Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →

@sigstore/core

Package Overview

Dependencies

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

@sigstore/core - npm Package Compare versions

Comparing version 1.1.0 to 2.0.0

dist/asn1/length.d.ts

		@@ -1,4 +0,3 @@
		/// <reference types="node" />
		import { ByteStream } from '../stream';
		export declare function decodeLength(stream: ByteStream): number;
		export declare function encodeLength(len: number): Buffer;

dist/asn1/length.js

		@@ -18,3 +18,4 @@ "use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.encodeLength = exports.decodeLength = void 0;
		exports.decodeLength = decodeLength;
		exports.encodeLength = encodeLength;
		const error_1 = require("./error");
		@@ -48,3 +49,2 @@ // Decodes the length of a DER-encoded ANS.1 element from the supplied stream.
		}
		exports.decodeLength = decodeLength;
		// Translates the supplied value to a DER-encoded length.
		@@ -65,2 +65,1 @@ function encodeLength(len) {
		}
		exports.encodeLength = encodeLength;

dist/asn1/obj.d.ts

		@@ -1,2 +0,1 @@
		/// <reference types="node" />
		import { ASN1Tag } from './tag';
		@@ -3,0 +2,0 @@ export declare class ASN1Obj {

dist/asn1/parse.d.ts

		@@ -1,2 +0,1 @@
		/// <reference types="node" />
		export declare function parseInteger(buf: Buffer): bigint;
		@@ -3,0 +2,0 @@ export declare function parseStringASCII(buf: Buffer): string;

dist/asn1/parse.js

		"use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.parseBitString = exports.parseBoolean = exports.parseOID = exports.parseTime = exports.parseStringASCII = exports.parseInteger = void 0;
		exports.parseInteger = parseInteger;
		exports.parseStringASCII = parseStringASCII;
		exports.parseTime = parseTime;
		exports.parseOID = parseOID;
		exports.parseBoolean = parseBoolean;
		exports.parseBitString = parseBitString;
		/*
		@@ -46,3 +51,2 @@ Copyright 2023 The Sigstore Authors.
		}
		exports.parseInteger = parseInteger;
		// Parse an ASCII string from the DER-encoded buffer
		@@ -53,3 +57,2 @@ // https://learn.microsoft.com/en-us/windows/win32/seccertenroll/about-basic-types#boolean
		}
		exports.parseStringASCII = parseStringASCII;
		// Parse a Date from the DER-encoded buffer
		@@ -75,3 +78,2 @@ // https://www.rfc-editor.org/rfc/rfc5280#section-4.1.2.5.1
		}
		exports.parseTime = parseTime;
		// Parse an OID from the DER-encoded buffer
		@@ -101,3 +103,2 @@ // https://learn.microsoft.com/en-us/windows/win32/seccertenroll/about-object-identifier
		}
		exports.parseOID = parseOID;
		// Parse a boolean from the DER-encoded buffer
		@@ -108,3 +109,2 @@ // https://learn.microsoft.com/en-us/windows/win32/seccertenroll/about-basic-types#boolean
		}
		exports.parseBoolean = parseBoolean;
		// Parse a bit string from the DER-encoded buffer
		@@ -130,2 +130,1 @@ // https://learn.microsoft.com/en-us/windows/win32/seccertenroll/about-bit-string
		}
		exports.parseBitString = parseBitString;

dist/crypto.d.ts

		@@ -1,3 +0,1 @@
		/// <reference types="node" />
		/// <reference types="node" />
		import crypto, { BinaryLike } from 'crypto';
		@@ -7,4 +5,3 @@ export type { KeyObject } from 'crypto';
		export declare function digest(algorithm: string, ...data: BinaryLike[]): Buffer;
		export declare function hash(...data: BinaryLike[]): Buffer;
		export declare function verify(data: Buffer, key: crypto.KeyLike, signature: Buffer, algorithm?: string): boolean;
		export declare function bufferEqual(a: Buffer, b: Buffer): boolean;

dist/crypto.js

		@@ -6,3 +6,6 @@ "use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.bufferEqual = exports.verify = exports.hash = exports.digest = exports.createPublicKey = void 0;
		exports.createPublicKey = createPublicKey;
		exports.digest = digest;
		exports.verify = verify;
		exports.bufferEqual = bufferEqual;
		/*
		@@ -24,3 +27,2 @@ Copyright 2023 The Sigstore Authors.
		const crypto_1 = __importDefault(require("crypto"));
		const SHA256_ALGORITHM = 'sha256';
		function createPublicKey(key, type = 'spki') {
		@@ -34,3 +36,2 @@ if (typeof key === 'string') {
		}
		exports.createPublicKey = createPublicKey;
		function digest(algorithm, ...data) {
		@@ -43,12 +44,2 @@ const hash = crypto_1.default.createHash(algorithm);
		}
		exports.digest = digest;
		// TODO: deprecate this in favor of digest()
		function hash(...data) {
		const hash = crypto_1.default.createHash(SHA256_ALGORITHM);
		for (const d of data) {
		hash.update(d);
		}
		return hash.digest();
		}
		exports.hash = hash;
		function verify(data, key, signature, algorithm) {
		@@ -65,3 +56,2 @@ // The try/catch is to work around an issue in Node 14.x where verify throws
		}
		exports.verify = verify;
		function bufferEqual(a, b) {
		@@ -76,2 +66,1 @@ try {
		}
		exports.bufferEqual = bufferEqual;

dist/dsse.d.ts

		@@ -1,2 +0,1 @@
		/// <reference types="node" />
		export declare function preAuthEncoding(payloadType: string, payload: Buffer): Buffer;

dist/dsse.js

		"use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.preAuthEncoding = void 0;
		exports.preAuthEncoding = preAuthEncoding;
		/*
		@@ -31,2 +31,1 @@ Copyright 2023 The Sigstore Authors.
		}
		exports.preAuthEncoding = preAuthEncoding;

dist/encoding.js

		"use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.base64Decode = exports.base64Encode = void 0;
		exports.base64Encode = base64Encode;
		exports.base64Decode = base64Decode;
		/*
		@@ -24,6 +25,4 @@ Copyright 2023 The Sigstore Authors.
		}
		exports.base64Encode = base64Encode;
		function base64Decode(str) {
		return Buffer.from(str, BASE64_ENCODING).toString(UTF8_ENCODING);
		}
		exports.base64Decode = base64Decode;

dist/json.js

		@@ -18,3 +18,3 @@ "use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.canonicalize = void 0;
		exports.canonicalize = canonicalize;
		// JSON canonicalization per https://github.com/cyberphone/json-canonicalization
		@@ -62,2 +62,1 @@ // eslint-disable-next-line @typescript-eslint/no-explicit-any
		}
		exports.canonicalize = canonicalize;

dist/pem.d.ts

		@@ -1,3 +0,2 @@
		/// <reference types="node" />
		export declare function toDER(certificate: string): Buffer;
		export declare function fromDER(certificate: Buffer, type?: string): string;

dist/pem.js

		"use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.fromDER = exports.toDER = void 0;
		exports.toDER = toDER;
		exports.fromDER = fromDER;
		/*
		@@ -31,3 +32,2 @@ Copyright 2023 The Sigstore Authors.
		}
		exports.toDER = toDER;
		// Translates a DER-encoded buffer into a PEM-encoded string. Standard PEM
		@@ -45,2 +45,1 @@ // encoding dictates that each certificate should have a trailing newline after
		}
		exports.fromDER = fromDER;

dist/rfc3161/timestamp.d.ts

		@@ -1,3 +0,1 @@
		/// <reference types="node" />
		/// <reference types="node" />
		import { ASN1Obj } from '../asn1';
		@@ -4,0 +2,0 @@ import * as crypto from '../crypto';

dist/rfc3161/tstinfo.d.ts

		@@ -1,2 +0,1 @@
		/// <reference types="node" />
		import { ASN1Obj } from '../asn1';
		@@ -3,0 +2,0 @@ export declare class TSTInfo {

dist/stream.d.ts

		@@ -1,2 +0,1 @@
		/// <reference types="node" />
		export declare class ByteStream {
		@@ -3,0 +2,0 @@ private static BLOCK_SIZE;

dist/x509/cert.d.ts

		@@ -1,2 +0,1 @@
		/// <reference types="node" />
		import { ASN1Obj } from '../asn1';
		@@ -3,0 +2,0 @@ import { X509AuthorityKeyIDExtension, X509BasicConstraintsExtension, X509Extension, X509KeyUsageExtension, X509SCTExtension, X509SubjectAlternativeNameExtension, X509SubjectKeyIDExtension } from './ext';

dist/x509/cert.js

		@@ -100,3 +100,3 @@ "use strict";
		const ext = this.extSubjectAltName;
		return ext?.uri \|\| ext?.rfc822Name;
		return ext?.uri \|\| /* istanbul ignore next */ ext?.rfc822Name;
		}
		@@ -106,4 +106,6 @@ get extensions() {
		// context specific tag
		/* istanbul ignore next */
		const extSeq = this.extensionsObj?.subs[0];
		return extSeq?.subs \|\| /* istanbul ignore next */ [];
		/* istanbul ignore next */
		return extSeq?.subs \|\| [];
		}
		@@ -140,4 +142,6 @@ get extKeyUsage() {
		if (this.extKeyUsage) {
		ca && this.extKeyUsage.keyCertSign;
		return ca && this.extKeyUsage.keyCertSign;
		}
		// TODO: test coverage for this case
		/* istanbul ignore next */
		return ca;
		@@ -144,0 +148,0 @@ }

dist/x509/ext.d.ts

		@@ -1,2 +0,1 @@
		/// <reference types="node" />
		import { ASN1Obj } from '../asn1';
		@@ -3,0 +2,0 @@ import { SignedCertificateTimestamp } from './sct';

dist/x509/sct.d.ts

		@@ -1,3 +0,1 @@
		/// <reference types="node" />
		/// <reference types="node" />
		import * as crypto from '../crypto';
		@@ -4,0 +2,0 @@ interface SCTOptions {

package.json

		{
		"name": "@sigstore/core",
		"version": "1.1.0",
		"version": "2.0.0",
		"description": "Base library for Sigstore",
		@@ -29,4 +29,4 @@ "main": "dist/index.js",
		"engines": {
		"node": "^16.14.0 \|\| >=18.0.0"
		"node": "^18.17.0 \|\| >=20.5.0"
		}
		}

README.md

		@@ -7,5 +7,5 @@ # @sigstore/core · [![npm version](https://img.shields.io/npm/v/@sigstore/core.svg?style=flat)](https://www.npmjs.com/package/@sigstore/core) [![CI Status](https://github.com/sigstore/sigstore-js/workflows/CI/badge.svg)](https://github.com/sigstore/sigstore-js/actions/workflows/ci.yml) [![Smoke Test Status](https://github.com/sigstore/sigstore-js/workflows/smoke-test/badge.svg)](https://github.com/sigstore/sigstore-js/actions/workflows/smoke-test.yml)

		- Node.js version >= 16.14.0
		- Node.js version >= 18.17.0


		[1]: https://www.sigstore.dev

@sigstore/core - npm Package Compare versions

New alerts

Fixed alerts

Worsened metrics