Bump jose from 1.11.6 to 1.11.10

[dependabot[bot]]

Bumps jose from 1.11.6 to 1.11.10.

Release notes

Sourced from jose's releases.

1.11.10 (2024-04-17)

• Fixes
  • Various type spec fixes; see #165 and #166.

1.11.8 (2024-04-07)

• Fixes
  • Removes use of dynamic() type spec so OTP 24 and OTP 25 are still supported for now.

1.11.7 (2024-04-07)

• Security Patches
  • CVE-2023-50966: Add jose:pbes2_count_maximum/0. By default, the maximum iterations are set to 10,000 and it will raise an error if p2c is larger than this value.
• Changes
  • Declare Poison as an optional dependency, thanks to [@​lnikkila][https://github.com/lnikkila]; see #144.
  • Ensure jiffy:encode/1 returns a binary, thanks to @​ssepml; see #145.
  • Various type spec additions and dialyzer/dialyxir integrations, thanks to @​whatyouhide and @​maennchen.
  • Doc updates and fixes, thanks to @​aymanosman and @​adamu; see #158 and #159.

Changelog

Sourced from jose's changelog.

1.11.10 (2024-04-17)

• Fixes
  • Various type spec fixes; see #165 and #166.

1.11.9 (2024-04-08)

• Fixes
  • Change Elixir dependency on dialyxer to only be used in dev and test, thanks to @​requestben and @​dvic; see #162 and #163.
  • rebar3 upgrade errors fixed; see #160 and #163.

1.11.8 (2024-04-07)

• Fixes
  • Removes use of dynamic() type spec so OTP 24 and OTP 25 are still supported for now.

1.11.7 (2024-04-07)

• Security Patches
  • CVE-2023-50966: Add jose:pbes2_count_maximum/0. By default, the maximum iterations are set to 10,000 and it will raise an error if p2c is larger than this value.
• Changes
  • Declare Poison as an optional dependency, thanks to [@​lnikkila][https://github.com/lnikkila]; see #144.
  • Ensure jiffy:encode/1 returns a binary, thanks to @​ssepml; see #145.
  • Various type spec additions and dialyzer/dialyxir integrations, thanks to @​whatyouhide and @​maennchen.
  • Doc updates and fixes, thanks to @​aymanosman and @​adamu; see #158 and #159.

Commits

• eb6de2c Version 1.11.10 (2024-04-17)
• bd96bde Merge pull request #166 from kpanic/fix-jwe-compact-spec
• 2c9631e Fix JOSE.JWE.compact/1 @​spec
• cba5fce Merge pull request #165 from jareddellitt/verify_strict_typespec
• 4de0cf8 fix: verify and verify_strict typespec should reference JOSE.JWK.t()
• 66e6eec Only depend on poison in dev/test environments.
• 09de6d2 Version 1.11.9 (2024-04-08)
• 3955ab7 Merge pull request #160 from requestben/fix-dialyzer-config
• bd7285d Fix dialyzer config
• a352bb5 Version 1.11.8 (2024-04-07)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)