diff --git a/.circleci/config.yml b/.circleci/config.yml deleted file mode 100644 index 51f2d617..00000000 --- a/.circleci/config.yml +++ /dev/null @@ -1,47 +0,0 @@ -version: 2.1 - -# Thanks to https://github.com/teppeis-sandbox/circleci2-multiple-node-versions - -commands: - test-nodejs: - steps: - - run: - name: Versions - command: npm version - - checkout - - run: - name: Install dependencies - command: npm install - - run: - name: Test - command: npm test - -jobs: - node-v12: - docker: - - image: node:12 - steps: - - test-nodejs - node-v14: - docker: - - image: node:14 - steps: - - test-nodejs - node-v16: - docker: - - image: node:16 - steps: - - test-nodejs - node-v18: - docker: - - image: node:18 - steps: - - test-nodejs - -workflows: - node-multi-build: - jobs: - - node-v12 - - node-v14 - - node-v16 - - node-v18 diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 00000000..bd1167bf --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,34 @@ +name: Test + +on: + push: + branches: [master] + pull_request: + branches: [master] + +permissions: + contents: read + +jobs: + test: + strategy: + fail-fast: false + matrix: + node: [14, 16, 18, 20, 22, 24] + + name: Test (Node ${{ matrix.node }}) + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v6 + - name: Setup Node + uses: actions/setup-node@v6 + with: + node-version: ${{ matrix.node }} + + - name: Install dependencies + run: npm install + + - name: Test + run: npm test diff --git a/.gitignore b/.gitignore index 88861393..9f5fc90f 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,4 @@ node_modules .DS_Store .nyc_output coverage +package-lock.json diff --git a/.npmignore b/.npmignore new file mode 100644 index 00000000..32c7e911 --- /dev/null +++ b/.npmignore @@ -0,0 +1 @@ +opslevel.yml \ No newline at end of file diff --git a/CHANGELOG.md b/CHANGELOG.md index e41fdfcb..13247e4b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,10 @@ All notable changes to this project will be documented in this file starting from version **v4.0.0**. This project adheres to [Semantic Versioning](http://semver.org/). +## 9.0.3 - 2025-12-04 + +- updates jws version to 4.0.1. + ## 9.0.2 - 2023-08-30 - security: updating semver to 7.5.4 to resolve CVE-2022-25883, closes [#921](https://github.com/auth0/node-jsonwebtoken/issues/921). diff --git a/package.json b/package.json index 81f78da0..eab30c0a 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "jsonwebtoken", - "version": "9.0.2", + "version": "9.0.3", "description": "JSON Web Token implementation (symmetric and asymmetric)", "main": "index.js", "nyc": { @@ -21,7 +21,7 @@ "scripts": { "lint": "eslint .", "coverage": "nyc mocha --use_strict", - "test": "npm run lint && npm run coverage && cost-of-modules" + "test": "mocha" }, "repository": { "type": "git", @@ -36,7 +36,7 @@ "url": "https://github.com/auth0/node-jsonwebtoken/issues" }, "dependencies": { - "jws": "^3.2.2", + "jws": "^4.0.1", "lodash.includes": "^4.3.0", "lodash.isboolean": "^3.0.3", "lodash.isinteger": "^4.0.4", @@ -51,7 +51,6 @@ "atob": "^2.1.2", "chai": "^4.1.2", "conventional-changelog": "~1.1.0", - "cost-of-modules": "^1.0.1", "eslint": "^4.19.1", "mocha": "^5.2.0", "nsp": "^2.6.2",