Bump @auth0/auth0-spa-js from 1.22.6 to 2.0.4 in /example

[dependabot]

Bumps @auth0/auth0-spa-js from 1.22.6 to 2.0.4.

Release notes

Sourced from @​auth0/auth0-spa-js's releases.

v2.0.4

Fixed

• Correctly expose missing_refresh_token error from worker #1080 (frederikprijck)

v2.0.3

Fixed

• Ensure cookieDomain is used when using legacy Cookiestorage #1071 (frederikprijck)
• Ensure to only clear current client cache when logging out #1068 (frederikprijck)

v2.0.2

Security

• Bump jsonwebtoken to v9 #1062 (dependabot)

This patch release is identical to 2.0.1 but has been released to ensure tooling no longer detects a vulnerable version of jsonwebtoken being used.

Even though 2.0.1 was not vulnerable for the related CVE because of the fact that jsonwebtoken is a devDependency, we are cutting a release to ensure build tools no longer report our SDK as vulnerable to the mentioned CVE.

v2.0.1

Changed

• Add openUrl and deprecate onRedirect #1058 (frederikprijck)

Fixed

• Export MissingRefreshTokenError #1043 (frederikprijck)

v2.0.0

Auth0-SPA-JS v2 includes many significant changes compared to v1:

• Refactor module output and avoid default export #942 (frederikprijck)
• Do not throw from checkSession #943 (frederikprijck)
• Rework ignoreCache to cacheMode and introduce cache-only #950 (ewanharris)
• Do not fallback to refreshing tokens via iframe method by default #946 (ewanharris)
• Use form-encoded data by default #945 (frederikprijck)
• Remove getIdTokenClaimsOptions type #960 (ewanharris)
• Rename client_id to clientId #956 (ewanharris)
• Remove polyfills from bundles #951 (frederikprijck)
• Update output target to ES2017 #953 (frederikprijck)
• Introduce authorizationParams to hold properties sent to Auth0 #959 (ewanharris)
• Do not build Common JS module with externals #971 (frederikprijck)
• De-dupe Id token; getUser and getIdTokenClaims no longer take any arguments #967 (frederikprijck)
• Remove advancedOptions.defaultScope and replace with scope #972 (ewanharris)
• Cache and return id token from memory #975 (ewanharris)
• Remove buildAuthorizeUrl #980 (frederikprijck)
• Make buildLogoutUrl internal #982 (ewanharris)
• Fix spelling mistakes in id token validation messages #940 (frederikprijck)

As with any major version bump, v2 of Auth0-SPA-JS contains a set of breaking changes. Please review the migration guide thoroughly to understand the changes required to migrate your application to v2.

... (truncated)

Changelog

Sourced from @​auth0/auth0-spa-js's changelog.

v2.0.4 (2023-02-22)

Full Changelog

Fixed

• Correctly expose missing_refresh_token error from worker #1080 (frederikprijck)

v2.0.3 (2023-02-04)

Full Changelog

Fixed

• Ensure cookieDomain is used when using legacy Cookiestorage #1071 (frederikprijck)
• Ensure to only clear current client cache when logging out #1068 (frederikprijck)

v2.0.2 (2023-01-12)

Full Changelog

Security

• Bump jsonwebtoken to v9 #1062 (dependabot)

This patch release is identical to 2.0.1 but has been released to ensure tooling no longer detects a vulnerable version of jsonwebtoken being used.

Even though 2.0.1 was not vulnerable for the related CVE because of the fact that jsonwebtoken is a devDependency, we are cutting a release to ensure build tools no longer report our SDK as vulnerable to the mentioned CVE.

v2.0.1 (2022-12-08)

Full Changelog

Changed

• Add openUrl and deprecate onRedirect #1058 (frederikprijck)

Fixed

• Export MissingRefreshTokenError #1043 (frederikprijck)

v2.0.0 (2022-10-27)

Full Changelog

Auth0-SPA-JS v2 includes many significant changes compared to v1:

• Refactor module output and avoid default export #942 (frederikprijck)
• Do not throw from checkSession #943 (frederikprijck)
• Rework ignoreCache to cacheMode and introduce cache-only #950 (ewanharris)
• Do not fallback to refreshing tokens via iframe method by default #946 (ewanharris)
• Use form-encoded data by default #945 (frederikprijck)
• Remove getIdTokenClaimsOptions type #960 (ewanharris)
• Rename client_id to clientId #956 (ewanharris)
• Remove polyfills from bundles #951 (frederikprijck)
• Update output target to ES2017 #953 (frederikprijck)
• Introduce authorizationParams to hold properties sent to Auth0 #959 (ewanharris)

... (truncated)

Commits

• e68498d Release v2.0.4 (#1082)
• 25ed2a8 Correctly expose missing_refresh_token error from worker (#1080)
• f98b143 Remove empty header from FAQ (#1081)
• 4aa87cf Update FAQ to include missing_refresh_token (#1079)
• 2171ceb build(deps): bump @​sideway/formula from 3.0.0 to 3.0.1 (#1074)
• d72748d Release v2.0.3 (#1073)
• cf01c72 Ensure cookieDomain is used when using legacy Cookiestorage (#1071)
• 539c8e4 build(deps): bump http-cache-semantics from 4.1.0 to 4.1.1 (#1072)
• 8e6cd5d Ensure to only clear current client cache when logging out (#1068)
• See full diff in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)