Skip to content

chore(deps): bump jose from 6.1.3 to 6.2.3#6682

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/jose-6.2.3
Open

chore(deps): bump jose from 6.1.3 to 6.2.3#6682
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/jose-6.2.3

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 25, 2026
edited
Loading

Bumps jose from 6.1.3 to 6.2.3.

Release notes

Sourced from jose's releases.

v6.2.3

Refactor

  • cleanly reject invalid PBES2 p2c (0cdb851)

v6.2.2

Fixes

  • reject failed decompression with JWEInvalid error (043b181)

v6.2.1

Refactor

  • reorganize internals, less files, smaller footprint (d4231f9)

v6.2.0

Features

  • re-introduce JWE "zip" (Compression Algorithm) Header Parameter support (b13b446)

Documentation

  • clarify return of general jws and jwe (56682b4)
Changelog

Sourced from jose's changelog.

6.2.3 (2026-04-27)

Refactor

  • cleanly reject invalid PBES2 p2c (0cdb851)

6.2.2 (2026-03-18)

Fixes

  • reject failed decompression with JWEInvalid error (043b181)

6.2.1 (2026-03-09)

Refactor

  • reorganize internals, less files, smaller footprint (d4231f9)

6.2.0 (2026-03-05)

Features

  • re-introduce JWE "zip" (Compression Algorithm) Header Parameter support (b13b446)

Documentation

  • clarify return of general jws and jwe (56682b4)
Commits
  • 41ad7e9 chore(release): 6.2.3
  • 988e90f chore: account for commit-and-tag-version instead of standard-version
  • 4b24656 chore: update CHANGELOG.md header
  • 0cdb851 refactor: cleanly reject invalid PBES2 p2c
  • a0b261e test: update Bun expectations
  • b39dc1a chore: use fs.globSync
  • 0675be1 build: replace rollup umd build with a custom esbuild iife wrap
  • 9b03323 chore: bump packages
  • 914b73d chore(deps-dev): bump lodash
  • 9dce817 chore: bump packages
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 25, 2026
@mozilla-blender
Copy link
Copy Markdown
Contributor

mozilla-blender Bot commented May 25, 2026

BLEnder: skipped (compatibility score 67% < 70%). Will retry on next scheduled run.

@dependabot
chore(deps): bump jose from 6.1.3 to 6.2.3
8d24bcf 
Bumps [jose](https://github.com/panva/jose) from 6.1.3 to 6.2.3.
- [Release notes](https://github.com/panva/jose/releases)
- [Changelog](https://github.com/panva/jose/blob/main/CHANGELOG.md)
- [Commits](panva/jose@v6.1.3...v6.2.3)

---
updated-dependencies:
- dependency-name: jose
  dependency-version: 6.2.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/jose-6.2.3 branch from a193318 to 8d24bcf Compare May 28, 2026 14:56
@codemist codemist enabled auto-merge May 29, 2026 07:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants