jsonld-signatures - npm Package Compare versions

Comparing version 11.3.1 to 11.3.2

lib/ProofSet.js

@@ -227,6 +227,10 @@ /*!
   const context = document['@context'] || constants.SECURITY_CONTEXT_URL;
-  proofSet = proofSet.map(proof => ({
-    '@context': context,
-    ...proof
-  }));
+  proofSet = proofSet.map(proof => {
+    const {cryptosuite} = proof;
+    // JCS Data Integrity Suites require unmodified proofs
+    if(cryptosuite?.includes?.('-jcs-')) {
+      return proof;
+    }
+    return {'@context': context, ...proof};
+  });
 
@@ -233,0 +237,0 @@ return proofSet;

package.json

 {
   "name": "jsonld-signatures",
-  "version": "11.3.1",
+  "version": "11.3.2",
   "description": "An implementation of the Linked Data Signatures specifications for JSON-LD in JavaScript.",
@@ -5,0 +5,0 @@ "homepage": "https://github.com/digitalbazaar/jsonld-signatures",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

68146

increased by0.24%

Lines of code

1544

increased by0.26%

Worsened metrics

Number of medium supply chain risk alerts

1

increased byInfinity%

No dependency changes