fix(deps): bump @simplewebauthn/browser from 10.0.0 to v11 #669
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
^10.0.0
->^11.0.0
Warning
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Release Notes
MasterKale/SimpleWebAuthn (@simplewebauthn/browser)
v11.0.0
Compare Source
Say hello to support for automatic passkey registration, support for valid conditional UI
<input>
elements stashed away in web components, and to the new
WebAuthnCredential
type that modernizessome logic within.
There are some breaking changes in this release! Please see Breaking Changes below for refactor
guidance.
Packages
Changes
useAutoRegister
argument has been added tostartRegistration()
tosupport attempts to automatically register passkeys for users who just completed non-passkey auth.
verifyRegistrationResponse()
has gained a newrequireUserPresence
option that can be set tofalse
when verifying responses fromstartRegistration({ useAutoRegister: true, ... })
(#623)
verifyBrowserAutofillInput
argument has been added tostartAuthentication()
to disable throwing an error when a correctly configured<input>
elementcannot be found (but perhaps a valid one is present in a web component shadow's DOM)
(#621)
AuthenticatorDevice
type has been renamed toWebAuthnCredential
andhas had its properties renamed. The return value out of
verifyRegistrationResponse()
andcorresponding inputs into
verifyAuthenticationResponse()
have been updated accordingly. SeeBreaking Changes below for refactor guidance
(#625)
verifyRegistrationResponse()
now verifies that the authenticator data AAGUIDmatches the leaf cert's
id-fido-gen-ce-aaguid
extension AAGUID when it is present(#609)
IBM (#610)
uvm
anddpk
have been removed(#611)
Breaking Changes
[browser] Positional arguments in
startRegistration()
andstartAuthentication()
have been replaced by a single objectProperty names in the object match the names of the previously-positional arguments. To update
existing implementations, wrap existing options in an object with corresponding properties:
Before:
After:
[server] [types] The
AuthenticatorDevice
type has been renamed toWebAuthnCredential
AuthenticatorDevice.credentialID
andAuthenticatorDevice.credentialPublicKey
have been shortenedto
WebAuthnCredential.id
andWebAuthnCredential.publicKey
respectively.verifyRegistrationResponse()
has been updated accordingly to return a newcredential
value oftype
WebAuthnCredential
. Update code that storescredentialID
,credentialPublicKey
, andcounter
out ofverifyRegistrationResponse()
to storecredential.id
,credential.publicKey
,and
credential.counter
instead:Before:
After:
Update calls to
verifyAuthenticationResponse()
to match the newcredential
argument thatreplaces the
authenticator
argument:Before:
After:
Configuration
📅 Schedule: Branch creation - "before 5am on monday" in timezone Europe/Berlin, Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.