devin ivy
877e6293b9
pds: use entryway mock server for tests ( #4757 )
...
* pds: setup entryway mock server for tests, remove stale dep.
* changeset
* tidy test
* pds: tidy mock entryway
2026-04-24 16:35:18 -04:00
Matthieu Sieben
b3ce11ae2e
OAuth provider UI unification ( #4820 )
...
* refactor
* tidy
* tidy
2026-04-14 16:46:18 +02:00
Matthieu Sieben
d0c136cba2
Move PDS code over to @atproto/lex ( #4408 )
2026-03-23 18:10:16 +01:00
Matthieu Sieben
6a88461c5a
Allow processing of invalid lex data ( #4761 )
...
* Allow processing of responses with invalid lex data
* Apply suggestions from code review
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com >
* add tests
* tidy
* Add non-strict validation mode to lex SDK (#4766 )
* non-strict validation mode
* apply strict option to client responses
* update readme
* Apply suggestions from code review
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com >
* Allow `-1` BlobRef size in non-strict mode
* review comments
---------
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com >
* tidy
* tidy
* tidy
* tidy
---------
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com >
2026-03-19 13:50:11 +01:00
Matthieu Sieben
cbbc03b6e4
Revert "non-strict validation mode"
...
This reverts commit 3d60e1af7c .
2026-03-18 15:13:36 +01:00
Matthieu Sieben
3d60e1af7c
non-strict validation mode
2026-03-18 15:12:48 +01:00
Matthieu Sieben
3dc3791543
Add Standard Schema compatibility ( #4734 )
...
* Add [Standard Schema](https://standardschema.dev/ ) compatibility
* tidy
* tidy
* rename `StandardSchemaValidator` to `StandardSchemaAdapter`
* `LexValidationError` class now implements `ResultFailure`
* review comments
* add readme
* fix tests
* Add tests for StandardSchemaAdapter (`schema['~standard']`) (#4735 )
* Initial plan
* Add StandardSchemaAdapter tests
Co-authored-by: matthieusieben <813661+matthieusieben@users.noreply.github.com >
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com >
Co-authored-by: matthieusieben <813661+matthieusieben@users.noreply.github.com >
* changeset
* return `message` in `toJSON`
* review comments
* tidy
---------
Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com >
Co-authored-by: matthieusieben <813661+matthieusieben@users.noreply.github.com >
2026-03-10 16:39:39 +01:00
Matthieu Sieben
f7c26103a6
Increase type strictness in @atproto/syntax ( #4689 )
...
* Increase type strictness in `@atproto/syntax`
* review comments
* wip
* make `rkey` and `collection` AtUri getters actually safe
* tidy
* tidy
* tidy
* changeset
* tidy
* tidy
* fix ci
2026-03-03 15:10:29 +01:00
Matthieu Sieben
1c473ab555
Update @atprto/lexicon-resolver to use Lex SDK ( #4697 )
...
Use Lex SDK as codegen for `@atprto/lexicon-resolver`
2026-03-03 13:57:33 +01:00
Matthieu Sieben
e8969b6b3d
Add Lex SDK support to @atproto/xrpc-server ( #4691 )
...
* Lex SDK error handling improvements
* Add support for method defined through `@atproto/lex` in addition to `@atproto/lexicon` "codegen"
* review comments
* tidy
2026-03-03 11:28:09 +01:00
Matthieu Sieben
52834aba18
Lex SDK error handling improvements ( #4688 )
...
* Lex SDK error handling improvements
* Allow `WWWAuthenticate` to have multiple challenges for the same scheme
* tidy
* add tests
* tests
* review comments
* tidy
* tidy
* tidy
* tidy
2026-03-02 15:37:00 +01:00
Matthieu Sieben
a23d13268c
OAuth client improvements ( #4642 )
...
* Delete any pre-existing OAuth session when a new one is created (for a given `sub`)
* OAuth client improvements
* tidy
* tidy
* tdy
* remove event-target-polyfill dep
* Update .changeset/neat-humans-fix.md
Co-authored-by: devin ivy <devinivy@gmail.com >
* tidy
---------
Co-authored-by: devin ivy <devinivy@gmail.com >
2026-02-19 15:21:00 +01:00
Matthieu Sieben
0e8d4bb62b
Skip puppeteer download in build and verify steps ( #4652 )
...
* Skip puppeteer download in build and verify steps
* tidy
* tidy
* fix deps
* install puppeteer as pretest step
* cleanup
2026-02-18 17:43:38 +01:00
Matthieu Sieben
a2e4e95847
Use fixed version in oauth-provider UI packages ( #4619 )
...
* Use fixed version in oauth-provider UI packages
* pnpm-lock
2026-02-06 15:02:12 +01:00
Matthieu Sieben
8a725a9d69
Change workspace version selector from workspace:* to workspace:^
2026-01-28 16:42:44 +01:00
Eduardo Cuducos
e6e43f3ad3
Adds GrowthBook feature flag for suggested users from Discover ( #4526 )
...
* Adds GrowthBook feature flag for suggested users from Discover
* Moves GrowthBook URL to envvar
* Reverts search feature
* Some minor fixes
* Adds GrowthBook feature flag for suggested users from Discover
* Moves GrowthBook URL to envvar
* Some minor fixes
* Keep search filtering exploration around but disable until migration
* Properly initialize GrowthBook client
* Cleans up
* Migrate flags
* Tweak context creation and types
* Add refetching and more error handling
* Rename config to be a little more clear
* Remove check validation, not needed
* Yeah ok we can do this
* Changeset
---------
Co-authored-by: Eric Bailey <git@esb.lol >
2026-01-23 12:56:10 -06:00
Matthieu Sieben
ecf59214d5
Update performances of cbor encoding/decoding ( #4572 )
...
* Update performances of cbog encoding/decoding
* pnpm-lock
* tidy
* ci
2026-01-21 17:26:24 +01:00
Matthieu Sieben
99963d002a
lex SDK improvements ( #4571 )
...
* Improve code coverage of `@atproto/lex-data` tests
* Improve typing of `@atproto/syntax` type assertion utilities
* Improve performance of `@atproto/lex-schema ` string format checking
* Remove `assertX` string format assertion utilities
* tidy
* tidy
* Rename `isLanguageString` to `validateLanguage`
* add string format utils
* tidy
* Refactor uri validation to use `@atproto/syntax`
* More language validation to @atproto/syntax
2026-01-21 16:15:47 +01:00
Matthieu Sieben
aaedafc6ba
Replace tap's event validation from "zod" to "@atproto/lex" ( #4532 )
...
* Replace `tap`'s event validation from "zod" to "@atproto/lex"
* Expose `record` data as parsed atproto data (including CIDs and Uint8Arrays)
* Minor change to validation of integers in lex data
* tidy
* tidy
* test using vitest
* add missing `tap` from root `tsconfig.json`
2026-01-20 14:11:24 +01:00
Matthieu Sieben
7310b9704d
Fix behavior of "default" and assignment to LexValue ( #4562 )
...
* Fix inability to assign (object containing) open union results to `LexMap` type
* properly support and type default values
* strong cohesion
* changeset
* tidy
* Add validation error as cause when handling invalid records
* tidy
* Update `cborg` dependency, fixing encoding of strings with invalid surrogate pairs, and ignoring `undefined` object properties
* tidy
* Simplify encoding logic of `number`
* Improvements around usage of `noUndefinedVals`
* Memoize array schemas (without options)
* Memoize empty params schemas
* tidy
* tidy
2026-01-20 13:20:56 +01:00
David Buchanan
6c7160ff7b
PDS: Stop probing image dimensions on blob upload ( #4560 )
...
* pds: stop probing image dimensions
* remove width and height from BlobMetadata
* remove image dimension checks from tests
* comment out width and height in Blob schema
2026-01-19 17:02:23 +00:00
Matthieu Sieben
d78484f94d
@atproto/lex improvements (bis) (#4512 )
...
* `@atproto/lex` improvements (bis)
* tidy
* tidy
2026-01-08 15:31:49 +01:00
Matthieu Sieben
5b19d390b3
Rename lex-password-agent to lex-password-session ( #4519 )
...
* Rename `lex-password-agent` to `lex-password-session`
* tidy
* tidy
* tidy
* improve 2fa
* tests
* tidy
* tidy
* tidy
* tidy
* tidy
2026-01-08 15:02:44 +01:00
Matthieu Sieben
2f78893ace
Small @atproto/lex improvements ( #4501 )
...
* Avoid escaping export identifier when it is a known global
* Use a record type instead of a record schema type as the generic parameter for `ListRecord`
* Export everything from `@atproto/lex-data` and `@atproto/lex-json`
* Add lex-json and lex-data to lex readme
* lock
* Apply defaults when running `schema.$build()` on objects and records.
* changeset
* simplify $Typed and $TypedMaybe
* tidy
* tidy
* Add `enumBlobRefs` utility function
* Add an `indexFile` option that allows generating an "index.ts" file that re-exports every tld namespaces.
* readme
* Add `base64ToUtf8` and `utf8ToBase64` utilities
* Add service auth authentication method
2026-01-06 15:47:13 +01:00
Daniel Holmgren
e3357e9c78
Tap: Lex Indexer ( #4483 )
...
* initial pass
* tidying stuff up
* tidy types
* tests
* readme
* app.bsky -> com.exmaple
* changeset
* readme tweak
* pr feedback
* use new Main type
* simplify types a bit
2026-01-05 18:23:30 -06:00
Matthieu Sieben
9af7a2d122
Password based agent implementation ( #4443 )
...
* Password based agent implementation
* tidy
* tidy
* wip
* tidy
* wip
* tidy
* wip
* tests
* tidy
* websocket
* tidy
* tidy
* tidy
* tidy
* tidy
* tidy
* tidy
* tidy
* changeset
* codegen
* tidy
* tidy
* tidy
* tidy
* tests
* tidy
* tidy
* tests
* tidy
* tidy
* tidy
* wip
* tidy
* memoize
* tidy
* tests
* tidy
* files reorg
* Ensure that default values match constraints
* wip
* use vitest to test lex
* Add readme
* fix lint
* add vitest workspace config
* vitest config
* vitest-cfg
* tests
* ignore coverage
* tidy
2026-01-01 13:28:29 +01:00
Matthieu Sieben
e6b6107e02
Lex SDK improvements ( #4457 )
...
* Lex SDK improvements
* changeset
* tidy
* tidy
* Fix `include` option in `tsconfig.test.json` files
* tidy
* ignore "require" in cjs files
* tidy
* tidy
* Improve error management
* rename xrpc-error file
* tests
* fix lint
* lint
* tidy
* puppeteer cache busting
* fix oauth tests
* tidy
* wip
* tidy
* tidy
* tidy
* Forbid use of unsafe integers
2025-12-17 16:14:15 +01:00
Daniel Holmgren
b4a76bae7b
Sync tool library ( #4290 )
...
* first pass
* tweaks
* tidy
* alt ack example
* websocket keep alive & callback/handler interface for channel
* simplify evt schemas
* readme
* thread through signal
* small fix
* router -> indexer & tidy wording
* small tweaks
* add type to ack msg
* pr feedback
* no implicit any
* resolve after buffered ack is actually sent
* create new websocket lib
* switch out ozone impl
* keepalive test
* remove websocket keepalive code from xrpc-server
* add the package in all the spots
* use websocket lib
* fix returned promise in simple-indexer
* websocket -> ws-client
* missed ref
* websocket -> ws-client
* nexus -> tap
* tidy readme
* admin password auth & fix some routes
* user evt -> identity evt
* small fixes
* add missing methods & types
* fix type in resolveDid
* update version
* pr feedback, assureAdminAUth util & README fixes
* more readme
* couple fixups
* lockfile
* tidy deps
* tests
* changesets
* lint readme
* add note to readme
2025-12-11 20:14:11 -06:00
Eric Bailey
90f15698ee
Age Assurance V2 ( #4407 )
...
Age Assurance v2 endpoints and config
2025-12-02 10:58:29 -06:00
Matthieu Sieben
8012627a12
Migrate OAuth libs to new @atproto/lex utils ( #4383 )
...
* Migrate Oauth libs to new @atproto/lex utils
* pnpm-lock
* tidy
* fix
* tidy
* tidy
* tidy
* tidy
* Implement lex resolution logging through hooks
2025-12-01 12:24:01 +01:00
Matthieu Sieben
1d445af2a7
lex SDK improvements ( #4390 )
...
* Add `l.nullable` schema builder
* Use unique symbol to describe Validator type metadata
* fixup! Add `l.nullable` schema builder
* Rework object validation logic to work without `options` argument
* Do not use symbol for type inference
* Use `Issue` classes to represent validation issues
* Properly apply default value with `const` and `enum` schemas
* style
* Require `l.discriminatedUnion` discriminator field to be a literal or enum schema
* Add `l.refined` schema
* Add more lexicons document validation tests
* wip
* use "assert" fn
* rework refine system
* use assert instead of check fn
* tidy
* Rename schema methods `validate`, `check` and `maybe` to `safeParse`, `matches` and `ifMatches` respectively.
* docs
* changeset
2025-11-30 14:35:15 +01:00
Matthieu Sieben
0adc852c31
Use arrays for "account" permission action attributes ( #4353 )
...
* Use arrays for "account" permission `action` attributes
* Allow lexicon permission data to be readonly
* changeset
* tidy
* tidy
* tidy
2025-11-25 21:48:10 +01:00
Matthieu Sieben
d396de016d
Validate repo signature when fetching lexicon document with @atproto/lex-resolver ( #4384 )
...
* Expose `matchesIdentifier` and `extractAtprotoData` utilities.
* Update `formatDidKey` return type to `did🔑 ${string}`
* fixup! Expose `matchesIdentifier` and `extractAtprotoData` utilities.
* Validate repo signature when fetching lexicon document
* Use new lex-resolver proof as CID
* tidy
* tidy
* fic build
* fic build
* tidy
* tidy
2025-11-25 20:49:51 +01:00
Matthieu Sieben
46550d6c1f
Release of @atproto/lex packages ( #4371 )
2025-11-24 23:18:28 +01:00
Matthieu Sieben
261968fd65
New TS SDK ( #4366 )
...
* lex
* packaging
* moke packaging
* revert test changes
* do not build temp
* tidy
* automatically build the list of `@atproto/lex/com` lexicons
* fix build
* Remove "com" export
* ridy
* remove manifest option
* tidy
* rename
* tidy
* tidy
* tidy
* tests
* add procedure params
* stricter tests
* tidy
* Improve ui8 parsing
* tidy
* tidy
* code split
* code split
* fix reserved keywords conflict
* exclude packages/lex/src/tests/lexicons from lint
* reserved keywords
* safe identifier
* fix build
* move lib.js to src/lib.ts
* Move tests dir
* fix ci ?
* increast lint size
* Remove `Record` type alias for recordsz
* fix package json exports
* Add support for unsafe characters in defs and nsids
* tidy
* token tests
* tidy
* name consistency
* remove unused `unknownKeys` params option
* Fix "moving" keys in `DictSchema` (remove `IntersectionSchema`)
* REview comments
* adapt shebang in `env`
* Make sure union object have their $type property set in typings
* fix
* Improve typing of `UnknownTypedObject`
* lex improvements
* code reorg
* split lex-builder
* tidy
* improve packaging
* rename lex-validation to lex-schema
* lex client
* rename prettifier option
* add lex-client as dependency to "lex"
* Export client as part of main export
* re-write example app using @atproto/lex
* add missing lex-client to tsconfig
* tidy
* add "null" schema type
* Smaller bundle code footprint
* tidy
* correctness
* tidy
* code split and improved testing
* tidy
* refactor common utils
* test all implementations
* improve tests
* tidy
* fix build
* fixes
* tidy
* lint
* tests
* tidy
* fix oauth-example app
* tidy
* tidy
* tests
* tidy
* Return an actual `Uint8Array` from `fromBase64Node`
* tidy
* adapt xrpc-server
* Rename `Lex` to `LexValue`
* minor fixes
* fix tests
* fix tests
* tidy
* fix
* tidy
* tidy
* fix `verifyCidForBytes` implementation
* fix imports
* tidy
* split lex-json in own package
* make base64 tests faster
* Add interop tests
* lint error
* tidy
* tidy
* changeset
* implement lex-resolver and lex-install
* remove need for polyfill
* readme
* more details
* tidy
* allow specifying `service` header on a per request basis
* tidy
* tidy
* tidy
* tidy
* add custom/intersection validation schemas
* tidy
* tidy
* remive un-necessary util
* improve typing of `l.object` output
* make "name" required in lexicon method errors
* fix tests
* tidy
* tidy
* add error responses
* update readme
* add "like " to example
* readme improvements
* tidy
* error management improvements
* Improve error results
* tidy
* refactor
* tidy
* lock
* Update binary to `ts-lex`
* tidy
* tidy
* Add "Overview" section
* fix build
* update bin
* readme-improvements
* paul's feedback
* Update packages/lex/lex/README.md
Co-authored-by: Daniel Holmgren <dtholmgren@gmail.com >
* Update packages/lex/lex/README.md
Co-authored-by: Daniel Holmgren <dtholmgren@gmail.com >
* Update packages/lex/lex/README.md
Co-authored-by: Daniel Holmgren <dtholmgren@gmail.com >
* Update packages/lex/lex/README.md
Co-authored-by: Daniel Holmgren <dtholmgren@gmail.com >
* Update packages/lex/lex/README.md
Co-authored-by: Daniel Holmgren <dtholmgren@gmail.com >
* Initial plan
* Address README review comments
Co-authored-by: matthieusieben <813661+matthieusieben@users.noreply.github.com >
* Clarify client configuration inheritance behavior
Co-authored-by: matthieusieben <813661+matthieusieben@users.noreply.github.com >
* Document allowLegacyBlobs default and compatibility implications (#15 )
* Initial plan
* Add notes about default setting and compatibility for allowLegacyBlobs
Co-authored-by: matthieusieben <813661+matthieusieben@users.noreply.github.com >
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com >
Co-authored-by: matthieusieben <813661+matthieusieben@users.noreply.github.com >
* Rename `Json` to `JsonValue` in lex-json package (#14 )
* Initial plan
* Rename Json to JsonValue in lex-json package and dependent packages
Co-authored-by: matthieusieben <813661+matthieusieben@users.noreply.github.com >
* Remove import alias for JsonValue in ipld.ts
Co-authored-by: matthieusieben <813661+matthieusieben@users.noreply.github.com >
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com >
Co-authored-by: matthieusieben <813661+matthieusieben@users.noreply.github.com >
* Update packages/lex/lex/README.md
Co-authored-by: Paul Frazee <pfrazee@gmail.com >
* Update packages/lex/lex/README.md
Co-authored-by: Paul Frazee <pfrazee@gmail.com >
* Update packages/lex/lex/README.md
Co-authored-by: Paul Frazee <pfrazee@gmail.com >
* Update packages/lex/lex/README.md
Co-authored-by: Paul Frazee <pfrazee@gmail.com >
* Update packages/lex/lex/README.md
Co-authored-by: Paul Frazee <pfrazee@gmail.com >
* Update packages/lex/lex/README.md
Co-authored-by: Paul Frazee <pfrazee@gmail.com >
* review comments and fixes
* Add lex to the dockerfiles
* tidy
* changeset for lex packages
* tidy
* Tidy
* tidy
* tidy
* Move language parsing to lex-data
* tidy
* doctoc
* error handling
* tidy
* tidy
* tidy
* fix
---------
Co-authored-by: Daniel Holmgren <dtholmgren@gmail.com >
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com >
Co-authored-by: matthieusieben <813661+matthieusieben@users.noreply.github.com >
Co-authored-by: Paul Frazee <pfrazee@gmail.com >
2025-11-24 21:01:16 +01:00
Daniel Holmgren
1dd20d3a81
WebSocket Library ( #4348 )
...
* create new websocket lib
* switch out ozone impl
* keepalive test
* remove websocket keepalive code from xrpc-server
* add the package in all the spots
* websocket -> ws-client
* missed ref
* fix import in ozone test
2025-11-18 17:34:41 -06:00
Matthieu Sieben
d764c54fe4
Minor oauth-client-browser-example improvements ( #4311 )
...
* Minor oauth-client-browser-example improvements
* pnpm lock
2025-10-28 16:00:06 +01:00
Matthieu Sieben
1a7bd8c0d2
Remove abortcontroller-polyfill from @atproto/oauth-client-expo ( #4300 )
...
* Remove `abortcontroller-polyfill` that was causing "Property 'DOMException' doesn't exist" errors
* changeset
2025-10-24 12:38:31 +02:00
Matthieu Sieben
09439d7d68
OAuth client improvements ( #4216 )
...
* wip
* Various OAuth client & API improvements
* pnpm lock
* Minor typing improvements
* ci
* fix
2025-10-02 16:21:17 +02:00
Matthieu Sieben
fefe70126d
oauth-client-expo (#4220 )
...
* `oauth-client-expo`
* working on android
* remove example app
* tidy
* tidy
* Do not install full expo
* tidy
* chngeset
* chngeset
* load expo
* tidy
2025-10-02 11:59:16 +02:00
Matthieu Sieben
8914f9abde
Allow encoding scope claims of oauth access token JWT ( #4149 )
...
* Refactor token decoding
* Add scope decoder to pds
* tidy
* tidy
* tidy
* tidy
* review changes
* Add scope normzlization utility
* wording in lexicon
* Add specific error
* style
* tidy
* Update `AccessTokenMode` enum values to be more meaningful
* tidy
* Update .changeset/brown-boxes-bow.md
Co-authored-by: devin ivy <devinivy@gmail.com >
* Add retry strategy
* lint
* lint
---------
Co-authored-by: devin ivy <devinivy@gmail.com >
2025-09-09 12:13:34 +02:00
Matthieu Sieben
055a413fba
InternalServerError when creating records (#4169 )
...
* Various perf fixes
* add transaction assertions
* tidy
* changeset
* tidy
* Update packages/aws/src/s3.ts
* tidy
* Apply suggestions from code review
* tidy
* Update .changeset/chilled-shirts-ring.md
Co-authored-by: devin ivy <devinivy@gmail.com >
* Update .changeset/stale-rocks-press.md
* Update packages/pds/src/actor-store/blob/transactor.ts
Co-authored-by: devin ivy <devinivy@gmail.com >
* build
* revert blob upload logic
* tidy
* use `uploadTimeoutMs` as default for `requestTimeoutMs`
* review coments
* chngeset
* tidy
---------
Co-authored-by: devin ivy <devinivy@gmail.com >
Co-authored-by: David Buchanan <david@blueskyweb.xyz >
2025-09-08 18:40:56 +02:00
Matthieu Sieben
f9dc9aa4c9
Permission set ( #4108 )
...
* Export constants and type assertion utilities
* Add permission set support to oauth provider
* improve permission set parsing
* Rename `PermissionSet` to `ScopePermissions`
* Improve performance of NSID validation
* Add support for `permission-set` in lexicon document
* Validate NSID syntax using `@atproto/syntax`
* Export all types used in public interfaces (from `lexicon-resolver`)
* Small performance improvement
* Rework scope parsing utilities to work with Lexicon defined permissions
* file rename
* fixup! Rework scope parsing utilities to work with Lexicon defined permissions
* removed outdated comment
* removed outdated comment
* fix comment typo
* Improve `SimpleStore` api
* permission-set NSID auth scopes
* Remove dev dependency on dev-env
* fix build script
* pnpm-lock
* Improve fetch-node unicast protection
* Explicitly set the `redirect: "follow"` `fetch()` option
* Add delay when building oauth-provider-ui in watch mode
* Remove external dependencies from auth-scopes
* Add customizable lexicon authority to pds (for dev purposes)
* fix pds migration
* update permission-set icon
* Add support for `include:` syntax in scopes
* tidy
* Renaming of "resource" concept to better reflect the fact that not all oauth scope values are about resources
* changeset
* ui improvmeents
* i18n
* ui imporvements
* add `AtprotoAudience` type
* Enforce proper formatting of audience (atproto supported did + fragment part)
* tidy
* tidy
* tidy
* fix ci ?
* ci fix ?
* tidy ?
* Apply consistent outline around focusable items
* Use `inheritAud: true` to control `aud` inheritance
* Update packages/oauth/oauth-provider/src/lexicon/lexicon-manager.ts
Co-authored-by: devin ivy <devinivy@gmail.com >
* Review comments
* Add `nsid` property to `LexiconResolutionError`
* improve nsid validation
* i18n
* Improve oauth scope parsing
* Simplify lex scope parsing
* tidy
* docs
* tidy
* ci
* Code simplification
* tidy
* improve type safety
* improve deps graph
* naming
* Improve tests and package structure
* Improve error when resolving a non permission-set
* improve nsid parsing perfs
* benchmark
* Refactor ozone and lexicon into using a common service profile mechanism
* improve perfs
* ci fix (?)
* tidy
* Allow storage of valid lexicons in lexicon store
* Improve handling of lexicon resolution failures
* review comment
* Test both regexp and non regexp based nsid validation
* properly detect presence of port number in https did:web
* Re-enable logging of `safeFetch` requests
* tidy
---------
Co-authored-by: devin ivy <devinivy@gmail.com >
2025-08-29 12:19:19 +02:00
Matthieu Sieben
9d22305f71
Fix circular dev dependencies and build scripts ( #4124 )
...
* fix build script
* Remove dev dependency on dev-env
* pnpm-lock
2025-08-21 16:02:54 +02:00
devin ivy
331a356ce2
Lexicon resolver package ( #4069 )
...
* lexicon: doc validation compatibility with published lexicons
* lexicon-resolver: setup new package
* lexicon-resolver: implement record resolution
* lexicon-resolver: implement lexicon resolution
* lexicon-resolver: test record resolution
* repo: add option to verify CIDs found in CARs. tidy.
* lexicon-resolution: verify CIDs in proof CAR
* lexicon-resolution: tests and fixes
* tidy
* lexicon-resolution: add entrypoint
* lexicon-resolver: tidy errors
* lexicon-resolver: readme
* lexicon-resolver: changeset
* prettier
* eslint
* tidy
* tidy
* tidy
* enable CID-to-content verification within CARs by default
* lexicon-resolver: tidy types, application of defaults, gitattributes
* lexicon-resolver: add interface and builder fn for lexicon and record resolvers
* lexicon-resolver: update readme
* tidy
* lexicon-resolver: cover error cases in record resolution
---------
Co-authored-by: Matthieu Sieben <matthieu.sieben@gmail.com >
2025-08-17 22:45:51 -04:00
Matthieu Sieben
8602827985
Prevent cookie from being downgraded when doing "pnpm up" ( #4098 )
2025-08-12 17:35:02 +02:00
Matthieu Sieben
396ab57ed0
Fix warnings during build ( #4096 )
...
* Fix warnings during build
* Update caniuse-lite
2025-08-12 17:15:23 +02:00
Matthieu Sieben
1899b1fc16
OAuth scopes ( #3806 )
...
* style: prefix `id` and `uri` with `request` where applicable
* Dynamically validate OAuth scopes
* Allow configuring trusted OAuth clients
* Improve client validation
* Rework authorization to work with permissions
* Review changes
* fix permissions
* tidy
* Drop authorization result
* unused code cleanup
* fix preferences auth
* remove redundant check in `applyWrites`
* style
* Remove need to specify "scopes" in authorized auth strategy
* fixup! Remove need to specify "scopes" in authorized auth strategy
* split authorized and oauth auth methods
* Require explicit opt-in for takendown
* fix tests
* rollback redundant permissions mechanism
* tidy
* Fix tests
* tidy
* tidy
* pr changes
* remove hack allowing access to full preferences
* always specify authorize method
* Add OAuth scope parsing & matching
* tidy
* add support for oauth scopes in client
* review changes
* Small xrpc-server optimizations
* pr comments
* Review comments
* refactor: move oauth scopes parser & checker in own package
* code simplification
* Allow multiple collections in `repo` scopes.
Allow wildcard action in `repo` scopes.
Require action in `repo` scopes.
* Rename `emailUpdate` to `email-update` in `account` scope params.
Add wildcard (`*`) in `account` and `identity` scopes.
* tidy
* add oauth-scopes package to PDS Dockerfile
* unit tests
* Syntax rework
* adapt to latest scope definition
* Add missing tests
* Render scopes in UI
* fix build
* fixes and tests
* improve ui
* tidy
* tidy
* ui improvements
* tidy
* fr messages
* tidy
* improve consent screen ui
* fix test
* tidy
* improve dx
* Remove `transition:` scopes from `scopes_supported` authorization server metadata
* Hide blob scope if no repo scope present
* changeset
* Remove the `action` param from the `identity` scope
* fix html syntax
* simplified wording
* Make `account:email` scope optional (#4089 )
* Make `account:email` scope optional
* tidy
* tidy
* tidy
* tidy
* fix
* tidy
* review comments
* tidy
* refactor: remove redundant tests for identity scope parsing and matching
* minor ui fixes
* fix "back" label not translated
* ui improvements
* fix tests
2025-08-12 13:13:14 +02:00
Matthieu Sieben
43fbeda63e
Update cookie dependency ( #4092 )
2025-08-12 09:49:14 +02:00
rafael
534bea0a98
Fixes on handle suggestions ( #4055 )
2025-07-18 12:12:09 -03:00