build(deps): bump jose from 1.28.1 to 4.6.1

Bumps [jose](https://github.com/panva/jose) from 1.28.1 to 4.6.1. - [Release notes](https://github.com/panva/jose/releases) - [Changelog](https://github.com/panva/jose/blob/main/CHANGELOG.md) - [Commits](panva/jose@v1.28.1...v4.6.1) --- updated-dependencies: - dependency-name: jose dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
RoadieHQ · Apr 12, 2022 · 30a53b5 · 30a53b5
1 parent 987bcc9
commit 30a53b5
Show file tree

Hide file tree

Showing 4 changed files with 7 additions and 14 deletions.
diff --git a/packages/backend-common/package.json b/packages/backend-common/package.json
@@ -59,7 +59,7 @@
     "git-url-parse": "^11.6.0",
     "helmet": "^5.0.2",
     "isomorphic-git": "^1.8.0",
-    "jose": "^1.27.1",
+    "jose": "^4.6.1",
     "keyv": "^4.0.3",
     "keyv-memcache": "^1.2.5",
     "@keyv/redis": "^2.2.3",

diff --git a/plugins/auth-backend/package.json b/plugins/auth-backend/package.json
@@ -51,7 +51,7 @@
     "express-session": "^1.17.1",
     "fs-extra": "10.0.1",
     "google-auth-library": "^7.6.1",
-    "jose": "^1.27.1",
+    "jose": "^4.6.1",
     "jwt-decode": "^3.1.0",
     "knex": "^1.0.2",
     "lodash": "^4.17.21",

diff --git a/plugins/auth-node/package.json b/plugins/auth-node/package.json
@@ -26,7 +26,7 @@
     "@backstage/backend-common": "^0.13.2-next.1",
     "@backstage/config": "^1.0.0",
     "@backstage/errors": "^1.0.0",
-    "jose": "^1.27.1",
+    "jose": "^4.6.1",
     "node-fetch": "^2.6.7",
     "winston": "^3.2.1"
   },

diff --git a/yarn.lock b/yarn.lock
@@ -15734,24 +15734,17 @@ joi@^17.4.0:
     "@sideway/formula" "^3.0.0"
     "@sideway/pinpoint" "^2.0.0"
 
-jose@^1.27.1:
-  version "1.28.1"
-  resolved "https://registry.npmjs.org/jose/-/jose-1.28.1.tgz#34a0f851a534be59ffab82a6e8845f6874e8c128"
-  integrity sha512-6JK28rFu5ENp/yxMwM+iN7YeaInnY9B9Bggjkz5fuwLiJhbVrl2O4SJr65bdNBPl9y27fdC3Mymh+FVCvozLIg==
-  dependencies:
-    "@panva/asn1.js" "^1.0.0"
-
 jose@^2.0.5:
   version "2.0.5"
   resolved "https://registry.npmjs.org/jose/-/jose-2.0.5.tgz#29746a18d9fff7dcf9d5d2a6f62cb0c7cd27abd3"
   integrity sha512-BAiDNeDKTMgk4tvD0BbxJ8xHEHBZgpeRZ1zGPPsitSyMgjoMWiLGYAE7H7NpP5h0lPppQajQs871E8NHUrzVPA==
   dependencies:
     "@panva/asn1.js" "^1.0.0"
 
-jose@^4.1.4:
-  version "4.5.0"
-  resolved "https://registry.npmjs.org/jose/-/jose-4.5.0.tgz#92829d8cf846351eb55aaaf94f252fb1d191f2d5"
-  integrity sha512-GFcVFQwYQKbQTUOo2JlpFGXTkgBw26uzDsRMD2q1WgSKNSnpKS9Ug7bdQ8dS+p4sZHNH6iRPu6WK2jLIjspaMA==
+jose@^4.1.4, jose@^4.6.1:
+  version "4.6.1"
+  resolved "https://registry.npmjs.org/jose/-/jose-4.6.1.tgz#241472ff928c79b2e2e2fe4c1056b3085384ec42"
+  integrity sha512-EFnufEivlIB6j7+JwaenYQzdUDs/McajDr9WnhT6EI0WxbexnfuZimpWX1GnobF6OnQsUFmWFXUXdWyZHWdQow==
 
 joycon@^3.0.1:
   version "3.1.0"