Skip to content

Comments

Bump axios and jwks-rsa in /test/e2e/oauth2-client#21

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/test/e2e/oauth2-client/multi-3973dc93ca
Open

Bump axios and jwks-rsa in /test/e2e/oauth2-client#21
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/test/e2e/oauth2-client/multi-3973dc93ca

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Feb 20, 2026

Removes axios. It's no longer used after updating ancestor dependency jwks-rsa. These dependencies need to be updated together.

Removes axios

Updates jwks-rsa from 1.8.0 to 3.2.2

Release notes

Sourced from jwks-rsa's releases.

v3.2.2

Fixed

  • fix: jwksUri should be optional when custom fetcher is provided #477 (cschetan77)

v3.2.1

Added

Fixed

  • fix: Migrate to WHATWG URL API from node's core url #465 (cschetan77)
  • fix: Moving @​types/express to dev and re generating package lock #464 (cschetan77)

v3.2.0

Changed

Fixed

  • [Fix] Change type of unused req param to unknown to resolve type conflicts #394 (zackdotcomputer)
  • fix(compat): ensure WebCryptoAPI runtime imported keys are re-exportable #409 (panva)
  • fix: express-jwt types #412 (jfromaniello)

v3.1.0

Added

  • feat: resolve bun/deno compat issues #374 (panva)

v3.0.1

Fixed

v3.0.0

⚠️ BREAKING CHANGES

This release drops support for Node 10 and 12

v2.1.5

... (truncated)

Changelog

Sourced from jwks-rsa's changelog.

v3.2.2 (2026-01-23)

Full Changelog

Fixed

  • fix: jwksUri should be optional when custom fetcher is provided #477 (cschetan77)

v3.2.1 (2026-01-15)

Full Changelog

Added

Fixed

  • fix: Migrate to WHATWG URL API from node's core url #465 (cschetan77)
  • fix: Moving @​types/express to dev and re generating package lock #464 (cschetan77)

v3.2.0 (2025-03-18)

Full Changelog

Changed

Fixed

  • [Fix] Change type of unused req param to unknown to resolve type conflicts #394 (zackdotcomputer)
  • fix(compat): ensure WebCryptoAPI runtime imported keys are re-exportable #409 (panva)
  • fix: express-jwt types #412 (jfromaniello)

v3.1.0 (2023-10-05)

Full Changelog

Added

  • feat: resolve bun/deno compat issues #374 (panva)

v3.0.1 (2023-01-12)

Full Changelog

Fixed

v3.0.0 (2022-11-01)

... (truncated)

Commits
  • 67f55ff Release v3.2.2 (#483)
  • e3523bf Release v3.2.2
  • db11279 fix: jwksUri should be optional when custom fetcher is provided (#477)
  • f398a62 Merge branch 'master' into fix/jwksUri-optional
  • 575f77d chore(deps): bump jws from 3.2.2 to 3.2.3 in /examples/hapi-demo
  • 968ba8c chore(deps): bump jws from 3.2.2 to 3.2.3 in /examples/hapi-demo (#482)
  • 0fa7733 chore(deps): bump jws from 3.2.2 to 3.2.3 in /examples/hapi-demo
  • be8d852 Merge branch 'master' into fix/jwksUri-optional
  • 0e61722 fix: Updating koa to 2.16.3 in exampls/koa-demo (#481)
  • 22ac0df upating package-lock
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for jwks-rsa since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump axios and jwks-rsa in /test/e2e/oauth2-client
b8049fa 
Removes [axios](https://github.com/axios/axios). It's no longer used after updating ancestor dependency [jwks-rsa](https://github.com/auth0/node-jwks-rsa). These dependencies need to be updated together.


Removes `axios`

Updates `jwks-rsa` from 1.8.0 to 3.2.2
- [Release notes](https://github.com/auth0/node-jwks-rsa/releases)
- [Changelog](https://github.com/auth0/node-jwks-rsa/blob/master/CHANGELOG.md)
- [Commits](auth0/node-jwks-rsa@v1.8.0...v3.2.2)

---
updated-dependencies:
- dependency-name: axios
  dependency-version: 
  dependency-type: indirect
- dependency-name: jwks-rsa
  dependency-version: 3.2.2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Feb 20, 2026
@dependabot dependabot bot mentioned this pull request Feb 20, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants