deps(deps): bump the production-dependencies group across 1 directory with 3 updates by dependabot[bot] · Pull Request #86 · impact-dryer/passwordlesscrypt

dependabot · 2026-05-25T08:14:01Z

Bumps the production-dependencies group with 3 updates in the / directory: @simplewebauthn/browser, idb-keyval and libsodium-wrappers.

Updates @simplewebauthn/browser from 13.2.2 to 13.3.0

Release notes

Sourced from @simplewebauthn/browser's releases.

v13.3.0

[browser] startRegistration() and startAuthentication() will recognize punycode domains as valid domains when trying to identify why an error occurred (#750)

[server] A new verifyMDSBlob() helper method has been added to verify and extract metadata statements from FIDO MDS blobs. See the docs here for more info (#752)

v13.2.3

Changes

[server] Dependencies have been updated to fix a "Cannot get schema" error that may occur when verifying responses after upgrading to v13.2.0+ (#747)

Changelog

Sourced from @simplewebauthn/browser's changelog.

v13.3.0

Changes:

[browser] startRegistration() and startAuthentication() will recognize punycode domains when trying to identify why an error occurred (#750)

[server] A new verifyMDSBlob() helper method has been added to verify and extract metadata statements from FIDO MDS blobs. See the docs here for more info (#752)

v13.2.3

Changes

[server] Dependencies have been updated to fix a "Cannot get schema" error that may occur when verifying responses after upgrading to v13.2.0+ (#747)

Commits

48e19ab Update version to 13.3.0
fda6c5f Tweak comment in tests
4ccada7 Add some tests
dd1bccd Tweak domain regex
See full diff in compare view

Updates idb-keyval from 6.2.2 to 6.2.4

Commits

See full diff in compare view

Updates libsodium-wrappers from 0.7.15 to 0.8.4

Release notes

Sourced from libsodium-wrappers's releases.

0.8.4

No release notes provided.

0.8.3

Update to libsodium 1.0.22.

0.8.2

No release notes provided.

0.8.1

Quite a lot of changes in this version:

The wrapper code was simplified a little bit and converted to TypeScript

The promise chain in WASM fallback was fixed to prevent race conditions

In addition to the browser benchmarks, there are now local benchmarks, that can be run with make benchmark

Automatically generated Typescript definitions are now included

Libsodium was updated to the latest 1.0.21-stable version

LTO was disabled - At least in Emscripten 4, it caused a significant performance degradation on some platforms.

The API documentation files are now way more useful, and automatically generated along with the TypeScript definitions.

0.8.0

This new release is based on libsodium 1.0.21.

0.7.16

ESM modules support was added (dist/modules-esm/, dist/modules-sumo-esm/).

Libsodium has been updated

Various bug fixes (crypto exclusion for browser, pointer fixes)

Commits

2830fcf Update
af7a75b Fix ESM wrapper interop with libsodium factory exports
7230467 Update to libsodium 1.0.22
a88553f Update .gitignore
bbb9f5a Update
905a369 Update README.md
20aac20 Regen API doc
8bb833f Fix return types
f3afbf1 Use emscripten to directly build ESM modules
21af2db Merge branch 'master' of github.com:jedisct1/libsodium.js
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

… with 3 updates Bumps the production-dependencies group with 3 updates in the / directory: [@simplewebauthn/browser](https://github.com/MasterKale/SimpleWebAuthn/tree/HEAD/packages/browser), [idb-keyval](https://github.com/jakearchibald/idb-keyval) and [libsodium-wrappers](https://github.com/jedisct1/libsodium.js). Updates `@simplewebauthn/browser` from 13.2.2 to 13.3.0 - [Release notes](https://github.com/MasterKale/SimpleWebAuthn/releases) - [Changelog](https://github.com/MasterKale/SimpleWebAuthn/blob/master/CHANGELOG.md) - [Commits](https://github.com/MasterKale/SimpleWebAuthn/commits/v13.3.0/packages/browser) Updates `idb-keyval` from 6.2.2 to 6.2.4 - [Changelog](https://github.com/jakearchibald/idb-keyval/blob/main/CHANGELOG.md) - [Commits](https://github.com/jakearchibald/idb-keyval/commits) Updates `libsodium-wrappers` from 0.7.15 to 0.8.4 - [Release notes](https://github.com/jedisct1/libsodium.js/releases) - [Commits](jedisct1/libsodium.js@0.7.15...0.8.4) --- updated-dependencies: - dependency-name: "@simplewebauthn/browser" dependency-version: 13.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: idb-keyval dependency-version: 6.2.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: libsodium-wrappers dependency-version: 0.8.4 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2026-05-25T08:14:02Z

Labels

The following labels could not be found: automated. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

dependabot Bot added the dependencies label May 25, 2026

github-actions Bot added config size/XS labels May 25, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

deps(deps): bump the production-dependencies group across 1 directory with 3 updates#86

deps(deps): bump the production-dependencies group across 1 directory with 3 updates#86
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/production-dependencies-4100940f87

dependabot Bot commented on behalf of github May 25, 2026 •

edited

Loading

Uh oh!

dependabot Bot commented on behalf of github May 25, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github May 25, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v13.3.0

v13.2.3

v13.3.0

v13.2.3

0.8.4

0.8.3

0.8.2

0.8.1

0.8.0

0.7.16

Uh oh!

dependabot Bot commented on behalf of github May 25, 2026

Labels

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot Bot commented on behalf of github May 25, 2026 •

edited

Loading