Releases: ascorbic/cirrus
@getcirrus/pds@0.13.0
create-pds@0.0.12
@getcirrus/pds@0.12.0
@getcirrus/pds@0.11.0
Minor Changes
-
#137
90e9771Thanks @ascorbic! - Add option to auto-generate a password duringpds initandpds secret password, with clipboard copy support -
#136
287c971Thanks @ascorbic! - Add live terminal dashboard for PDS monitoring viapds dashboard. Shows repository stats, federation sync status, firehose subscribers with IPs, real-time event log, and notifications. Also adds a web dashboard at/status.
@getcirrus/pds@0.10.6
Patch Changes
-
#134
127f3dbThanks @ascorbic! - Fix OAuth client metadata caching to avoid redundant network requestsClient metadata was re-fetched from the network on every OAuth request instead of using the cache, adding latency to token exchanges and making auth fragile when client metadata endpoints are slow or unavailable.
-
Updated dependencies [
e76f1e4,127f3db]:- @getcirrus/oauth-provider@0.3.2
@getcirrus/oauth-provider@0.3.2
Patch Changes
-
#132
e76f1e4Thanks @ascorbic! - Fix OAuth client authentication failures for public clients and mixed JWKS- Fix
invalid_clienterror for clients that omittoken_endpoint_auth_methodin their metadata (Zod default ofclient_secret_basicwas passed through unsupported) - Fix
invalid usage "encrypt"error when client JWKS contains both signing and encryption keys by using jose'screateLocalJWKSetfor proper key selection
- Fix
-
#134
127f3dbThanks @ascorbic! - Fix OAuth authentication failure for confidential clients whose JWKS contains invalid key_opsClients with ECDSA signing keys that incorrectly declare encryption operations (e.g.
"encrypt","wrapKey") in their JWKSkey_opsfield would fail with "invalid usage" during token exchange.
@getcirrus/pds@0.10.5
@getcirrus/pds@0.10.4
@getcirrus/pds@0.10.3
Patch Changes
-
#123
4e3d4e9Thanks @ascorbic! - Rename getAccountStatus endpoint to checkAccountStatus to match AT Protocol lexicon -
#126
99272eaThanks @ascorbic! - Add updateEmail endpoint and include email in session responsesStore email in DO storage and return it from getSession, createSession, and refreshSession responses. Fixes deck.blue and official app complaints about missing email field.
@getcirrus/pds@0.10.2
Patch Changes
-
#120
82301c5Thanks @ascorbic! - Skip OAuth authorization for messaging platform link preview botsMessaging platforms (Telegram, Slack, Discord, Twitter/X, Facebook/iMessage) pre-fetch URLs shared in DMs and channels. When an OAuth authorization link with a one-time PAR request URI is shared, the preview bot consumes it before the user can open it. The authorize endpoint now detects these specific bots by User-Agent and returns a minimal HTML page with appropriate meta tags instead of processing the OAuth request.
Only known messaging platform bots are matched — generic crawlers and spiders are not excluded, since an unknown bot hitting an OAuth URL should still consume the token.
-
#116
a06516aThanks @ascorbic! - Detect content type of blobs -
#119
92a2b39Thanks @ascorbic! - Normalize JSON blob references for correct dag-cbor encodingIncoming API records contain blob references with nested
$linkobjects
(for example,{ "$type": "blob", "ref": { "$link": "bafk..." } }). These
must be converted to actual CID instances before CBOR encoding, otherwise
the blob ref'sreffield gets encoded as a map instead of a proper CID tag.
This causes incorrect block hashes, which can lead to blob resolution failures
on the Bluesky network.Uses
jsonToLexfrom@atproto/lex-jsonto convert$link→ CID and
$bytes→ Uint8Array on all record write paths (createRecord, putRecord,
applyWrites).