Skip to content

chore(deps): Bump auth0-js from 9.32.0 to 10.0.0#2793

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/auth0-js-10.0.0
Open

chore(deps): Bump auth0-js from 9.32.0 to 10.0.0#2793
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/auth0-js-10.0.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 8, 2026

Bumps auth0-js from 9.32.0 to 10.0.0.

Release notes

Sourced from auth0-js's releases.

v10.0.0

This fixes the release failure (#1631). Fixed

Breaking change

Affected Details
Apps using RS256 No breaking change
Apps using HS256 parseHash() now returns an invalid_token error instead of silently succeeding. Must switch to RS256 in the Auth0 Dashboard: Applications → your app → Settings → Advanced Settings → OAuth → JsonWebToken Signature Algorithm → RS256
Changelog

Sourced from auth0-js's changelog.

v10.0.0 (2026-05-06)

Full Changelog

Fixed

Breaking change

Affected Details
Apps using RS256 No breaking change
Apps using HS256 parseHash() now returns an invalid_token error instead of silently succeeding. Must switch to RS256 in the Auth0 Dashboard: Applications → your app → Settings → Advanced Settings → OAuth → JsonWebToken Signature Algorithm → RS256
Commits
  • 5706408 Release v10.0.0 (#1639)
  • 7d0d1a7 release 10.0.0
  • 51dde32 fix : Pining NPM version to 11.10.0 (#1638)
  • f87f9d3 fix: revert NODE_VERSION to 22.22.2 in workflows
  • db1e15c Merge branch 'fix/release10' of github.com:auth0/auth0.js into fix/release10
  • 43e77b1 fix: update Node.js version to 24 in workflows and npm publish action
  • fee8533 Merge branch 'master' into fix/release10
  • 1565524 fix
  • c5156ff Release v10.0.0 (#1637)
  • 8b9fd37 Release v10.0.0
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
chore(deps): Bump auth0-js from 9.32.0 to 10.0.0
38fe53d 
Bumps [auth0-js](https://github.com/auth0/auth0.js) from 9.32.0 to 10.0.0.
- [Release notes](https://github.com/auth0/auth0.js/releases)
- [Changelog](https://github.com/auth0/auth0.js/blob/master/CHANGELOG.md)
- [Commits](auth0/auth0.js@v9.32.0...v10.0.0)

---
updated-dependencies:
- dependency-name: auth0-js
  dependency-version: 10.0.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies One or more dependencies are being bumped javascript Pull requests that update Javascript code labels May 8, 2026
@dependabot dependabot Bot requested a review from a team as a code owner May 8, 2026 02:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies One or more dependencies are being bumped javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants