Bump jose from 4.14.4 to 5.10.0

[dependabot]

Bumps jose from 4.14.4 to 5.10.0.

Release notes

Sourced from jose's releases.

v5.10.0

Features

• support fully specified Ed25519 algorithm identifier (c39f57d)

v5.9.6

Reverts

• Revert "refactor(build): simplify package exports" (2ef3a52)

v5.9.4

Refactor

• types: update error definitions (510c5ca)

v5.9.3

Refactor

• use as Type for type assertions instead of <Type> (c4dc24d)

v5.9.2

Refactor

• types: remove index signatures from JWK interfaces (ccf0cda)

v5.9.1

Fixes

• types: add missing index signature on the convenience JWK types (90a93dc)

v5.9.0

Features

• allow JWK objects as "key" input to sign and verify (c6302ea)

This method of passing private or public keys does not yield the same performance as passing a CryptoKey or KeyObject instances, its main purpose is for convenience or for when you're not going to be re-using the same set of keys for the operation, in which case you should use one of the import key methods to obtain a CryptoKey or KeyObject.

Example Signing

const alg = "RS256";
const jwk = {
  kty: "RSA",
  n: "whYOFK2Ocbbpb_zVypi9SeKiNUqKQH0zTKN1-6fpCTu6ZalGI82s7XK3tan4dJt90ptUPKD2zvxqTzFNfx4HHHsrYCf2-FMLn1VTJfQazA2BvJqAwcpW1bqRUEty8tS_Yv4hRvWfQPcc2Gc3-_fQOOW57zVy-rNoJc744kb30NjQxdGp03J2S3GLQu7oKtSDDPooQHD38PEMNnITf0pj-KgDPjymkMGoJlO3aKppsjfbt_AH6GGdRghYRLOUwQU-h-ofWHR3lbYiKtXPn5dN24kiHy61e3VAQ9_YAZlwXC_99GGtw_NpghFAuM4P1JDn0DppJldy3PGFC0GfBCZASw",
  e: "AQAB",
  d: "VuVE_KEP6323WjpbBdAIv7HGahGrgGANvbxZsIhm34lsVOPK0XDegZkhAybMZHjRhp-gwVxX5ChC-J3cUpOBH5FNxElgW6HizD2Jcq6t6LoLYgPSrfEHm71iHg8JsgrqfUnGYFzMJmv88C6WdCtpgG_qJV1K00_Ly1G1QKoBffEs-v4fAMJrCbUdCz1qWto-PU-HLMEo-krfEpGgcmtZeRlDADh8cETMQlgQfQX2VWq_aAP4a1SXmo-j0cvRU4W5Fj0RVwNesIpetX2ZFz4p_JmB5sWFEj_fC7h5z2lq-6Bme2T3BHtXkIxoBW0_pYVnASC8P2puO5FnVxDmWuHDYQ",
  p: "07rgXd_tLUhVRF_g1OaqRZh5uZ8hiLWUSU0vu9coOaQcatSqjQlIwLW8UdKv_38GrmpIfgcEVQjzq6rFBowUm9zWBO9Eq6enpasYJBOeD8EMeDK-nsST57HjPVOCvoVC5ZX-cozPXna3iRNZ1TVYBY3smn0IaxysIK-zxESf4pM",
  q: "6qrE9TPhCS5iNR7QrKThunLu6t4H_8CkYRPLbvOIt2MgZyPLiZCsvdkTVSOX76QQEXt7Y0nTNua69q3K3Jhf-YOkPSJsWTxgrfOnjoDvRKzbW3OExIMm7D99fVBODuNWinjYgUwGSqGAsb_3TKhtI-Gr5ls3fn6B6oEjVL0dpmk",
  dp: "mHqjrFdgelT2OyiFRS3dAAPf3cLxJoAGC4gP0UoQyPocEP-Y17sQ7t-ygIanguubBy65iDFLeGXa_g0cmSt2iAzRAHrDzI8P1-pQl2KdWSEg9ssspjBRh_F_AiJLLSPRWn_b3-jySkhawtfxwO8Kte1QsK1My765Y0zFvJnjPws",
  dq: "KmjaV4YcsVAUp4z-IXVa5htHWmLuByaFjpXJOjABEUN0467wZdgjn9vPRp-8Ia8AyGgMkJES_uUL_PDDrMJM9gb4c6P4-NeUkVtreLGMjFjA-_IQmIMrUZ7XywHsWXx0c2oLlrJqoKo3W-hZhR0bPFTYgDUT_mRWjk7wV6wl46E",
</tr></table> 

... (truncated)

Changelog

Sourced from jose's changelog.

5.10.0 (2025-02-17)

Features

• support fully specified Ed25519 algorithm identifier (c39f57d)

5.9.6 (2024-10-20)

Reverts

• Revert "refactor(build): simplify package exports" (2ef3a52)

5.9.5 (2024-10-20)

Refactor

• build: simplify package exports (4783f7f)

5.9.4 (2024-10-11)

Refactor

• types: update error definitions (510c5ca)

5.9.3 (2024-09-22)

Refactor

• use as Type for type assertions instead of (c4dc24d)

5.9.2 (2024-09-14)

Refactor

• types: remove index signatures from JWK interfaces (ccf0cda)

5.9.1 (2024-09-13)

Fixes

• types: add missing index signature on the convenience JWK types (90a93dc)

5.9.0 (2024-09-13)

... (truncated)

Commits

• 839b6da chore(release): 5.10.0
• c39f57d feat: support fully specified Ed25519 algorithm identifier
• ff8ea69 test: update test expectations
• 25d2267 test: update test expectations
• 08be034 chore: upgrade dev dependencies, typescript, and docs
• 0d9f5f1 build(deps-dev): bump edge-runtime from 3.0.5 to 4.0.0 (#734)
• 1e8b430 ci: add retry
• a05fa54 chore: bump packages
• 626d965 build(deps-dev): bump edge-runtime from 3.0.3 to 3.0.5 (#733)
• af55645 chore: bump packages
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[changeset-bot]

⚠️ No Changeset found

Latest commit: ec224b7

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[github-actions]

Differences Found

✅ No packages or licenses were added.

Summary

Expand

License Name	Package Count	Packages
0BSD	1	Packages tslib
AFL-2.1	1	Packages json-schema
CC-BY-3.0	1	Packages spdx-exceptions
MPL-2.0	1	Packages axe-core
Public Domain	1	Packages jsonify
Python-2.0	1	Packages argparse
Unlicense	1	Packages tweetnacl
WTFPL	1	Packages utf8-byte-length
BlueOak-1.0.0	2	Packages jackspeak path-scurry
CC-BY-4.0	2	Packages @saleor/macaw-ui caniuse-lite
CC0-1.0	3	Packages language-subtag-registry spdx-license-ids type-fest
<<missing>>	5	Packages busboy cycle example-nextjs-app-router-starter eyes streamsearch
BSD-2-Clause	17	Packages @typescript-eslint/parser @typescript-eslint/typescript-estree css-what damerau-levenshtein dotenv entities eslint-scope espree esprima esrecurse estraverse esutils glob-to-regexp normalize-package-data terser uri-js webidl-conversions
BSD-3-Clause	26	Packages @humanwhocodes/object-schema @saleor/eslint-plugin-saleor-app @sentry/cli @xtuc/ieee754 abab asn1js bcrypt-pbkdf diff esquery exenv hoist-non-react-statics ieee754 immutable istanbul-lib-coverage istanbul-lib-report istanbul-lib-source-maps istanbul-reports json-schema qs secure-json-parse And 6 more...
Apache-2.0	43	Packages @ampproject/remapping @humanwhocodes/config-array @humanwhocodes/module-importer @pollyjs/adapter @pollyjs/adapter-fetch @pollyjs/adapter-node-http @pollyjs/core @pollyjs/node-server @pollyjs/persister @pollyjs/persister-fs @pollyjs/utils @swc/counter @swc/helpers @webassemblyjs/leb128 @xtuc/long aria-query aws-sign2 axobject-query bser caseless And 23 more...
ISC	63	Packages @isaacs/cliui @saleor/app-sdk @saleor/json-schema-compiler anymatch ast-types-flow authorizenet cli-color cli-width cliui d electron-to-chromium es5-ext es6-symbol es6-weak-map eslint-import-resolver-typescript ext fastq flatted foreground-child fs.realpath And 43 more...
MIT	1088	Packages @aashutoshrathi/word-wrap @adobe/css-tools @alloc/quick-lru @apollo/client @ardatan/relay-compiler @ardatan/sync-fetch @babel/code-frame @babel/compat-data @babel/core @babel/generator @babel/helper-annotate-as-pure @babel/helper-compilation-targets @babel/helper-create-class-features-plugin @babel/helper-environment-visitor @babel/helper-function-name @babel/helper-hoist-variables @babel/helper-member-expression-to-functions @babel/helper-module-imports @babel/helper-module-transforms @babel/helper-optimise-call-expression And 1068 more...

[dependabot]

Superseded by #158.