From a2239752432c9e5f1aac8c00300270d5bd1f0c5f Mon Sep 17 00:00:00 2001
From: Rory McKinley <rorymckinley@gmail.com>
Date: Thu, 5 Sep 2024 12:02:47 +0200
Subject: [PATCH] Update vulnerable version of jose

---
 .changeset/neat-games-move.md        |  6 ++++++
 packages/lightning-mock/package.json |  2 +-
 packages/ws-worker/package.json      |  2 +-
 pnpm-lock.yaml                       | 12 ++++++------
 4 files changed, 14 insertions(+), 8 deletions(-)
 create mode 100644 .changeset/neat-games-move.md

diff --git a/.changeset/neat-games-move.md b/.changeset/neat-games-move.md
new file mode 100644
index 000000000..2dae7a7ae
--- /dev/null
+++ b/.changeset/neat-games-move.md
@@ -0,0 +1,6 @@
+---
+'@openfn/lightning-mock': patch
+'@openfn/ws-worker': patch
+---
+
+Update vulnerable version of jose
diff --git a/packages/lightning-mock/package.json b/packages/lightning-mock/package.json
index ec5564fac..158b1a404 100644
--- a/packages/lightning-mock/package.json
+++ b/packages/lightning-mock/package.json
@@ -24,7 +24,7 @@
     "@types/koa-logger": "^3.1.2",
     "@types/ws": "^8.5.6",
     "fast-safe-stringify": "^2.1.1",
-    "jose": "^4.14.6",
+    "jose": "^4.15.9",
     "koa": "^2.13.4",
     "koa-bodyparser": "^4.4.0",
     "koa-logger": "^3.2.1",
diff --git a/packages/ws-worker/package.json b/packages/ws-worker/package.json
index 8893a398d..e4834d64d 100644
--- a/packages/ws-worker/package.json
+++ b/packages/ws-worker/package.json
@@ -30,7 +30,7 @@
     "fast-safe-stringify": "^2.1.1",
     "figures": "^5.0.0",
     "human-id": "^4.1.0",
-    "jose": "^4.14.6",
+    "jose": "^4.15.9",
     "koa": "^2.13.4",
     "koa-bodyparser": "^4.4.0",
     "koa-logger": "^3.2.1",
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index b6f2b5bc3..2582a5a2b 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -503,8 +503,8 @@ importers:
         specifier: ^2.1.1
         version: 2.1.1
       jose:
-        specifier: ^4.14.6
-        version: 4.14.6
+        specifier: ^4.15.9
+        version: 4.15.9
       koa:
         specifier: ^2.13.4
         version: 2.13.4
@@ -689,8 +689,8 @@ importers:
         specifier: ^4.1.0
         version: 4.1.0
       jose:
-        specifier: ^4.14.6
-        version: 4.14.6
+        specifier: ^4.15.9
+        version: 4.15.9
       koa:
         specifier: ^2.13.4
         version: 2.13.4
@@ -5195,8 +5195,8 @@ packages:
       '@pkgjs/parseargs': 0.11.0
     dev: true
 
-  /jose@4.14.6:
-    resolution: {integrity: sha512-EqJPEUlZD0/CSUMubKtMaYUOtWe91tZXTWMJZoKSbLk+KtdhNdcvppH8lA9XwVu2V4Ailvsj0GBZJ2ZwDjfesQ==}
+  /jose@4.15.9:
+    resolution: {integrity: sha512-1vUQX+IdDMVPj4k8kOxgUqlcK518yluMuGZwqlr44FS1ppZB/5GWh4rZG89erpOBOJjU/OBsnCVFfapsRz6nEA==}
     dev: false
 
   /joycon@3.1.1: