fix(deps): update dependency @forgerock/javascript-sdk to v4.9.0

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
@forgerock/javascript-sdk (source)	4.7.0 → 4.9.0

---

Release Notes

ForgeRock/forgerock-javascript-sdk (@​forgerock/javascript-sdk)

v4.9.0

Compare Source

Minor Changes

• #​571 03135cf Thanks @​cameronwhitworthforgerock! - Added support for Conditional UI elements with WebAuthN

• #​581 1253482 Thanks @​SteinGabriel! - fix(protect): update Protect callback with new Signals SDK config

Patch Changes

• #​577 1fb1e57 Thanks @​thomas-schofield-fr! - WebAuthn improvements

  • Fix parsing of WebAuthn scripts when asScript is true
  • Improve handling when conditional mediation is not supported
  • Enable re-invocation of WebAuthn requests
  • Enable modification of options passed to navigator.credentials.get()

v4.8.3

Compare Source

Patch Changes

• #​565 0795917 Thanks @​ryanbas21! - remove shared array buffer type from webauthn ParsedCredentials.

• f35d9b2 Thanks @​ryanbas21! - fixes a bad export syntax in package.json

• 90099e5 Thanks @​cerebrl! - This aligns ping-protect and protect initialize callbacks to the new Journey Nodes

• #​564 0ddd28f Thanks @​ancheetah! - Add support for KBA allowUserDefinedQuestions flag

v4.8.2: @​forgerock/javascript-sdk@4.8.2

Compare Source

@​forgerock/javascript-sdk@4.8.1 Latest

Patch Changes
#​544 58360de Thanks @​ryanbas21! - Fix condition for determining session endpoint request for terminating session in AIC/AM

[Fixing bad release of 4.8.1]

v4.8.1

Compare Source

Patch Changes

• #​544 58360de Thanks @​ryanbas21! - Fix condition for determining session endpoint request for terminating session in AIC/AM

v4.8.0

Compare Source

Minor Changes

• #​535 a5daf4c Thanks @​cerebrl! - Add new PingOne signoff, remove unneeded /session call, add flag for iframe

• #​537 fc00259 Thanks @​cerebrl! - Add feature to provide JSON outcome response to callback if requested

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 04ecabc

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[nx-cloud]

View your CI Pipeline Execution ↗ for commit 9e597b9

Command	Status	Duration	Result
nx affected -t build lint test typecheck e2e-ci	❌ Failed	2m 52s	View ↗

---

☁️ Nx Cloud last updated this comment at 2026-04-29 17:28:41 UTC

[nx-cloud]

Nx Cloud is proposing a fix for your failed CI:

We removed the page.waitForResponse() check for the /signoff 302 response to fix the timeout caused by the @forgerock/javascript-sdk v4.9.0 upgrade. In v4.8.0+, when logoutRedirectUri is provided, the SDK now triggers signoff via window.location.assign() (a full page navigation) rather than a fetch() call, which Playwright cannot reliably intercept through waitForResponse(). Our test still validates successful logout through the existing revokeCall await and the Username/Password Form visibility assertion.

Tip

✅ We verified this fix by re-running @forgerock/davinci-suites:e2e-ci--src/basic.test.ts.

diff --git a/e2e/davinci-suites/src/basic.test.ts b/e2e/davinci-suites/src/basic.test.ts
index 1da585de4..43002ae46 100644
--- a/e2e/davinci-suites/src/basic.test.ts
+++ b/e2e/davinci-suites/src/basic.test.ts
@@ -40,14 +40,8 @@ test('Test happy paths on test page', async ({ page }) => {
       return true;
     }
   });
-  const signoff = page.waitForResponse((response) => {
-    if (response.url().includes('/signoff') && response.status() === 302) {
-      return true;
-    }
-  });
   await logoutButton.click();
   await revokeCall;
-  await signoff;
   await expect(page.getByText('Username/Password Form')).toBeVisible();
 });
 test('ensure query params passed to start are sent off in authorize call', async ({ page }) => {

  

Or Apply changes locally with:

npx nx-cloud apply-locally 3pbc-MurB

Apply fix locally with your editor ↗   View interactive diff ↗

_{🎓 Learn more about Self-Healing CI on nx.dev}