diff --git a/package-lock.json b/package-lock.json index 771c8b461..516c4e6f4 100644 --- a/package-lock.json +++ b/package-lock.json @@ -10821,11 +10821,13 @@ "node": ">=8" } }, - "node_modules/object-hash": { - "version": "2.2.0", + "node_modules/oauth4webapi": { + "version": "3.1.3", + "resolved": "https://registry.npmjs.org/oauth4webapi/-/oauth4webapi-3.1.3.tgz", + "integrity": "sha512-dik5wEMdFL5p3JlijYvM7wMNCgaPhblLIDCZtdXcaZp5wgu5Iwmsu7lMzgFhIDTi5d0BJo03LVoOoFQvXMeOeQ==", "license": "MIT", - "engines": { - "node": ">= 6" + "funding": { + "url": "https://github.com/sponsors/panva" } }, "node_modules/object-inspect": { @@ -10986,13 +10988,6 @@ "node": ">=8" } }, - "node_modules/oidc-token-hash": { - "version": "5.0.3", - "license": "MIT", - "engines": { - "node": "^10.13.0 || >=12.0.0" - } - }, "node_modules/on-finished": { "version": "2.4.1", "license": "MIT", @@ -11099,39 +11094,18 @@ } }, "node_modules/openid-client": { - "version": "5.7.0", + "version": "6.1.4", + "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-6.1.4.tgz", + "integrity": "sha512-3MmV+fU1mydATrXoDnJ03Zqvx6VbNpFG31AibMktYnZ7IV6ixN0DJARIj1d63gfnK4OL3sZm4y2LGKFcs4NRxA==", "license": "MIT", "dependencies": { - "jose": "^4.15.9", - "lru-cache": "^6.0.0", - "object-hash": "^2.2.0", - "oidc-token-hash": "^5.0.3" + "jose": "^5.9.6", + "oauth4webapi": "^3.1.3" }, "funding": { "url": "https://github.com/sponsors/panva" } }, - "node_modules/openid-client/node_modules/jose": { - "version": "4.15.9", - "license": "MIT", - "funding": { - "url": "https://github.com/sponsors/panva" - } - }, - "node_modules/openid-client/node_modules/lru-cache": { - "version": "6.0.0", - "license": "ISC", - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/openid-client/node_modules/yallist": { - "version": "4.0.0", - "license": "ISC" - }, "node_modules/optionator": { "version": "0.9.4", "dev": true, @@ -13091,7 +13065,7 @@ "@sigstore/oci": "^0.4.0", "@sigstore/sign": "^3.0.0", "open": "^8.4.2", - "openid-client": "^5.7.0", + "openid-client": "^6.1.4", "sigstore": "^3.0.0" }, "bin": { @@ -13121,7 +13095,7 @@ }, "devDependencies": { "@sigstore/jest": "^0.0.0", - "@sigstore/mock": "^0.8.0", + "@sigstore/mock": "^0.9.0", "@sigstore/rekor-types": "^3.0.0", "@tufjs/repo-mock": "^3.0.1", "@types/make-fetch-happen": "^10.0.4" @@ -13177,7 +13151,7 @@ }, "packages/mock": { "name": "@sigstore/mock", - "version": "0.8.0", + "version": "0.9.0", "license": "Apache-2.0", "dependencies": { "@peculiar/webcrypto": "^1.5.0", @@ -13201,11 +13175,11 @@ }, "packages/mock-server": { "name": "@sigstore/mock-server", - "version": "0.2.0", + "version": "0.2.1", "dependencies": { "@oclif/color": "^1.0.13", "@oclif/core": "^4", - "@sigstore/mock": "^0.8.0", + "@sigstore/mock": "^0.9.0", "@tufjs/repo-mock": "^3.0.1", "express": "4.21.1" }, @@ -13262,7 +13236,7 @@ }, "devDependencies": { "@sigstore/jest": "^0.0.0", - "@sigstore/mock": "^0.8.0", + "@sigstore/mock": "^0.9.0", "@sigstore/rekor-types": "^3.0.0", "@types/make-fetch-happen": "^10.0.4", "@types/promise-retry": "^1.1.6" diff --git a/packages/cli/package.json b/packages/cli/package.json index 37aab2fe6..2af435d14 100644 --- a/packages/cli/package.json +++ b/packages/cli/package.json @@ -39,7 +39,7 @@ "@sigstore/oci": "^0.4.0", "@sigstore/sign": "^3.0.0", "open": "^8.4.2", - "openid-client": "^5.7.0", + "openid-client": "^6.1.4", "sigstore": "^3.0.0" }, "devDependencies": {