Skip to content

Bump sinon from 14.0.2 to 15.2.0#294

Merged
cjbarth merged 1 commit intomasterfrom
dependabot/npm_and_yarn/sinon-15.2.0
Jul 21, 2023
Merged

Bump sinon from 14.0.2 to 15.2.0#294
cjbarth merged 1 commit intomasterfrom
dependabot/npm_and_yarn/sinon-15.2.0

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 1, 2023
edited
Loading

Bumps sinon from 14.0.2 to 15.2.0.

Changelog

Sourced from sinon's changelog.

15.2.0

  • 66b0081e Use fake-timers v10.1.0 re-released as v10.3.0 (Carl-Erik Kopseng)

    Version 10.2.0 of fake-timers had an unexpected breaking change. We re-released 10.1.0 as 10.3.0 to force users into jumping over the deprecated version.

    v10.2.0 was re-released as v11.0.0 and will be part of the next Sinon major

  • a79ccaeb Support callable instances (#2517) (bojavou)

    • Support callable instances

    • Clean prettier lint

    Co-authored-by: -

  • d220c995 fix: bundling compatibility with webpack@5 (#2519) (Avi Vahl)
    • fix: bundling compatibility with webpack@5

    when using webpack v5 to bundle code that calls require('sinon') (cjs) , it would have defaulted to "exports->require" and fail with multiple node-api requirements (util, timers, etc.)

    this patch ensures that anyone who bundles sinon for browser gets the (browser-compatible) esm version.

    tested on both webpack v5 and v4. should be noted that v4 worked even without this patch, as it automatically injected polyfills. v5 no longer does so. with this PR, people using webpack@4 to bundle sinon at least see size improvement, as the polyfills are no longer required.

    • fix: revert change for package.json -> "browser"

    browserify doesn't seem to like esm. leave that entry point alone, and ensure "exports" -> "browser" (which webpack@5 uses) is esm.

Released by Carl-Erik Kopseng on 2023-06-20.

15.1.2

  • 02b73aed Update lock file after removing node_modules ... (Carl-Erik Kopseng)

Released by Carl-Erik Kopseng on 2023-06-12.

15.1.1

  • 194fc2ef Change fake-timers version to specifically target the one containing the 'jump' feature (Carl-Erik Kopseng)

    Instead of the later (breaking) version. See #470

  • 05f05ac3 docs: Remove threw(obj) from docs (#2513) (Morgan Roderick)

    Since the introduction of threw in

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Relating to updating dependencies javascript Pull requests that update Javascript code labels Jul 1, 2023
@codecov
Copy link

codecov bot commented Jul 1, 2023
edited
Loading

Codecov Report

Merging #294 (21a0f0b) into master (5b6422c) will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##           master     #294   +/-   ##
=======================================
  Coverage   81.49%   81.49%           
=======================================
  Files          11       11           
  Lines         816      816           
  Branches      252      252           
=======================================
  Hits          665      665           
  Misses         63       63           
  Partials       88       88

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/sinon-15.2.0 branch from 30895f1 to b71ae00 Compare July 13, 2023 19:11
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/sinon-15.2.0 branch from b71ae00 to 25ae093 Compare July 21, 2023 14:14
@cjbarth
Copy link
Collaborator

cjbarth commented Jul 21, 2023

@dependabot rebase

@dependabot
Bump sinon from 14.0.2 to 15.2.0
21a0f0b 
Bumps [sinon](https://github.com/sinonjs/sinon) from 14.0.2 to 15.2.0.
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md)
- [Commits](sinonjs/sinon@v14.0.2...v15.2.0)

---
updated-dependencies:
- dependency-name: sinon
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/sinon-15.2.0 branch from 25ae093 to 21a0f0b Compare July 21, 2023 14:29
@cjbarth cjbarth merged commit 0f9e5f1 into master Jul 21, 2023
@cjbarth cjbarth deleted the dependabot/npm_and_yarn/sinon-15.2.0 branch July 21, 2023 14:32
AlbertPangilinan pushed a commit to Foxquilt/foxden-node-saml that referenced this pull request Sep 22, 2025
@dependabot @AlbertPangilinan
Bump sinon from 14.0.2 to 15.2.0 (node-saml#294)
539d39c 
Bumps [sinon](https://github.com/sinonjs/sinon) from 14.0.2 to 15.2.0.
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md)
- [Commits](sinonjs/sinon@v14.0.2...v15.2.0)

---
updated-dependencies:
- dependency-name: sinon
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AlbertPangilinan added a commit to Foxquilt/foxden-node-saml that referenced this pull request Sep 23, 2025
@AlbertPangilinan @dependabot
@cjbarth @gmhewett @aykutbulca @GertSallaerts @RopoMen @jindazhao01 @adamandreasson @kg0r0 @catamphetamine @salortiz @nwalters512 @ganesha289 @ganesh-kshirsagar-incontact @barryhagan @markstos @KiwiKilian @kdhttps @manan-jadhav-ab @ahacker1-securesaml @howard-stytch @suriyaka
NCP-3701 - CircleCI node upgrade to v22 (#7)
84b41f5 
* Bump xml-encryption from 3.0.1 to 3.0.2 (node-saml#236)

Bumps [xml-encryption](https://github.com/auth0/node-xml-encryption) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/auth0/node-xml-encryption/releases)
- [Commits](https://github.com/auth0/node-xml-encryption/commits)

---
updated-dependencies:
- dependency-name: xml-encryption
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump xml2js from 0.4.23 to 0.5.0 (node-saml#268)

Bumps [xml2js](https://github.com/Leonidas-from-XIV/node-xml2js) from 0.4.23 to 0.5.0.
- [Release notes](https://github.com/Leonidas-from-XIV/node-xml2js/releases)
- [Commits](https://github.com/Leonidas-from-XIV/node-xml2js/commits/0.5.0)

---
updated-dependencies:
- dependency-name: xml2js
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Release 4.0.4

* Update minor dependencies (node-saml#269)

* Improve audience mismatch error message (node-saml#257)

* feat: add public getAuthorizeMessage method (node-saml#235)

* Acknowledge that XML can be parsed to `any` (node-saml#271)

* feat: support additionalParams on HTTP-POST binding (node-saml#263)

* Make `callbackUrl` manditory (node-saml#214)

* Add public key support (node-saml#225)

Co-authored-by: Chris Barth <chrisjbarth@hotmail.com>

* Remove types specific to Passport (node-saml#226)

* Export types required for SamlOptions (node-saml#224)

* Bump vm2 from 3.9.16 to 3.9.19 (node-saml#277)

Bumps [vm2](https://github.com/patriksimek/vm2) from 3.9.16 to 3.9.19.
- [Release notes](https://github.com/patriksimek/vm2/releases)
- [Changelog](https://github.com/patriksimek/vm2/blob/master/CHANGELOG.md)
- [Commits](patriksimek/vm2@3.9.16...3.9.19)

---
updated-dependencies:
- dependency-name: vm2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump json5 from 2.2.1 to 2.2.3 (node-saml#244)

Bumps [json5](https://github.com/json5/json5) from 2.2.1 to 2.2.3.
- [Release notes](https://github.com/json5/json5/releases)
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md)
- [Commits](json5/json5@v2.2.1...v2.2.3)

---
updated-dependencies:
- dependency-name: json5
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump prettier from 2.8.7 to 2.8.8 (node-saml#274)

Bumps [prettier](https://github.com/prettier/prettier) from 2.8.7 to 2.8.8.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/prettier@2.8.7...2.8.8)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump @typescript-eslint/parser from 5.58.0 to 5.59.8 (node-saml#281)

Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.58.0 to 5.59.8.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.59.8/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump codecov/codecov-action from 3.1.1 to 3.1.4 (node-saml#279)

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.1 to 3.1.4.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](codecov/codecov-action@v3.1.1...v3.1.4)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update minor dependencies (node-saml#283)

* Roll-up changelog entries for beta releases (node-saml#282)

* Fix spelling and normalize naming (node-saml#278)

* Remove express dependency (node-saml#284)

* Prefer Chai `expect` to Node `assert` (node-saml#286)

* Add test coverage (node-saml#287)

* Separate linting out from testing (node-saml#288)

* Remove dependency on Passport types (node-saml#296)

* Add tests for XML parsing with comments (node-saml#285)

* Bump concurrently from 7.6.0 to 8.2.0 (node-saml#290)

Bumps [concurrently](https://github.com/open-cli-tools/concurrently) from 7.6.0 to 8.2.0.
- [Release notes](https://github.com/open-cli-tools/concurrently/releases)
- [Commits](open-cli-tools/concurrently@v7.6.0...v8.2.0)

---
updated-dependencies:
- dependency-name: concurrently
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump @typescript-eslint/parser from 5.59.9 to 5.60.1 (node-saml#292)

Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.59.9 to 5.60.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.60.1/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump typescript from 4.8.4 to 5.1.6 (node-saml#293)

Bumps [typescript](https://github.com/Microsoft/TypeScript) from 4.8.4 to 5.1.6.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/commits)

---
updated-dependencies:
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Allow 5.x series for TypeScript

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump sinon from 14.0.2 to 15.2.0 (node-saml#294)

Bumps [sinon](https://github.com/sinonjs/sinon) from 14.0.2 to 15.2.0.
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md)
- [Commits](sinonjs/sinon@v14.0.2...v15.2.0)

---
updated-dependencies:
- dependency-name: sinon
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump word-wrap from 1.2.3 to 1.2.4 (node-saml#298)

Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.4.
- [Release notes](https://github.com/jonschlinkert/word-wrap/releases)
- [Commits](jonschlinkert/word-wrap@1.2.3...1.2.4)

---
updated-dependencies:
- dependency-name: word-wrap
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump @typescript-eslint/parser from 5.59.9 to 5.62.0 (node-saml#299)

Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.59.9 to 5.62.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.62.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump @xmldom/xmldom from 0.8.8 to 0.8.10 (node-saml#301)

Bumps [@xmldom/xmldom](https://github.com/xmldom/xmldom) from 0.8.8 to 0.8.10.
- [Release notes](https://github.com/xmldom/xmldom/releases)
- [Changelog](https://github.com/xmldom/xmldom/blob/master/CHANGELOG.md)
- [Commits](xmldom/xmldom@0.8.8...0.8.10)

---
updated-dependencies:
- dependency-name: "@xmldom/xmldom"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump @typescript-eslint/eslint-plugin from 5.59.9 to 5.62.0 (node-saml#302)

Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.59.9 to 5.62.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.62.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump @types/node from 14.18.50 to 14.18.53 (node-saml#303)

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.18.50 to 14.18.53.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump @cjbarth/github-release-notes from 4.0.0 to 4.1.0 (node-saml#304)

Bumps [@cjbarth/github-release-notes](https://github.com/cjbarth/github-release-notes) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/cjbarth/github-release-notes/releases)
- [Changelog](https://github.com/cjbarth/github-release-notes/blob/master/CHANGELOG.md)
- [Commits](cjbarth/github-release-notes@4.0.0...4.1.0)

---
updated-dependencies:
- dependency-name: "@cjbarth/github-release-notes"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump release-it from 15.11.0 to 16.1.3 (node-saml#305)

Bumps [release-it](https://github.com/release-it/release-it) from 15.11.0 to 16.1.3.
- [Release notes](https://github.com/release-it/release-it/releases)
- [Changelog](https://github.com/release-it/release-it/blob/main/CHANGELOG.md)
- [Commits](release-it/release-it@15.11.0...16.1.3)

---
updated-dependencies:
- dependency-name: release-it
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump eslint from 8.42.0 to 8.45.0 (node-saml#306)

Bumps [eslint](https://github.com/eslint/eslint) from 8.42.0 to 8.45.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](eslint/eslint@v8.42.0...v8.45.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump prettier-plugin-packagejson from 2.4.3 to 2.4.5 (node-saml#307)

Bumps [prettier-plugin-packagejson](https://github.com/matzkoh/prettier-plugin-packagejson) from 2.4.3 to 2.4.5.
- [Release notes](https://github.com/matzkoh/prettier-plugin-packagejson/releases)
- [Commits](matzkoh/prettier-plugin-packagejson@v2.4.3...v2.4.5)

---
updated-dependencies:
- dependency-name: prettier-plugin-packagejson
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump prettier from 2.8.8 to 3.0.0 (node-saml#300)

Bumps [prettier](https://github.com/prettier/prettier) from 2.8.8 to 3.0.0.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/prettier@2.8.8...3.0.0)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Lint

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Chris Barth <chrisjbarth@hotmail.com>

* Merge pull request from GHSA-vx8m-6fhw-pccw

* Added verifyLogoutRequest to validatePostRequestAsync flow

* Added bad expiration test

* Updated IssueInstance to be in the past

* Enforce valid setting for validateInResponseTo (node-saml#314)

* Add test coverage for initialize() of saml.ts (node-saml#327)

* Fixes `node-saml` not checking all `Audience`s in an `AudienceRestriction` (node-saml#340)

* Upgrade to latest version of xml-crypto (node-saml#341)

* Update to current Node versions (node-saml#342)

* Fix metadata order (node-saml#334)

Use the element order defined by "saml-schema-metadata-2.0.xsd"
Closes node-saml#333

* Export generateServiceProviderMetadata (node-saml#337)

* Rename `cert` to `idpCert` and `signingCert` to `publicCert` (node-saml#343)

* Added X509 certificate to KeyInfo X509Data, if passed through options (node-saml#36)

Co-authored-by: Ganesh Kshirsagar <ganesh.kshirsagar@nice.com>
Co-authored-by: Barry Hagan <barryhagan@gmail.com>
Co-authored-by: Chris Barth <chrisjbarth@hotmail.com>

* Update minor dependencies and Node to 18 (node-saml#344)

* Bump actions/checkout from 3 to 4 (node-saml#330)

Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump sinon and @types/sinon (node-saml#349)

Bumps [sinon](https://github.com/sinonjs/sinon) and [@types/sinon](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/sinon). These dependencies needed to be updated together.

Updates `sinon` from 15.2.0 to 17.0.1
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md)
- [Commits](sinonjs/sinon@v15.2.0...v17.0.1)

Updates `@types/sinon` from 10.0.20 to 17.0.3
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/sinon)

---
updated-dependencies:
- dependency-name: sinon
  dependency-type: direct:development
  update-type: version-update:semver-major
- dependency-name: "@types/sinon"
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump eslint-plugin-deprecation from 1.5.0 to 2.0.0 (node-saml#347)

Bumps [eslint-plugin-deprecation](https://github.com/gund/eslint-plugin-deprecation) from 1.5.0 to 2.0.0.
- [Release notes](https://github.com/gund/eslint-plugin-deprecation/releases)
- [Changelog](https://github.com/gund/eslint-plugin-deprecation/blob/master/CHANGELOG.md)
- [Commits](gund/eslint-plugin-deprecation@v1.5.0...v2.0.0)

---
updated-dependencies:
- dependency-name: eslint-plugin-deprecation
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump eslint-config-prettier from 8.10.0 to 9.1.0 (node-saml#345)

Bumps [eslint-config-prettier](https://github.com/prettier/eslint-config-prettier) from 8.10.0 to 9.1.0.
- [Changelog](https://github.com/prettier/eslint-config-prettier/blob/main/CHANGELOG.md)
- [Commits](prettier/eslint-config-prettier@v8.10.0...v9.1.0)

---
updated-dependencies:
- dependency-name: eslint-config-prettier
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump eslint-plugin-prettier from 4.2.1 to 5.1.3 (node-saml#346)

Bumps [eslint-plugin-prettier](https://github.com/prettier/eslint-plugin-prettier) from 4.2.1 to 5.1.3.
- [Release notes](https://github.com/prettier/eslint-plugin-prettier/releases)
- [Changelog](https://github.com/prettier/eslint-plugin-prettier/blob/master/CHANGELOG.md)
- [Commits](prettier/eslint-plugin-prettier@v4.2.1...v5.1.3)

---
updated-dependencies:
- dependency-name: eslint-plugin-prettier
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump release-it from 16.3.0 to 17.0.5 (node-saml#348)

Bumps [release-it](https://github.com/release-it/release-it) from 16.3.0 to 17.0.5.
- [Release notes](https://github.com/release-it/release-it/releases)
- [Changelog](https://github.com/release-it/release-it/blob/main/CHANGELOG.md)
- [Commits](release-it/release-it@16.3.0...17.0.5)

---
updated-dependencies:
- dependency-name: release-it
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Release 5.0.0

* Update sponsor acknowledgements (node-saml#365)

* Docs: add pitch to encourage more sponsors (node-saml#366)

* feat: improve error messages when validating pems (node-saml#373)

* docs: Update README.md set never default validateInResponseTo (node-saml#384)

* Adjust to support type stripping (node-saml#389)

* Update xml-crypto to address CVE (node-saml#388)

This update addresses the following CVE: CVE-2025-29774; CVE-2025-29775

* Release 5.0.1

* Update dependencies (node-saml#391)

* Adjust linting rules for line endings (node-saml#393)

* Export custom SamlStatusError (node-saml#394)

* add CI test & lint for Node.js 22 (node-saml#386)

* Use new .signedReferences interace in xml-crypto to "see what is signed" (node-saml#397)

* Update sponsors: Stytch (node-saml#395)

* Release 5.1.0

* Update to support Node strip-only TypeScript support (node-saml#407)

* Security: remove debug dependency (node-saml#406)

* ARCH-32 node_saml changes

* ARCH-32_fixed test

* ARCH-32 updated the review comments

* ARCH-32 package.json changes

* ARCH-32 updated package json

* ARCH-32 access to public

* upgraded circleci node version to 22

* updated yarn.lock

* removed package-lock.json

* reset config.yml except for node version

* reset workflow.yml

* added 22.x to node-version matrix

* fixed package-lock.json

* fixed package-lock.json and yarn.lock

* fixed node version number in package.json

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Chris Barth <chrisjbarth@hotmail.com>
Co-authored-by: gmhewett <gmhewett@users.noreply.github.com>
Co-authored-by: aykutbulca <aykutbulca@gmail.com>
Co-authored-by: Gert Sallaerts <1267900+GertSallaerts@users.noreply.github.com>
Co-authored-by: RopoMen <RopoMen@users.noreply.github.com>
Co-authored-by: jindazhao01 <137830289+jindazhao01@users.noreply.github.com>
Co-authored-by: Adam Andreasson <hej@adamandreasson.se>
Co-authored-by: 56 <kg0r0@yahoo.co.jp>
Co-authored-by: Nikolay <catamphetamine@users.noreply.github.com>
Co-authored-by: Salvador Ortiz <sog@msg.mx>
Co-authored-by: Nathan Sarang-Walters <nwalters512@gmail.com>
Co-authored-by: Ganesh Kshirsagar <ganeshakshirsagar@gmail.com>
Co-authored-by: Ganesh Kshirsagar <ganesh.kshirsagar@nice.com>
Co-authored-by: Barry Hagan <barryhagan@gmail.com>
Co-authored-by: Mark Stosberg <mark@rideamigos.com>
Co-authored-by: Kilian Finger <hey@kilianfinger.com>
Co-authored-by: Kiran Mali <39133739+kdhttps@users.noreply.github.com>
Co-authored-by: Manan Jadhav <166636237+manan-jadhav-ab@users.noreply.github.com>
Co-authored-by: ahacker1 <alex@securesaml.com>
Co-authored-by: howard-stytch <89414701+howard-stytch@users.noreply.github.com>
Co-authored-by: suriyaka <106838750+suriyaka@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cjbarth cjbarth cjbarth approved these changes

Assignees

No one assigned

Labels

dependencies Relating to updating dependencies javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@cjbarth