Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@simplewebauthn/server

Package Overview
Dependencies
Maintainers
1
Versions
83
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@simplewebauthn/server - npm Package Versions

13
9

8.3.4

Diff

Changelog

Source

v8.3.4

Packages

  • @simplewebauthn/browser@.3.4
  • @simplewebauthn/server@.3.4
  • @simplewebauthn/typescript-types@.3.4

Changes

  • [server] The library will now try to use globalThis.crypto first before trying to import Node's node:crypto as a fallback (#468)
  • [browser, types] Version sync
iamkale
published 8.3.3 •

Changelog

Source

v8.3.3

Packages

  • @simplewebauthn/browser@8.3.3
  • @simplewebauthn/server@8.3.3
  • @simplewebauthn/typescript-types@8.3.3

Changes

  • [server, types] deno vendor will no longer error out because typescript-types/src/dom.ts is missing (#466)
  • [server] Authenticator data will now be preserved after bad CBOR encoding is detected and temporarily fixed when handling security key responses from Firefox (#465)
  • [browser] Version sync due to changes in typescript-types
iamkale
published 8.3.2 •

Changelog

Source

v8.3.2

Packages

  • @simplewebauthn/server@8.3.2

Changes

  • [server] The cbor-x dependency is now used without pulling in the Node-specific stream API for better Web API environment compatibility (#455, with thanks to @Maronato)
iamkale
published 8.2.0 •

Changelog

Source

v8.2.0

Packages

  • @simplewebauthn/browser@8.2.0
  • @simplewebauthn/server@8.2.0

Changes

  • [browser] startRegistration() will no longer error out on registration responses generated by the 1Password browser extension (#443, with thanks to @unix)
  • [browser] Helper methods base64URLStringToBuffer() and bufferToBase64URLString() are now exported from @simplewebauthn/browser (#444)
  • [server] verifyRegistrationResponse() and verifyAuthenticationResponse() now accept a new expectedType argument that can be used to, for example, verify Secure Payment Confirmation responses (#436, with thanks to @fabiancook)
  • [server] Responses containing malformed authenticator data returned from Firefox 117 will no longer raise an error (#441)
iamkale
published 8.1.1 •

Changelog

Source

v8.1.1

Packages

  • @simplewebauthn/server@8.1.1

Changes

  • [server] Debug logger output from MetadataService has been disabled (#434)
iamkale
published 8.1.0 •

Changelog

Source

v8.1.0

Packages

  • @simplewebauthn/server@8.1.0

Changes

  • [server] The expectedChallenge argument for verifyRegistrationResponse() and verifyAuthenticationResponse() methods now also accept asynchronous methods (#432, with thanks to @jordanbtucker)
iamkale
published 8.0.1 •

Changelog

Source

v8.0.1

Packages

  • @simplewebauthn/server@8.0.1

Changes

  • [server] Node projects with "type": "module" in their package.json will no longer error out when trying to use methods that leverage the Crypto APIs (#428)
iamkale
published 8.0.0 •

Changelog

Source

v8.0.0 - Around the (ESM) World

This major release marks the completion of a long journey that started with the release of v7.0.0: SimpleWebAuthn is now available for use in non-Node projects! 🎉

SimpleWebAuthn debuted in mid-2020 as a combination of libraries aiming to make WebAuthn simpler to use across browsers and "NodeJS + CommonJS" applications. Since then NodeJS has evolved to gain ESM support, and additional JavaScript and TypeScript runtimes have debuted that offer ESM-centric, TypeScript-first alternatives while also implementing Web APIs to offer a more consistent and capable execution environment for developers.

I've wanted to make this project available to developers using these Node alternatives to help them get past some of WebAuthn's rough spots. Today I'm happy to announce that this goal has been achieved! 😌

See the Changes below for more information, as well as additional information on breaking changes made in this release.

Packages

  • @simplewebauthn/browser@8.0.0
  • @simplewebauthn/server@8.0.0
  • @simplewebauthn/typescript-types@8.0.0

Changes

  • [server] [typescript-types] SimpleWebAuthn can now also be used in runtimes other than Node. Deno is now a first-class runtime for this project alongside Node (#425)
    • The following list of runtimes are officially supported:
      • (Existing) NodeJS using CommonJS
      • (Existing) NodeJS using ECMAScript Modules (ESM)
      • (New) Deno @ https://deno.land/x/simplewebauthn
    • The following list of runtimes are periodically tested but unofficially supported:
      • (New) CloudFlare Workers
      • (New) Bun
  • [browser] Version sync

Breaking Changes

  • [server] generateRegistrationOptions() and generateAuthenticationOptions() are now asynchronous methods. Refactor calls to these methods to handle the Promise that's now returned in whatever way is appropriate for your project.
  • [server] generateChallenge() (in @simplewebauthn/server/helpers) is now an asynchronous method. Refactor calls to this method to handle the Promise that's now returned in whatever way is appropriate for your project.
iamkale
published 8.0.0-alpha.0 •

iamkale
published 7.4.0 •

Changelog

Source

v7.4.0

Packages:

  • @simplewebauthn/browser@7.4.0
  • @simplewebauthn/iso-webcrypto@7.4.0
  • @simplewebauthn/server@7.4.0
  • @simplewebauthn/typescript-types@7.4.0

Changes:

  • [browser] [typescript-types] AuthenticatorAttestationResponseJSON now includes additional, optional publicKeyAlgorithm, publicKey, and authenticatorData convenience values that track JSON interface changes in WebAuthn L3 draft (#400)
  • [iso-crypto] Version sync
  • [server] verifyRegistrationResponse() and verifyAuthenticationResponse() now return the matched origin and RP ID in their to output to help RP's that use the same verification logic with multiple origins and RP ID's understand where a response was generated and for which RP (#415)
  • [typescript-types] "smart-card" is now a recognized value for AuthenticatorTransportFuture (#399)
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc