Update dependencies (use native base64url implementation).

Author: dlongley

CHANGELOG.md

@@ -1,5 +1,10 @@
 # bedrock-vc-issuer ChangeLog
 
+## 30.0.2 - 2025-04-dd
+
+### Changed
+- Update dependencies (use native base64url implementation).
+
 ## 30.0.1 - 2025-04-30
 
 ### Changed

lib/suites.js

@@ -19,7 +19,6 @@ import {
   createSignCryptosuite as createEddsaJcs2022CryptoSuite
 } from '@digitalbazaar/eddsa-jcs-2022-cryptosuite';
 import {DataIntegrityProof} from '@digitalbazaar/data-integrity';
-import {decode} from 'base64url-universal';
 import {
   cryptosuite as ecdsa2019CryptoSuite
 } from '@digitalbazaar/ecdsa-2019-cryptosuite';
@@ -228,7 +227,7 @@ function _createEcdsaXi2023Suite({signer, options} = {}) {
       }
     });
   }
-  const extraInformation = decode(options.extraInformation);
+  const extraInformation = Buffer.from(options.extraInformation, 'base64url');
   const cryptosuite = createEcdsaXi2023SignCryptosuite({
     extraInformation
   });

lib/vcjwt.js

@@ -1,8 +1,6 @@
 /*!
- * Copyright (c) 2020-2024 Digital Bazaar, Inc. All rights reserved.
+ * Copyright (c) 2020-2025 Digital Bazaar, Inc. All rights reserved.
  */
-import * as base64url from 'base64url-universal';
-
 const TEXT_ENCODER = new TextEncoder();
 const ENCODED_PERIOD = TEXT_ENCODER.encode('.');
 
@@ -72,8 +70,9 @@ export async function envelopeCredential({
 
 export async function signJWT({payload, protectedHeader, signer} = {}) {
   // encode payload and protected header
-  const b64Payload = base64url.encode(JSON.stringify(payload));
-  const b64ProtectedHeader = base64url.encode(JSON.stringify(protectedHeader));
+  const b64Payload = Buffer.from(JSON.stringify(payload)).toString('base64url');
+  const b64ProtectedHeader = Buffer.from(
+    JSON.stringify(protectedHeader)).toString('base64url');
   payload = TEXT_ENCODER.encode(b64Payload);
   protectedHeader = TEXT_ENCODER.encode(b64ProtectedHeader);
 
@@ -89,7 +88,7 @@ export async function signJWT({payload, protectedHeader, signer} = {}) {
 
   // create JWS
   const jws = {
-    signature: base64url.encode(signature),
+    signature: Buffer.from(signature).toString('base64url'),
     payload: b64Payload,
     protected: b64ProtectedHeader
   };

package.json

@@ -48,7 +48,6 @@
     "@digitalbazaar/vc": "^7.1.2",
     "@digitalbazaar/webkms-client": "^14.1.2",
     "assert-plus": "^1.0.0",
-    "base64url-universal": "2.0.0",
     "bnid": "^3.0.0",
     "body-parser": "^1.20.3",
     "cors": "^2.8.5",

test/mocha/50-vc-jwt-issuer.js

@@ -1,7 +1,6 @@
 /*!
  * Copyright (c) 2020-2025 Digital Bazaar, Inc. All rights reserved.
  */
-import * as base64url from 'base64url-universal';
 import * as bedrock from '@bedrock/core';
 import * as helpers from './helpers.js';
 import {createRequire} from 'node:module';
@@ -115,10 +114,8 @@ describe('issue using VC-JWT format', () => {
     const jwt = verifiableCredential.id.slice('data:application/jwt,'.length);
     const split = jwt.split('.');
     split.length.should.equal(3);
-    const header = JSON.parse(
-      new TextDecoder().decode(base64url.decode(split[0])));
-    const payload = JSON.parse(
-      new TextDecoder().decode(base64url.decode(split[1])));
+    const header = JSON.parse(Buffer.from(split[0], 'base64url').toString());
+    const payload = JSON.parse(Buffer.from(split[1], 'base64url').toString());
     header.kid.should.equal(assertionMethodKeyId);
     header.alg.should.equal('ES256');
     payload.iss.should.equal(did);

test/mocha/60-vc-jwt-issuer-status.js

@@ -1,7 +1,6 @@
 /*!
  * Copyright (c) 2020-2025 Digital Bazaar, Inc. All rights reserved.
  */
-import * as base64url from 'base64url-universal';
 import * as bedrock from '@bedrock/core';
 import * as helpers from './helpers.js';
 import {createRequire} from 'node:module';
@@ -137,10 +136,8 @@ describe('issue using VC-JWT format w/status list support', () => {
     const jwt = verifiableCredential.id.slice('data:application/jwt,'.length);
     const split = jwt.split('.');
     split.length.should.equal(3);
-    const header = JSON.parse(
-      new TextDecoder().decode(base64url.decode(split[0])));
-    const payload = JSON.parse(
-      new TextDecoder().decode(base64url.decode(split[1])));
+    const header = JSON.parse(Buffer.from(split[0], 'base64url').toString());
+    const payload = JSON.parse(Buffer.from(split[1], 'base64url').toString());
     header.kid.should.equal(assertionMethodKeyId);
     header.alg.should.equal('ES256');
     payload.iss.should.equal(did);

test/mocha/assertions/testIssueXi.js

@@ -4,7 +4,6 @@
 import * as assertions from './index.js';
 import * as helpers from '../helpers.js';
 import {createRequire} from 'node:module';
-import {encode} from 'base64url-universal';
 
 const require = createRequire(import.meta.url);
 
@@ -48,7 +47,8 @@ export function testIssueXi({suiteName, algorithm, issueOptions}) {
       const extraInformationBytes = new Uint8Array([
         12, 52, 75, 63, 74, 85, 21, 5, 62, 10
       ]);
-      const extraInformationEncoded = encode(extraInformationBytes);
+      const extraInformationEncoded = Buffer.from(
+        extraInformationBytes).toString('base64url');
       const {verifiableCredential} = await assertions.issueAndAssert({
         configId: noStatusListIssuerId,
         credential,

test/mocha/helpers.js

@@ -1,7 +1,6 @@
 /*
  * Copyright (c) 2019-2025 Digital Bazaar, Inc. All rights reserved.
  */
-import * as base64url from 'base64url-universal';
 import * as bedrock from '@bedrock/core';
 import * as database from '@bedrock/mongodb';
 import {importJWK, SignJWT} from 'jose';
@@ -764,8 +763,7 @@ export function parseEnvelope({verifiableCredential}) {
     const data = id.slice(commaIndex + 1);
     // FIXME: consider adding verification of `data` (JWT)
     const split = data.split('.');
-    const claimSet = JSON.parse(
-      new TextDecoder().decode(base64url.decode(split[1])));
+    const claimSet = JSON.parse(Buffer.from(split[1], 'base64url').toString());
     return claimSet.vc;
   }
   throw new Error(`Unknown envelope format "${format}".`);

test/package.json

@@ -49,7 +49,6 @@
     "@digitalbazaar/vc-bitstring-status-list": "^2.0.1",
     "@digitalbazaar/vc-status-list": "^8.0.1",
     "@digitalbazaar/webkms-client": "^14.1.2",
-    "base64url-universal": "^2.0.0",
     "c8": "^10.1.3",
     "cross-env": "^7.0.3",
     "jose": "^6.0.10",