, but stuck on the Request type being incorrect, also it looks like [email protected] no longer has the req.user type, but req.auth so I am weary of upgrading without type safety here and opened an issue: https://github.com/auth0/express-jwt/issues/298

dfellis avatar Jun 28 '22 16:06 dfellis

@dependabot recreate

dfellis avatar Nov 16 '22 03:11 dfellis

Looks like express-jwt is updatable in another way, so this is no longer needed.

dependabot[bot] avatar Nov 16 '22 03:11 dependabot[bot]