Skip to content

v0.2.0: fewer dependencies, smaller bundle, easier to use, and more secure
Compare
Choose a tag to compare
@alcuadrado alcuadrado released this 19 Oct 21:36
v0.2.0
b1f3505
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

We just released a new version of the package, which has been rewritten using newer dependencies for all the cryptographic primitives.

The main difference is that the new dependencies are written in TypeScript, targeting more modern systems (i.e. using native bigint), and portable (i.e. not using Node.js APIs). This changes lead to a much smaller library, with less dependencies (which means more secure), and easier to use in the web.

Please, take a look at the README to learn how to upgrade, wand what you should do if you need to target older systems.

Huge thanks to @paulmillr who not only made this rewrite, but also implemented all the cryptographic primitives, and is coordinating the audit.

Security considerations

This version hasn't been audited yet. An audit will be conducted before the end of the year, but consider this experimental for now.

Once the project has been audited, we'll release v1.0.0.

What's Changed

  • Rewrite the package. Use 3 deps instead of 39+ by @paulmillr in #6

New Contributors

Full Changelog: v0.1.3...v0.2.0

Contributors

paulmillr
Assets 2
Loading