@auth0/auth0-spa-js 1.22.4 → 2.0.0-beta.0

package/dist/typings/global.d.ts

@@ -1,8 +1,5 @@
 import { ICache } from './cache';
-/**
- * @ignore
- */
-export interface BaseLoginOptions {
+export interface AuthorizationParams {
     /**
      * - `'page'`: displays the UI with a full page view
      * - `'popup'`: displays the UI with a popup window
@@ -18,7 +15,7 @@ export interface BaseLoginOptions {
      */
     prompt?: 'none' | 'login' | 'consent' | 'select_account';
     /**
-     * Maximum allowable elasped time (in seconds) since authentication.
+     * Maximum allowable elapsed time (in seconds) since authentication.
      * If the last time the user authenticated is greater than this value,
      * the user must be reauthenticated.
      */
@@ -51,8 +48,11 @@ export interface BaseLoginOptions {
     acr_values?: string;
     /**
      * The default scope to be used on authentication requests.
-     * The defaultScope defined in the Auth0Client is included
-     * along with this scope
+     *
+     * This defaults to `profile email` if not set. If you are setting extra scopes and require
+     * `profile` and `email` to be included then you must include them in the provided scope.
+     *
+     * Note: The `openid` scope is **always applied** regardless of this setting.
      */
     scope?: string;
     /**
@@ -76,20 +76,26 @@ export interface BaseLoginOptions {
      * The Id of an invitation to accept. This is available from the user invitation URL that is given when participating in a user invitation flow.
      */
     invitation?: string;
+    /**
+     * The default URL where Auth0 will redirect your browser to with
+     * the authentication result. It must be whitelisted in
+     * the "Allowed Callback URLs" field in your Auth0 Application's
+     * settings. If not provided here, it should be provided in the other
+     * methods that provide authentication.
+     */
+    redirect_uri?: string;
     /**
      * If you need to send custom parameters to the Authorization Server,
      * make sure to use the original parameter name.
      */
     [key: string]: any;
 }
-interface AdvancedOptions {
+interface BaseLoginOptions {
     /**
-     * The default scope to be included with all requests.
-     * If not provided, 'openid profile email' is used. This can be set to `null` in order to effectively remove the default scopes.
-     *
-     * Note: The `openid` scope is **always applied** regardless of this setting.
+     * URL parameters that will be sent back to the Authorization Server. This can be known parameters
+     * defined by Auth0 or custom parameters that you define.
      */
-    defaultScope?: string;
+    authorizationParams?: AuthorizationParams;
 }
 export interface Auth0ClientOptions extends BaseLoginOptions {
     /**
@@ -105,15 +111,7 @@ export interface Auth0ClientOptions extends BaseLoginOptions {
     /**
      * The Client ID found on your Application settings page
      */
-    client_id: string;
-    /**
-     * The default URL where Auth0 will redirect your browser to with
-     * the authentication result. It must be whitelisted in
-     * the "Allowed Callback URLs" field in your Auth0 Application's
-     * settings. If not provided here, it should be provided in the other
-     * methods that provide authentication.
-     */
-    redirect_uri?: string;
+    clientId: string;
     /**
      * The value in seconds used to account for clock skew in JWT expirations.
      * Typically, this value is no more than a minute or two at maximum.
@@ -139,23 +137,24 @@ export interface Auth0ClientOptions extends BaseLoginOptions {
      */
     useRefreshTokens?: boolean;
     /**
-     * If true, fallback to the technique of using a hidden iframe and the `authorization_code` grant with `prompt=none` when unable to use refresh tokens.
-     * The default setting is `true`.
+     * If true, fallback to the technique of using a hidden iframe and the `authorization_code` grant with `prompt=none` when unable to use refresh tokens. If false, the iframe fallback is not used and
+     * errors relating to a failed `refresh_token` grant should be handled appropriately. The default setting is `false`.
      *
      * **Note**: There might be situations where doing silent auth with a Web Message response from an iframe is not possible,
      * like when you're serving your application from the file system or a custom protocol (like in a Desktop or Native app).
-     * In situations like this you can disable the iframe fallback and handle the failed Refresh Grant and prompt the user to login interactively with `loginWithRedirect` or `loginWithPopup`."
+     * In situations like this you can disable the iframe fallback and handle the failed `refresh_token` grant and prompt the user to login interactively with `loginWithRedirect` or `loginWithPopup`."
      *
      * E.g. Using the `file:` protocol in an Electron application does not support that legacy technique.
      *
-     *  let token: string;
-     *  try {
-     *    token = await auth0.getTokenSilently();
-     *  } catch (e) {
-     *  if (e.error === 'missing_refresh_token' || e.error === 'invalid_grant') {
-     *      auth0.loginWithRedirect();
-     *    }
-     *  }
+     * @example
+     * let token: string;
+     * try {
+     *   token = await auth0.getTokenSilently();
+     * } catch (e) {
+     *   if (e.error === 'missing_refresh_token' || e.error === 'invalid_grant') {
+     *     auth0.loginWithRedirect();
+     *   }
+     * }
      */
     useRefreshTokensFallback?: boolean;
     /**
@@ -199,10 +198,6 @@ export interface Auth0ClientOptions extends BaseLoginOptions {
      * may end up spanning across multiple tabs (e.g. magic links) or you cannot otherwise rely on session storage being available.
      */
     useCookiesForTransactions?: boolean;
-    /**
-     * Changes to recommended defaults, like defaultScope
-     */
-    advancedOptions?: AdvancedOptions;
     /**
      * Number of days until the cookie `auth0.is.authenticated` will expire
      * Defaults to 1.
@@ -221,11 +216,10 @@ export interface Auth0ClientOptions extends BaseLoginOptions {
      */
     cookieDomain?: string;
     /**
-     * When true, data to the token endpoint is transmitted as x-www-form-urlencoded data instead of JSON. The default is false, but will default to true in a
-     * future major version.
+     * If true, data to the token endpoint is transmitted as x-www-form-urlencoded data, if false it will be transmitted as JSON. The default setting is `true`.
      *
-     * **Note:** Setting this to `true` may affect you if you use Auth0 Rules and are sending custom, non-primative data. If you enable this, please verify that your Auth0 Rules
-     * continue to work as intended.
+     * **Note:** Setting this to `false` may affect you if you use Auth0 Rules and are sending custom, non-primitive data. If you disable this,
+     * please verify that your Auth0 Rules continue to work as intended.
      */
     useFormData?: boolean;
     /**
@@ -242,7 +236,7 @@ export declare type CacheLocation = 'memory' | 'localstorage';
 /**
  * @ignore
  */
-export interface AuthorizeOptions extends BaseLoginOptions {
+export interface AuthorizeOptions extends AuthorizationParams {
     response_type: string;
     response_mode: string;
     redirect_uri: string;
@@ -253,13 +247,6 @@ export interface AuthorizeOptions extends BaseLoginOptions {
     code_challenge_method: string;
 }
 export interface RedirectLoginOptions<TAppState = any> extends BaseLoginOptions {
-    /**
-     * The URL where Auth0 will redirect your browser to with
-     * the authentication result. It must be whitelisted in
-     * the "Allowed Callback URLs" field in your Auth0 Application's
-     * settings.
-     */
-    redirect_uri?: string;
     /**
      * Used to store state before doing the redirect
      */
@@ -269,9 +256,16 @@ export interface RedirectLoginOptions<TAppState = any> extends BaseLoginOptions
      */
     fragment?: string;
     /**
-     * Used to select the window.location method used to redirect
-     */
-    redirectMethod?: 'replace' | 'assign';
+     * Used to control the redirect and not rely on the SDK to do the actual redirect.
+     *
+     * @example
+     * const client = new Auth0Client({
+     *   async onRedirect(url) {
+     *     window.location.replace(url);
+     *   }
+     * });
+     */
+    onRedirect?: (url: string) => Promise<void>;
 }
 export interface RedirectLoginResult<TAppState = any> {
     /**
@@ -294,50 +288,41 @@ export interface PopupConfigOptions {
      */
     popup?: any;
 }
-export interface GetUserOptions {
-    /**
-     * The scope that was used in the authentication request
-     */
-    scope?: string;
-    /**
-     * The audience that was used in the authentication request
-     */
-    audience?: string;
-}
-export interface GetIdTokenClaimsOptions {
-    /**
-     * The scope that was used in the authentication request
-     */
-    scope?: string;
-    /**
-     * The audience that was used in the authentication request
-     */
-    audience?: string;
-}
-export declare type getIdTokenClaimsOptions = GetIdTokenClaimsOptions;
 export interface GetTokenSilentlyOptions {
     /**
-     * When `true`, ignores the cache and always sends a
+     * When `off`, ignores the cache and always sends a
      * request to Auth0.
-     */
-    ignoreCache?: boolean;
-    /**
-     * There's no actual redirect when getting a token silently,
-     * but, according to the spec, a `redirect_uri` param is required.
-     * Auth0 uses this parameter to validate that the current `origin`
-     * matches the `redirect_uri` `origin` when sending the response.
-     * It must be whitelisted in the "Allowed Web Origins" in your
-     * Auth0 Application's settings.
-     */
-    redirect_uri?: string;
-    /**
-     * The scope that was used in the authentication request
-     */
-    scope?: string;
-    /**
-     * The audience that was used in the authentication request
-     */
-    audience?: string;
+     * When `cache-only`, only reads from the cache and never sends a request to Auth0.
+     * Defaults to `on`, where it both reads from the cache and sends a request to Auth0 as needed.
+     */
+    cacheMode?: 'on' | 'off' | 'cache-only';
+    /**
+     * Parameters that will be sent back to Auth0 as part of a request.
+     */
+    authorizationParams?: {
+        /**
+         * There's no actual redirect when getting a token silently,
+         * but, according to the spec, a `redirect_uri` param is required.
+         * Auth0 uses this parameter to validate that the current `origin`
+         * matches the `redirect_uri` `origin` when sending the response.
+         * It must be whitelisted in the "Allowed Web Origins" in your
+         * Auth0 Application's settings.
+         */
+        redirect_uri?: string;
+        /**
+         * The scope that was used in the authentication request
+         */
+        scope?: string;
+        /**
+         * The audience that was used in the authentication request
+         */
+        audience?: string;
+        /**
+         * If you need to send custom parameters to the Authorization Server,
+         * make sure to use the original parameter name.
+         */
+        [key: string]: any;
+    };
     /** A maximum number of seconds to wait before declaring the background /authorize call as failed for timeout
      * Defaults to 60s.
      */
@@ -349,90 +334,69 @@ export interface GetTokenSilentlyOptions {
      * The default is `false`.
      */
     detailedResponse?: boolean;
-    /**
-     * If you need to send custom parameters to the Authorization Server,
-     * make sure to use the original parameter name.
-     */
-    [key: string]: any;
 }
 export interface GetTokenWithPopupOptions extends PopupLoginOptions {
     /**
-     * When `true`, ignores the cache and always sends a
-     * request to Auth0.
+     * When `off`, ignores the cache and always sends a request to Auth0.
+     * When `cache-only`, only reads from the cache and never sends a request to Auth0.
+     * Defaults to `on`, where it both reads from the cache and sends a request to Auth0 as needed.
      */
-    ignoreCache?: boolean;
+    cacheMode?: 'on' | 'off' | 'cache-only';
 }
 export interface LogoutUrlOptions {
     /**
-     * The URL where Auth0 will redirect your browser to after the logout.
-     *
-     * **Note**: If the `client_id` parameter is included, the
-     * `returnTo` URL that is provided must be listed in the
-     * Application's "Allowed Logout URLs" in the Auth0 dashboard.
-     * However, if the `client_id` parameter is not included, the
-     * `returnTo` URL must be listed in the "Allowed Logout URLs" at
-     * the account level in the Auth0 dashboard.
-     *
-     * [Read more about how redirecting after logout works](https://auth0.com/docs/logout/guides/redirect-users-after-logout)
-     */
-    returnTo?: string;
-    /**
-     * The `client_id` of your application.
+     * The `clientId` of your application.
      *
-     * If this property is not set, then the `client_id` that was used during initialization of the SDK is sent to the logout endpoint.
+     * If this property is not set, then the `clientId` that was used during initialization of the SDK is sent to the logout endpoint.
      *
      * If this property is set to `null`, then no client ID value is sent to the logout endpoint.
      *
      * [Read more about how redirecting after logout works](https://auth0.com/docs/logout/guides/redirect-users-after-logout)
      */
-    client_id?: string;
-    /**
-     * When supported by the upstream identity provider,
-     * forces the user to logout of their identity provider
-     * and from Auth0.
-     * [Read more about how federated logout works at Auth0](https://auth0.com/docs/logout/guides/logout-idps)
-     */
-    federated?: boolean;
+    clientId?: string;
+    /**
+     * Parameters to pass to the logout endpoint. This can be known parameters defined by Auth0 or custom parameters
+     * you wish to provide.
+     */
+    logoutParams?: {
+        /**
+         * When supported by the upstream identity provider,
+         * forces the user to logout of their identity provider
+         * and from Auth0.
+         * [Read more about how federated logout works at Auth0](https://auth0.com/docs/logout/guides/logout-idps)
+         */
+        federated?: boolean;
+        /**
+         * The URL where Auth0 will redirect your browser to after the logout.
+         *
+         * **Note**: If the `client_id` parameter is included, the
+         * `returnTo` URL that is provided must be listed in the
+         * Application's "Allowed Logout URLs" in the Auth0 dashboard.
+         * However, if the `client_id` parameter is not included, the
+         * `returnTo` URL must be listed in the "Allowed Logout URLs" at
+         * the account level in the Auth0 dashboard.
+         *
+         * [Read more about how redirecting after logout works](https://auth0.com/docs/logout/guides/redirect-users-after-logout)
+         */
+        returnTo?: string;
+        /**
+         * If you need to send custom parameters to the logout endpoint, make sure to use the original parameter name.
+         */
+        [key: string]: any;
+    };
 }
-export interface LogoutOptions {
-    /**
-     * The URL where Auth0 will redirect your browser to after the logout.
-     *
-     * **Note**: If the `client_id` parameter is included, the
-     * `returnTo` URL that is provided must be listed in the
-     * Application's "Allowed Logout URLs" in the Auth0 dashboard.
-     * However, if the `client_id` parameter is not included, the
-     * `returnTo` URL must be listed in the "Allowed Logout URLs" at
-     * the account level in the Auth0 dashboard.
-     *
-     * [Read more about how redirecting after logout works](https://auth0.com/docs/logout/guides/redirect-users-after-logout)
-     */
-    returnTo?: string;
+export interface LogoutOptions extends LogoutUrlOptions {
     /**
-     * The `client_id` of your application.
-     *
-     * If this property is not set, then the `client_id` that was used during initialization of the SDK is sent to the logout endpoint.
+     * Used to control the redirect and not rely on the SDK to do the actual redirect.
      *
-     * If this property is set to `null`, then no client ID value is sent to the logout endpoint.
-     *
-     * [Read more about how redirecting after logout works](https://auth0.com/docs/logout/guides/redirect-users-after-logout)
-     */
-    client_id?: string;
-    /**
-     * When supported by the upstream identity provider,
-     * forces the user to logout of their identity provider
-     * and from Auth0.
-     * This option cannot be specified along with the `localOnly` option.
-     * [Read more about how federated logout works at Auth0](https://auth0.com/docs/logout/guides/logout-idps)
-     */
-    federated?: boolean;
-    /**
-     * When `true`, this skips the request to the logout endpoint on the authorization server,
-     * effectively performing a "local" logout of the application. No redirect should take place,
-     * you should update local logged in state.
-     * This option cannot be specified along with the `federated` option.
-     */
-    localOnly?: boolean;
+     * @example
+     * await auth0.logout({
+     *   async onRedirect(url) {
+     *     window.location.replace(url);
+     *   }
+     * });
+     */
+    onRedirect?: (url: string) => Promise<void>;
 }
 /**
  * @ignore
@@ -455,9 +419,6 @@ export interface TokenEndpointOptions {
     useFormData?: boolean;
     [key: string]: any;
 }
-/**
- * @ignore
- */
 export declare type TokenEndpointResponse = {
     id_token: string;
     access_token: string;
@@ -494,9 +455,6 @@ export interface JWTVerifyOptions {
     organizationId?: string;
     now?: number;
 }
-/**
- * @ignore
- */
 export interface IdToken {
     __raw: string;
     name?: string;

package/dist/typings/index.d.ts

@@ -1,14 +1,4 @@
-import 'core-js/es/string/starts-with';
-import 'core-js/es/symbol';
-import 'core-js/es/array/from';
-import 'core-js/es/typed-array/slice';
-import 'core-js/es/array/includes';
-import 'core-js/es/string/includes';
-import 'core-js/es/set';
-import 'promise-polyfill/src/polyfill';
-import 'fast-text-encoding';
-import 'abortcontroller-polyfill/dist/abortcontroller-polyfill-only';
-import Auth0Client from './Auth0Client';
+import { Auth0Client } from './Auth0Client';
 import { Auth0ClientOptions } from './global';
 import './global';
 export * from './global';
@@ -21,7 +11,7 @@ export * from './global';
  * @param options The client options
  * @returns An instance of Auth0Client
  */
-export default function createAuth0Client(options: Auth0ClientOptions): Promise<Auth0Client>;
+export declare function createAuth0Client(options: Auth0ClientOptions): Promise<Auth0Client>;
 export { Auth0Client };
 export { GenericError, AuthenticationError, TimeoutError, PopupTimeoutError, PopupCancelledError, MfaRequiredError } from './errors';
-export { ICache, LocalStorageCache, InMemoryCache, Cacheable } from './cache';
+export { ICache, LocalStorageCache, InMemoryCache, Cacheable, DecodedToken, CacheEntry, WrappedCacheEntry, KeyManifestEntry, MaybePromise, CacheKey, CacheKeyData } from './cache';

package/dist/typings/transaction-manager.d.ts

@@ -9,7 +9,7 @@ interface Transaction {
     organizationId?: string;
     state?: string;
 }
-export default class TransactionManager {
+export declare class TransactionManager {
     private storage;
     private clientId;
     private transaction;

package/dist/typings/utils.d.ts

@@ -4,19 +4,20 @@ export declare const runIframe: (authorizeUrl: string, eventOrigin: string, time
 export declare const openPopup: (url: string) => Window;
 export declare const runPopup: (config: PopupConfigOptions) => Promise<AuthenticationResult>;
 export declare const getCrypto: () => Crypto;
-export declare const getCryptoSubtle: () => any;
 export declare const createRandomString: () => string;
 export declare const encode: (value: string) => string;
 export declare const decode: (value: string) => string;
-export declare const createQueryParams: (params: any) => string;
+export declare const createQueryParams: ({ clientId: client_id, ...params }: any) => string;
 export declare const sha256: (s: string) => Promise<any>;
 export declare const urlDecodeB64: (input: string) => string;
 export declare const bufferToBase64UrlEncoded: (input: number[] | Uint8Array) => string;
 export declare const validateCrypto: () => void;
 /**
- * Returns an empty string when value is falsy, or when it's value is included in the exclude argument.
- * @param value The value to check
- * @param exclude An array of values that should result in an empty string.
- * @returns The value, or an empty string when falsy or included in the exclude argument.
+ * @ignore
  */
-export declare function valueOrEmptyString(value: string, exclude?: string[]): string;
+export declare const getDomain: (domainUrl: string) => string;
+/**
+ * @ignore
+ */
+export declare const getTokenIssuer: (issuer: string, domainUrl: string) => string;
+export declare const parseNumber: (value: any) => number;

package/dist/typings/version.d.ts

@@ -1,2 +1,2 @@
-declare const _default: "1.22.4";
+declare const _default: "2.0.0-beta.0";
 export default _default;

package/package.json

@@ -3,60 +3,68 @@
   "name": "@auth0/auth0-spa-js",
   "description": "Auth0 SDK for Single Page Applications using Authorization Code Grant Flow with PKCE",
   "license": "MIT",
-  "version": "1.22.4",
+  "version": "2.0.0-beta.0",
   "main": "dist/lib/auth0-spa-js.cjs.js",
   "types": "dist/typings/index.d.ts",
   "module": "dist/auth0-spa-js.production.esm.js",
   "scripts": {
     "dev": "rimraf dist && rollup -c --watch",
     "start": "npm run dev",
-    "docs": "typedoc --options ./typedoc.js --module commonjs",
+    "docs": "typedoc --options ./typedoc.js src",
     "build": "rimraf dist && rollup -m -c --environment NODE_ENV:production && npm run test:es-check",
-    "build:stats": "npm run build -- --environment WITH_STATS:true && open stats.html",
+    "build:stats": "rimraf dist && rollup -m -c --environment NODE_ENV:production --environment WITH_STATS:true && npm run test:es-check && open bundle-stats/index.html",
     "lint:security": "eslint ./src --ext ts --no-eslintrc --config ./.eslintrc.security",
     "test": "jest --coverage --silent",
     "test:watch": "jest --coverage --watch",
     "test:debug": "node --inspect node_modules/.bin/jest --runInBand",
     "test:open:integration": "cypress open",
     "test:watch:integration": "concurrently --raw npm:dev 'npm:test:open:integration'",
-    "test:es-check": "npm run test:es-check:es5 && npm run test:es-check:es2015:module",
-    "test:es-check:es5": "es-check es5 'dist/auth0-spa-js.production.js'",
-    "test:es-check:es2015:module": "es-check es2015 'dist/auth0-spa-js.production.esm.js' --module ",
+    "test:es-check": "npm run test:es-check:es2017 && npm run test:es-check:es2017:module",
+    "test:es-check:es2017": "es-check es2017 'dist/auth0-spa-js.production.js'",
+    "test:es-check:es2017:module": "es-check es2017 'dist/auth0-spa-js.production.esm.js' --module ",
     "test:integration:server": "npm run dev",
     "test:integration:tests": "wait-on http://localhost:3000/ && cypress run",
     "test:integration": "concurrently --raw --kill-others --success first npm:test:integration:server npm:test:integration:tests",
     "serve:coverage": "serve coverage/lcov-report -n",
     "serve:stats": "serve bundle-stats -n",
-    "print-bundle-size": "node ./scripts/print-bundle-size",
+    "print-bundle-size": "node ./scripts/print-bundle-size.mjs",
     "prepack": "npm run build && node ./scripts/prepack",
     "publish:cdn": "ccu --trace"
   },
   "devDependencies": {
     "@auth0/component-cdn-uploader": "github:auth0/component-cdn-uploader#v2.2.2",
-    "@rollup/plugin-replace": "^2.4.2",
+    "@babel/core": "^7.18.13",
+    "@babel/preset-env": "^7.18.10",
+    "@rollup/plugin-replace": "^4.0.0",
     "@types/cypress": "^1.1.3",
-    "@types/jest": "^27.0.2",
-    "@typescript-eslint/eslint-plugin-tslint": "^4.33.0",
-    "@typescript-eslint/parser": "^4.33.0",
+    "@types/jest": "^28.1.7",
+    "@typescript-eslint/eslint-plugin-tslint": "^5.33.1",
+    "@typescript-eslint/parser": "^5.33.1",
+    "babel-jest": "^28.1.3",
     "browserstack-cypress-cli": "1.8.1",
+    "browser-tabs-lock": "^1.2.15",
     "cli-table": "^0.3.6",
-    "concurrently": "^6.4.0",
+    "concurrently": "^7.3.0",
     "cypress": "7.2.0",
-    "es-check": "^6.1.1",
-    "eslint": "^7.32.0",
-    "gzip-size": "^6.0.0",
+    "es-check": "^7.0.0",
+    "es-cookie": "~1.3.2",
+    "eslint": "^8.22.0",
+    "gzip-size": "^7.0.0",
     "husky": "^7.0.4",
     "idtoken-verifier": "^2.2.2",
-    "jest": "^27.3.1",
-    "jest-junit": "^13.0.0",
-    "jest-localstorage-mock": "^2.4.18",
+    "jest": "^28.1.3",
+    "jest-environment-jsdom": "^28.1.3",
+    "jest-fetch-mock": "^3.0.3",
+    "jest-junit": "^14.0.0",
+    "jest-localstorage-mock": "^2.4.22",
     "jsonwebtoken": "^8.5.1",
-    "oidc-provider": "^7.10.1",
-    "prettier": "^2.4.1",
+    "node-fetch": "^3.2.10",
+    "oidc-provider": "^7.11.5",
+    "prettier": "^2.7.1",
     "pretty-quick": "^3.1.2",
     "qss": "^2.0.3",
     "rimraf": "^3.0.2",
-    "rollup": "^2.60.0",
+    "rollup": "^2.78.0",
     "rollup-plugin-analyzer": "^4.0.0",
     "rollup-plugin-commonjs": "^10.1.0",
     "rollup-plugin-dev": "^1.1.3",
@@ -64,27 +72,18 @@
     "rollup-plugin-node-resolve": "^5.2.0",
     "rollup-plugin-sourcemaps": "^0.6.3",
     "rollup-plugin-terser": "^7.0.2",
-    "rollup-plugin-typescript2": "^0.30.0",
-    "rollup-plugin-visualizer": "^5.5.2",
+    "rollup-plugin-typescript2": "^0.32.1",
+    "rollup-plugin-visualizer": "^5.7.1",
     "rollup-plugin-web-worker-loader": "^1.6.1",
-    "serve": "^12.0.1",
-    "ts-jest": "^27.0.7",
+    "serve": "^14.0.1",
+    "ts-jest": "^28.0.8",
     "tslib": "^2.4.0",
     "tslint": "^6.1.3",
     "tslint-config-security": "^1.16.0",
-    "typedoc": "0.18.0",
-    "typescript": "^4.4.4",
+    "typedoc": "^0.23.10",
+    "typescript": "^4.7.4",
     "wait-on": "^6.0.0"
   },
-  "dependencies": {
-    "abortcontroller-polyfill": "^1.7.3",
-    "browser-tabs-lock": "^1.2.15",
-    "core-js": "^3.24.0",
-    "es-cookie": "~1.3.2",
-    "fast-text-encoding": "^1.0.4",
-    "promise-polyfill": "^8.2.3",
-    "unfetch": "^4.2.0"
-  },
   "files": [
     "src",
     "dist"