auth0-lock 11.32.0 → 11.32.1

package/CHANGELOG.md

@@ -1,5 +1,18 @@
 # Change Log
 
+## [v11.32.1](https://github.com/auth0/lock/tree/v11.32.1) (2022-01-27)
+[Full Changelog](https://github.com/auth0/lock/compare/v11.32.0...v11.32.1)
+
+**Changed**
+- Update auth0-js and support legacySameSiteCookie option [\#2089](https://github.com/auth0/lock/pull/2089) ([stevehobbsdev](https://github.com/stevehobbsdev))
+
+**Security**
+- Bump log4js from 6.3.0 to 6.4.0 [\#2087](https://github.com/auth0/lock/pull/2087) ([dependabot[bot]](https://github.com/apps/dependabot))
+- Security upgrade node-fetch to 2.6.7 [\#2085](https://github.com/auth0/lock/pull/2085) ([evansims](https://github.com/evansims))
+- [Snyk] Upgrade prop-types from 15.7.2 to 15.8.0 [\#2083](https://github.com/auth0/lock/pull/2083) ([snyk-bot](https://github.com/snyk-bot))
+- Bump engine.io from 4.1.1 to 4.1.2 [\#2082](https://github.com/auth0/lock/pull/2082) ([dependabot[bot]](https://github.com/apps/dependabot))
+- Bump follow-redirects from 1.14.4 to 1.14.7 [\#2081](https://github.com/auth0/lock/pull/2081) ([dependabot[bot]](https://github.com/apps/dependabot))
+
 ## [v11.32.0](https://github.com/auth0/lock/tree/v11.32.0) (2022-01-07)
 [Full Changelog](https://github.com/auth0/lock/compare/v11.31.1...v11.32.0)
 

package/README.md

@@ -25,7 +25,7 @@ From CDN
 
 ```html
 <!-- Latest patch release (recommended for production) -->
-<script src="https://cdn.auth0.com/js/lock/11.32.0/lock.min.js"></script>
+<script src="https://cdn.auth0.com/js/lock/11.32.1/lock.min.js"></script>
 ```
 
 From [npm](https://npmjs.org)
@@ -415,11 +415,11 @@ Specify your hooks using a new `hooks` configuration item when setting up the li
 ```js
 new Auth0Lock('client ID', 'domain', {
   hooks: {
-    loggingIn: function(context, cb) {
+    loggingIn: function (context, cb) {
       console.log('Hello from the login hook!');
       cb();
     },
-    signingUp: function(context, cb) {
+    signingUp: function (context, cb) {
       console.log('Hello from the sign-up hook!');
       cb();
     }
@@ -434,12 +434,12 @@ The developer can throw an error to block the login or sign-up process. The deve
 ```js
 new Auth0Lock('client ID', 'domain', {
   hooks: {
-    loggingIn: function(context, cb) {
+    loggingIn: function (context, cb) {
       // Throw an object with code: `hook_error` to display this on the Login screen
       throw { code: 'hook_error', description: 'There was an error in the login hook!' };
 
       // Throw something generic to show a fallback error message
-      throw "Some error happened";
+      throw 'Some error happened';
     }
   }
 });
@@ -453,6 +453,7 @@ new Auth0Lock('client ID', 'domain', {
 - **languageBaseUrl {String}**: Overrides the language source URL for Auth0's provided translations. By default it uses to Auth0's CDN URL `https://cdn.auth0.com`.
 - **hashCleanup {Boolean}**: When enabled, it will remove the hash part of the callback URL after the user authentication. Defaults to `true`.
 - **connectionResolver {Function}**: When in use, provides an extensibility point to make it possible to choose which connection to use based on the username information. Has `username`, `context`, and `callback` as parameters. The callback expects an object like: `{type: 'database', name: 'connection name'}`. **This only works for database connections.** Keep in mind that this resolver will run in the form's `onSubmit` event, so keep it simple and fast. **This is a beta feature. If you find a bug, please open a GitHub [issue](https://github.com/auth0/lock/issues/new).**
+- **legacySameSiteCookie**: If `false`, no compatibility cookies will be created for those browsers that do not understand the `SameSite` attribute. Defaults to `true`
 
 ```js
 var options = {

package/lib/core/web_api/helper.js

@@ -176,5 +176,5 @@ function trimAuthParams() {
 }
 
 function getVersion() {
-  return '11.32.0';
+  return '11.32.1';
 }

package/lib/core/web_api/p2_api.js

@@ -60,7 +60,8 @@ var Auth0APIClient = function () {
       _telemetryInfo: telemetry,
       state: state,
       nonce: nonce,
-      scope: scope
+      scope: scope,
+      legacySameSiteCookie: opts.legacySameSiteCookie
     });
 
     this.authOpt = {

package/lib/i18n.js

@@ -125,7 +125,7 @@ function assertLanguage(m, language, base) {
 function syncLang(m, language, _cb) {
   (0, _cdn_utils.load)({
     method: 'registerLanguageDictionary',
-    url: l.languageBaseUrl(m) + '/js/lock/' + '11.32.0' + '/' + language + '.js',
+    url: l.languageBaseUrl(m) + '/js/lock/' + '11.32.1' + '/' + language + '.js',
     check: function check(str) {
       return str && str === language;
     },

package/lib/lock.js

@@ -42,7 +42,7 @@ var Auth0Lock = function (_Core) {
 
 
 exports.default = Auth0Lock;
-Auth0Lock.version = '11.32.0';
+Auth0Lock.version = '11.32.1';
 
 // TODO: should we have different telemetry for classic/passwordless?
 // TODO: should we set telemetry info before each request?

package/lib/passwordless.js

@@ -41,4 +41,4 @@ var Auth0LockPasswordless = function (_Core) {
 exports.default = Auth0LockPasswordless;
 
 
-Auth0LockPasswordless.version = '11.32.0';
+Auth0LockPasswordless.version = '11.32.1';

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "auth0-lock",
-  "version": "11.32.0",
+  "version": "11.32.1",
   "description": "Auth0 Lock",
   "author": "Auth0 <support@auth0.com> (http://auth0.com)",
   "license": "MIT",
@@ -105,16 +105,16 @@
     "webpack-dev-server": "^2.3.0"
   },
   "dependencies": {
-    "auth0-js": "^9.18.0",
+    "auth0-js": "^9.19.0",
     "auth0-password-policies": "^1.0.2",
     "blueimp-md5": "^2.19.0",
     "classnames": "^2.3.1",
     "dompurify": "^2.3.4",
     "immutable": "^3.7.3",
     "jsonp": "^0.2.1",
-    "node-fetch": "^2.6.6",
+    "node-fetch": "^2.6.7",
     "password-sheriff": "^1.1.1",
-    "prop-types": "^15.6.0",
+    "prop-types": "^15.8.0",
     "qs": "^6.10.2",
     "react": "^15.6.2",
     "react-dom": "^15.6.2",