bump jws to version 4.0.1

julienwoll · julienwoll · commit f0c865ed2cd9 · 2025-12-04T10:50:36.000+01:00
diff --git a/.gitignore b/.gitignore
@@ -2,3 +2,4 @@ node_modules
 .DS_Store
 .nyc_output
 coverage
+package-lock.json
diff --git a/.npmignore b/.npmignore
@@ -0,0 +1 @@
+opslevel.yml
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,10 @@
 All notable changes to this project will be documented in this file starting from version **v4.0.0**.
 This project adheres to [Semantic Versioning](http://semver.org/).
 
+## 9.0.3 - 2025-12-04
+
+- updates jws version to 4.0.1.
+
 ## 9.0.2 - 2023-08-30
 
 - security: updating semver to 7.5.4 to resolve CVE-2022-25883, closes [#921](https://github.com/auth0/node-jsonwebtoken/issues/921).
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "jsonwebtoken",
-  "version": "9.0.2",
+  "version": "9.0.3",
   "description": "JSON Web Token implementation (symmetric and asymmetric)",
   "main": "index.js",
   "nyc": {
@@ -36,7 +36,7 @@
     "url": "https://github.com/auth0/node-jsonwebtoken/issues"
   },
   "dependencies": {
-    "jws": "^3.2.2",
+    "jws": "^4.0.1",
     "lodash.includes": "^4.3.0",
     "lodash.isboolean": "^3.0.3",
     "lodash.isinteger": "^4.0.4",
