Skip to content

Build(deps): Bump jose from 6.2.0 to 6.2.2#150

Merged
github-actions[bot] merged 1 commit intomainfrom
dependabot/bun/jose-6.2.2
Mar 23, 2026
Merged

Build(deps): Bump jose from 6.2.0 to 6.2.2#150
github-actions[bot] merged 1 commit intomainfrom
dependabot/bun/jose-6.2.2

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 23, 2026

Bumps jose from 6.2.0 to 6.2.2.

Release notes

Sourced from jose's releases.

v6.2.2

Fixes

  • reject failed decompression with JWEInvalid error (043b181)

v6.2.1

Refactor

  • reorganize internals, less files, smaller footprint (d4231f9)
Changelog

Sourced from jose's changelog.

6.2.2 (2026-03-18)

Fixes

  • reject failed decompression with JWEInvalid error (043b181)

6.2.1 (2026-03-09)

Refactor

  • reorganize internals, less files, smaller footprint (d4231f9)
Commits
  • 9c86586 chore(release): 6.2.2
  • 4984b5c chore(deps): bump the actions group with 4 updates
  • 043b181 fix: reject failed decompression with JWEInvalid error
  • 867cc2c chore(deps-dev): bump undici
  • f4e20e7 chore(deps-dev): bump tar in the npm_and_yarn group across 1 directory
  • d0505bf chore: cleanup after release
  • d491aa9 chore(release): 6.2.1
  • d4231f9 refactor: reorganize internals, less files, smaller footprint
  • 7b22ba8 test: use playwright instead of testcafe
  • 00965b4 chore: bump packages
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Build(deps): Bump jose from 6.2.0 to 6.2.2
dd9d073 
Bumps [jose](https://github.com/panva/jose) from 6.2.0 to 6.2.2.
- [Release notes](https://github.com/panva/jose/releases)
- [Changelog](https://github.com/panva/jose/blob/main/CHANGELOG.md)
- [Commits](panva/jose@v6.2.0...v6.2.2)

---
updated-dependencies:
- dependency-name: jose
  dependency-version: 6.2.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Mar 23, 2026
@dependabot dependabot bot mentioned this pull request Mar 23, 2026
Closed
@github-actions github-actions bot merged commit 0a1070e into main Mar 23, 2026
5 of 6 checks passed
@github-actions github-actions bot deleted the dependabot/bun/jose-6.2.2 branch March 23, 2026 01:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@sergiodxa sergiodxa

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@sergiodxa