fix(deps): update dependency jsonwebtoken to v9 [security] (#50837)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2026-02-15 10:01:00 -05:00 · 2023-06-30 17:36:48 +05:30
parent 75ea95f3aa
commit e6b88035cf
2 changed files with 14 additions and 4 deletions
--- a/api/package.json
+++ b/api/package.json
@@ -17,7 +17,7 @@
    "fastify": "4.18.0",
    "fastify-auth0-verify": "^1.0.0",
    "fastify-plugin": "^4.3.0",
-    "jsonwebtoken": "8.5.1",
+    "jsonwebtoken": "9.0.0",
    "nanoid": "3",
    "nodemon": "2.0.22",
    "query-string": "^7.1.3"
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -1,4 +1,4 @@
-lockfileVersion: '6.1'
+lockfileVersion: '6.0'

 settings:
  autoInstallPeers: true
@@ -211,8 +211,8 @@ importers:
        specifier: ^4.3.0
        version: 4.5.0
      jsonwebtoken:
-        specifier: 8.5.1
-        version: 8.5.1
+        specifier: 9.0.0
+        version: 9.0.0
      nanoid:
        specifier: '3'
        version: 3.3.4
@@ -23087,6 +23087,16 @@ packages:
      semver: 5.7.1
    dev: false

+  /jsonwebtoken@9.0.0:
+    resolution: {integrity: sha512-tuGfYXxkQGDPnLJ7SibiQgVgeDgfbPq2k2ICcbgqW8WxWLBAxKQM/ZCu/IT8SOSwmaYl4dpTFCW5xZv7YbbWUw==}
+    engines: {node: '>=12', npm: '>=6'}
+    dependencies:
+      jws: 3.2.2
+      lodash: 4.17.21
+      ms: 2.1.3
+      semver: 7.5.1
+    dev: false
+
  /jsprim@1.4.2:
    resolution: {integrity: sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==}
    engines: {node: '>=0.6.0'}