Skip to content

fix(deps): update dependency @noble/curves to v1.9.2 #6729

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 11, 2025
Merged

fix(deps): update dependency @noble/curves to v1.9.2 #6729

merged 1 commit into from
Jun 11, 2025
+20 −5

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jun 7, 2025
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
@noble/curves (source) 1.9.1 -> 1.9.2 age adoption passing confidence

Release Notes

paulmillr/noble-curves (@​noble/curves)

v1.9.2

Compare Source

The release contains bugfixes and a few improvements which pave the way for upcoming v2.0.

  • edwards, weierstrass: big refactor, implement much simpler ECDSA / EdDSA API. https://github.com/paulmillr/noble-curves/pull/192
    • Old code is still working until v2
    • New API is experimental until next patch release
    • toRawBytes => toBytes
    • ExtendedPoint, ProjectivePoint => Point
    • Point now has Fp and Fn static properties which are its fields
  • weierstrass: add support for ECDSA with cofactor>1 curves
  • weierstrass: add support for points having x:0
  • bls: big refactor, improve types, add new bls.longSignatures and bls.shortSignatures APIs
    • Old code is still working until v2
    • New API is experimental until next patch release
  • utils: reuse noble-hashes utils
  • Use randomBytes and hmac from noble-hashes by default

Sensitive code changes

  • edwards, weierstrass: refactor logic for range checks
  • weierstrass: improve sign() logic for k generation
  • weierstrass: harden multiplyUnsafe, stop using multiplyAndAddUnsafe

New contributors

Full Changelog: paulmillr/noble-curves@1.9.1...1.9.2

Configuration

📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@socket-security Socket Security
Copy link

socket-security bot commented Jun 7, 2025
edited
Loading

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updated@​noble/​curves@​1.9.1 ⏵ 1.9.210010010092100

View full report

@renovate renovate bot force-pushed the renovate/noble-curves-1.x branch 4 times, most recently from 22447db to 3cfe153 Compare June 11, 2025 08:38
@renovate renovate bot force-pushed the renovate/noble-curves-1.x branch from 3cfe153 to 40ff39c Compare June 11, 2025 08:55
@bkrem bkrem merged commit ef5981f into v2.0 Jun 11, 2025
10 checks passed
@renovate renovate bot deleted the renovate/noble-curves-1.x branch June 11, 2025 12:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bkrem bkrem bkrem approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@bkrem