build(deps): bump @supabase/auth-js and @supabase/supabase-js in /web-app

[dependabot]

Bumps @supabase/auth-js and @supabase/supabase-js. These dependencies needed to be updated together.
Updates @supabase/auth-js from 2.64.2 to 2.69.1

Release notes

Sourced from @​supabase/auth-js's releases.

v2.69.1

2.69.1 (2025-03-24)

Bug Fixes

• generatePKCEChallenge should use btoa (#1044) (c06fafb)

v2.69.1-rc.1

This is a release candidate. See release-please PR #1045 for context.

v2.69.0

2.69.0 (2025-03-22)

Features

• introduce getClaims method to verify asymmetric JWTs (#1030) (daa2669)

Bug Fixes

• assert type in decodeJWTPayload (#1018) (3d80039)
• set jwks_cached_at (#1039) (9bdc023)

v2.69.0-rc.3

This is a release candidate. See release-please PR #1031 for context.

v2.69.0-rc.2

This is a release candidate. See release-please PR #1031 for context.

v2.68.1-rc.1

This is a release candidate. See release-please PR #1031 for context.

v2.68.0

2.68.0 (2025-01-21)

Features

• consider session expired with margin on getSession() without auto refresh (#1027) (80f88e4)

Bug Fixes

• remove internal-types.ts (#1014) (28ead89)
• update docs to add scrypt (#1012) (1225239)

v2.68.0-rc.6

This is a release candidate. See release-please PR #1013 for context.

... (truncated)

Changelog

Sourced from @​supabase/auth-js's changelog.

2.69.1 (2025-03-24)

Bug Fixes

• generatePKCEChallenge should use btoa (#1044) (c06fafb)

2.69.0 (2025-03-22)

Features

• introduce getClaims method to verify asymmetric JWTs (#1030) (daa2669)

Bug Fixes

• assert type in decodeJWTPayload (#1018) (3d80039)
• set jwks_cached_at (#1039) (9bdc023)

2.68.0 (2025-01-21)

Features

• consider session expired with margin on getSession() without auto refresh (#1027) (80f88e4)

Bug Fixes

• remove internal-types.ts (#1014) (28ead89)
• update docs to add scrypt (#1012) (1225239)

2.67.3 (2024-12-17)

Bug Fixes

• return redirect errors early (#1003) (9751b80)

2.67.2 (2024-12-16)

Bug Fixes

• isBrowser() to include check on window (#982) (645f224)

2.67.1 (2024-12-13)

... (truncated)

Commits

• b64fae2 chore(master): release 2.69.1 (#1045)
• c06fafb fix: generatePKCEChallenge should use btoa (#1044)
• 21ec146 chore(master): release 2.69.0 (#1031)
• 9bdc023 fix: set jwks_cached_at (#1039)
• daa2669 feat: introduce getClaims method to verify asymmetric JWTs (#1030)
• 3d80039 fix: assert type in decodeJWTPayload (#1018)
• 510654b chore(master): release 2.68.0 (#1013)
• 80f88e4 feat: consider session expired with margin on getSession() without auto refre...
• 9748dd9 ci: add dogfooding check so that RC version is up on supabase/supabase first ...
• 28ead89 fix: remove internal-types.ts (#1014)
• Additional commits viewable in compare view

Updates @supabase/supabase-js from 2.43.5 to 2.49.8

Release notes

Sourced from @​supabase/supabase-js's releases.

v2.49.8

2.49.8 (2025-05-21)

Bug Fixes

• preserve path segments in supabaseUrl when constructing endpoints. (#1425) (288aff4)

v2.49.7

2.49.7 (2025-05-20)

Reverts

• Revert "fix: Bump up realtime-js (#1418)" (#1424) (f254773), closes #1418 #1424

v2.49.6

2.49.6 (2025-05-20)

Bug Fixes

• Bump up realtime-js (#1418) (02f2f0b), closes #1395 #1409 #1411 #1412 #1413 #1419

v2.49.6-next.1

2.49.6-next.1 (2025-05-20)

Bug Fixes

• bump up realtime-js (#1409) (8a0843e)
• bump up realtime-js (#1413) (b6f7cec)
• bump up realtime-js; await on token change (#1411) (642ff7f)
• Bump up realtime; add integration tests (#1395) (8c12584)
• prevent async calls in _listenForAuthEvents (#1412) (998bb68)
• use URL type for manipulating urls (#1417) (#1422) (915c5d0)

v2.49.5

2.49.5 (2025-05-19)

Bug Fixes

• use URL type for manipulating urls (#1417) (bc4bce1)

v2.49.5-next.5

2.49.5-next.5 (2025-05-13)

Bug Fixes

... (truncated)

Commits

• 288aff4 fix: preserve path segments in supabaseUrl when constructing endpoints. (#1425)
• f254773 Revert "fix: Bump up realtime-js (#1418)" (#1424)
• 02f2f0b fix: Bump up realtime-js (#1418)
• bc4bce1 fix: use URL type for manipulating urls (#1417)
• 70d7199 Merge pull request #1391 from supabase/kiwicopple-patch-1
• bb02a15 remove sponsors
• 692e8e8 fix(deps): upgrade postgrest-js to 1.19.4
• f08bfd9 fix: bump auth-js to 2.69.1 (#1383)
• 73ab30d fix: bump auth-js to v2.69.0 (#1380)
• a5219a8 chore: add open role to README.md (#1378)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.