Filip Skokan

Yeah, the point is to automate propagation of new releases. That it is pushed now is good but doesn't solve the problem for any future release.

I think there should be two distinct providers One where you know the tenant you're working with and you're NOT using any of the "common" issuers (the existing one with...

I'm not finding all the individual bits from my [original recommendation](https://github.com/panva/oauth4webapi/issues/100#issuecomment-1890380232) nor the recommended split from https://github.com/nextauthjs/next-auth/pull/9718#issuecomment-1909893145 so I'm assuming you're going with your own workarounds.

I have a rather obvious question, what's stopping a random imported module or its dependencies from reverting these security patches without ones knowledge? I think the opt-in only flag was...

@bartlomieju #22312 did not resolve the issue, see https://github.com/denoland/deno/actions/runs/7823226371

> ~Missing `crypto.createVerify` is also a blocker~ to use [`aws-jwt-verify`](https://github.com/awslabs/aws-jwt-verify). > > edit) I found `aws-jwt-verify` has web browser support ([doc](https://github.com/awslabs/aws-jwt-verify?tab=readme-ov-file#usage-in-the-web-browser)), so we should be able to use the package...

> I believe jose v4 is no longer supported It clearly is https://github.com/panva/jose#supported-versions > agreed, seeing as JOSE 4.15 is now flagged by audit: 4.15.5 and 2.0.7 was released as...

https://ci.nodejs.org/view/Node.js-citgm/job/citgm-smoker-pipeline/237/ (v18 and v20) The undici test suite appears too flaky to be in citgm in its current state.

Every single WPT update i'm fighting this error with a while loop. Took 15 minutes of looping now to update WPTs.

I'm going to go ahead and close this because a) i don't believe one session's grant ttl refresh should affect that of other client's in the same session. b) if...