Skip to content

dependabot npm(deps): bump jsonwebtoken from 9.0.1 to 9.0.2

Depen d'Abot requested to merge dependabot-npm_and_yarn-jsonwebtoken-9.0.2 into master

Bumps jsonwebtoken from 9.0.1 to 9.0.2.

Changelog

Sourced from jsonwebtoken's changelog.

9.0.2 - 2023-08-30

  • security: updating semver to 7.5.4 to resolve CVE-2022-25883, closes #921.
  • refactor: reduce library size by using lodash specific dependencies, closes #878.
Commits
Maintainer changes

This version was pushed to npm by charlesrea, a new releaser for jsonwebtoken since your current version.


Merge request reports

Loading