Skip to content

chore(deps-dev): bump @inrupt/solid-client-authn-browser from 3.1.1 to 4.0.0 in /e2e/browser/test-app#1530

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/e2e/browser/test-app/inrupt/solid-client-authn-browser-4.0.0
Open

chore(deps-dev): bump @inrupt/solid-client-authn-browser from 3.1.1 to 4.0.0 in /e2e/browser/test-app#1530
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/e2e/browser/test-app/inrupt/solid-client-authn-browser-4.0.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 1, 2026
edited
Loading

Bumps @inrupt/solid-client-authn-browser from 3.1.1 to 4.0.0.

Release notes

Sourced from @​inrupt/solid-client-authn-browser's releases.

v4.0.0

Breaking changes

oidc-browser

Note that these changes are unlikely to impact a client application.

  • Replaced @inrupt/oidc-client dependency with oidc-client-ts (^3.5.0), the actively maintained TypeScript successor.
  • Removed re-exports: Version, CordovaPopupNavigator, CordovaIFrameNavigator (no longer available upstream).
  • Changed SigninRequest and OidcClientSettings to type-only exports.

node

  • A new signature was introduced for getSessionFromStorage in release 2.3.0. The legacy signature is deprecated, and will be removed with the 4.0.0 major release. Using the more recent API to manage Sessions based on the associated tokens should be preferred, as it allows to not rely on in-memory scale, making it easier to scale horizontally. Prefer using session.events.on(EVENTS.NEW_TOKENS, ...) to get the tokens, and Session.fromTokens to build the Session object.
// Deprecated signature
const session = await getSessionFromStorage(
  sessionId,
  storage,
  onNewRefreshToken,
  refresh,
);
// Replacement signature
const session = await getSessionFromStorage(sessionId, {
  storage,
  onNewRefreshToken,
  refresh,
});
  • The event EVENTS.NEW_REFRESH_TOKEN is being replaced by EVENTS.NEW_TOKENS which returns all the tokens a client can store for refreshing a session.

Bugfix

core

  • Fix issue using the library with Bun by adding missing extractable flag to the DPoP keys so that they can be serialized on the appropriate events. Thanks to @​NoelDeMartin for fixing this issue.

node

  • Sessions built from Session.fromTokens now have a correct expiration time triggering refresh in the fetch. Thanks to @​NoelDeMartin for fixing this issue.

browser

... (truncated)

Changelog

Sourced from @​inrupt/solid-client-authn-browser's changelog.

4.0.0 - 2026-03-30

Breaking changes

oidc-browser

Note that these changes are unlikely to impact a client application.

  • Replaced @inrupt/oidc-client dependency with oidc-client-ts (^3.5.0), the actively maintained TypeScript successor.
  • Removed re-exports: Version, CordovaPopupNavigator, CordovaIFrameNavigator (no longer available upstream).
  • Changed SigninRequest and OidcClientSettings to type-only exports.

node

  • A new signature was introduced for getSessionFromStorage in release 2.3.0. The legacy signature is deprecated, and will be removed with the 4.0.0 major release. Using the more recent API to manage Sessions based on the associated tokens should be preferred, as it allows to not rely on in-memory scale, making it easier to scale horizontally. Prefer using session.events.on(EVENTS.NEW_TOKENS, ...) to get the tokens, and Session.fromTokens to build the Session object.
// Deprecated signature
const session = await getSessionFromStorage(
  sessionId,
  storage,
  onNewRefreshToken,
  refresh,
);
// Replacement signature
const session = await getSessionFromStorage(sessionId, {
  storage,
  onNewRefreshToken,
  refresh,
});
  • The event EVENTS.NEW_REFRESH_TOKEN is being replaced by EVENTS.NEW_TOKENS which returns all the tokens a client can store for refreshing a session.

Bugfix

core

  • Fix issue using the library with Bun by adding missing extractable flag to the DPoP keys so that they can be serialized on the appropriate events. Thanks to @​NoelDeMartin for fixing this issue.

node

  • Sessions built from Session.fromTokens now have a correct expiration time triggering refresh in the fetch. Thanks to @​NoelDeMartin for fixing this issue.

... (truncated)

Commits

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Apr 1, 2026
@dependabot dependabot bot requested a review from a team as a code owner April 1, 2026 04:35
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Apr 1, 2026
@dependabot dependabot bot temporarily deployed to ESS Release-2-3 April 1, 2026 04:35 Inactive
@dependabot dependabot bot temporarily deployed to ESS PodSpaces April 1, 2026 04:35 Inactive
@dependabot dependabot bot temporarily deployed to ESS PodSpaces April 1, 2026 04:35 Inactive
@dependabot dependabot bot temporarily deployed to ESS Release-2-3 April 1, 2026 04:35 Inactive
@dependabot dependabot bot temporarily deployed to ESS Release-2-3 April 1, 2026 04:35 Inactive
@dependabot dependabot bot temporarily deployed to ESS PodSpaces April 1, 2026 04:35 Inactive
@dependabot dependabot bot temporarily deployed to ESS PodSpaces April 1, 2026 04:35 Inactive
@dependabot dependabot bot temporarily deployed to ESS Release-2-3 April 1, 2026 04:35 Inactive
@acoburn acoburn enabled auto-merge (squash) April 1, 2026 20:19
@acoburn
Copy link
Copy Markdown
Contributor

acoburn commented Apr 6, 2026

@dependabot rebase

@dependabot
chore(deps-dev): bump @inrupt/solid-client-authn-browser
82a5c28 
Bumps [@inrupt/solid-client-authn-browser](https://github.com/inrupt/solid-client-authn-js) from 3.1.1 to 4.0.0.
- [Release notes](https://github.com/inrupt/solid-client-authn-js/releases)
- [Changelog](https://github.com/inrupt/solid-client-authn-js/blob/main/CHANGELOG.md)
- [Commits](inrupt/solid-client-authn-js@v3.1.1...v4.0.0)

---
updated-dependencies:
- dependency-name: "@inrupt/solid-client-authn-browser"
  dependency-version: 4.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/e2e/browser/test-app/inrupt/solid-client-authn-browser-4.0.0 branch from 50b71f2 to 82a5c28 Compare April 6, 2026 18:16
@dependabot dependabot bot temporarily deployed to ESS PodSpaces April 6, 2026 18:16 Inactive
@dependabot dependabot bot temporarily deployed to ESS Release-2-3 April 6, 2026 18:16 Inactive
@dependabot dependabot bot temporarily deployed to ESS PodSpaces April 6, 2026 18:16 Inactive
@dependabot dependabot bot temporarily deployed to ESS PodSpaces April 6, 2026 18:16 Inactive
@dependabot dependabot bot temporarily deployed to ESS Release-2-3 April 6, 2026 18:16 Inactive
@dependabot dependabot bot temporarily deployed to ESS Release-2-3 April 6, 2026 18:16 Inactive
@dependabot dependabot bot temporarily deployed to ESS Release-2-3 April 6, 2026 18:16 Inactive
@dependabot dependabot bot temporarily deployed to ESS PodSpaces April 6, 2026 18:16 Inactive
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@acoburn acoburn acoburn approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@acoburn