v4.0.1

There are no changes impacting dependents in this release, it only includes dev dependencies updates. It exercises the latest NPM authentication restrictions.

v4.0.0

Breaking Changes

• Support for Node.js v18.x has been dropped as that version has reached end-of-life.

New feature

• The link between an Access Request and an Access Grant issued using approveAccessRequest
  can now be verified by the server when setting the verifyLinkedRequest option to true.
• approveAccessRequest and issueAccessGrant now support an additional owner
  parameter in the Access Grant body overrides. Setting this will include a
  custom resource owner in the Access Grant issuing request. This allows an admin
  to issue Access Grants on behalf of a user at provisioning time. This parameter
  will be ignored by the server for sessions that have been activated already.

What's Changed

Full Changelog: v3.3.1...v4.0.0

v3.3.1

Patch changes

• denyAccessRequest now links the Access Denial to the incoming Access Request the same way approveAccessRequest
  does, so that the request status is updated at the /query endpoint.

Full Changelog: v3.3.0...v3.3.1

3.3.0

New feature

• denyAccessRequest supports a new customFields option to add custom fields to the
  resulting Access Denial. This option behaves the same as the customFields option
  of approveAccessRequest.
• issueAccessGrant is now available as an alternative to approveAccessRequest with
  an undefined request, to issue Access Grants in the case when there is no initial
  Access Request.

Patch changes

• When issuing an Access Grant from an Access Request using approveAccessRequest,
  the resulting Access Request now references the source Access Request. A new
  getRequest getter has been added to get this value from an Access Grant.
  This will result in the query module no longer showing approved Access Requests
  as "Pending".
• The query function now supports the type filter not being set, which will result
  in both Access Grants and Access Requests matching the provided filters being returned.

What's Changed

Full Changelog: v3.2.1...v3.3.0

v3.2.1

Patch change

• Passes the v2 of the JSON-LD context for Access Grants when issuing and using the
  /derive endpoint for VC providers supporting it. This allows the server to return
  all Access Credentials understood by the client, both v1 and v2. Clients prior to
  this version will issue and retrieve Access Credentials with a v1 context (and will
  not be able to use features introduced in v2).

Bugfix

• Type declarations have been altered so that internal type declarations are no longer
  partially exposed in the type declaration files. This prevents issues with some
  frameworks, such as Angular, in particular with revokeAccessCredential being internal.

Full Changelog: v3.2.0...v3.2.1

v3.2.0

New features

• Add support for custom fields. Applications are now able to read and write custom fields
  into Access Credentials (both Access Requests and Access Grants). This feature is available
  via a new option introduced in issueAccessRequest and approveAccessRequest to write the
  custom fields, and via a set of dedicated getters in the getters/ module. A generic getter
  is introduced, getCustomFields, as well as a set of typed helpers, such as getCustomInteger.
  Typed helpers are available for integers, floats, strings and booleans.
• Support new query endpoint: the new query function enables querying for Access Credentials using
  the newly introduced ESS endpoint.

Full Changelog: v3.1.1...v3.2.0

v3.1.1

Patch change

• Added support for the https://schema.inrupt.com/credentials/v2.jsonld JSON-LD context.

Full Changelog: v3.1.0...v3.1.1

v3.1.0

[Deprecation notice]

The following changes are pending, and will be applied on the next major release:

• The status parameter for getAccessGrantAll will default to all rather than granted.

New Feature

• Node 22 is now supported

Bugfix

• The /resources module function have their signature now aligned with the underlying @inrupt/solid-client functions.
  Namely, the options parameter for saveSolidDatasetAt and getSolidDataset support additional entries that were
  already available in @inrupt/solid-client.

Full Changelog: v3.0.5...v3.1.0

v3.0.5

Bugfixes

• Removed base64url dependency due to potential issues with the browser environment.
• A descriptive error is now thrown when trying to create an Access Request/approve an Access Grant for no resource. Previously, such call may not have thrown, but it resulted in an Access Grant granting access to nothing, which would have caused confusion when trying to use it.
• The error thrown when the issuer endpoint for an Access Grant/Request cannot be computed from the provided resource is more comprehensive.

New Contributors

• @garciafdezpatricia made their first contribution in #943
• @RWJMurphy made their first contribution in #965
• @acoburn made their first contribution in #1005

Full Changelog: v3.0.4...v3.0.5

v3.0.4

Bugfixes

• Extend predicate supported by getRequestor: getRequestor now supports the gc:isProvidedToPerson and gc:isProvidedToController
  predicates in addition to the current gc:isProvidedTo predicate.