Update dependency @dfinity/identity to ^0.21.0

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
@dfinity/identity (source)	^0.10.2 → ^0.21.0

---

Release Notes

dfinity/icp-js-core (@​dfinity/identity)

v0.21.4

Compare Source

Changed

• fix: edit to the post-release script
• fix: export partial identity from index of @​dfinity/identity
• chore: npm update & bumping jest-environment-jsdom
• feat: release automation changes
• fix: distinguish remote dev environments from known hosts

v0.21.3

Compare Source

v0.21.2: Release 0.21.2

Compare Source

What's Changed

• fix: incorrectly propogated package-lock by @​krpeacock in dfinity/agent-js#828

Full Changelog: dfinity/icp-js-core@v0.21.1...v0.21.2

v0.21.1: Release 0.21.1

Compare Source

What's Changed

• fix: running audit fix by @​krpeacock in dfinity/agent-js#826

Full Changelog: dfinity/icp-js-core@v0.21.0...v0.21.1

v0.20.2

Compare Source

Changed

• chore: lowering prettier version for CI
• fix: restoring localhost to list of known hosts

v0.20.1

Compare Source

Changed

• feat: retry query signature verification in case cache is stale

v0.20.0

Compare Source

Added

• feat: uses expirable map for subnet keys in agent-js, with a timeout of 1 hour
• feat!: node signature verification
  This feature includes additional changes in support of testing and releasing the feature:
  _ Mainnet e2e tests for queries and calls
  _ published counter canister
  _ New HttpAgent option - verifyQuerySignatures. Defaults to true, but allows you to opt out of verification. Useful for testing against older replica versions
  _ Introducing ed25519 logic to agent for validating node signatures
  _ Standardizing around @noble/curves instead of tweetnacl in @dfinity/identity
  _ new export - hashOfMap from agent, matching the naming used in the interface specification
  _ new unit tests
  _ new Verify export on ed25519 because why not
  _ Adds support for Uint8Arrays in Principal.from()
  _ feat: introduces ExpirableMap, a utility class that will return values up until a configured expiry
  _ chore: increases size limit for agent-js to allow for Ed25519 support for node key signature verification
  _ feat!: replaces disableNonce feature with useQueryNonces. Going forward, updates will use nonces, but queries and readstate calls will not. Queries and readsatate calls will use nonces if useQueryNonces is set to true
  _ feat: adds subnet metrics decoding to canisterStatus for /subnet path
  _ feat!: sets expiry to 1 minute less than the configured expiry, and then down to the nearest second. This matches existing behaviour, but adds the rounding

Changed

• chore: cleanup for node 20 development in agent-js
• fix: canisterStatus returns full list of controllers
• chore: replaces use of localhost with 127.0.0.1for better node 18 support. Also swaps Jest for vitest, runs mitm against mainnet, and updates some packages
• feat: retry logic will catch and retry for thrown errors
• feat!: adds certificate logic to decode subnet and node key paths from the hashtree. Changes the interface for lookup\_path to allow returning a HashTree, but also constrains lookup response to an ArrayBuffer using a new lookupResultToBuffer export

v0.19.3

Compare Source

Changed

• fix: Principal JSON is compatible with @dfinity/utils ``jsonReviver helper
• chore: npm audit
• feat: Principal class serializes to JSON
• feat: certificate checks validate that certificate time is not more than 5 minutes ahead of or behind system time.
• feat: two new leb decoding utils added to @dfinity/agent/utils/leb to make it simpler to decode leb values and time from a certificate tree
• chore: limit npm version to 9 in ci for compatibility with node 16
• Adds more helpful error message for when principal is undefined during actor creation

v0.19.2

Compare Source

Changed

• fix: subdomains on icp0.io and ic0.app were incorrectly sending requests to icp-api and encountering CSP issues

v0.19.1

Compare Source

Changed

• fix: default host logic fixed and tests added

v0.19.0

Compare Source

Changed

• feat: replaces the js-sha256 library with @noble/hashes due to a breaking bug in Chrome
• Fix: add @dfinity/principal as a peerDependency to assets and candid.
• Feat: HttpAgent now uses a default address of https://icp-api.io. Users will be warned for not setting a host, but the code will default to mainnet.
• Feat: use webcrypto or node crypto instead of Math.random for nonce generation if available

v0.18.1

Compare Source

Changed

• fix: fix composite query in actor.ts
• fix: handle new update call errors (IC-1462)
• chore: updates engines in package.json and recommended node version for development in nvmrc to support node 18+
• chore: corrections to publishing docs
• fix: typo in JsonnableWebAuthnIdentitiy, breaking change that requires users to update their imports to JsonnableWebAuthnIdentity when this type is used
• fix: fix a bug in decoding service types, when function types come after the service type in the type table
• feat: support composite_query in candid
• fix: fix a bug in decoding service types, when function types come after the service type in the type table
• feat: include boundary node http details to query and update calls
• feat: adds method for actor creation that includes boundary node http details

v0.18.0

Compare Source

What's Changed

• feat: expose boundary node http headers to calls by @​keplervital in dfinity/agent-js#736
• chore: release v0.18.0 by @​dfx-json in dfinity/agent-js#738

New Contributors

• @​keplervital made their first contribution in dfinity/agent-js#736

Full Changelog: dfinity/icp-js-core@v0.17.0...v0.18.0

v0.17.0

Compare Source

v0.16.0

Compare Source

Small breaking change - typo in JsonnableWebAuthnIdentity type
Reverts use of Headers struct in HttpAgent for better node.js fetch library compatibility

What's Changed

• chore: small copy update for release process by @​krpeacock in dfinity/agent-js#727
• fix: reverts use of Headers for improved node compatibility by @​krpeacock in dfinity/agent-js#694
• chore: updating repo engines and nvmrc by @​krpeacock in dfinity/agent-js#728
• chore: correctly re-labeling dev dependencies by @​krpeacock in dfinity/agent-js#729
• chore(deps): bump vm2 from 3.9.13 to 3.9.19 in /e2e/browser by @​dependabot in dfinity/agent-js#720
• fix: Typo in JsonnableWebAuthnIdentitiy by @​sea-snake in dfinity/agent-js#725
• fix: fix error on decoding service type by @​chenyan-dfinity in dfinity/agent-js#731
• chore: release v0.16.0 by @​krpeacock in dfinity/agent-js#733

Full Changelog: dfinity/icp-js-core@v0.15.7...v0.16.0

v0.15.7

Compare Source

Changed

• Do not use Headers struct during init of HttpAgent for Node compatibility. Note: still supports use of Headers in application code

• fix: finish all tasks before calling onSuccess auth callback in @dfinity/auth-client

v0.15.6

Compare Source

Changed

• feat: retry failed read\_state requests

v0.15.5

Compare Source

Changed

• add support for WebAuthn level 3 authenticatorAttachment

v0.15.4

Compare Source

Changed

• removes more circular dependencies in agent, actor, proxy, and pollingstrategy
• chore: updates distro for lint and prettier checks
• removes more circular dependencies in agent, actor, proxy, and pollingstrategy
• feat: adds keyType option for AuthClient, allowing users to specify whether to use an ed25519 or ECDSAKey. This is important for custom storage providers that can't store CryptoKey objects
• chore: removes a circular dependency on index for canisterStatus
• chore: documents usage of fetch and fetchOptions for HttpAgent

v0.15.3

Compare Source

Changed

• reverts the X-IC-Request-ID header until we coordinate cors support with icx-proxy

v0.15.2

Compare Source

Changed

• Corrects some dev dependencies incorrectly listed as dependencies in auth-client package.json
• introduces X-IC-Request-ID header to more easily identify retried requests. Also uses a standard Headers constructor to manage headers

Changes default stored key for auth-client to use ECDSAKey* Also updates the storage interface types to support CryptoKeyPair

• updates link to identity-secp256k1 in docs site

v0.15.1

Compare Source

Changed

• fixes a package configuration issue with @dfinity/identity-secp256k1

v0.15.0

Compare Source

Changed

• Breaking change: Moves Secp256k1KeyIdentity to its own package. @dfinity/identity-secp256k1

• Breaking change: Deprecates @dfinity/authentication. If you relied on the isDelegationValid check, it has been moved to @dfinity/identity

• Deprecates @dfinity/identity-ledgerhq. Use @zondax/ledger-icp instead.

• chore: links assets docs in index

• chore: sets up new size-limit job for packages, in preparation for CI

v0.14.1

Compare Source

Changed

• feat: secp256k1 now supports a fromSeedPhrase method that will reproduce the same identity across agent-js, dfx, and quill
• chore: configures unpkg to use esmodules
• chore: removes unused lint shell script
• chore: adds js-sha256 dependency to principal
• bug: fixes idlemanager initializing - now either requires createOptions.identity or authClient.login to be called before starting idle timeout

v0.14.0

Compare Source

Changed

• feat: strips out bitcoin query methods from management canister IDL
• Adds retry logic to HttpAgent. By default, retries three times before throwing an error, to offer a more cohesive workflow
• Improves and truncates error messages in Candid
• fixes flaky tests for syncTime
• Adds a top-level fetchCandid() function which retrieves the Candid interface for a given canister id.
• chore: auth-client expose storage constant keys
• bug: auth-client resolves window.open issue in login function in safari due to async storage call
• New package: @​dfinity/assets. This package provides an asset manager to manage assets on an assets canister.
• bug: auth-client storage wrapper returns after resolve to avoid idb to be recreated

v0.13.3

Compare Source

Changed

• New package: @dfinity/bls-verify. This package provides a pure-js implementation of BLS verification using the miracl-core package. This can be used to polyfill BLS verification for agent-js, but it is notably very slow (~3s per verification). Optimization may be possible with a significant refactoring
• adds ability to polyfill bls verification in Certificate
• Auth Client moves key fallback generation to the create method instead of login and makes the \_key non-nullable. This fixes a regression with async window.open behavior in Safari
• HttpAgent now offers a method to sync time with the replica, provided a specific canister. This can be used to set proper Expiry times when a device has fallen out of sync with the replica.
• Fixes a candid bug where when decoding, optional fields could be skipped if the data on the wire contains additional fields.

v0.13.2

Compare Source

Changed

• auth-client avoids localstorage global and can be used in a web worker or nodejs
• bug: auth-client logout now awaits clearing storage

v0.13.1

Compare Source

Changed

• fixes a bug with the localstorage migration strategy

v0.13.0

Compare Source

Changed

• AuthClient now uses IndexedDb by default. To use localStorage, import LocalStorage provider and pass it during AuthClient.create().

• Also offers a generic IndexedDb keyval store, IdbKeyVal

• AuthClient migrates gracefully from localstorage to IDB when upgrading

v0.12.2

Compare Source

Changed

• Support for the SubtleCrypto interface in @dfinity/identity using the new ECDSAKeyIdentity
• CanisterStatus no longer suppresses rootKey errors
• Readme's point to https://agent-js.icp.xyz

v0.12.1

Compare Source

Changed

• Adds inline sourcemaps to packages
• Pulls lint out to a separate job now that Node 12 is failing with latest eslint dependencies
• Adds UTF-8 as an encoding option for CanisterStatus custom paths
• Adds a public method createReadStateRequest that creates the request for readState.
• Add an extra parameter to readState to pass a created request. If this parameter is passed, the method does the request directly without creating a new one.
• Use the createReadStateRequest and the extra parameter when polling for the response to avoid signing requests during polling.
• Adds derivationOrigin to auth-client login to support the ability to login using the identity derived from a different origin. See proposed changes

v0.12.0

Compare Source

Changed

• Changed the certificate verification interface and fixed its logic. The public constructor is now static and asynchronous. There is no separate verification method, the check is done automatically in the constructor and newly also checks that the delegation is authoritative for the given canister ID, as required by the Internet Computer interface specification.

v0.11.3

Compare Source

v0.11.2

Compare Source

Changed

• Adds a default callback to the IdleManager that will refresh the page after clearing the storage

• Adds a new utility method, canisterStatus, to agent-js. Canister status now allows you to query paths from the canister certificate with a simple interface, using the API from theinterface specification
  Comes with nicely configured options for

  time, controllers, subnet, module_hash, candid. Additionally, has a utility for reading custom MetaData set using ic-wasm, as well as generic custom paths in the format of ArrayBuffers.

• updates to package.json files for metadata in npm

v0.11.1

Compare Source

Changed

• Fix for a corner case that could lead to incorrect decoding of record types.

v0.11.0

Compare Source

Changed

• makeNonce now returns unique values. Previously only the first byte of the nonce was populated.

• Introduces IdleManager to the auth-client. You can now use it to detect when the user has been idle for a configurable amount of time, and then to register callbacks for the sake of logging the user out and prompting re-authentication. See the @dfinity/auth-client Readme for more details

• Reduces the maxTimeToLive default setting from 24 hours to 8

• Versioning tool now sets patch version to 0 for minor version updates, or patch and minor versions to 0 for major version updates

• Removes jest-expect-message, which was making test error messages less useful

• HttpAgent now generates a nonce to ensure that calls are unique by default. If you want to opt out or provide your own nonce logic, you can now pass an option of disableNonce: trueduring the agent initialization.

  If you are currently using agent.addTransform(makeNonceTransform()) , please note that you should remove that logic, or add the disableNonce option to your agent when upgrading.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.