asdfs

[el-virt]

🤖 I have created a release beep boop

0.4.0 (2025-06-18)

Features

• Assertion signing key handling and verification in the CLI (#409) (242150b)
• cli: Adds --allowList parameter to cli (#328) (297cec6)
• cli: Adds --policyBinding ecdsa option (#352) (4e54c0d)
• cli: Pass the platform url on decrypt, add the platform kas to the allowlist when fetching (#565) (5afd0d0)
• core: Adds kao.schemaVersion (#416) (7925669)
• core: KID in NanoTDF (#325) (6d01eff)
• export connect rpc generated platform from package.json (#610) (cbd8a10)
• lets nanoTDF client take options instead (#278) (048bd30)
• lib: Bump for EC feature (#452) (6178877)
• lib: generate ts code from platform protos (#280) (d88c612)
• lib: Load abac config from policy service (#351) (48b2442)
• lib: offline abac KAO configuration (#349) (6eb70c1)
• lib: Updated error types (#362) (7fb29c5)
• sdk: Adds OpenTDF.open method (#485) (6ba9044)
• sdk: Adds opts for collection cache (#411) (47a5287)
• sdk: Allow custom KAO array templates (#307) (fd1b386)
• sdk: Allows skipping verification (#371) (8529461)
• sdk: Assertion support (#350) (10ff5c7)
• sdk: connect rpc client export (#545) (92de145)
• sdk: ec-wrapped key support (#422) (9d4eab4)
• sdk: Export AttributeObject and others (#487) (3d45ecf)
• sdk: get KASes list from platform when allowedKases list is not passed (#557) (598c39f)
• sdk: remove hex encoding for segment hash (#397) (ec4a55a)
• sdk: sdk to use connect rpc calls (#596) (f8e54e5)
• sdk: Updates to jose 6.x (#449) (9667747)

Bug Fixes

• add ignoreAllowList flag (#331) (29a9b82)
• Assertion verification key input (#412) (5be9bb1)
• audit: npm audit fix (#304) (ca2dddd)
• Changes to make regex patterns more efficient, accurate and simpler (#376) (2fe2c43)
• cli: Better errors and properly set exit code in more cases (#418) (11ad526)
• client: Normalize allowlist to origins (#321) (ac1f634)
• core: npm audit fix (#380) (496f07c)
• dpop: respect dpop disabled flag in oidc access token class methods (#299) (24319f7)
• keySplitInfo Promise.any Promise.all (#379) (c6cdbef)
• lib: Adds a 10 MiB cap to manifest size (#353) (e775ba5)
• logs: Improves on decrypt unsafe fail (#303) (4efa118)
• nano: Allow padding of kids (#338) (e1ae891)
• nano: ecdsa policy binding support for encrypt (#346) (031bbb7)
• nano: resource locator kid parse issue (#330) (4eef553)
• nano: Store kid (#334) (63721f6)
• Rewrap response handling typo (#372) (5add5aa)
• sdk: bump koa from 2.15.4 to 2.16.1 in /lib (#534) (57c6d69)
• sdk: bump uuid from 11.0.5 to 11.1.0 in /lib (#432) (3898e45)
• sdk: Bump version no. to 0.3.2 (#536) (5924bc9)
• sdk: calculate the length of ecdsa binding (#327) (69e0a81)
• sdk: Disable concurrency on rewrap (#388) (beb3c06)
• sdk: Don't set schemaV in older target specs (#531) (eed7545)
• sdk: Enable support for more KAS key types (#624) (35c9777)
• sdk: Fix assertion output for legacy mode (#533) (d54d777)
• sdk: Fix for queries to older platforms (#570) (f6ccc10)
• sdk: Fixes generating ztdf 4.2.2 output (#530) (ab42e5a)
• sdk: Let pools take callables. (#390) (75ca10c)
• sdk: Lets new API set nano binding type (#455) (26879ef)
• sdk: npm audit fix (#410) (840fd29)
• sdk: Remove AttributeSet (#489) (fa5a98d)
• sdk: Remove stray call to node:Buffer (#365) (f851c02)
• sdk: Removes ntdf version header (#488) (f657181)
• sdk: Sets schemaVersion, not tdf_spec_version (#414) (74d326b)
• sdk: support hex encoding signature hash for legacy sdk (#520) (b08158a)
• sdk: Update ec-wrapped salt value (#464) (86142ba)
• sdk: Updates preferred node to 22 (#408) (a173579)
• sdk: Updates to eslint, and fixes from that (#423) (fa9271d)
• sequential requests instead of promise.all (#339) (2e81fcb)
• use new policy binding format (#312) (5e234ee)

---

This PR was generated with Release Please. See documentation.

[gemini-code-assist]

Summary of Changes

Hello @el-virt, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request represents an automated release of the web-sdk's lib component to its 1.0.0 major version. It integrates a substantial collection of new features, critical bug fixes, and internal improvements across the CLI, core SDK, and underlying libraries, enhancing functionality, stability, and maintainability.

Highlights

• Major Version Release: The lib component of the web-sdk has been officially released as version 1.0.0, signifying a stable and feature-rich milestone that consolidates numerous changes.
• Enhanced CLI Functionality: The command-line interface gains new capabilities, including assertion signing key handling and verification, support for --allowList and --policyBinding ecdsa options, and improved platform URL handling during decryption.
• Core SDK and Library Improvements: Significant updates to the core SDK and underlying libraries include kao.schemaVersion, Key ID (KID) support in NanoTDF, enhanced ABAC configuration loading from policy services, and updated error types.
• Expanded SDK Features: The SDK now includes an OpenTDF.open method, support for EC-wrapped keys, improved KAS integration (allowing fetching KASes from the platform), and a migration to connect-rpc calls for enhanced communication.
• Comprehensive Bug Fixes and Stability: A wide array of bug fixes address issues ranging from regex efficiency and manifest size caps to NanoTDF policy binding, concurrency on rewrap, and various npm audit security updates, contributing to overall stability.
• Dependency and Build System Updates: Key dependencies like jose have been updated to 6.x, the preferred Node.js version is now 22, and ESLint configurations have been refreshed, ensuring compatibility and improved code quality.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in issue comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist is currently in preview and may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments to provide feedback.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request upgrades the library version to 1.0.0. Ensure all dependent packages are compatible with this new version. Also, the keys in .github/release-please/release-please-manifest.json could be ordered alphabetically.

[gemini-code-assist]

This change bumps the library version. Ensure all dependent packages are compatible with this new version.

[gemini-code-assist]

This change bumps the library version. Ensure all dependent packages are compatible with this new version.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud