Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@simplewebauthn/browser

Package Overview
Dependencies
Maintainers
0
Versions
60
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@simplewebauthn/browser - npm Package Versions

1
6

6.2.2

Diff

Changelog

Source

v6.2.2

Packages:

  • @simplewebauthn/browser@6.2.2
  • @simplewebauthn/server@6.2.2

Changes:

  • [browser] browserSupportsWebAuthnAutofill() no longer supports the old Chrome Canary way of testing for conditional UI support (#298)
  • [server] Version sync
iamkale
published 6.3.0-alpha.1 •

iamkale
published 6.2.1 •

Changelog

Source

v6.2.1

Packages:

  • @simplewebauthn/browser@6.2.1
  • @simplewebauthn/server@6.2.1
  • @simplewebauthn/testing@6.2.1
  • @simplewebauthn/typescript-types@6.2.1

Changes:

  • [browser] Multiple calls to startRegistration() and startAuthentication() will now more reliably cancel the preceding call (#275)
  • [server] Version sync
  • [testing] Version sync
  • [typescript-types] Version sync
iamkale
published 6.0.0 •

Changelog

Source

v6.0.0 - The one with Ed25519 Support

This release also marks the return of the library's ability to pass FIDO Conformance! Adding Ed25519 signature verification (see below) finally allowed the library to pass all required tests, and nearly all optional tests.

Packages:

  • @simplewebauthn/browser@6.0.0
  • @simplewebauthn/server@6.0.0
  • @simplewebauthn/testing@6.0.0
  • @simplewebauthn/typescript-types@6.0.0

Changes:

  • [server] Signatures can now be verified with OKP public keys that use the Ed25519 curve and EDDSA algorithm (#256)
  • [testing] Version sync
  • [typescript-types] Version sync

Breaking Changes

  • [server] verifyAuthenticationResponse() now returns Promise<VerifiedAuthenticationResponse> instead of VerifiedAuthenticationResponse (#256)

Update your existing calls to verifyAuthenticationResponse() to handle the values resolved by the promises, whether with .then() or await depending on your code structure:

Before:

const verification = verifyAuthenticationResponse({
  // ...
});

After:

const verification = await verifyAuthenticationResponse({
  // ...
});
  • [browser] browserSupportsWebauthn() has been renamed to browserSupportsWebAuthn() (#257)

Update calls to browserSupportsWebauthn() to capitalize the "A" in "WebAuthn":

Before:

if (browserSupportsWebauthn()) {
  // ...
}

After:

if (browserSupportsWebAuthn()) {
  // ...
}
iamkale
published 5.4.1 •

Changelog

Source

v5.4.1

Packages:

  • @simplewebauthn/browser@5.4.1
  • @simplewebauthn/server@5.4.1

Changes:

  • [browser] "type": "module" has been added to package.json to appease modern front end tooling that expects this value to be present when using the ESM build (#237)
  • [server] TPM attestation statement verification now properly verifies statements with ECC public area type (#239)
iamkale
published 5.4.0 •

Changelog

Source

v5.4.0

Packages:

  • @simplewebauthn/browser@5.4.0
  • @simplewebauthn/server@5.4.0
  • @simplewebauthn/typescript-types@5.4.0

Changes:

  • [server] verifyRegistrationResponse() and verifyAuthenticationResponse() now return authenticator extension data upon successful verification as the new authenticatorExtensionResults property (#230)
  • [browser] Code quality improvements
  • [typescript-types] Code quality improvements
iamkale
published 5.3.0 •

Changelog

Source

v5.3.0

Packages:

  • @simplewebauthn/browser@5.3.0
  • @simplewebauthn/server@5.3.0
  • @simplewebauthn/typescript-types@5.3.0

Changes:

  • [browser] startAuthentication() now accepts a second useBrowserAutofill boolean argument that sets up support for credential selection via a browser's autofill prompt (a.k.a. Conditional UI). The new browserSupportsWebAuthnAutofill() helper method can be used independently to determine when this feature is supported by the browser (#214)
  • [browser] startRegistration() and startAuthentication() will return a new authenticatorAttachment value when present that captures whether a cross-platform or platform authenticator was just used (#221)
  • [typescript-types] A new PublicKeyCredentialFuture interface has been added to define new properties currently defined in the WebAuthn L3 spec draft. These new values support the above new functionality until official TypeScript types are updated accordingly (#214, #221)
  • [typescript-types] A new "hybrid" transport has been added to AuthenticatorTransportFuture while browsers migrate away from the existing "cable" transport for cross-device auth (#222)
iamkale
published 5.2.1 •

Changelog

Source

v5.2.1

Packages:

  • @simplewebauthn/browser@5.2.1
  • @simplewebauthn/server@5.2.1
  • @simplewebauthn/typescript-types@5.2.1

Changes:

  • [server] generateRegistrationOptions() and generateAuthenticationOptions() will stop reporting typing errors for definitions of excludeCredentials and allowCredentials that were otherwise fine before v5.2.0 (#203)
  • [typescript-types] The new AuthenticatorTransportFuture and PublicKeyCredentialDescriptorFuture have been added to track changes to WebAuthn that outpace TypeScript's DOM lib typings
  • [browser] Version sync
iamkale
published 5.2.0 •

Changelog

Source

v5.2.0

Packages:

  • @simplewebauthn/browser@5.2.0
  • @simplewebauthn/server@5.2.0
  • @simplewebauthn/typescript-types@5.2.0

Changes:

  • [browser, typescript-types] The new "cable" transport is now recognized as a potential value of the AuthenticatorTransport type (#198)
  • [server] verifyRegistrationResponse() and verifyAuthenticationResponse() now return credentialDeviceType and credentialBackedUp within authenticatorInfo as parsed values of two new flags being added to authenticator data. These response verification methods will also now throw an error when the invalid combination of these two flags (credentialDeviceType: "singleDevice", credentialBackedUp: true) is detected (#195)
iamkale
published 5.1.0 •

Changelog

Source

v5.1.0

Packages:

  • @simplewebauthn/browser@5.1.0
  • @simplewebauthn/server@5.1.0

Changes:

  • [browser] Custom errors raised when calling startRegistration() and startAuthentication() will now have the same name property as the original error (#191)
  • [server] Cleaned up code and added tests (#192, #193)
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc