v2.1.2

Bugfixes

• The JSON-LD/JSON normalization is now applied not only when issuing an Access Request
  or an Access Grant, but also when dereferencing one.

• JSON-LD/JSON alignment: We are processing Verifiable Credentials as plain JSON,
  while they actually are JSON-LD. This creates some discrepancies:

  • The Access Grants and Access Requests status is now accepted in its abbreviated
    form, and not only as a fully qualified IRI, as allowed by the JSON-LD context.
  • Arrays containing a single value are also accepted as a literal equal to said
    single value.

  This is a stopgap solution: a proper fix would be to do full JSON-LD parsing,
  but we aren't doing it for the moment because of issues between existing libraries
  and our build setup.

v2.1.0

New Features

• Added the createContainerInContainer method.
• Added saveSolidDatasetInContainer method.
• Added the updateAcr flag to the options that can be included when calling
  the approveAccessRequest method. updateAcr will default to true. Note that
  this is an advanced feature, and only users having a good understanding of the
  relationship between Access Grants and ACRs should deviate from the default.
  Additional information is available in the ESS documentation
• Added the inherit flag to issueAccessRequest and approveAccessRequest to
  allow controlling whether the issued Access Grant should apply recursively to
  the target containers' contained resources.
• The getAccessGrantAll method now allows discovering recursive Access Grants
  issued for an ancestor container.

Minor changes

• The getters module contains functions and a class to interact with Verifiable
  Credentials without having to hard-code the data model in your application.

v2.0.0

Breaking change

• getAccessRequestFromRedirectUrl and getAccessGrantFromRedirectUrl no longer
  pick up VC passed by value, and only support passing by IRI. This is for security
  reasons, as passing a VC by value in the IRI leaks information. This removes a
  behavior that has been deprecated in v0.5.0. This change doesn't affect you if
  you are using the query parameters accessors (getAccessRequestFromRedirectUrl
  and getAccessGrantFromRedirectUrl).

New features

• getAccessRequestFromRedirectUrl and getAccessGrantFromRedirectUrl now accept URL
  objects as well as plain strings.
• approveAccessRequest now accepts a null expiration date override, resulting
  in the expiration date from the Access Request not being applied to the Access Grant.

This release also includes dependencies update.

v1.1.0

New Features

• Added resource APIs for overwriteFile and saveFileInContainer, these
  compliment the existing getFile method.

Other Changes

• Refactored resource APIs (getFile, getSolidDataset, saveSolidDatasetAt)
  and added end-to-end test coverage of these APIs.
• Improved jest setup for node & browser unit tests.
• Added a more extensive demo app.

Pull Requests

• Update ESLint config by @matthieubosquet in #269
• Solid Access Grants Demo by @matthieubosquet in #252
• Remove unnecessary type casting in demo apps by @matthieubosquet in #273
• Instanciate VC context based on issuer domain by @NSeydoux in #260
• Do not include default VC domain in request by @NSeydoux in #277
• Upgrade typescript & shared eslint configuration by @NSeydoux in #276
• use DPV purposes IRIs in request example by @VirginiaBalseiro in #279
• Disable running sonarcube on dependabot PRs by @NSeydoux in #285
• Bump jose from 4.8.1 to 4.8.3 by @dependabot in #280
• Bump rollup from 2.70.2 to 2.77.0 by @dependabot in #290
• Bump eslint from 8.18.0 to 8.20.0 by @dependabot in #291
• Bump typedoc from 0.23.2 to 0.23.8 by @dependabot in #292
• Bump myst-parser from 0.17.2 to 0.18.0 in /docs by @dependabot in #250
• Bump rollup from 2.77.0 to 2.77.2 by @dependabot in #301
• Bump pydata-sphinx-theme from 0.8.1 to 0.9.0 in /docs by @dependabot in #253
• Bump typedoc-plugin-markdown from 3.13.1 to 3.13.4 by @dependabot in #293
• Bump typedoc from 0.23.8 to 0.23.9 by @dependabot in #297
• Bump @playwright/test from 1.23.1 to 1.24.1 by @dependabot in #300
• Bump @inrupt/eslint-config-lib from 1.0.0 to 1.1.0 by @dependabot in #294
• Bump @inrupt/solid-client-authn-node from 1.12.1 to 1.12.2 by @dependabot in #307
• Bump typedoc from 0.23.9 to 0.23.10 by @dependabot in #306
• Bump sphinx from 4.5.0 to 5.1.1 in /docs by @dependabot in #302
• Bump @playwright/test from 1.24.1 to 1.24.2 by @dependabot in #303
• Bump eslint from 8.20.0 to 8.21.0 by @dependabot in #305
• Bump @inrupt/solid-client-authn-browser from 1.12.1 to 1.12.2 by @dependabot in #304
• Chore: remove cd packaging by @ThisIsMissEm in #308
• Feature: additional File APIs by @ThisIsMissEm in #319
• Bump @inrupt/solid-client from 1.23.1 to 1.23.3 by @dependabot in #321
• Bump jose from 4.8.3 to 4.9.2 by @dependabot in #324
• Bump @playwright/test from 1.24.2 to 1.25.1 by @dependabot in #316
• Bump rollup from 2.77.2 to 2.79.0 by @dependabot in #322
• Bump rollup-plugin-typescript2 from 0.32.1 to 0.33.0 by @dependabot in #327
• Bump eslint from 8.21.0 to 8.23.0 by @dependabot in #318
• Chore/minor process cleanups by @ThisIsMissEm in #329
• Release: v1.1.0 by @ThisIsMissEm in #330

New Contributors

• @VirginiaBalseiro made their first contribution in #279

Full Changelog: v1.0.2...v1.1.0

v1.0.2

New features

• approveAccessRequest, getAccessGrant, getAccessGrantFromRedirectUrl now accurately return an AccessGrant.
• getAccessRequestFromRedirectUrl now accurately return an AccessRequest.

Bugfix

• Fix Node 14 atob/btoa compatibility issue.

v1.0.1

What's Changed

• Export GRANT_VC_URL_PARAM_NAME by @ajacksified in #248
• Release/1.0.1 by @ajacksified in #249

Full Changelog: v1.0.0...v1.0.1

v1.0.0

No changes from 0.6.1 - finalizing interface for 1.0.0 release.

v0.6.1

Bugfix

• Export all types via Rollup.
• Fix demo application.

Breaking change

• Drop Node 12 support.

v0.6.0

New features

• getAccessGrantAll supports a new option, includeExpired. By default,
  only grants that are still valid are returned by the VC provider. If set to true,
  grants that have expired will also be included in the response.
• issueAccessRequest now generates an access request VC including the resource
  owner in the hasConsent field with the isConsentForDataSubject predicate. This
  will enable resource owners to dereference access requests IRIs to their resources.

Bugfix

• When type-checking an Access Grant (e.g. using getAccessGrant), only accepted
  Grants were supported. Support for denied Grant has now been added.
• When using an Access Grant to get an Access Token, one of the claims from the
  server response was unaligned with the spec. This inconsistency has been fixed on
  the server-side with backwards-compatibility, and now on the client side too. This
  change is transparent to users.
• approveAccessRequest wasn't using the default session from @inrupt/solid-client-authn-browser
  to set the ACR access appropriately, resulting in 401 Unauthenticated errors.
• getAccessRequestFromRedirectUrl was deserializing the received VC expecting
  an URL-encoded value, instead of a base64-encoded value, which is how it is serialized
  when redirecting the user to the VC management app.