jose - npm Package Compare versions
Comparing version 1.17.1 to 1.17.2
@@ -5,2 +5,11 @@ # Change Log | ||
| ## [1.17.2](https://github.com/panva/jose/compare/v1.17.1...v1.17.2) (2019-12-17) | ||
| ### Bug Fixes | ||
| * skip validating iat is in the past when exp is present ([0ed5025](https://github.com/panva/jose/commit/0ed5025de30a754de95ae2587ce0f4573909b006)) | ||
| ## [1.17.1](https://github.com/panva/jose/compare/v1.17.0...v1.17.1) (2019-12-10) | ||
@@ -7,0 +16,0 @@ |
@@ -60,5 +60,2 @@ const { strict: assert } = require('assert') | ||
| x5c = [...x5c] | ||
| Object.freeze(x5c) | ||
| x5c.forEach((cert, i) => { | ||
@@ -103,3 +100,6 @@ let publicKey | ||
| use: { value: use, enumerable: use !== undefined }, | ||
| x5c: { value: x5c, enumerable: x5c !== undefined }, | ||
| x5c: { | ||
| enumerable: x5c !== undefined, | ||
| ...(x5c ? { get () { return [...x5c] } } : { value: undefined }) | ||
| }, | ||
| key_ops: { | ||
@@ -106,0 +106,0 @@ enumerable: ops !== undefined, |
@@ -0,6 +1,13 @@ | ||
| const { deprecate } = require('util') | ||
| const deprecation = deprecate(() => {}, '"P-256K" EC curve name is deprecated') | ||
| module.exports = { | ||
| name: 'secp256k1', | ||
| rename (value) { | ||
| if (value !== 'secp256k1') { | ||
| deprecation() | ||
| } | ||
| module.exports.name = value | ||
| } | ||
| } |
@@ -195,3 +195,3 @@ const isObject = require('../help/is_object') | ||
| if (!ignoreIat && 'iat' in decoded.payload && decoded.payload.iat > unix + tolerance) { | ||
| if (!ignoreIat && !('exp' in decoded.payload) && 'iat' in decoded.payload && decoded.payload.iat > unix + tolerance) { | ||
| throw new JWTClaimInvalid('token issued in the future') | ||
@@ -198,0 +198,0 @@ } |
| { | ||
| "name": "jose", | ||
| "version": "1.17.1", | ||
| "version": "1.17.2", | ||
| "description": "JSON Web Almost Everything - JWA, JWS, JWE, JWK, JWT, JWKS for Node.js with minimal dependencies", | ||
@@ -5,0 +5,0 @@ "keywords": [ |
@@ -19,3 +19,3 @@ # jose | ||
| - CFRG Elliptic Curve ECDH and Signatures - [RFC8037][spec-okp] | ||
| - secp256k1 curve EC Key support - [JOSE Registrations for WebAuthn Algorithms][draft-secp256k1] | ||
| - secp256k1 EC Key curve support - [JOSE Registrations for WebAuthn Algorithms][draft-secp256k1] | ||
@@ -101,4 +101,2 @@ The test suite utilizes examples defined in [RFC7520][spec-cookbook] to confirm its JOSE | ||
| or `jku` in its own code. This way you opt-in to these behaviours. | ||
| - ✕ JWS detached content | ||
| - one can remove/attach the payload after/before the respective operation | ||
| - ✕ "none" alg support | ||
@@ -139,4 +137,4 @@ - no crypto, no use | ||
| - [jose-chacha][plugin-chacha] adds aead_chacha20_poly1305 and aead_xchacha20_poly1305 based algorithms | ||
| - [jose-x25519-ecdh][plugin-x25519] adds OKP X25519 curve keys ECDH-ES support | ||
| - [jose-chacha][plugin-chacha] adds aead_chacha20_poly1305 and aead_xchacha20_poly1305 based algorithms (individual draft) | ||
| - [jose-x25519-ecdh][plugin-x25519] adds OKP X25519 curve keys ECDH-ES support (missing Node.js `crypto` support) | ||
@@ -181,3 +179,3 @@ ## Usage | ||
| const keystore = new jose.JWKS.KeyStore(key, key2) | ||
| const keystore = new jose.JWKS.KeyStore(key, anotherKey) | ||
| ``` | ||
@@ -307,28 +305,2 @@ | ||
| #### secp256k1 | ||
| Note: the secp256k1 JOSE parameters registration and the RFC is still in a draft state. If the WG | ||
| draft changes its mind about the parameter names again the new values will be propagated as a MINOR | ||
| library version. | ||
| When you require `jose` you can work with `secp256k1` EC keys right away, the EC JWK `crv` | ||
| used is as per the specification `secp256k1`. | ||
| ```js | ||
| const jose = require('jose') | ||
| let key = jose.JWK.generateSync('EC', 'secp256k1') | ||
| key = jose.JWK.asKey(fs.readFileSync('path/to/key/file')) | ||
| key.crv === 'secp256k1' | ||
| ``` | ||
| For legacy reasons the unregistered EC JWK `crv` value `P-256K` is also supported but you must | ||
| require `jose` like so to use it: | ||
| ```js | ||
| const jose = require('jose/P-256K') | ||
| let key = jose.JWK.generateSync('EC', 'P-256K') | ||
| key = jose.JWK.asKey(fs.readFileSync('path/to/key/file')) | ||
| key.crv === 'P-256K' | ||
| ``` | ||
| #### Electron Support | ||
@@ -335,0 +307,0 @@ |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Lines of code
- increased by0.13%
4687
Worsened metrics
- Total package byte prevSize
- decreased by-0.19%
214123
- Number of lines in readme file
- decreased by-6.68%
391