Outdated CHANGELOG, versions 8.4.0 and 8.4.1 are missing

[andreipfeiffer]

Just wanted to point out that versions 8.4.0 and 8.4.1 are not documented in CHANGELOG.

The changelog is very helpful to easily see the changes between different versions when updating libraries.

It would be super helpful to include the missing versions.
Thank you in advance!

[maxbauer]

8.5.1 is also missing

[dumijay]

My apologies in advance for being super paranoid, but I guess it's better to check than being sorry.

There are two sudden NPM releases without any active changes in the repo, no new tags, no relevant active branches, no change logs, etc. Do we know whether the NPM account is secure? Please confirm the latest releases Auth0.

[joshkopecek]

Out of paranoia, I downloaded the latest version from npm and built this repo, and compared them.

The built version from this repo and the packaged npm version are identical, as far as I can see.

Possibly there's been an automated release with no changelogs. The only thing I can think of is that since the types are configured with a broad semver match "@types/jsonwebtoken": "^9", an update to that has triggered a new build?