diff --git a/.changeset/dull-fireants-retire.md b/.changeset/dull-fireants-retire.md new file mode 100644 index 0000000000..c1da7a67a1 --- /dev/null +++ b/.changeset/dull-fireants-retire.md @@ -0,0 +1,5 @@ +--- +"@blitzjs/auth": patch +--- + +Upgrade cookie-session dependency to v2.1.1 diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 113ff0ee39..8d0c42f851 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -16,12 +16,12 @@ jobs: name: Lint runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: pnpm/action-setup@v4.0.0 + - uses: actions/checkout@v5 + - uses: pnpm/action-setup@v4 with: version: 8.6.6 - name: Setup node - uses: actions/setup-node@v2 + uses: actions/setup-node@v5 with: node-version: 20 cache: "pnpm" @@ -37,12 +37,12 @@ jobs: runs-on: ubuntu-latest name: Build steps: - - uses: actions/checkout@v2 - - uses: pnpm/action-setup@v4.0.0 + - uses: actions/checkout@v5 + - uses: pnpm/action-setup@v4 with: version: 8.6.6 - name: Setup node - uses: actions/setup-node@v2 + uses: actions/setup-node@v5 with: node-version: 20 cache: "pnpm" @@ -65,15 +65,15 @@ jobs: NODE_VERSION: 18 steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v5 - name: Setup PNPM - uses: pnpm/action-setup@v4.0.0 + uses: pnpm/action-setup@v4 with: version: 8.6.6 - name: Setup node@16 - uses: actions/setup-node@v2 + uses: actions/setup-node@v5 with: node-version: 20 cache: "pnpm" @@ -100,7 +100,7 @@ jobs: outputs: folders: ${{ steps.set-matrix.outputs.folders }} steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v5 - id: set-matrix name: "Find all folders" shell: bash @@ -125,17 +125,17 @@ jobs: - run: echo ${{matrix.folder}} - name: Checkout if: matrix.folder != 'next-13-app-dir' || matrix.os != 'windows-latest' - uses: actions/checkout@v3 + uses: actions/checkout@v5 - name: Setup PNPM if: matrix.folder != 'next-13-app-dir' || matrix.os != 'windows-latest' - uses: pnpm/action-setup@v4.0.0 + uses: pnpm/action-setup@v4 with: version: 8.6.6 - name: Setup node@18 if: matrix.folder != 'next-13-app-dir' || matrix.os != 'windows-latest' - uses: actions/setup-node@v2 + uses: actions/setup-node@v5 with: node-version: 20 cache: "pnpm" diff --git a/packages/blitz-auth/package.json b/packages/blitz-auth/package.json index 12795b8739..2e654892ee 100644 --- a/packages/blitz-auth/package.json +++ b/packages/blitz-auth/package.json @@ -28,14 +28,14 @@ ], "dependencies": { "@types/b64-lite": "1.3.0", - "@types/cookie-session": "2.0.44", + "@types/cookie-session": "2.0.49", "@types/oauth": "0.9.1", "@types/passport": "1.0.7", "@types/secure-password": "3.1.1", "b64-lite": "1.4.0", "bad-behavior": "1.0.1", "cookie": "0.4.1", - "cookie-session": "2.0.0", + "cookie-session": "2.1.1", "debug": "4.3.3", "find-up": "4.1.0", "http": "0.0.1-security", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index a525194026..369d3e8ec4 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -953,7 +953,7 @@ importers: version: 8.27.0(supports-color@8.1.1) eslint-config-next: specifier: latest - version: 15.1.6(eslint@8.27.0)(typescript@4.8.4) + version: 15.4.7(eslint@8.27.0)(typescript@4.8.4) eslint-plugin-testing-library: specifier: 5.0.1 version: 5.0.1(eslint@8.27.0)(typescript@4.8.4) @@ -1518,8 +1518,8 @@ importers: specifier: 1.3.0 version: 1.3.0 "@types/cookie-session": - specifier: 2.0.44 - version: 2.0.44 + specifier: 2.0.49 + version: 2.0.49 "@types/oauth": specifier: 0.9.1 version: 0.9.1 @@ -1539,8 +1539,8 @@ importers: specifier: 0.4.1 version: 0.4.1 cookie-session: - specifier: 2.0.0 - version: 2.0.0(supports-color@8.1.1) + specifier: 2.1.1 + version: 2.1.1(supports-color@8.1.1) debug: specifier: 4.3.3 version: 4.3.3(supports-color@8.1.1) @@ -5701,10 +5701,10 @@ packages: glob: 7.1.7 dev: true - /@next/eslint-plugin-next@15.1.6: + /@next/eslint-plugin-next@15.4.7: resolution: { - integrity: sha512-+slMxhTgILUntZDGNgsKEYHUvpn72WP1YTlkmEhS51vnVd7S9jEEy0n9YAMcI21vUG4akTw9voWH02lrClt/yw==, + integrity: sha512-asj3RRiEruRLVr+k2ZC4hll9/XBzegMpFMr8IIRpNUYypG86m/a76339X2WETl1C53A512w2INOc2KZV769KPA==, } dependencies: fast-glob: 3.3.1 @@ -6810,10 +6810,10 @@ packages: dependencies: "@types/node": 18.11.9 - /@types/cookie-session@2.0.44: + /@types/cookie-session@2.0.49: resolution: { - integrity: sha512-3DheOZ41pql6raSIkqEPphJdhA2dX2bkS+s2Qacv8YMKkoCbAIEXbsDil7351ARzMqvfyDUGNeHGiRZveIzhqQ==, + integrity: sha512-4E/bBjlqLhU5l4iGPR+NkVJH593hpNsT4dC3DJDr+ODm6Qpe13kZQVkezRIb+TYDXaBMemS3yLQ+0leba3jlkQ==, } dependencies: "@types/express": 4.17.13 @@ -8936,7 +8936,7 @@ packages: integrity: sha512-jZVI+s9Zg3IqA/kdi0i6UDCybUI3aSBLnglhYbSSjKlV7yF1F/5LWv8MakQmvYpnbJDS6fcBL2KzHSxNCMtWSQ==, } dependencies: - object.assign: 4.1.4 + object.assign: 4.1.7 /babel-plugin-istanbul@6.1.1: resolution: @@ -9440,7 +9440,7 @@ packages: dependencies: function-bind: 1.1.2 get-intrinsic: 1.2.7 - set-function-length: 1.1.1 + set-function-length: 1.2.2 /call-bind@1.0.8: resolution: @@ -10099,16 +10099,16 @@ packages: engines: {node: ">= 4"} dev: false - /cookie-session@2.0.0(supports-color@8.1.1): + /cookie-session@2.1.1(supports-color@8.1.1): resolution: { - integrity: sha512-hKvgoThbw00zQOleSlUr2qpvuNweoqBtxrmx0UFosx6AGi9lYtLoA+RbsvknrEX8Pr6MDbdWAb2j6SnMn+lPsg==, + integrity: sha512-ji3kym/XZaFVew1+tIZk5ZLp9Z/fLv9rK1aZmpug0FsgE7Cu3ZDrUdRo7FT9vFjMYfNimrrUHJzywDwT7XEFlg==, } engines: {node: ">= 0.10"} dependencies: - cookies: 0.8.0 + cookies: 0.9.1 debug: 3.2.7(supports-color@8.1.1) - on-headers: 1.0.2 + on-headers: 1.1.0 safe-buffer: 5.2.1 transitivePeerDependencies: - supports-color @@ -10141,10 +10141,10 @@ packages: } engines: {node: ">= 0.6"} - /cookies@0.8.0: + /cookies@0.9.1: resolution: { - integrity: sha512-8aPsApQfebXnuI+537McwYsDtjVxGm8gTIzQI3FDW6t5t/DAhERxtnbEPN/8RX+uZthoz4eCOgloXaE5cYyNow==, + integrity: sha512-TG2hpqe4ELx54QER/S3HQ9SRVnQnGBtKUz5bLQWtYAQ+o6GpgMs6sYUvaiJjVxb+UXwhRhAEP3m7LbsIZ77Hmw==, } engines: {node: ">= 0.8"} dependencies: @@ -11171,7 +11171,7 @@ packages: is-array-buffer: 3.0.2 is-callable: 1.2.7 is-negative-zero: 2.0.2 - is-regex: 1.1.4 + is-regex: 1.2.1 is-shared-array-buffer: 1.0.2 is-string: 1.1.1 is-typed-array: 1.1.12 @@ -12276,10 +12276,10 @@ packages: - supports-color dev: true - /eslint-config-next@15.1.6(eslint@8.27.0)(typescript@4.8.4): + /eslint-config-next@15.4.7(eslint@8.27.0)(typescript@4.8.4): resolution: { - integrity: sha512-Wd1uy6y7nBbXUSg9QAuQ+xYEKli5CgUhLjz1QHW11jLDis5vK5XB3PemL6jEmy7HrdhaRFDz+GTZ/3FoH+EUjg==, + integrity: sha512-tkKKNVJKI4zMIgTpvG2x6mmdhuOdgXUL3AaSPHwxLQkvzi4Yryqvk6B0R5Z4gkpe7FKopz3ZmlpePH3NTHy3gA==, } peerDependencies: eslint: ^7.23.0 || ^8.0.0 || ^9.0.0 @@ -12288,7 +12288,7 @@ packages: typescript: optional: true dependencies: - "@next/eslint-plugin-next": 15.1.6 + "@next/eslint-plugin-next": 15.4.7 "@rushstack/eslint-patch": 1.10.5 "@typescript-eslint/eslint-plugin": 5.42.1(@typescript-eslint/parser@5.9.1)(eslint@8.27.0)(typescript@4.8.4) "@typescript-eslint/parser": 5.9.1(eslint@8.27.0)(supports-color@8.1.1)(typescript@4.8.4) @@ -14348,15 +14348,6 @@ packages: } engines: {node: ">= 0.4"} - /has-tostringtag@1.0.0: - resolution: - { - integrity: sha512-kFjcSNhnlGV1kyoGk7OXKSawH5JOb/LzUc5w9B02hOTO0dfFRjbHQKvg1d6cf3HbeUmtU9VbbV3qzZ2Teh97WQ==, - } - engines: {node: ">= 0.4"} - dependencies: - has-symbols: 1.1.0 - /has-tostringtag@1.0.2: resolution: { @@ -14425,15 +14416,6 @@ packages: async: 1.5.2 dev: false - /hasown@2.0.0: - resolution: - { - integrity: sha512-vUptKVTpIJhcczKBbgnS+RtcuYMB8+oNzPK2/Hp3hanz8JmpATdmmgLgSaadVREkDm+e2giHwY3ZRkyjSIDDFA==, - } - engines: {node: ">= 0.4"} - dependencies: - function-bind: 1.1.2 - /hasown@2.0.2: resolution: { @@ -15000,7 +14982,7 @@ packages: integrity: sha512-hHrIjvZsftOsvKSn2TRYl63zvxsgE0K+0mYMoH6gD4omR5IWB2KynivBQczo3+wF1cCkjzvptnI9Q0sPU66ilw==, } dependencies: - hasown: 2.0.0 + hasown: 2.0.2 /is-core-module@2.16.1: resolution: @@ -15289,16 +15271,6 @@ packages: "@types/estree": 0.0.51 dev: true - /is-regex@1.1.4: - resolution: - { - integrity: sha512-kvRdxDsxZjhzUX07ZnLydzS1TU/TJlTUHHY4YLL87e37oUA49DfkLqgy+VjFocowy29cKvcSiu+kIv728jTTVg==, - } - engines: {node: ">= 0.4"} - dependencies: - call-bind: 1.0.8 - has-tostringtag: 1.0.2 - /is-regex@1.2.1: resolution: { @@ -15363,7 +15335,7 @@ packages: } engines: {node: ">= 0.4"} dependencies: - has-tostringtag: 1.0.0 + has-tostringtag: 1.0.2 /is-string@1.1.1: resolution: @@ -18841,10 +18813,10 @@ packages: ee-first: 1.1.1 dev: true - /on-headers@1.0.2: + /on-headers@1.1.0: resolution: { - integrity: sha512-pZAE+FJLoyITytdqK0U5s+FIpjN0JP3OzFi/u8Rx+EV5/W+JTWGXG8xFzevE7AjBfDqHv/8vL8qQsIhHnqRkrA==, + integrity: sha512-737ZY3yNnXy37FHkQxPzt4UZ2UWPWiCZWLvFZ4fu5cueciegX0zGPnrlY6bwRg4FdQOe9YU8MkmJwGhoMybl8A==, } engines: {node: ">= 0.8"} dev: false @@ -20719,7 +20691,7 @@ packages: } hasBin: true dependencies: - is-core-module: 2.13.1 + is-core-module: 2.16.1 path-parse: 1.0.7 supports-preserve-symlinks-flag: 1.0.0 @@ -20730,7 +20702,7 @@ packages: } hasBin: true dependencies: - is-core-module: 2.13.1 + is-core-module: 2.16.1 path-parse: 1.0.7 supports-preserve-symlinks-flag: 1.0.0 @@ -21210,18 +21182,6 @@ packages: } dev: false - /set-function-length@1.1.1: - resolution: - { - integrity: sha512-VoaqjbBJKiWtg4yRcKBQ7g7wnGnLV3M8oLvVWwOk2PdYY6PEFegR1vezXR0tw6fZGF9csVakIRjrJiy2veSBFQ==, - } - engines: {node: ">= 0.4"} - dependencies: - define-data-property: 1.1.4 - get-intrinsic: 1.2.7 - gopd: 1.2.0 - has-property-descriptors: 1.0.2 - /set-function-length@1.2.2: resolution: {