.circleci/config.yml

@@ -1,6 +1,8 @@
 version: 2.1
 orbs:
   ship: auth0/ship@0.3.0
+  codecov: codecov/codecov@3
+
 jobs:
   build:
     parameters:
@@ -13,19 +15,22 @@ jobs:
       LANG: en_US.UTF-8
     steps:
       - checkout
+
       - ship/node-install-packages
+
       - run:
           name: Run Linter
           command: npm run lint
+
       - run:
           name: Run Tests
           command: npm run test:ci
+
       - store_artifacts:
           path: ./coverage/<< parameters.node-version >>/lcov-report
-      - run:
-          name: Upload Coverage
-          when: on_success
-          command: bash <(curl -s https://codecov.io/bash) -Z -C $CIRCLE_SHA1
+
+      - codecov/upload
+
 workflows:
   build-and-test:
     jobs:

.github/workflows/semgrep.yml

@@ -0,0 +1,24 @@
+name: Semgrep
+
+on:
+  pull_request: {}
+
+  push:
+    branches: ["master", "main"]
+
+  schedule:
+    - cron: '30 0 1,15 * *'
+
+jobs:
+  semgrep:
+    name: Scan
+    runs-on: ubuntu-latest
+    container:
+      image: returntocorp/semgrep
+    if: (github.actor != 'dependabot[bot]')
+    steps:
+      - uses: actions/checkout@v3
+
+      - run: semgrep ci
+        env:
+          SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}

.semgrepignore

@@ -0,0 +1,3 @@
+CHANGELOG.md
+examples/
+tests/

CHANGELOG.md

@@ -1,5 +1,11 @@
 # Change Log
 
+## [v2.1.5](https://github.com/auth0/node-jwks-rsa/tree/v2.1.5) (2022-10-10)
+[Full Changelog](https://github.com/auth0/node-jwks-rsa/compare/v2.1.4...v2.1.5)
+
+**Fixed**
+- Fix GetVerificationKey typing to include undefined [\#329](https://github.com/auth0/node-jwks-rsa/pull/329) ([AaronMoat](https://github.com/AaronMoat))
+
 ## [v2.1.4](https://github.com/auth0/node-jwks-rsa/tree/v2.1.4) (2022-06-07)
 [Full Changelog](https://github.com/auth0/node-jwks-rsa/compare/v2.1.3...v2.1.4)
 

README.md

@@ -50,6 +50,8 @@ const signingKey = key.getPublicKey();
 - `requestHeaders`: (_optional_) an object of headers to pass to the request
 - `requestAgent`: (_optional_) a Node `http.Agent` to be passed to the http(s) request
 - `getKeysInterceptor`: (_optional_) a promise returning function hook [(details)](#loading-keys-from-local-file-environment-variable-or-other-externals)
+- `cacheMaxAge`: (_optional_) the duration for which to store a cached JWKS in ms (default 600,000 or 10 minutes)
+- `jwksRequestsPerMinute`: (_optional_) max number of requests allowed to the JWKS URI per minute (defaults to 10)
 
 ### Caching
 

examples/passport-demo/package.json

@@ -19,7 +19,7 @@
   "dependencies": {
     "debug": "^2.6.9",
     "express": "^4.17.0",
-    "passport": "^0.4.0",
+    "passport": "^0.6.0",
     "passport-jwt": "^4.0.0"
   }
 }

index.d.ts

@@ -71,7 +71,7 @@ declare namespace JwksRsa {
   type SecretCallback = (req: Express.Request, payload: any, done: (err: any, secret?: secretType) => void) => void;
 
   /** Types from express-jwt@>=7 */
-  type GetVerificationKey = (req: Express.Request, token: Jwt | undefined) => Secret | Promise<Secret>;
+  type GetVerificationKey = (req: Express.Request, token: Jwt | undefined) => Secret | undefined | Promise<Secret | undefined>;
 
   function expressJwtSecret(options: ExpressJwtOptions): SecretCallbackLong|GetVerificationKey;
 

package.json

@@ -1,6 +1,6 @@
 {
   "name": "jwks-rsa",
-  "version": "2.1.4",
+  "version": "2.1.5",
   "description": "Library to retrieve RSA public keys from a JWKS endpoint",
   "main": "src/index.js",
   "files": [
@@ -12,10 +12,10 @@
     "node": ">=10 < 13 || >=14"
   },
   "dependencies": {
-    "@types/express": "^4.17.13",
-    "@types/jsonwebtoken": "^8.5.8",
+    "@types/express": "^4.17.14",
+    "@types/jsonwebtoken": "^8.5.9",
     "debug": "^4.3.4",
-    "jose": "^2.0.5",
+    "jose": "^2.0.6",
     "limiter": "^1.1.5",
     "lru-memoizer": "^2.1.4"
   },
@@ -37,7 +37,7 @@
     "mocha": "^6.2.3",
     "nock": "^13.0.0",
     "nyc": "^15.1.0",
-    "passport": "^0.4.1",
+    "passport": "^0.6.0",
     "passport-jwt": "^4.0.0",
     "rimraf": "^2.7.1",
     "supertest": "^3.4.2",