@sanity/webhook - npm Package Versions

4.0.4 (2024-04-11)

Bug Fixes

• deps: update dependency @sanity/pkg-utils to v6 (#75) (fcbae6b)

4.0.3 (2024-03-18)

Bug Fixes

• deps: update dependency @sanity/pkg-utils to v5 (#68) (ee9da2a)

4.0.2 (2024-02-26)

Bug Fixes

• rethrow errors that are not signature errors (2cea92f)
• throw when Web Crypto isn't available (3dd652f)

4.0.1 (2024-01-25)

Bug Fixes

• update engines.node to v20 (8f40440), closes #44

4.0.0 (2023-11-27)

⚠ BREAKING CHANGES

• Replace the Node.js crypto API with the Web Crypto API, enabling usage in more environments. All assertion/checking functions are now async, eg return Promises instead of straight booleans.

• Only Node.js version 18 and higher is now supported.

• feat: add tsdoc for all exported members

• test: only test on lts node.js engines

Features

• use Web Crypto API (#41) (fb19bac)

3.0.1 (2023-08-19)

Bug Fixes

• improve TS export of definitions (77770e7)

3.0.0 (2023-08-18)

Features

• ship ESM (e495e26)

2.0.0

BREAKING

• BREAKING: The requireSignedRequest(), assertValidRequest() and isValidRequest() methods now require a body in string/buffer format, and will throw an error if it is already parsed. This is due to potential signature mismatches when re-encoding JSON. See the migration docs for more information.

1.1.0

Changed

• Generating signatures should now be done based on the raw body of the request (as text/buffer) instead of re-encoding the body to JSON and comparing it. This fixes a few issues where the JSON encoding in v8 would differ from the JSON encoding of the server, leading to signature mismatches. A warning is now emitted when comparing a parsed body - see the migration docs for more information.
• The requireSignedRequest() method now takes an additional option - parseBody. By default, it is set to true, and will parse the incoming JSON request and assign it to request.body. If set to false, the body is left untouched and has to be parsed by the user.