fix(devdeps): update dependency @forgerock/javascript-sdk

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
@forgerock/javascript-sdk (source)	4.9.0 → 4.9.1
@forgerock/javascript-sdk (source)	4.7.0 → 4.9.0

---

Release Notes

ForgeRock/forgerock-javascript-sdk (@​forgerock/javascript-sdk)

v4.9.1

Compare Source

Patch Changes

• #​587 d14d301 Thanks @​ForgeRockEmma! - fix: move getAuthenticationCredential back inside try/catch so that WebAuthn cancellation errors (e.g. NotAllowedError) are written to the HiddenValueCallback before re-throwing

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 3e76e55

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[nx-cloud]

View your CI Pipeline Execution ↗ for commit 3e76e55

Command	Status	Duration	Result
nx affected -t build lint test typecheck e2e-ci	❌ Failed	3m 34s	View ↗

---

☁️ Nx Cloud last updated this comment at 2026-05-09 17:21:04 UTC

[nx-cloud]

Nx Cloud is proposing a fix for your failed CI:

We updated the E2E test to fix the signoff detection broken by the @forgerock/javascript-sdk upgrade from 4.7.0 to 4.9.0. In the new SDK version, FRUser.logout({ logoutRedirectUri }) calls window.location.assign() instead of a fetch, so Playwright's waitForResponse can no longer intercept the intermediate 302 — replacing it with page.waitForURL('http://localhost:5829/') correctly tracks the resulting browser navigation back to the app.

Tip

✅ We verified this fix by re-running @forgerock/davinci-suites:e2e-ci--src/basic.test.ts.

diff --git a/e2e/davinci-suites/src/basic.test.ts b/e2e/davinci-suites/src/basic.test.ts
index 1da585d..786c00d 100644
--- a/e2e/davinci-suites/src/basic.test.ts
+++ b/e2e/davinci-suites/src/basic.test.ts
@@ -40,11 +40,7 @@ test('Test happy paths on test page', async ({ page }) => {
       return true;
     }
   });
-  const signoff = page.waitForResponse((response) => {
-    if (response.url().includes('/signoff') && response.status() === 302) {
-      return true;
-    }
-  });
+  const signoff = page.waitForURL('http://localhost:5829/');
   await logoutButton.click();
   await revokeCall;
   await signoff;

  

Or Apply changes locally with:

npx nx-cloud apply-locally 4eJv-uNco

Apply fix locally with your editor ↗   View interactive diff ↗

_{🎓 Learn more about Self-Healing CI on nx.dev}