@simplewebauthn/server - npm Package Versions

v9.0.0 - The one in which 11 characters were saved

Packages

• @simplewebauthn/browser@9.0.0
• @simplewebauthn/server@9.0.0
• @simplewebauthn/types@9.0.0

Changes

• [types] The @simplewebauthn/typescript-types package has been renamed to @simplewebauthn/types (#508)

Breaking Changes

• Any reference to @simplwebauthn/typescript-types will need to be replaced with the new package name @simplewebauthn/types:

Before:

import { ... } from '@simplwebauthn/typescript-types';

After:

$> npm uninstall @simplewebauthn/typescript-types
$> npm install -D @simplewebauthn/types

import { ... } from '@simplwebauthn/types';

v8.3.7

Packages

• @simplewebauthn/browser@8.3.7
• @simplewebauthn/server@8.3.7

Changes

• [browser] The WebAuthnError class can now be imported from @simplewebauthn/browser for simpler error detection and handling when calling startRegistration() and startAuthentication() (#505, with thanks to @zoontek)
• [server] The COSEPublicKeyEC2, COSEPublicKeyOKP, and COSEPublicKeyRSA types can now be imported from @simplwebauthn/server/helpers to help type possible return values from decodeCredentialPublicKey() (#504, with thanks to @mmv08)
• [server] Custom challenge strings passed to generateRegistrationOptions() will now be treated as UTF-8 strings to align with the existing behavior of generateAuthenticationOptions() (#507)

v8.3.6

Packages

• @simplewebauthn/server@8.3.6

Changes

• [server] Updated dependencies to fix an issue with ASN.1 parsing when calling verifyAuthenticationResponse() (#499)

v8.3.5

Packages

• @simplewebauthn/server@8.3.5

Changes

• [server] Use of the Web Crypto API in edge runtimes has been improved (#472)

v8.3.4

Packages

• @simplewebauthn/browser@.3.4
• @simplewebauthn/server@.3.4
• @simplewebauthn/typescript-types@.3.4

Changes

• [server] The library will now try to use globalThis.crypto first before trying to import Node's node:crypto as a fallback (#468)
• [browser, types] Version sync

v8.3.3

Packages

• @simplewebauthn/browser@8.3.3
• @simplewebauthn/server@8.3.3
• @simplewebauthn/typescript-types@8.3.3

Changes

• [server, types] deno vendor will no longer error out because typescript-types/src/dom.ts is missing (#466)
• [server] Authenticator data will now be preserved after bad CBOR encoding is detected and temporarily fixed when handling security key responses from Firefox (#465)
• [browser] Version sync due to changes in typescript-types

v8.3.2

Packages

• @simplewebauthn/server@8.3.2

Changes

• [server] The cbor-x dependency is now used without pulling in the Node-specific stream API for better Web API environment compatibility (#455, with thanks to @Maronato)

v8.2.0

Packages

• @simplewebauthn/browser@8.2.0
• @simplewebauthn/server@8.2.0

Changes

• [browser] startRegistration() will no longer error out on registration responses generated by the 1Password browser extension (#443, with thanks to @unix)
• [browser] Helper methods base64URLStringToBuffer() and bufferToBase64URLString() are now exported from @simplewebauthn/browser (#444)
• [server] verifyRegistrationResponse() and verifyAuthenticationResponse() now accept a new expectedType argument that can be used to, for example, verify Secure Payment Confirmation responses (#436, with thanks to @fabiancook)
• [server] Responses containing malformed authenticator data returned from Firefox 117 will no longer raise an error (#441)

v8.1.1

Packages

• @simplewebauthn/server@8.1.1

Changes

• [server] Debug logger output from MetadataService has been disabled (#434)

v8.1.0

Packages

• @simplewebauthn/server@8.1.0

Changes

• [server] The expectedChallenge argument for verifyRegistrationResponse() and verifyAuthenticationResponse() methods now also accept asynchronous methods (#432, with thanks to @jordanbtucker)