v4.2.0

• Add new OpenID Connect verification flow through a new verification method, see the updated guide for details
• OIDC is now a valid pre-verified verification method
• Deprecate createOidcNonce, setOidcTestNonce, and verification using the oidcIdToken param as they are now obsolete with the new OIDC verification flow
• Improve error message for invalid ciphertexts by including the first five bytes as hex
• Invalid responses that do not come from the Tanker backend can now result in a NetworkError, instead of InternalError

v4.1.1

• Fix an edge case where the Sentry integration could throw while handling an exception before session initialization

v4.1.0

• The SDK will now enrich Sentry events by default if Sentry is defined in the page, see the Tanker constructor for options.
• The minimum supported Node.js version is now Node.js 18
• Upgraded the SDK to TypeScript 5

v4.0.0

This release is strictly speaking a major version bump, but does not introduce any major API changes.

• The VerificationMethod objects of type oidcIdToken
  now contain the provider_id and provider_display_name information corresponding to the verification method's OIDC provider.

v3.3.2

• The Status type is now a regular TypeScript enum instead of a const enum.
  This provides compatibility with the verbatimModuleSyntax TypeScript configuration flag.

v3.3.1

• Add sanity check to differentiate internal errors from legitimate InvalidArgument('could not find key for resource') errors during decrypt() and share().
• Replace default exports with named exports in internal @tanker/ packages

v3.3.0

• Add support for SDK downgrade between compatible versions even in case of changes to the local storage schema, see manage sdk versions for more details.
• Automatically try to re-open local storages in browsers. It mitigates UnknownError: DatabaseClosedError occurring after a schema upgrade.
• Fix local storage errors handling in decrypt() and share(). Local storage errors were misleadingly converted into InvalidArgument('could not find key for resource'). Local storage errors are now forwarded as is.
• Throw a TooManyRequests error when calling upload() or download() and being throttled by the underlying storage service (was InternalError).

v3.2.0

This release enable the new "transparent session" encryption formats by default.

These formats optimize resource key usage. Encryption for the same recipients will reuse the same key for several hours.
As a result, performance of encrypt and decrypt operations should be improved, due to less network requests.

v3.1.0

This release adds forward compatibility for decrypting and sharing the upcoming "transparent session" encryption formats.

Please note that this release upgrades the storage format, so it cannot be rolled back to a previous version.

v3.0.0

Version v2.30.0 introduced forward compatibility for padded encryption scheme. Make sure your end users use at least v2.30.0 before upgrading to v3.0.0.

Padded Encryption

Tanker now uses a padded symmetric encryption scheme by default. Adding padding to encrypted data aims at hiding the length of the clear message, see the dedicated guide.

Remove UMD build

We no longer ship the fully bundled UMD build of the JS SDK for @tanker/client-browser.

Remove device APIs

• Remove the deviceId() function
• Remove the getDeviceList() function
• Remove DeviceRevoked error