Skip to content

[6.x] Fix creating passkeys#13566

Merged
jasonvarga merged 4 commits intomasterfrom
webauthn-credentials
Jan 15, 2026
Merged

[6.x] Fix creating passkeys#13566
jasonvarga merged 4 commits intomasterfrom
webauthn-credentials

Conversation

@duncanmcclean
Copy link
Copy Markdown
Member

@duncanmcclean duncanmcclean commented Jan 15, 2026

This pull request fixes an issue preventing passkeys from being created.

Problem

The web-auth/webauthn-lib package recently changed what is returned by the assertionResponseValidator->check() method.

It previously returned a PublicKeyCredentialSource instance but it now returns a CredentialRecord instance, causing a type error in our code.

Solution

This PR fixes it by accepting any object (as CredentialRecord only exists in 5.3.x) and converting the CredentialRecord to what we're expecting.

These changes are part of the package's 5.3.x branch which is yet to be tagged, but seems to be used when creating new Statamic sites.

An alternative solution would be to pin the package to 5.2.x and handle the necessary changes after 5.3.x has been tagged.

Fixes #13561

@duncanmcclean duncanmcclean linked an issue Jan 15, 2026 that may be closed by this pull request
[6.x] Cannot create passkey #13561
Closed
jasonvarga
jasonvarga requested changes Jan 15, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@jasonvarga jasonvarga left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd rather enforce 5.3 when it's out (or require the 5.3.x branch now) and expect CredentialRecord all over.
Technically a breaking change, but we're still in beta and all this is a brand new thing to v6. We can call it a bug fix and plead to the semver gods.

@duncanmcclean
Copy link
Copy Markdown
Member Author

duncanmcclean commented Jan 15, 2026
edited
Loading

I've updated this PR to require the 5.3.x branch instead and removed the backwards compatibility fix.

@jasonvarga jasonvarga merged commit 2162e04 into master Jan 15, 2026
11 checks passed
@jasonvarga jasonvarga deleted the webauthn-credentials branch January 15, 2026 19:20
jasonvarga added a commit that referenced this pull request Jan 25, 2026
@jasonvarga
Revert "[6.x] Fix creating passkeys (#13566)"
5b3de29 
This reverts commit 2162e04.
@jasonvarga jasonvarga mentioned this pull request Jan 25, 2026
Merged
jasonvarga added a commit that referenced this pull request Jan 26, 2026
@jasonvarga
[6.x] Fix passkeys differently (#13666)
0f7c4af 
Fix creating passkeys (#13566)"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jasonvarga jasonvarga Awaiting requested review from jasonvarga

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[6.x] Cannot create passkey

2 participants

@duncanmcclean @jasonvarga