openid-client - npm Package Compare versions

openid-client

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Comparing version 5.6.4 to 5.6.5

lib/helpers/client.js

		@@ -12,2 +12,4 @@ const jose = require('jose');

		// TODO: in v6.x additionally encode the `- _ . ! ~ * ' ( )` characters
		// https://github.com/panva/node-openid-client/commit/5a2ea80ef5e59ec0c03dbd97d82f551e24a9d348
		const formUrlEncode = (value) => encodeURIComponent(value).replace(/%20/g, '+');
		@@ -14,0 +16,0 @@

lib/helpers/issuer.js

		@@ -78,2 +78,3 @@ const objectHash = require('object-hash');
		unorderedSets: true,
		respectType: false,
		});
		@@ -80,0 +81,0 @@

lib/helpers/keystore.js

		@@ -8,17 +8,2 @@ const jose = require('jose');

		function fauxAlg(kty) {
		switch (kty) {
		case 'RSA':
		return 'RSA-OAEP';
		case 'EC':
		return 'ECDH-ES';
		case 'OKP':
		return 'ECDH-ES';
		case 'oct':
		return 'HS256';
		default:
		return undefined;
		}
		}

		const keyscore = (key, { alg, use }) => {
		@@ -71,3 +56,3 @@ let score = 0;
		case 'P-384':
		algs = algs.concat([`ES${crv.slice(-3)}`.replace('21', '12')]);
		algs = algs.concat([`ES${crv.slice(-3)}`]);
		break;
		@@ -74,0 +59,0 @@ case 'P-521':

package.json

		{
		"name": "openid-client",
		"version": "5.6.4",
		"version": "5.6.5",
		"description": "OpenID Connect Relying Party (RP, Client) implementation for Node.js runtime, supports passportjs",
		@@ -48,3 +48,3 @@ "keywords": [
		"dependencies": {
		"jose": "^4.15.4",
		"jose": "^4.15.5",
		"lru-cache": "^6.0.0",
		@@ -55,8 +55,8 @@ "object-hash": "^2.2.0",
		"devDependencies": {
		"@types/node": "^16.18.59",
		"@types/passport": "^1.0.14",
		"@types/node": "^16.18.87",
		"@types/passport": "^1.0.16",
		"base64url": "^3.0.1",
		"chai": "^4.3.10",
		"mocha": "^10.2.0",
		"nock": "^13.3.6",
		"chai": "^4.4.1",
		"mocha": "^10.3.0",
		"nock": "^13.5.4",
		"prettier": "^2.8.8",
		@@ -63,0 +63,0 @@ "readable-mock-req": "^0.2.2",

Worsened metrics