[Snyk] Upgrade oidc-client from 1.9.0 to 1.11.5 #1

megha-paliwal-121 · 2024-08-18T04:50:07Z

Snyk has created this PR to upgrade oidc-client from 1.9.0 to 1.11.5.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 13 versions ahead of your current version.
The recommended version was released on 4 years ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Use of Weak Hash SNYK-JS-CRYPTOJS-6028119	360	No Known Exploit

Release notes

Package name: oidc-client

1.11.5 - 2021-02-17
As part of this release we had 1 issue closed.

bug
- #1305 metadataSeed improperly merged and returned
1.11.4 - 2021-02-13
As part of this release we had 1 issue closed.

bug
- #1303 Revert "feat: merge openid-configuration and metdata"
1.11.3 - 2021-01-30
As part of this release we had 1 issue closed.

bug
- #1258 Fix #1256: AuthCode w/ PKCE not supported for popups
1.11.2 - 2021-01-30
As part of this release we had 2 issues closed.

bugs
- #1289 TS typings error in getToken for optional param
- #1110 Typo in log message
1.11.1 - 2021-01-30
As part of this release we had 5 issues closed.

bugs
- #1286 fix: remove getEpochTime from OidcClientSettings
- #726 SessionMonitor always causes warning when using Bluebird
enhancements
- #1173 Bump to jsrsasign version to '^8.0.17'
- #1068 feat: merge openid-configuration and metdata
- #1061 Package [email protected] contains vulnerability and should be upgraded
1.11.0 - 2021-01-29
As part of this release we had 17 issues closed.

bugs
- #1240 fixed a bug with Iframe width and height
- #1238 Keep existing id_token if not in token result
- #1189 Fix UserManager.signoutCallback typing
- #1071 Properly decode plus character in URLS
- #977 Minor fix in readSignoutResponseState
- #925 Remove the check for "inside a frame"
- #861 Problem merging claims when array with JSON
enhancements
- #1272 Add MetadataService.resetSigningKeys() type
- #1269 Add UserSignedIn hooks to UserManagerEvents type
- #1260 fix:Add optional to MetadataService.getTokenEndpoint in inde…
- #1229 add optional refresh_token to SigninResponse
- #1223 Add defensive checks in IFrameWindow.js callback
- #1204 Render invisible iframes for silentRenew on Firefox
- #1203 🏷️ fix: Add types for UserInfoService
- #1129 Upgrade core-js package on last 3.* version
- #1060 Add client_secret_basic auth exchangeCode Method. #892
- #559 Adds retry behavior while fetching JWKS keys.
1.11.0-beta.2 - 2020-10-04
No content.
1.11.0-beta.1 - 2020-08-05
No content.
1.10.1 - 2019-12-18
As part of this release we had 2 issues closed.

bugs
- #1017 New TypeScript typings don't allow optionless UserManager
- #1015 v1.10.0 Build on TypeScript 2.9.2 Reporting Error TS1039
1.10.0 - 2019-12-16
1.10.0-beta.2 - 2019-12-02
1.10.0-beta.1 - 2019-10-23
1.9.1 - 2019-08-31
1.9.0 - 2019-08-15

from oidc-client GitHub release notes

Important

Check the changes in this PR to ensure they won't cause issues with your project.
This PR was automatically created by Snyk using the credentials of a real user.
Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information: