@dfinity/assetsCertificate for inspection or use in raw calls. Certificate.cert is now a public propertyuseAuthClient by passing a record to actorOptions with the actor name as the key, and CreateActorOptions as the valueHttpAgent.call, which defaults to truerootKey to HttpAgentOptions to allow for a custom root key to be used for verifying signatures from other networks@dfinity/agent for use in other packages
pollForResponse now uses the default strategy by defaultbls-verify jsdoc comment to accurately reflect that the default strategy now uses @noble/curveseffectiveCanisterId in CallOptions@scure/bip39 and @scure/bip32 due to vulnerability and lack of maintenance for ellipticrequest correctly during pollForResponse Processing status
HttpAgent constructor in favor of new create and createSync methods.
create is async and returns a promise. It will sync time with the replica and fetch the root key if the host is not https://icp-api.iosource option with a from and fromSync methods, similar to Principal.fromupdate-management-idl automation to update the management canister IDL in @dfinity/agentlog method is renamed to print to avoind calling log.log.package-lock.json file with the correct dependencies when making a new releasenpm audit check to PRsHttpAgent option: backoffStrategy - allows you to set a custom delay strategy for retries. The default is a newly exported exponentialBackoff, but you can pass your own function to customize the delay between retries.IdbStorage get/set methods genericfetch_canister_logs in the actor provided by getManagementCanisterLogging
// Agent should not use an anonymous identity for this call, and should ideally be a canister controller
const management = await getManagementCanister({ agent });
const logs = await management.fetch_canister_logs({ canister_id: canisterId });
Bitcoin
// For now, the verifyQuerySignatures option must be set to false
const agent = await makeAgent({ host: 'https://icp-api.io', verifyQuerySignatures: false });
const management = getManagementCanister({
agent
});
const result = await management.bitcoin_get_balance_query({
address: 'bc1qxy2kgdygjrsqtzq2n0yrf2493p83kkfjhx0wlh',
network: { mainnet: null },
min_confirmations: [6],
});
chore: npm audit fix
feat!: support for restricting II auth methods
allowPinAuthentication?: boolean;authnMethod: 'passkey' | 'pin' | 'recovery';customValues optionfix: pads date numbers in changelog automation. E.G. 2024-3-1 -> 2024-03-01
feat: allow passing DBCreateOptions to IdbStorage constructor
updated management canister interface
PublicKeyCredential not being enumerablefromPem method for identity-secp256k1ArrrayBuffer checks from WebAuthnIdentity to resolve issues with the Bitwarden password managerEd25519KeyIdentity was not generating unique identities when no seed was provided. This issue was introduced in v0.20.0-beta.0. If your code was affected please upgrade to >=1.0.1AuthClientStorage to aid with custom implementationsCustomPath class, better docs, and deprecating metadata path type for CanisterStatusCustomPath class, better docs, and deprecating metadata path type for CanisterStatusObservableLog to HttpAgent. Allows subscribers to be notified of events from the agent without sending them directly to the console.from methods on public key classes to support unknown types, including PublicKey instances, ArrayBuffer-like objects, DER encoded public keys, and hex strings. Also introduces a new bufFromBufLike utilsecp256k1 npm package with @noble/curvesgithub.dev and gitpod.io to known hostsagent-js, with a timeout of 1 hourHttpAgent option - verifyQuerySignatures. Defaults to true, but allows you to opt out of verification. Useful for testing against older replica versionsed25519 logic to agent for validating node signatures@noble/curves instead of tweetnacl in @dfinity/identityUint8Arrays in Principal.from()ExpirableMap, a utility class that will return values up until a configured expiryagent-js to allow for Ed25519 support for node key signature verificationdisableNonce feature with useQueryNonces. Going forward, updates will use nonces, but queries and readstate calls will not. Queries and readsatate calls will use nonces if useQueryNonces is set to true/subnet pathagent-jscanisterStatus returns full list of controllerslocalhost with 127.0.0.1for better node 18 support. Also swaps Jest for vitest, runs mitm against mainnet, and updates some packageslookup\_path to allow returning a HashTree, but also constrains lookup response to an ArrayBuffer using a new lookupResultToBuffer exportPrincipal JSON is compatible with @dfinity/utils ``jsonReviver helperPrincipal class serializes to JSONleb decoding utils added to @dfinity/agent/utils/leb to make it simpler to decode leb values and time from a certificate treeicp0.io and ic0.app were incorrectly sending requests to icp-api and encountering CSP issuesjs-sha256 library with @noble/hashes due to a breaking bug in Chrome@dfinity/principal as a peerDependency to assets and candid.HttpAgent now uses a default address of https://icp-api.io. Users will be warned for not setting a host, but the code will default to mainnet.JsonnableWebAuthnIdentitiy, breaking change that requires users to update their imports to JsonnableWebAuthnIdentity when this type is usedcomposite_query in candidDo not use Headers struct during init of HttpAgent for Node compatibility. Note: still supports use of Headers in application code
fix: finish all tasks before calling onSuccess auth callback in @dfinity/auth-client
read\_state requestsAuthClient, allowing users to specify whether to use an ed25519 or ECDSAKey. This is important for custom storage providers that can't store CryptoKey objectsHttpAgentX-IC-Request-ID header until we coordinate cors support with icx-proxyauth-client package.jsonX-IC-Request-ID header to more easily identify retried requests. Also uses a standard Headers constructor to manage headersChanges default stored key for auth-client to use ECDSAKey* Also updates the storage interface types to support CryptoKeyPair
identity-secp256k1 in docs site@dfinity/identity-secp256k1Breaking change: Moves Secp256k1KeyIdentity to its own package. @dfinity/identity-secp256k1
Breaking change: Deprecates @dfinity/authentication. If you relied on the isDelegationValid check, it has been moved to @dfinity/identity
Deprecates @dfinity/identity-ledgerhq. Use @zondax/ledger-icp instead.
chore: links assets docs in index
chore: sets up new size-limit job for packages, in preparation for CI
secp256k1 now supports a fromSeedPhrase method that will reproduce the same identity across agent-js, dfx, and quillunpkg to use esmodulesjs-sha256 dependency to principalcreateOptions.identity or authClient.login to be called before starting idle timeoutHttpAgent. By default, retries three times before throwing an error, to offer a more cohesive workflowfetchCandid() function which retrieves the Candid interface for a given canister id.auth-client expose storage constant keysauth-client resolves window.open issue in login function in safari due to async storage callauth-client storage wrapper returns after resolve to avoid idb to be recreated@dfinity/bls-verify. This package provides a pure-js implementation of BLS verification using the miracl-core package. This can be used to polyfill BLS verification for agent-js, but it is notably very slow (~3s per verification). Optimization may be possible with a significant refactoring\_key non-nullable. This fixes a regression with async window.open behavior in SafariHttpAgent now offers a method to sync time with the replica, provided a specific canister. This can be used to set proper Expiry times when a device has fallen out of sync with the replica.auth-client avoids localstorage global and can be used in a web worker or nodejsauth-client logout now awaits clearing storageAuthClient now uses IndexedDb by default. To use localStorage, import LocalStorage provider and pass it during AuthClient.create().
Also offers a generic IndexedDb keyval store, IdbKeyVal
AuthClient migrates gracefully from localstorage to IDB when upgrading
SubtleCrypto interface in @dfinity/identity using the new ECDSAKeyIdentityCanisterStatus no longer suppresses rootKey errorsUTF-8 as an encoding option for CanisterStatus custom pathscreateReadStateRequest that creates the request for readState.readState to pass a created request. If this parameter is passed, the method does the request directly without creating a new one.createReadStateRequest and the extra parameter when polling for the response to avoid signing requests during polling.derivationOrigin to auth-client login to support the ability to login using the identity derived from a different origin. See proposed changesAdds a default callback to the IdleManager that will refresh the page after clearing the storage
Adds a new utility method, canisterStatus, to agent-js. Canister status now allows you to query paths from the canister certificate with a simple interface, using the API from theinterface specification
Comes with nicely configured options for
time, controllers, subnet, module_hash, candid. Additionally, has a utility for reading custom MetaData set using ic-wasm, as well as generic custom paths in the format of ArrayBuffers.
updates to package.json files for metadata in npm
makeNonce now returns unique values. Previously only the first byte of the nonce was populated.
Introduces IdleManager to the auth-client. You can now use it to detect when the user has been idle for a configurable amount of time, and then to register callbacks for the sake of logging the user out and prompting re-authentication. See the @dfinity/auth-client Readme for more details
Reduces the maxTimeToLive default setting from 24 hours to 8
Versioning tool now sets patch version to 0 for minor version updates, or patch and minor versions to 0 for major version updates
Removes jest-expect-message, which was making test error messages less useful
HttpAgent now generates a nonce to ensure that calls are unique by default. If you want to opt out or provide your own nonce logic, you can now pass an option of disableNonce: trueduring the agent initialization.
If you are currently using agent.addTransform(makeNonceTransform()) , please note that you should remove that logic, or add the disableNonce option to your agent when upgrading.
auth-client, login onSuccess callback and onError callback now supports async pattern.Security enhancement - adds a rewrite for urls to subdomains of
\*.ic0.app/api
to
ic0.app/api
Improves error messages for when HttpAgent cannot infer fetch implementation
auth-client identity option and added JSDOC comment for the timeToLive optionauthClient, up from 15 minutesPrincipal in @dfinity/agent, which should allow non-identical versions of packages to interoperate, as long as they share the same APIagent-js packagesBuffer and Pipe refactor
Buffer, a polyfilled version of the Node.js Buffer utility. In a significant refactor, we have removed all cases of this, along with Pipe and the nonstandard Blob packages, in favor of ArrayBuffer, Uint8Array, and DataViewblobToUint8Array have been removed.Buffer and related packages have been updated to accept ArrayBuffer, and the type interfaces are updated to reflect thisSecp256k1 Support
@dfinity/identity - Secp256k1KeyIdentity and Secp256k1PublicKeyed25519 components, and relies on the secp256k1 npm package for signing and verification.