v9.0.0 - The one in which 11 characters were saved

Packages

• @simplewebauthn/browser@9.0.0
• @simplewebauthn/server@9.0.0
• @simplewebauthn/types@9.0.0

Changes

• [types] The @simplewebauthn/typescript-types package has been renamed to
  @simplewebauthn/types (#508)

Breaking Changes

• Any reference to @simplwebauthn/typescript-types will need to be replaced with the new package name @simplewebauthn/types:

Before:

import { ... } from '@simplwebauthn/typescript-types';

After:

$> npm uninstall @simplewebauthn/typescript-types
$> npm install -D @simplewebauthn/types

import { ... } from '@simplwebauthn/types';

v8.3.7

Packages

• @simplewebauthn/browser@8.3.7
• @simplewebauthn/server@8.3.7

Changes

• [browser] The WebAuthnError class can now be imported from @simplewebauthn/browser for simpler error detection and handling when calling startRegistration() and startAuthentication() (#505, with thanks to @zoontek)
• [server] The COSEPublicKeyEC2, COSEPublicKeyOKP, and COSEPublicKeyRSA types can now be imported from @simplwebauthn/server/helpers to help type possible return values from decodeCredentialPublicKey() (#504, with thanks to @mmv08)
• [server] Custom challenge strings passed to generateRegistrationOptions() will now be treated as UTF-8 strings to align with the existing behavior of generateAuthenticationOptions() (#507)

v8.3.6

Packages

• @simplewebauthn/server@8.3.6

Changes

• [server] Updated dependencies to fix an issue with ASN.1 parsing when calling
  verifyAuthenticationResponse() (#499)

v8.3.5

Packages

• @simplewebauthn/server@8.3.5

Changes

• [server] Use of the Web Crypto API in edge runtimes has been improved
  (#472)

v8.3.4

Packages

• @simplewebauthn/browser@.3.4
• @simplewebauthn/server@.3.4
• @simplewebauthn/typescript-types@.3.4

Changes

• [server] The library will now try to use globalThis.crypto first before trying to import
  Node's node:crypto as a fallback (#468)
• [browser, types] Version sync

v8.3.3

Packages

• @simplewebauthn/browser@8.3.3
• @simplewebauthn/server@8.3.3
• @simplewebauthn/typescript-types@8.3.3

Changes

• [server, types] deno vendor will no longer error out because typescript-types/src/dom.ts
  is missing (#466)
• [server] Authenticator data will now be preserved after bad CBOR encoding is detected and
  temporarily fixed when handling security key responses from Firefox
  (#465)
• [browser] Version sync due to changes in typescript-types

v8.3.2

Packages

• @simplewebauthn/server@8.3.2

Changes

• [server] The cbor-x dependency is now used without pulling in the Node-specific stream API
  for better Web API environment compatibility
  (#455, with thanks to @Maronato)

v8.3.1

Packages

• @simplewebauthn/browser@8.3.1

Changes

• [browser] Calling startAuthentication(..., true) to set up conditional UI will now require
  the "webauthn" value in an input's autocomplete="..." be either the only value or the last
  value (#451)

v8.3.0

Packages

• @simplewebauthn/browser@8.3.0

Changes

• [browser] The WebAuthnAbortService singleton can now be imported, with a cancelCeremony()
  method that can be called to manually cancel any active WebAuthn ceremonies. This can be used by
  developers building projects that use client-side routing to better control the behavior of their
  UX in response to router navigation events.
  (#449)

v8.2.1

Packages

• @simplewebauthn/browser@8.2.1

Changes

• [browser] startRegistration() will visibly warn in the browser console when a WebAuthn API method call errors out in a way that is likely due to a browser extension intercepting the API. The original error is exposed as the cause property on the error. (#447)