jose - npm Package Compare versions

Comparing version 4.6.1 to 4.6.2

dist/browser/lib/jwt_claims_set.js

@@ -61,9 +61,4 @@ import { JWTClaimValidationFailed, JWTExpired, JWTInvalid } from '../util/errors.js';
     const now = epoch(currentDate || new Date());
-    if (payload.iat !== undefined || options.maxTokenAge) {
-        if (typeof payload.iat !== 'number') {
-            throw new JWTClaimValidationFailed('"iat" claim must be a number', 'iat', 'invalid');
-        }
-        if (payload.exp === undefined && payload.iat > now + tolerance) {
-            throw new JWTClaimValidationFailed('"iat" claim timestamp check failed (it should be in the past)', 'iat', 'check_failed');
-        }
+    if ((payload.iat !== undefined || options.maxTokenAge) && typeof payload.iat !== 'number') {
+        throw new JWTClaimValidationFailed('"iat" claim must be a number', 'iat', 'invalid');
     }
@@ -70,0 +65,0 @@ if (payload.nbf !== undefined) {

dist/node/cjs/lib/jwt_claims_set.js

@@ -63,9 +63,4 @@ "use strict";
     const now = (0, epoch_js_1.default)(currentDate || new Date());
-    if (payload.iat !== undefined || options.maxTokenAge) {
-        if (typeof payload.iat !== 'number') {
-            throw new errors_js_1.JWTClaimValidationFailed('"iat" claim must be a number', 'iat', 'invalid');
-        }
-        if (payload.exp === undefined && payload.iat > now + tolerance) {
-            throw new errors_js_1.JWTClaimValidationFailed('"iat" claim timestamp check failed (it should be in the past)', 'iat', 'check_failed');
-        }
+    if ((payload.iat !== undefined || options.maxTokenAge) && typeof payload.iat !== 'number') {
+        throw new errors_js_1.JWTClaimValidationFailed('"iat" claim must be a number', 'iat', 'invalid');
     }
@@ -72,0 +67,0 @@ if (payload.nbf !== undefined) {

dist/node/esm/lib/jwt_claims_set.js

@@ -61,9 +61,4 @@ import { JWTClaimValidationFailed, JWTExpired, JWTInvalid } from '../util/errors.js';
     const now = epoch(currentDate || new Date());
-    if (payload.iat !== undefined || options.maxTokenAge) {
-        if (typeof payload.iat !== 'number') {
-            throw new JWTClaimValidationFailed('"iat" claim must be a number', 'iat', 'invalid');
-        }
-        if (payload.exp === undefined && payload.iat > now + tolerance) {
-            throw new JWTClaimValidationFailed('"iat" claim timestamp check failed (it should be in the past)', 'iat', 'check_failed');
-        }
+    if ((payload.iat !== undefined || options.maxTokenAge) && typeof payload.iat !== 'number') {
+        throw new JWTClaimValidationFailed('"iat" claim must be a number', 'iat', 'invalid');
     }
@@ -70,0 +65,0 @@ if (payload.nbf !== undefined) {

package.json

 {
   "name": "jose",
-  "version": "4.6.1",
+  "version": "4.6.2",
   "description": "'JSON Web Almost Everything' - JWA, JWS, JWE, JWT, JWK, JWKS with no dependencies using runtime's native crypto",
@@ -5,0 +5,0 @@ "keywords": [

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Worsened metrics

Total package byte prevSize

547131

decreased by-0.14%

Lines of code

13795

decreased by-0.11%

No dependency changes