cognito-jwt-lite - npm Package Compare versions

Comparing version 1.0.1 to 1.0.2

lib/src/index.js

@@ -11,10 +11,7 @@ "use strict";
 };
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.verify = exports.JwtError = void 0;
 const jsonwebtoken_1 = require("jsonwebtoken");
-const jwk_to_pem_1 = __importDefault(require("jwk-to-pem"));
 const https_1 = require("https");
+const jose_1 = require("jose");
 const DEFAULT_DISCOVERY_RETRIES = 2;
@@ -98,3 +95,4 @@ class JwtError extends Error {
     try {
-        return (0, jwk_to_pem_1.default)(matchingKey);
+        const publicKey = yield (0, jose_1.importJWK)(matchingKey);
+        return (0, jose_1.exportSPKI)(publicKey);
     }
@@ -101,0 +99,0 @@ catch (e) {

package.json

 {
   "name": "cognito-jwt-lite",
-  "version": "1.0.1",
+  "version": "1.0.2",
   "description": "Lightweight AWS Cognito JWT verifier",
@@ -34,3 +34,2 @@ "main": "lib/src/index.js",
     "@types/jsonwebtoken": "^9.0.0",
-    "@types/jwk-to-pem": "^2.0.1",
     "@types/node": "^18.11.18",
@@ -47,3 +46,3 @@ "@typescript-eslint/eslint-plugin": "^5.46.1",
     "prettier": "^2.8.1",
-    "semantic-release": "^19.0.5",
+    "semantic-release": "^24.0.0",
     "ts-jest": "^29.0.4",
@@ -53,4 +52,4 @@ "typescript": "^4.9.4"
   "dependencies": {
-    "jsonwebtoken": "^9.0.0",
-    "jwk-to-pem": "^2.0.5"
+    "jose": "^5.6.3",
+    "jsonwebtoken": "^9.0.2"
   },
@@ -57,0 +56,0 @@ "lint-staged": {

README.md

@@ -8,3 +8,3 @@ # cognito-jwt-lite
 
-
+<!--
 ![GitHub Workflow Status](https://img.shields.io/github/actions/workflow/status/MarioArnt/cognito-jwt-lite/publish.yml)
@@ -19,3 +19,3 @@ ![Snyk Vulnerabilities for GitHub Repo](https://img.shields.io/snyk/vulnerabilities/github/MarioArnt/cognito-jwt-lite)
 [![Bugs](https://sonarcloud.io/api/project_badges/measure?project=MarioArnt_cognito-jwt-lite&metric=bugs)](https://sonarcloud.io/dashboard?id=MarioArnt_cognito-jwt-lite)
-[![Code Smells](https://sonarcloud.io/api/project_badges/measure?project=MarioArnt_cognito-jwt-lite&metric=code_smells)](https://sonarcloud.io/dashboard?id=MarioArnt_cognito-jwt-lite)
+[![Code Smells](https://sonarcloud.io/api/project_badges/measure?project=MarioArnt_cognito-jwt-lite&metric=code_smells)](https://sonarcloud.io/dashboard?id=MarioArnt_cognito-jwt-lite)-->
 
@@ -22,0 +22,0 @@ <p align="center">

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Dev dependency count

16

decreased by-5.88%

Worsened metrics

Total package byte prevSize

17136

decreased by-0.75%

Lines of code

192

decreased by-1.03%

Dependency changes

• + Addedjose@^5.6.3

• + Addedjose@5.9.6(transitive)

• - Removedjwk-to-pem@^2.0.5

• - Removedasn1.js@5.4.1(transitive)

• - Removedbn.js@4.12.1(transitive)

• - Removedbrorand@1.1.0(transitive)

• - Removedelliptic@6.6.1(transitive)

• - Removedhash.js@1.1.7(transitive)

• - Removedhmac-drbg@1.0.1(transitive)

• - Removedinherits@2.0.4(transitive)

• - Removedjwk-to-pem@2.0.7(transitive)

• - Removedminimalistic-assert@1.0.1(transitive)

• - Removedminimalistic-crypto-utils@1.0.1(transitive)

• - Removedsafer-buffer@2.1.2(transitive)

• Updatedjsonwebtoken@^9.0.2