chore(deps): update dependency @auth0/auth0-spa-js to v2#53
Open
renovate[bot] wants to merge 1 commit into
Open
chore(deps): update dependency @auth0/auth0-spa-js to v2#53renovate[bot] wants to merge 1 commit into
renovate[bot] wants to merge 1 commit into
Conversation
renovate
Bot
force-pushed
the
renovate/auth0-auth0-spa-js-2.x
branch
from
February 22, 2024 14:47
7e4026c to
649d9b0
Compare
renovate
Bot
force-pushed
the
renovate/auth0-auth0-spa-js-2.x
branch
from
August 10, 2025 13:56
649d9b0 to
3d1aa12
Compare
renovate
Bot
force-pushed
the
renovate/auth0-auth0-spa-js-2.x
branch
2 times, most recently
from
September 10, 2025 13:37
db36a21 to
8bf386f
Compare
renovate
Bot
force-pushed
the
renovate/auth0-auth0-spa-js-2.x
branch
from
October 1, 2025 21:06
8bf386f to
2d97198
Compare
renovate
Bot
force-pushed
the
renovate/auth0-auth0-spa-js-2.x
branch
2 times, most recently
from
October 17, 2025 19:57
a7aed2e to
e4ea72e
Compare
renovate
Bot
force-pushed
the
renovate/auth0-auth0-spa-js-2.x
branch
from
October 27, 2025 16:59
e4ea72e to
d255036
Compare
renovate
Bot
force-pushed
the
renovate/auth0-auth0-spa-js-2.x
branch
2 times, most recently
from
November 21, 2025 09:54
a186681 to
d9095d8
Compare
renovate
Bot
force-pushed
the
renovate/auth0-auth0-spa-js-2.x
branch
from
December 3, 2025 10:14
d9095d8 to
1e5aac1
Compare
renovate
Bot
force-pushed
the
renovate/auth0-auth0-spa-js-2.x
branch
from
December 11, 2025 17:02
1e5aac1 to
648606e
Compare
renovate
Bot
force-pushed
the
renovate/auth0-auth0-spa-js-2.x
branch
2 times, most recently
from
January 12, 2026 10:00
234a5c8 to
65bc539
Compare
renovate
Bot
force-pushed
the
renovate/auth0-auth0-spa-js-2.x
branch
from
January 16, 2026 10:15
65bc539 to
f863119
Compare
renovate
Bot
force-pushed
the
renovate/auth0-auth0-spa-js-2.x
branch
3 times, most recently
from
January 30, 2026 10:26
1529be6 to
a834d04
Compare
renovate
Bot
force-pushed
the
renovate/auth0-auth0-spa-js-2.x
branch
2 times, most recently
from
February 5, 2026 05:28
cbe5769 to
130e1c0
Compare
renovate
Bot
force-pushed
the
renovate/auth0-auth0-spa-js-2.x
branch
2 times, most recently
from
February 17, 2026 08:28
f6cdde3 to
a7bfb1b
Compare
renovate
Bot
force-pushed
the
renovate/auth0-auth0-spa-js-2.x
branch
from
February 23, 2026 09:59
a7bfb1b to
08eaa5b
Compare
renovate
Bot
force-pushed
the
renovate/auth0-auth0-spa-js-2.x
branch
2 times, most recently
from
March 12, 2026 13:12
821feb3 to
cb479f2
Compare
renovate
Bot
force-pushed
the
renovate/auth0-auth0-spa-js-2.x
branch
3 times, most recently
from
March 26, 2026 12:29
3300ed1 to
f6a0af6
Compare
renovate
Bot
force-pushed
the
renovate/auth0-auth0-spa-js-2.x
branch
from
March 30, 2026 08:50
f6a0af6 to
1c7fe41
Compare
renovate
Bot
force-pushed
the
renovate/auth0-auth0-spa-js-2.x
branch
from
April 8, 2026 21:02
1c7fe41 to
bc416bd
Compare
renovate
Bot
force-pushed
the
renovate/auth0-auth0-spa-js-2.x
branch
3 times, most recently
from
April 16, 2026 08:36
be676e7 to
69c2c44
Compare
renovate
Bot
force-pushed
the
renovate/auth0-auth0-spa-js-2.x
branch
from
April 29, 2026 15:48
69c2c44 to
4040efe
Compare
renovate
Bot
force-pushed
the
renovate/auth0-auth0-spa-js-2.x
branch
from
May 15, 2026 05:42
4040efe to
9a464d5
Compare
renovate
Bot
force-pushed
the
renovate/auth0-auth0-spa-js-2.x
branch
from
May 22, 2026 11:12
9a464d5 to
95b5acc
Compare
renovate
Bot
force-pushed
the
renovate/auth0-auth0-spa-js-2.x
branch
2 times, most recently
from
June 3, 2026 04:39
1914943 to
b406a96
Compare
renovate
Bot
force-pushed
the
renovate/auth0-auth0-spa-js-2.x
branch
from
June 18, 2026 21:12
b406a96 to
22f9f87
Compare
renovate
Bot
force-pushed
the
renovate/auth0-auth0-spa-js-2.x
branch
2 times, most recently
from
July 6, 2026 09:49
aea0730 to
52c803d
Compare
renovate
Bot
force-pushed
the
renovate/auth0-auth0-spa-js-2.x
branch
from
July 16, 2026 20:00
52c803d to
a60a14a
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
^1.6.0→^2.0.0Release Notes
auth0/auth0-spa-js (@auth0/auth0-spa-js)
v2.23.0Compare Source
Full Changelog
Added
v2.22.0Compare Source
Full Changelog
Added
v2.21.2Compare Source
Full Changelog
Fixed
MfaRequiredErroris propagated and MFA context is stored for passkey and custom token exchange grant types #1626 (yogeshchoudhary147)v2.21.1Compare Source
Full Changelog
Changed
v2.21.0Compare Source
Full Changelog
Added
v2.20.0Compare Source
Full Changelog
Added
v2.19.3Compare Source
Full Changelog
Fixed
v2.19.2Compare Source
Full Changelog
Security
v2.19.1Compare Source
Full Changelog
Fixed
v2.19.0Compare Source
Full Changelog
Added
v2.18.3Compare Source
Full Changelog
Added
v2.18.2Compare Source
Full Changelog
Fixed
v2.18.1Compare Source
Full Changelog
Added
v2.18.0Compare Source
Full Changelog
Added
Fixed
v2.17.1Compare Source
Full Changelog
Changed
v2.17.0Compare Source
Full Changelog
Added
Fixed
authenticateincreateAuth0Clientdocstring #1537 (StephenP-Hung)v2.16.0Compare Source
Full Changelog
Added
v2.15.0Compare Source
Full Changelog
Added
Fixed
v2.14.0Compare Source
Full Changelog
Added
Fixed
v2.13.1Compare Source
Full Changelog
Fixed
v2.13.0Compare Source
Full Changelog
Added
Fixed
v2.12.0Compare Source
Full Changelog
Added
v2.11.3Compare Source
Full Changelog
Fixed
v2.11.2Compare Source
Full Changelog
Added
v2.11.1Compare Source
Full Changelog
Fixed
v2.11.0Compare Source
Full Changelog
Added
v2.10.0Compare Source
Full Changelog
Added
v2.9.1Compare Source
Full Changelog
Added
v2.9.0Compare Source
Full Changelog
Added
scopesparameter for connected accounts #1458 (guabu)Security
v2.8.0Compare Source
Full Changelog
Added
Fixed
v2.7.0Compare Source
Full Changelog
Added
Fixed
baseUrlis present #1435 (martinml)v2.6.0Compare Source
Full Changelog
Added
Fixed
v2.5.0Compare Source
Full Changelog
Added
v2.4.1Compare Source
Full Changelog
Fixed
v2.4.0Compare Source
Full Changelog
Added
v2.3.0Compare Source
Full Changelog
Fixed
v2.2.0Compare Source
Full Changelog
Added
v2.1.3Compare Source
Full Changelog
Changed
v2.1.2Compare Source
Full Changelog
Fixed
v2.1.1Compare Source
Full Changelog
Changed
v2.1.0Compare Source
Full Changelog
Added
Fixed
v2.0.8Compare Source
Full Changelog
Changed
v2.0.7Compare Source
Full Changelog
Changed
v2.0.6Compare Source
Full Changelog
Fixed
v2.0.5Compare Source
Full Changelog
Changed
v2.0.4Compare Source
Full Changelog
Fixed
v2.0.3Compare Source
Full Changelog
Fixed
v2.0.2Compare Source
Full Changelog
Security
This patch release is identical to
2.0.1but has been released to ensure tooling no longer detects a vulnerable version ofjsonwebtokenbeing used.Even though 2.0.1 was not vulnerable for the related CVE because of the fact that
jsonwebtokenis a devDependency, we are cutting a release to ensure build tools no longer report our SDK as vulnerable to the mentioned CVE.v2.0.1Compare Source
Full Changelog
Changed
Fixed
v2.0.0Compare Source
Full Changelog
Auth0-SPA-JS v2 includes many significant changes compared to v1:
checkSession#943 (frederikprijck)ignoreCachetocacheModeand introducecache-only#950 (ewanharris)getIdTokenClaimsOptionstype #960 (ewanharris)client_idtoclientId#956 (ewanharris)authorizationParamsto hold properties sent to Auth0 #959 (ewanharris)advancedOptions.defaultScopeand replace withscope#972 (ewanharris)buildAuthorizeUrl#980 (frederikprijck)buildLogoutUrlinternal #982 (ewanharris)As with any major version bump, v2 of Auth0-SPA-JS contains a set of breaking changes. Please review the migration guide thoroughly to understand the changes required to migrate your application to v2.
v1.22.6Compare Source
Security
This patch release is identical to
1.22.5but has been released to ensure tooling no longer detects a vulnerable version ofjsonwebtokenbeing used.Even though 1.22.5 was not vulnerable for the related CVE because of the fact that
jsonwebtokenis a devDependency, we are cutting a release to ensure build tools no longer report our SDK as vulnerable to the mentioned CVE.v1.22.5Compare Source
Full Changelog
Fixed
v1.22.4Compare Source
Full Changelog
Fixed
v1.22.3Compare Source
Full Changelog
Changed
Fixed
v1.22.2Compare Source
Full Changelog
Changed
v1.22.1Compare Source
Full Changelog
Changed
v1.22.0Compare Source
Full Changelog
Added
Security
v1.21.1Compare Source
Full Changelog
Fixed
cookieDomainconfig setting #900 (Dannnir)Security
v1.21.0Compare Source
Full Changelog
Added
Fixed
v1.20.1Compare Source
Full Changelog
Fixed
v1.20.0Compare Source
Full Changelog
Added
Changed
Fixed
Security
v1.19.4Compare Source
Full Changelog
Fixed
Security
v1.19.3Compare Source
Full Changelog
Changed
Fixed
v1.19.2Compare Source
Full Changelog
This release fixes an anomoly with a new type we exposed in #803, where it was incorrectly wrapped with
Partial. We don't expect this change to introduce any issues, but if you are affected please raise it on our issue tracker.Fixed
v1.19.1Compare Source
Full Changelog
Republished version
1.19.0, which got published during a period npm was suffering downtime issues, resulting in1.19.0being released but not installable for end users. Users should install1.19.1instead.v1.19.0Compare Source
Full Changelog
Added
v1.18.0Compare Source
Full Changelog
Added
Changed
Fixed
v1.17.1Compare Source
Full Changelog
Fixed
v1.17.0Compare Source
Full Changelog
Added
useFormDatato enableapplication/x-www-form-urlencodedrequests #768 (stevehobbsdev)Changed
domainthat includeshttporhttps. #768 (stevehobbsdev)v1.16.1Compare Source
Full Changelog
Fixed
v1.16.0Compare Source
Full Changelog
Added
v1.15.0Compare Source
Full Changelog
Added
Fixed
v1.14.0Compare Source
Full Changelog
Added
Changed
Fixed
v1.13.6Compare Source
Full Changelog
Changed
Fixed
Security
v1.13.5Compare Source
Full Changelog
Changed
Fixed
Remarks
This release updates the
getUserreturn type to be more correct. Instead of returningPromise<TUser>, it now returnsPromise<TUser | undefined>, which might lead to anObject is possible 'undefined'compiler error in situation where the return value is not checked for being undefined while having set the TypeScript's--strictNullCheckscompiler flag totrue.v1.13.4Compare Source
Full Changelog
Added
Changed
v1.13.3Compare Source
Full Changelog
Fixed
Configuration
📅 Schedule: (UTC)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.