diff --git a/.github/release-please/release-please-manifest.json b/.github/release-please/release-please-manifest.json index da59f99e..2aca35ae 100644 --- a/.github/release-please/release-please-manifest.json +++ b/.github/release-please/release-please-manifest.json @@ -1,3 +1,3 @@ { - ".": "0.4.0" + ".": "0.5.0" } \ No newline at end of file diff --git a/CHANGELOG.md b/CHANGELOG.md index 54a85fc9..6bd39a1d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,19 @@ # Changelog +## [0.5.0](https://github.com/opentdf/web-sdk/compare/sdk/v0.4.0...sdk-v0.5.0) (2025-09-12) + + +### Features + +* add system metadata assertion ([#630](https://github.com/opentdf/web-sdk/issues/630)) ([922965c](https://github.com/opentdf/web-sdk/commit/922965c25c0a63b616dc833275152c4c55148ac3)) + + +### Bug Fixes + +* `signingKey` should not be part of the computed hash ([#696](https://github.com/opentdf/web-sdk/issues/696)) ([b763278](https://github.com/opentdf/web-sdk/commit/b7632783b17413393db3ff2ac49a2ad9201ed8ef)) +* **sdk:** Fix new API not setting nano attributes ([#679](https://github.com/opentdf/web-sdk/issues/679)) ([f0d9719](https://github.com/opentdf/web-sdk/commit/f0d97196ab258122fe9a07b7d7895017299a46c2)) +* SEC-4653 prevent ReDoS vulnerability in HTML payload unwrapping regex ([#686](https://github.com/opentdf/web-sdk/issues/686)) ([09d0360](https://github.com/opentdf/web-sdk/commit/09d036055a4eea621d182f04b706fae6dc78c195)) + ## [0.4.0](https://github.com/opentdf/web-sdk/compare/v0.3.2...v0.4.0) (2025-06-26) diff --git a/Makefile b/Makefile index 5daee521..4ed1fc95 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,6 @@ # x-release-please-start-version -version=0.4.0 +version=0.5.0 # x-release-please-end extras=cli web-app pkgs=lib $(extras) diff --git a/cli/package-lock.json b/cli/package-lock.json index ddc3b3e9..25eedf82 100644 --- a/cli/package-lock.json +++ b/cli/package-lock.json @@ -1,15 +1,15 @@ { "name": "@opentdf/ctl", - "version": "0.4.0", + "version": "0.5.0", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "@opentdf/ctl", - "version": "0.4.0", + "version": "0.5.0", "license": "BSD-3-Clause-Clear", "dependencies": { - "@opentdf/sdk": "file:../lib/opentdf-sdk-0.4.0.tgz", + "@opentdf/sdk": "file:../lib/opentdf-sdk-0.5.0.tgz", "yargs": "^17.7.2" }, "bin": { @@ -39,29 +39,29 @@ } }, "node_modules/@bufbuild/protobuf": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/@bufbuild/protobuf/-/protobuf-2.5.2.tgz", - "integrity": "sha512-foZ7qr0IsUBjzWIq+SuBLfdQCpJ1j8cTuNNT4owngTHoN5KsJb8L9t65fzz7SCeSWzescoOil/0ldqiL041ABg==", + "version": "2.8.0", + "resolved": "https://registry.npmjs.org/@bufbuild/protobuf/-/protobuf-2.8.0.tgz", + "integrity": "sha512-r1/0w5C9dkbcdjyxY8ZHsC5AOWg4Pnzhm2zu7LO4UHSounp2tMm6Y+oioV9zlGbLveE7YaWRDUk48WLxRDgoqg==", "license": "(Apache-2.0 AND BSD-3-Clause)", "peer": true }, "node_modules/@connectrpc/connect": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/@connectrpc/connect/-/connect-2.0.2.tgz", - "integrity": "sha512-xZuylIUNvNlH52e/4eQsZvY4QZyDJRtEFEDnn/yBrv5Xi5ZZI/p8X+GAHH35ucVaBvv9u7OzHZo8+tEh1EFTxA==", + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/@connectrpc/connect/-/connect-2.1.0.tgz", + "integrity": "sha512-xhiwnYlJNHzmFsRw+iSPIwXR/xweTvTw8x5HiwWp10sbVtd4OpOXbRgE7V58xs1EC17fzusF1f5uOAy24OkBuA==", "license": "Apache-2.0", "peerDependencies": { - "@bufbuild/protobuf": "^2.2.0" + "@bufbuild/protobuf": "^2.7.0" } }, "node_modules/@connectrpc/connect-web": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/@connectrpc/connect-web/-/connect-web-2.0.2.tgz", - "integrity": "sha512-QANMFPiL2o66BdBEctg4TsQLe5ozsBLqcle3dCBp7BwGlNGTY6NnNnqmt+YRnpeMW88GgomJwWNMGCrRD9pRKA==", + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/@connectrpc/connect-web/-/connect-web-2.1.0.tgz", + "integrity": "sha512-4IBFeMeXS1RVtmmFE/MwH+vWq/5vDRKys70va+DAaWDh83Rdy0iUQOJbITUDzvonlY5as3vwfs5yy9Yp2miHSw==", "license": "Apache-2.0", "peerDependencies": { - "@bufbuild/protobuf": "^2.2.0", - "@connectrpc/connect": "2.0.2" + "@bufbuild/protobuf": "^2.7.0", + "@connectrpc/connect": "2.1.0" } }, "node_modules/@cspotcode/source-map-support": { @@ -548,9 +548,9 @@ } }, "node_modules/@opentdf/sdk": { - "version": "0.4.0", - "resolved": "file:../lib/opentdf-sdk-0.4.0.tgz", - "integrity": "sha512-tP28IZFWukne0K6aUEcDf23x5nfB7X4+eGu9izGkaBy74I6GNBp5kAHTBYOOHs0gH72liI7fyQU01NKGjdw0pw==", + "version": "0.5.0", + "resolved": "file:../lib/opentdf-sdk-0.5.0.tgz", + "integrity": "sha512-70iPtGZIRnwb08AkJBCXvPVkoaVnXqSiK5byQXfGKzNWs5+iJwwVpqrQkn9h/e0VV+JgiaxxUfnmqbrx7lCS+Q==", "license": "BSD-3-Clause-Clear", "dependencies": { "@connectrpc/connect": "^2.0.2", @@ -2074,9 +2074,9 @@ } }, "node_modules/jose": { - "version": "6.0.11", - "resolved": "https://registry.npmjs.org/jose/-/jose-6.0.11.tgz", - "integrity": "sha512-QxG7EaliDARm1O1S8BGakqncGT9s25bKL1WSf6/oa17Tkqwi8D2ZNglqCF+DsYF88/rV66Q/Q2mFAy697E1DUg==", + "version": "6.1.0", + "resolved": "https://registry.npmjs.org/jose/-/jose-6.1.0.tgz", + "integrity": "sha512-TTQJyoEoKcC1lscpVDCSsVgYzUDg/0Bt3WE//WiTPK6uOCQC2KZS4MpugbMWt/zyjkopgZoXhZuCi00gLudfUA==", "license": "MIT", "funding": { "url": "https://github.com/sponsors/panva" @@ -2103,9 +2103,9 @@ "peer": true }, "node_modules/json-canonicalize": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/json-canonicalize/-/json-canonicalize-1.1.0.tgz", - "integrity": "sha512-Y/gUYcjKpyl5aB2ksljGQFNmnL2tnlirHNTwkk+rzIjDOsQkqnHHbbWXMsP7OmKpmC2pWN2j+CqWnM2/ShvxcQ==", + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/json-canonicalize/-/json-canonicalize-1.2.0.tgz", + "integrity": "sha512-TTdjBvqrqJKSADlEsY5rWbx8/1tOrVlTR/aSLU8N2VSInCTffP0p+byYB8Es+OmL4ZOeEftjUdvV+eJeSzJC/Q==", "license": "MIT" }, "node_modules/json-parse-even-better-errors": { diff --git a/cli/package.json b/cli/package.json index e321cf9e..ba06f274 100644 --- a/cli/package.json +++ b/cli/package.json @@ -1,6 +1,6 @@ { "name": "@opentdf/ctl", - "version": "0.4.0", + "version": "0.5.0", "description": "Node based CLI for opentdf", "repository": { "type": "git", @@ -51,7 +51,7 @@ "typescript-eslint": "^8.26.0" }, "dependencies": { - "@opentdf/sdk": "file:../lib/opentdf-sdk-0.4.0.tgz", + "@opentdf/sdk": "file:../lib/opentdf-sdk-0.5.0.tgz", "yargs": "^17.7.2" } } diff --git a/lib/package-lock.json b/lib/package-lock.json index 2fd3eff9..2cbbb13d 100644 --- a/lib/package-lock.json +++ b/lib/package-lock.json @@ -1,12 +1,12 @@ { "name": "@opentdf/sdk", - "version": "0.4.0", + "version": "0.5.0", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "@opentdf/sdk", - "version": "0.4.0", + "version": "0.5.0", "license": "BSD-3-Clause-Clear", "dependencies": { "@connectrpc/connect": "^2.0.2", diff --git a/lib/package.json b/lib/package.json index f00f81c2..2cc2f62f 100644 --- a/lib/package.json +++ b/lib/package.json @@ -1,6 +1,6 @@ { "name": "@opentdf/sdk", - "version": "0.4.0", + "version": "0.5.0", "description": "OpenTDF for the Web", "homepage": "https://github.com/opentdf/web-sdk", "bugs": { diff --git a/lib/src/version.ts b/lib/src/version.ts index 48c8a1ce..e1b8c152 100644 --- a/lib/src/version.ts +++ b/lib/src/version.ts @@ -1,7 +1,7 @@ /** * Exposes the released version number of the `@opentdf/sdk` package */ -export const version = '0.4.0'; // x-release-please-version +export const version = '0.5.0'; // x-release-please-version /** * A string name used to label requests as coming from this library client. diff --git a/version.txt b/version.txt index 1d0ba9ea..8f0916f7 100644 --- a/version.txt +++ b/version.txt @@ -1 +1 @@ -0.4.0 +0.5.0 diff --git a/web-app/package-lock.json b/web-app/package-lock.json index d316240c..e44116bc 100644 --- a/web-app/package-lock.json +++ b/web-app/package-lock.json @@ -1,15 +1,15 @@ { "name": "web-app", - "version": "0.4.0", + "version": "0.5.0", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "web-app", - "version": "0.4.0", + "version": "0.5.0", "license": "BSD-3-Clause-Clear", "dependencies": { - "@opentdf/sdk": "file:../lib/opentdf-sdk-0.4.0.tgz", + "@opentdf/sdk": "file:../lib/opentdf-sdk-0.5.0.tgz", "clsx": "^2.1.1", "native-file-system-adapter": "^3.0.1", "react": "^19.0.0", @@ -338,29 +338,29 @@ } }, "node_modules/@bufbuild/protobuf": { - "version": "2.5.2", - "resolved": "https://registry.npmjs.org/@bufbuild/protobuf/-/protobuf-2.5.2.tgz", - "integrity": "sha512-foZ7qr0IsUBjzWIq+SuBLfdQCpJ1j8cTuNNT4owngTHoN5KsJb8L9t65fzz7SCeSWzescoOil/0ldqiL041ABg==", + "version": "2.8.0", + "resolved": "https://registry.npmjs.org/@bufbuild/protobuf/-/protobuf-2.8.0.tgz", + "integrity": "sha512-r1/0w5C9dkbcdjyxY8ZHsC5AOWg4Pnzhm2zu7LO4UHSounp2tMm6Y+oioV9zlGbLveE7YaWRDUk48WLxRDgoqg==", "license": "(Apache-2.0 AND BSD-3-Clause)", "peer": true }, "node_modules/@connectrpc/connect": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/@connectrpc/connect/-/connect-2.0.2.tgz", - "integrity": "sha512-xZuylIUNvNlH52e/4eQsZvY4QZyDJRtEFEDnn/yBrv5Xi5ZZI/p8X+GAHH35ucVaBvv9u7OzHZo8+tEh1EFTxA==", + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/@connectrpc/connect/-/connect-2.1.0.tgz", + "integrity": "sha512-xhiwnYlJNHzmFsRw+iSPIwXR/xweTvTw8x5HiwWp10sbVtd4OpOXbRgE7V58xs1EC17fzusF1f5uOAy24OkBuA==", "license": "Apache-2.0", "peerDependencies": { - "@bufbuild/protobuf": "^2.2.0" + "@bufbuild/protobuf": "^2.7.0" } }, "node_modules/@connectrpc/connect-web": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/@connectrpc/connect-web/-/connect-web-2.0.2.tgz", - "integrity": "sha512-QANMFPiL2o66BdBEctg4TsQLe5ozsBLqcle3dCBp7BwGlNGTY6NnNnqmt+YRnpeMW88GgomJwWNMGCrRD9pRKA==", + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/@connectrpc/connect-web/-/connect-web-2.1.0.tgz", + "integrity": "sha512-4IBFeMeXS1RVtmmFE/MwH+vWq/5vDRKys70va+DAaWDh83Rdy0iUQOJbITUDzvonlY5as3vwfs5yy9Yp2miHSw==", "license": "Apache-2.0", "peerDependencies": { - "@bufbuild/protobuf": "^2.2.0", - "@connectrpc/connect": "2.0.2" + "@bufbuild/protobuf": "^2.7.0", + "@connectrpc/connect": "2.1.0" } }, "node_modules/@esbuild/aix-ppc64": { @@ -1140,9 +1140,9 @@ } }, "node_modules/@opentdf/sdk": { - "version": "0.4.0", - "resolved": "file:../lib/opentdf-sdk-0.4.0.tgz", - "integrity": "sha512-tP28IZFWukne0K6aUEcDf23x5nfB7X4+eGu9izGkaBy74I6GNBp5kAHTBYOOHs0gH72liI7fyQU01NKGjdw0pw==", + "version": "0.5.0", + "resolved": "file:../lib/opentdf-sdk-0.5.0.tgz", + "integrity": "sha512-70iPtGZIRnwb08AkJBCXvPVkoaVnXqSiK5byQXfGKzNWs5+iJwwVpqrQkn9h/e0VV+JgiaxxUfnmqbrx7lCS+Q==", "license": "BSD-3-Clause-Clear", "dependencies": { "@connectrpc/connect": "^2.0.2", @@ -3194,9 +3194,9 @@ } }, "node_modules/jose": { - "version": "6.0.11", - "resolved": "https://registry.npmjs.org/jose/-/jose-6.0.11.tgz", - "integrity": "sha512-QxG7EaliDARm1O1S8BGakqncGT9s25bKL1WSf6/oa17Tkqwi8D2ZNglqCF+DsYF88/rV66Q/Q2mFAy697E1DUg==", + "version": "6.1.0", + "resolved": "https://registry.npmjs.org/jose/-/jose-6.1.0.tgz", + "integrity": "sha512-TTQJyoEoKcC1lscpVDCSsVgYzUDg/0Bt3WE//WiTPK6uOCQC2KZS4MpugbMWt/zyjkopgZoXhZuCi00gLudfUA==", "license": "MIT", "funding": { "url": "https://github.com/sponsors/panva" @@ -3244,9 +3244,9 @@ "peer": true }, "node_modules/json-canonicalize": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/json-canonicalize/-/json-canonicalize-1.1.0.tgz", - "integrity": "sha512-Y/gUYcjKpyl5aB2ksljGQFNmnL2tnlirHNTwkk+rzIjDOsQkqnHHbbWXMsP7OmKpmC2pWN2j+CqWnM2/ShvxcQ==", + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/json-canonicalize/-/json-canonicalize-1.2.0.tgz", + "integrity": "sha512-TTdjBvqrqJKSADlEsY5rWbx8/1tOrVlTR/aSLU8N2VSInCTffP0p+byYB8Es+OmL4ZOeEftjUdvV+eJeSzJC/Q==", "license": "MIT" }, "node_modules/json-schema-traverse": { diff --git a/web-app/package.json b/web-app/package.json index 11cfe2f4..1e4d212c 100644 --- a/web-app/package.json +++ b/web-app/package.json @@ -1,6 +1,6 @@ { "name": "web-app", - "version": "0.4.0", + "version": "0.5.0", "license": "BSD-3-Clause-Clear", "type": "module", "scripts": { @@ -14,10 +14,10 @@ "preview": "vite preview", "test": "vite build && vitest", "test:ui": "vite build && vitest --ui", - "rebuild": "npm remove @opentdf/sdk && npm add file:../lib/opentdf-sdk-0.4.0.tgz && npm run dev" + "rebuild": "npm remove @opentdf/sdk && npm add file:../lib/opentdf-sdk-0.5.0.tgz && npm run dev" }, "dependencies": { - "@opentdf/sdk": "file:../lib/opentdf-sdk-0.4.0.tgz", + "@opentdf/sdk": "file:../lib/opentdf-sdk-0.5.0.tgz", "clsx": "^2.1.1", "native-file-system-adapter": "^3.0.1", "react": "^19.0.0",