[Snyk] Upgrade openid-client from 5.4.0 to 5.6.4

[rish2497]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade openid-client from 5.4.0 to 5.6.4.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 9 versions ahead of your current version.
• The recommended version was released 2 months ago, on 2024-01-06.

Release notes

Package name: openid-client

• 5.6.4 - 2024-01-06
  

  Revert "fix: encode client_secret_basic - _ . ! ~ * ' ( ) characters"

  This reverts commit 5a2ea80, even though it is the correct implementation some of the most widely used identity providers don't follow the specification.

• 5.6.3 - 2024-01-05
  

  Fixes

  • encode client_secret_basic - _ . ! ~ * ' ( ) characters (5a2ea80)
• 5.6.2 - 2023-12-22
  

  Refactor

  • issuer discovery (#637) (c228877)

  Fixes

  • add explicit Accept-Encoding header to http requests (abcb564), closes #648
• 5.6.1 - 2023-10-11
  

  Fixes

  • consistent space encoding in authorizationUrl (#627) (ad68223), closes #626
• 5.6.0 - 2023-10-03
  

  Features

  • experimental Bun support (a9d3a87), closes #622 #623
• 5.5.0 - 2023-09-08
  

  Features

  • DPoP: remove experimental warning, DPoP is now RFC9449 (133a022)
• 5.4.3 - 2023-07-06
  

  Fixes

  • handle empty client_secret with basic and post client auth (#610) (402c711), closes #609
• 5.4.2 - 2023-04-25
  

  Fixes

  • bump oidc-token-hash (20607e9)
• 5.4.1 - 2023-04-21
  

  This release contains only code refactoring, dependency, or documentation updates. The release process now also uses provenance statements.

• 5.4.0 - 2023-02-05
  

  Features

  • allow third party initiated login requests to trigger strategy (568709a), closes #510 #564

from openid-client GitHub release notes

Commit messages

Package name: openid-client

• 0e15612 chore(release): 5.6.4
• 66c2ee2 Revert "fix: encode client_secret_basic - _ . ! ~ * ' ( ) characters"
• 0378bba chore(release): 5.6.3
• 5a2ea80 fix: encode client_secret_basic - _ . ! ~ * ' ( ) characters
• 9d3cfb8 chore(release): 5.6.2
• abcb564 fix: add explicit Accept-Encoding header to http requests
• 4b42b48 chore: bump upload-artifact
• 820d2c4 Revert "chore(deps): bump actions/upload-artifact from 3 to 4" (#646)
• 12d76e4 chore(deps): bump actions/upload-artifact from 3 to 4 (#645)
• 418b8e4 chore(deps): bump github/codeql-action from 2 to 3 (#644)
• 76db75c docs: add client credentials flow example to readme (#640)
• c228877 refactor: issuer discovery (#637)
• d58eabd chore(deps): bump dessant/lock-threads from 5.0.0 to 5.0.1 (#638)
• 8a4d3bf chore: set discussion-inactive-days in lock threads action
• a305259 chore(deps): bump dessant/lock-threads from 4.0.1 to 5.0.0 (#636)
• a84d022 ci: use lts/iron (Node.js 20 LTS)
• 9f79b6e chore: bump deps
• f468f99 chore(deps): bump actions/setup-node from 3 to 4 (#632)
• afce481 chore(deps): bump actions/checkout from 3 to 4 (#631)
• 52a059e ci: unleash dependabot on github actions
• d1aa935 chore(release): 5.6.1
• ad68223 fix: consistent space encoding in authorizationUrl (#627)
• 53458e0 ci: use oven-sh/setup-bun
• d698b46 chore(release): 5.6.0

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs