chore(deps): bump the crypto group with 2 updates

[dependabot]

Bumps the crypto group with 2 updates: @simplewebauthn/server and otplib.

Updates @simplewebauthn/server from 13.3.0 to 13.3.1

Release notes

Sourced from @​simplewebauthn/server's releases.

v13.3.1

Changes:

• [server] Fixed an issue with verifyRegistrationResponse() failing to verify some Packed and SafetyNet statements (#767)

Changelog

Sourced from @​simplewebauthn/server's changelog.

v13.3.1

Changes:

• [server] Fixed an issue with verifyRegistrationResponse() failing to verify some Packed and SafetyNet statements (#767)

Commits

• 615538f Update version to 13.3.1
• 61601dd Ignore E2E test for now
• 6c43af7 Use attStmt.alg in Safety Net and Packed Full
• See full diff in compare view

Updates otplib from 13.4.0 to 13.4.1

Release notes

Sourced from otplib's releases.

v13.4.1

What's Changed

• fix: override flatted package security alert by @​yeojz in yeojz/otplib#820
• fix: override picomatch and yaml package security alerts by @​yeojz in yeojz/otplib#822
• refactor(testing): replace custom Deno adapter with @​std/expect by @​yeojz in yeojz/otplib#821
• fix: override brace-expansion package security alert by @​yeojz in yeojz/otplib#824
• chore: update github actions pinned images by @​yeojz in yeojz/otplib#823
• Add @​otplib/plugin-base32-alt to dependencies by @​yeojz in yeojz/otplib#825
• chore: harden supply chain with cooldown and version pinning by @​yeojz in yeojz/otplib#826
• refactor(testing): centralize test secrets into shared module by @​yeojz in yeojz/otplib#831
• chore(deps): bump the github-actions group with 5 updates by @​dependabot[bot] in yeojz/otplib#827
• refactor(testing): rename test secret constants for semantic clarity by @​yeojz in yeojz/otplib#832
• chore(deps-dev): bump the dev-dependencies-minor group with 4 updates by @​dependabot[bot] in yeojz/otplib#828
• refactor: replace size-limit with native bundle size check by @​yeojz in yeojz/otplib#835
• chore(deps-dev): bump vite from 7.3.1 to 8.0.0 by @​dependabot[bot] in yeojz/otplib#830
• refactor/docs/unusedImport by @​ValeriYanev98 in yeojz/otplib#837
• fix(security): address npm audit vulnerabilities by @​yeojz in yeojz/otplib#839
• fix(docker): bump pnpm to 10.30.1 to match packageManager by @​yeojz in yeojz/otplib#847
• docs: note short-secret guardrail override for legacy/test secrets by @​yeojz in yeojz/otplib#848
• docs(getting-started): clarify when each function runs by @​yeojz in yeojz/otplib#846
• chore(deps): bump vite from 5.4.21 to 8.0.10 by @​dependabot[bot] in yeojz/otplib#845
• chore(deps-dev): bump the dev-dependencies-patch group across 1 directory with 6 updates by @​dependabot[bot] in yeojz/otplib#849
• chore(deps-dev): bump the dev-dependencies-minor group across 1 directory with 6 updates by @​dependabot[bot] in yeojz/otplib#841
• docs(otplib): note 16-byte minimum and fix broken secret-handling link by @​yeojz in yeojz/otplib#851
• chore(deps-dev): bump @​codecov/bundle-analyzer from 1.9.1 to 2.0.1 by @​dependabot[bot] in yeojz/otplib#843
• fix(benchmarks): adapt to tinybench v6 TaskResult shape by @​yeojz in yeojz/otplib#852
• chore(deps): bump the github-actions group across 1 directory with 6 updates by @​dependabot[bot] in yeojz/otplib#844
• chore(deps): bump @​noble/hashes and @​scure/base to 2.2.0 by @​yeojz in yeojz/otplib#853
• chore(deps-dev): bump turbo from 2.9.9 to 2.9.14 by @​dependabot[bot] in yeojz/otplib#855
• ci: split security audit into blocking prod and informational full scans by @​yeojz in yeojz/otplib#857
• chore(deps-dev): bump vite from 8.0.10 to 8.0.11 by @​dependabot[bot] in yeojz/otplib#856
• release(packages): v13.4.1 by @​github-actions[bot] in yeojz/otplib#854

New Contributors

• @​ValeriYanev98 made their first contribution in yeojz/otplib#837

Full Changelog: yeojz/otplib@v13.4.0...v13.4.1

Commits

• 1d997b0 release(packages): v13.4.1 (#854)
• 0e9566f docs(otplib): note 16-byte minimum and fix broken secret-handling link (#851)
• e01b4f1 chore(deps-dev): bump the dev-dependencies-patch group across 1 directory wit...
• 212534b chore(deps-dev): bump the dev-dependencies-minor group with 4 updates (#828)
• b54adad refactor(testing): rename test secret constants for semantic clarity (#832)
• 4898252 refactor(testing): centralize test secrets and normalize naming (#831)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: dependencies, npm. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.