From 88bce5204234e03955b426b9bf16da6639d432a5 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Thu, 16 Apr 2026 18:36:07 +0200
Subject: [PATCH] fix(deps): update dependency jose to v6 (#27862)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel Dietzler <mail@ddietzler.dev>
---
 e2e-auth-server/auth-server.ts |  4 +++-
 e2e-auth-server/package.json   |  2 +-
 pnpm-lock.yaml                 | 13 ++++---------
 server/package.json            |  2 +-
 4 files changed, 9 insertions(+), 12 deletions(-)

diff --git a/e2e-auth-server/auth-server.ts b/e2e-auth-server/auth-server.ts
index 9aef56510d..bcfeca1e1c 100644
--- a/e2e-auth-server/auth-server.ts
+++ b/e2e-auth-server/auth-server.ts
@@ -66,7 +66,9 @@ const getClaims = (sub: string, use?: string) => {
 };
 
 const setup = async () => {
-  const { privateKey, publicKey } = await generateKeyPair('RS256');
+  const { privateKey, publicKey } = await generateKeyPair('RS256', {
+    extractable: true,
+  });
 
   const redirectUris = [
     'http://127.0.0.1:2285/auth/login',
diff --git a/e2e-auth-server/package.json b/e2e-auth-server/package.json
index 73ede1b7c4..f8ea7243fd 100644
--- a/e2e-auth-server/package.json
+++ b/e2e-auth-server/package.json
@@ -7,7 +7,7 @@
     "start": "tsx startup.ts"
   },
   "devDependencies": {
-    "jose": "^5.6.3",
+    "jose": "^6.0.0",
     "@types/oidc-provider": "^9.0.0",
     "oidc-provider": "^9.0.0",
     "tsx": "^4.20.6"
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index f1a06eed0b..dcfd991ba1 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -295,8 +295,8 @@ importers:
         specifier: ^9.0.0
         version: 9.5.0
       jose:
-        specifier: ^5.6.3
-        version: 5.10.0
+        specifier: ^6.0.0
+        version: 6.2.2
       oidc-provider:
         specifier: ^9.0.0
         version: 9.7.1
@@ -473,8 +473,8 @@ importers:
         specifier: ^5.8.2
         version: 5.10.1
       jose:
-        specifier: ^5.10.0
-        version: 5.10.0
+        specifier: ^6.0.0
+        version: 6.2.2
       js-yaml:
         specifier: ^4.1.0
         version: 4.1.1
@@ -8407,9 +8407,6 @@ packages:
   joi@17.13.3:
     resolution: {integrity: sha512-otDA4ldcIx+ZXsKHWmp0YizCweVRZG96J10b0FevjfuncLO1oX59THoAmHkNubYJ+9gWsYsp5k8v4ib6oDv1fA==}
 
-  jose@5.10.0:
-    resolution: {integrity: sha512-s+3Al/p9g32Iq+oqXxkW//7jk2Vig6FF1CFqzVXoTUXt2qz89YWbL+OwS17NFYEvxC35n0FKeGO2LGYSxeM2Gg==}
-
   jose@6.2.2:
     resolution: {integrity: sha512-d7kPDd34KO/YnzaDOlikGpOurfF0ByC2sEV4cANCtdqLlTfBlw2p14O/5d/zv40gJPbIQxfES3nSx1/oYNyuZQ==}
 
@@ -21240,8 +21237,6 @@ snapshots:
       '@sideway/formula': 3.0.1
       '@sideway/pinpoint': 2.0.0
 
-  jose@5.10.0: {}
-
   jose@6.2.2: {}
 
   js-tokens@10.0.0: {}
diff --git a/server/package.json b/server/package.json
index 943d814a06..497e724127 100644
--- a/server/package.json
+++ b/server/package.json
@@ -83,7 +83,7 @@
     "helmet": "^8.1.0",
     "i18n-iso-countries": "^7.6.0",
     "ioredis": "^5.8.2",
-    "jose": "^5.10.0",
+    "jose": "^6.0.0",
     "js-yaml": "^4.1.0",
     "jsonwebtoken": "^9.0.2",
     "kysely": "0.28.15",