Use @bedrock/[email protected].

Author: dlongley

CHANGELOG.md

@@ -1,5 +1,11 @@
 # bedrock-kms-http ChangeLog
 
+## 22.1.0 - 2025-mm-dd
+
+### Changed
+- Update peer dependencies:
+  - `@bedrock/[email protected]`.
+
 ## 22.0.0 - 2025-03-07
 
 ### Changed

lib/middleware.js

@@ -1,5 +1,5 @@
 /*!
- * Copyright (c) 2019-2024 Digital Bazaar, Inc. All rights reserved.
+ * Copyright (c) 2019-2025 Digital Bazaar, Inc. All rights reserved.
  */
 import * as bedrock from '@bedrock/core';
 import * as brZCapStorage from '@bedrock/zcap-storage';
@@ -20,6 +20,7 @@ import {defaultModuleManager as moduleManager} from '@bedrock/kms';
 import {reportOperationUsage} from './metering.js';
 
 const {config, util: {BedrockError}} = bedrock;
+const {helpers: {inspectCapabilityChain}} = brZCapStorage;
 
 const FIVE_MINUTES = 1000 * 60 * 5;
 
@@ -200,44 +201,6 @@ async function getVerifier({keyId, documentLoader}) {
   return {verifier, verificationMethod};
 }
 
-async function inspectCapabilityChain({
-  capabilityChain, capabilityChainMeta
-}) {
-  // if capability chain has only root, there's nothing to check as root
-  // zcaps cannot be revoked
-  if(capabilityChain.length === 1) {
-    return {valid: true};
-  }
-
-  // collect capability IDs and delegators for all delegated capabilities in
-  // chain (skip root) so they can be checked for revocation
-  const capabilities = [];
-  for(const [i, capability] of capabilityChain.entries()) {
-    // skip root zcap, it cannot be revoked
-    if(i === 0) {
-      continue;
-    }
-    const [{purposeResult}] = capabilityChainMeta[i].verifyResult.results;
-    if(purposeResult && purposeResult.delegator) {
-      capabilities.push({
-        capabilityId: capability.id,
-        delegator: purposeResult.delegator.id,
-      });
-    }
-  }
-
-  const revoked = await brZCapStorage.revocations.isRevoked({capabilities});
-  if(revoked) {
-    return {
-      valid: false,
-      error: new Error(
-        'One or more capabilities in the chain have been revoked.')
-    };
-  }
-
-  return {valid: true};
-}
-
 function onError({error}) {
   if(!(error instanceof BedrockError)) {
     // always expose cause message and name; expose cause details as

package.json

@@ -49,7 +49,7 @@
     "@bedrock/security-context": "^9.0.0",
     "@bedrock/validation": "^7.1.1",
     "@bedrock/veres-one-context": "^16.0.0",
-    "@bedrock/zcap-storage": "^9.0.0"
+    "@bedrock/zcap-storage": "^9.3.0"
   },
   "directories": {
     "lib": "./lib"

test/package.json

@@ -36,7 +36,7 @@
     "@bedrock/test": "^8.2.0",
     "@bedrock/validation": "^7.1.1",
     "@bedrock/veres-one-context": "^16.0.0",
-    "@bedrock/zcap-storage": "^9.0.0",
+    "@bedrock/zcap-storage": "^9.3.0",
     "@digitalbazaar/did-method-key": "^4.0.0",
     "@digitalbazaar/ed25519-signature-2020": "^5.4.0",
     "@digitalbazaar/ezcap": "^4.1.0",