v0.7.4

Packages:

• @simplewebauthn/[email protected]
• @simplewebauthn/[email protected]

Changes:

• [browser] Update dependencies
• [server] Update dependencies

v0.7.3

Packages:

• @simplewebauthn/[email protected]
• @simplewebauthn/[email protected]

Changes:

• [browser] Add support for UTF-8 values in server challenges
• [server] Minor performance improvement

v0.7.2

Packages:

• @simplewebauthn/[email protected]
• @simplewebauthn/[email protected]

Changes:

• [server] Added support for specifying a custom array of COSE algorithm identifiers when calling generateAttestationOptions() and verifyAttestationResponse()
• [browser] Updated README.md with new doc URLs

v0.7.1

Packages:

• @simplewebauthn/[email protected]
• @simplewebauthn/[email protected]
• @simplewebauthn/[email protected]

Changes:

• Fixed broken README and Homepage links in package listings on NPMJS.com

v0.7.0 - The one that passes FIDO conformance testing

Packages:

• @simplewebauthn/[email protected]
• @simplewebauthn/[email protected]
• @simplewebauthn/[email protected]

Changes:

• [server] Add support for TPM attestations
• [server] Add support for Android Key attestations
• [server] Add support for authenticator metadata statements and the FIDO Metadata Service (MDS)

Breaking Changes

• [server] The return type of verifyAttestationResponse() changed from boolean to Promise<boolean>. This was necessary to support querying FIDO MDS for an authenticator metadata statement during attestation verification.
• [server] The optional requireUserVerification parameter of verifyAssertionResponse() has been replaced with the new optional fidoUserVerification parameter. This enables greater control over user verification when verifying assertions.

v0.6.1

• [typescript-types] Update verifyAttestationResponse() options param description.

v0.6.0 - The one with better response verification

• [server] (BREAKING) Server's verifyAttestationResponse() and verifyAssertionResponse() methods now take a single arguments object.
• [server] These methods now include the ability to require user verification during attestation and assertion verification via the new requireUserVerification argument.

v0.5.1

• [typescript-types] Re-export AuthenticatorAttestationResponseJSON and AuthenticatorAssertionResponseJSON

v0.5.0 - The one where browser returns more info

• [browser] (BREAKING) Refactor startAttestation() and startAssertion() to return more of the output from the navigator.credentials calls
• [browser] Replace base64-js dependency with internal functionality
• [browser, server] Standardize on use of Base64URL encoding when converting to and from JSON
• [server] (BREAKING) Remove references to "base64" from generateAttestationOptions() and generateAssertionOptions() by renaming the excludedBase64CredentialIDs and allowedBase64CredentialIDs to excludedCredentialIDs and allowedCredentialIDs respectively
• [typescript-types] (BREAKING) Migrate some non-shared typings into server