Skip to content

chore(deps-dev): bump @inrupt/solid-client-authn-node from 3.1.1 to 4.0.0#1498

Merged
NSeydoux merged 1 commit intomainfrom
dependabot/npm_and_yarn/inrupt/solid-client-authn-node-4.0.0
Apr 14, 2026
Merged

chore(deps-dev): bump @inrupt/solid-client-authn-node from 3.1.1 to 4.0.0#1498
NSeydoux merged 1 commit intomainfrom
dependabot/npm_and_yarn/inrupt/solid-client-authn-node-4.0.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 2, 2026
edited
Loading

Bumps @inrupt/solid-client-authn-node from 3.1.1 to 4.0.0.

Release notes

Sourced from @​inrupt/solid-client-authn-node's releases.

v4.0.0

Breaking changes

oidc-browser

Note that these changes are unlikely to impact a client application.

  • Replaced @inrupt/oidc-client dependency with oidc-client-ts (^3.5.0), the actively maintained TypeScript successor.
  • Removed re-exports: Version, CordovaPopupNavigator, CordovaIFrameNavigator (no longer available upstream).
  • Changed SigninRequest and OidcClientSettings to type-only exports.

node

  • A new signature was introduced for getSessionFromStorage in release 2.3.0. The legacy signature is deprecated, and will be removed with the 4.0.0 major release. Using the more recent API to manage Sessions based on the associated tokens should be preferred, as it allows to not rely on in-memory scale, making it easier to scale horizontally. Prefer using session.events.on(EVENTS.NEW_TOKENS, ...) to get the tokens, and Session.fromTokens to build the Session object.
// Deprecated signature
const session = await getSessionFromStorage(
  sessionId,
  storage,
  onNewRefreshToken,
  refresh,
);
// Replacement signature
const session = await getSessionFromStorage(sessionId, {
  storage,
  onNewRefreshToken,
  refresh,
});
  • The event EVENTS.NEW_REFRESH_TOKEN is being replaced by EVENTS.NEW_TOKENS which returns all the tokens a client can store for refreshing a session.

Bugfix

core

  • Fix issue using the library with Bun by adding missing extractable flag to the DPoP keys so that they can be serialized on the appropriate events. Thanks to @​NoelDeMartin for fixing this issue.

node

  • Sessions built from Session.fromTokens now have a correct expiration time triggering refresh in the fetch. Thanks to @​NoelDeMartin for fixing this issue.

browser

... (truncated)

Changelog

Sourced from @​inrupt/solid-client-authn-node's changelog.

4.0.0 - 2026-03-30

Breaking changes

oidc-browser

Note that these changes are unlikely to impact a client application.

  • Replaced @inrupt/oidc-client dependency with oidc-client-ts (^3.5.0), the actively maintained TypeScript successor.
  • Removed re-exports: Version, CordovaPopupNavigator, CordovaIFrameNavigator (no longer available upstream).
  • Changed SigninRequest and OidcClientSettings to type-only exports.

node

  • A new signature was introduced for getSessionFromStorage in release 2.3.0. The legacy signature is deprecated, and will be removed with the 4.0.0 major release. Using the more recent API to manage Sessions based on the associated tokens should be preferred, as it allows to not rely on in-memory scale, making it easier to scale horizontally. Prefer using session.events.on(EVENTS.NEW_TOKENS, ...) to get the tokens, and Session.fromTokens to build the Session object.
// Deprecated signature
const session = await getSessionFromStorage(
  sessionId,
  storage,
  onNewRefreshToken,
  refresh,
);
// Replacement signature
const session = await getSessionFromStorage(sessionId, {
  storage,
  onNewRefreshToken,
  refresh,
});
  • The event EVENTS.NEW_REFRESH_TOKEN is being replaced by EVENTS.NEW_TOKENS which returns all the tokens a client can store for refreshing a session.

Bugfix

core

  • Fix issue using the library with Bun by adding missing extractable flag to the DPoP keys so that they can be serialized on the appropriate events. Thanks to @​NoelDeMartin for fixing this issue.

node

  • Sessions built from Session.fromTokens now have a correct expiration time triggering refresh in the fetch. Thanks to @​NoelDeMartin for fixing this issue.

... (truncated)

Commits

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Apr 2, 2026
@dependabot dependabot bot requested a review from a team as a code owner April 2, 2026 23:03
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Apr 2, 2026
@dependabot dependabot bot temporarily deployed to ESS Release-2-3 April 2, 2026 23:03 Inactive
@dependabot dependabot bot temporarily deployed to ESS Release-2-3 April 2, 2026 23:03 Inactive
@dependabot dependabot bot temporarily deployed to ESS Release-2-3 April 2, 2026 23:03 Inactive
@dependabot dependabot bot temporarily deployed to ESS Release-2-3 April 2, 2026 23:03 Inactive
@NSeydoux
Copy link
Copy Markdown
Contributor

NSeydoux commented Apr 14, 2026

@dependabot recreate

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/inrupt/solid-client-authn-node-4.0.0 branch from 84f5bd8 to f124ced Compare April 14, 2026 08:00
@dependabot dependabot bot temporarily deployed to ESS Release-2-3 April 14, 2026 08:00 Inactive
@dependabot dependabot bot temporarily deployed to ESS Release-2-3 April 14, 2026 08:00 Inactive
@dependabot dependabot bot temporarily deployed to ESS Release-2-3 April 14, 2026 08:00 Inactive
@dependabot dependabot bot temporarily deployed to ESS Release-2-3 April 14, 2026 08:00 Inactive
@NSeydoux NSeydoux enabled auto-merge (squash) April 14, 2026 08:21
@dependabot
chore(deps-dev): bump @inrupt/solid-client-authn-node
a3d4094 
Bumps [@inrupt/solid-client-authn-node](https://github.com/inrupt/solid-client-authn-js) from 3.1.1 to 4.0.0.
- [Release notes](https://github.com/inrupt/solid-client-authn-js/releases)
- [Changelog](https://github.com/inrupt/solid-client-authn-js/blob/main/CHANGELOG.md)
- [Commits](inrupt/solid-client-authn-js@v3.1.1...v4.0.0)

---
updated-dependencies:
- dependency-name: "@inrupt/solid-client-authn-node"
  dependency-version: 4.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/inrupt/solid-client-authn-node-4.0.0 branch from f124ced to a3d4094 Compare April 14, 2026 08:37
@dependabot dependabot bot temporarily deployed to ESS Release-2-3 April 14, 2026 08:37 Inactive
@dependabot dependabot bot temporarily deployed to ESS Release-2-3 April 14, 2026 08:37 Inactive
@dependabot dependabot bot temporarily deployed to ESS Release-2-3 April 14, 2026 08:37 Inactive
@dependabot dependabot bot temporarily deployed to ESS Release-2-3 April 14, 2026 08:37 Inactive
@NSeydoux NSeydoux merged commit 2178dd3 into main Apr 14, 2026
25 checks passed
@NSeydoux NSeydoux deleted the dependabot/npm_and_yarn/inrupt/solid-client-authn-node-4.0.0 branch April 14, 2026 08:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@NSeydoux NSeydoux NSeydoux approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@NSeydoux