[Snyk] Security upgrade @nestjs/jwt from 6.1.1 to 10.0.0

[qsays]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	671/1000 Why? Recently disclosed, Has a fix available, CVSS 7.7	Improper Input Validation SNYK-JS-JSONWEBTOKEN-3180020	Yes	No Known Exploit
	611/1000 Why? Recently disclosed, Has a fix available, CVSS 6.5	Improper Authentication SNYK-JS-JSONWEBTOKEN-3180022	Yes	No Known Exploit
	611/1000 Why? Recently disclosed, Has a fix available, CVSS 6.5	Improper Restriction of Security Token Assignment SNYK-JS-JSONWEBTOKEN-3180024	Yes	No Known Exploit
	526/1000 Why? Recently disclosed, Has a fix available, CVSS 4.8	Use of a Broken or Risky Cryptographic Algorithm SNYK-JS-JSONWEBTOKEN-3180026	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @nestjs/jwt

The new version differs by 250 commits.

• 0274acc Merge pull request #1144 from nestjs/renovate/typescript-eslint-monorepo
• c6bbf14 Merge pull request #1150 from nestjs/renovate/prettier-2.x
• 414aea3 chore(deps): update typescript-eslint monorepo to v5.47.1
• 44fd45a chore(deps): update dependency prettier to v2.8.1
• d8ed56a Merge pull request #1149 from nestjs/renovate/commitlint-monorepo
• 74a21f9 Merge pull request #1057 from nestjs/renovate/jsonwebtoken-8.x
• f367329 Merge pull request #1159 from nestjs/renovate/release-it-15.x
• b3f4fc7 chore(deps): update dependency release-it to v15.5.1
• 15ad133 chore(deps): update commitlint monorepo to v17.3.0
• d14521f fix(deps): update dependency @ types/jsonwebtoken to v8.5.9
• cc04cce Merge pull request #1158 from nestjs/renovate/node-18.x
• 3ebfaf0 chore(deps): update dependency @ types/node to v18.11.18
• a14a3be Merge pull request #1146 from nestjs/renovate/typescript-4.x
• df59940 chore(deps): update dependency typescript to v4.9.4
• e5661b9 Merge pull request #1157 from nestjs/dependabot/npm_and_yarn/minimatch-3.1.2
• 8d74976 Merge pull request #1151 from nestjs/renovate/lint-staged-13.x
• 76b0ee3 Merge pull request #1148 from nestjs/renovate/eslint-8.x
• f3dd100 chore(deps): bump minimatch from 3.0.4 to 3.1.2
• 7b3319a chore(deps): update dependency lint-staged to v13.1.0
• a97c753 Merge pull request #1145 from nestjs/renovate/jest-monorepo
• 73a7440 Merge pull request #1155 from nestjs/renovate/npm-jsonwebtoken-vulnerability
• 8a6a459 chore(deps): update dependency eslint to v8.30.0
• 20c2366 chore(deps): update dependency @ types/jest to v29.2.4
• 98a4464 chore(deps): update dependency jsonwebtoken to 9.0.0 [security]

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Use of a Broken or Risky Cryptographic Algorithm