Releases: haskou/value-objects
Release list
v3.0.1
Changes
- fix(deps): ⬆️ update dependency @noble/hashes to ^2.2.0
Release details
- npm: https://www.npmjs.com/package/@haskou/value-objects/v/3.0.1
- Pull request: #26
- Source branch:
fix/non-major-runtime-dependencies - Version bump:
patch
Pull request notes
This PR contains the following updates:
| Package | Change | Age | Confidence |
|---|---|---|---|
| @noble/hashes (source) | ^2.0.1 → ^2.2.0 |
Configuration
📅 Schedule: (in timezone Europe/Madrid)
- Branch creation
- At any time (no schedule defined)
- Automerge
- At any time (no schedule defined)
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
- If you want to rebase/retry this PR, check this box
This PR was generated by Mend Renovate. View the repository job log.
v3.0.0
Changes
- fix(value-objects)!: 💥 Enforce strict validation and immutability
Release details
- npm: https://www.npmjs.com/package/@haskou/value-objects/v/3.0.0
- Pull request: #29
- Source branch:
break/harden-value-object-validation - Version bump:
major
Pull request notes
Summary
- Remove
TimestampInterval.modifyStart()andmodifyEnd()so interval boundaries remain immutable. - Reject non-finite numbers and invalid timestamps.
- Validate real calendar dates and preserve Unix epoch input.
- Validate UUID structure, version, and RFC variant.
- Correct
Durationday and hour component calculations.
Breaking changes
TimestampInterval.modifyStart()andmodifyEnd()are no longer available.NumberValueObject,Integer, andTimestamprejectInfinity,-Infinity, and invalid date values.UUIDrejects 36-character strings that do not match the standard UUID structure.CalendarDayrejects normalized dates such as2022-02-31.
Root cause
Several validators delegated to permissive JavaScript behavior. Date normalized nonexistent dates, numeric validation rejected only NaN, and the UUID pattern checked character count without checking field structure. Duration.getHours() used seconds per hour as its modulo, and mutable timestamp intervals left the inherited primitive value out of sync with their boundaries.
Validation
yarn test(808 tests)yarn test:coverage(100% statements, branches, functions, and lines)yarn buildyarn docs:build- Prettier check for all changed files
v2.13.1
Changes
- fix(docs): 🐛 separate documentation sections
Release details
- npm: https://www.npmjs.com/package/@haskou/value-objects/v/2.13.1
- Pull request: #24
- Source branch:
fix/docs-navigation - Version bump:
patch
Pull request notes
What changed
- Split documentation navigation into separate Getting Started, Guide, and Reference sections.
- Added a Guide index page.
- Removed the VitePress logo configuration and deleted the unused logo asset.
- Simplified the reference overview copy.
Why
The previous documentation sidebar mixed unrelated sections, which made the docs feel harder to navigate.
Validation
- Ran
yarn docs:build.
v2.13.0
Changes
- feat(deps): ⬆️ add Renovate dependency updates
Release details
- npm: https://www.npmjs.com/package/@haskou/value-objects/v/2.13.0
- Pull request: #23
- Source branch:
feat/add-renovate-dependency-updates - Version bump:
minor
Pull request notes
What changed
- Added
renovate.jsonso Renovate can open dependency update PRs. - Added a Renovate-enabled badge to the README.
- Updated the README introduction.
- Updated direct devDependencies currently reported by
yarn outdated:@haskou/eslint-configto^0.1.2@types/nodeto^26.0.1vueto^3.5.39
Why
The package had dependency drift, and Renovate will keep future dependency updates visible as reviewable PRs.
Validation
- Parsed
renovate.jsonwith Node. - Ran
yarn outdatedafter updating dependencies. - Ran
yarn test. - Ran
yarn build.
v2.12.0
Changes
- feat(eslint): ➕ Add @haskou/eslint-config
Release details
- npm: https://www.npmjs.com/package/@haskou/value-objects/v/2.12.0
- Pull request: #21
- Source branch:
feat/eslint-config - Version bump:
minor
Pull request notes
Replace eslint configurations with generic one.
v2.11.0
v2.10.1
Changes
- fix(package): 🐛 Harden npm package configuration
Release details
- npm: https://www.npmjs.com/package/@haskou/value-objects/v/2.10.1
- Pull request: #19
- Source branch:
fix/library-packaging-quality - Version bump:
patch
Pull request notes
Changes
- Add stricter npm package metadata:
exports,engines,sideEffects, and runtimetslib. - Require coverage thresholds and remove the test mode that allowed no tests.
- Generate UUID and ShortId values internally using existing secure random bytes, removing external ID generator dependencies.
- Modernize lint/Jest/TypeScript config for the latest toolchain.
- Update and prune dependencies so the package stays lighter.
Why
The published package referenced tslib from dist without declaring it as a runtime dependency, which breaks clean consumers. The package also carried avoidable runtime/dev dependencies and older tooling config.
Validation
yarn lintyarn buildyarn test:coveragewith 100% global coveragenpm pack+ install in a clean temporary consumer + require package + generate UUID, ShortId, and SymmetricKeyyarn outdatedreturns no outdated packages
v2.10.0
Changes
- feat(crypto): ✨ Raise symmetric payload limit
Release details
- npm: https://www.npmjs.com/package/@haskou/value-objects/v/2.10.0
- Pull request: #18
- Source branch:
feat/symmetric-payload-limit - Version bump:
minor
Pull request notes
Summary
- Raise
SymmetricKeypayload and ciphertext limit from 1 MiB to 8 MiB. - Keep asymmetric payload encryption capped at 1 MiB.
- Validate decoded ciphertext size before strict Base64 regex checks to avoid expensive/fragile validation on oversized payloads.
- Update README and technical documentation with separate asymmetric and symmetric limits.
Validation
yarn lintyarn buildyarn test:coverage(100% statements, branches, functions, and lines)
v2.9.0
Changes
- feat(crypto): ✨ Add OWASP-aligned crypto formats
Release details
- npm: https://www.npmjs.com/package/@haskou/value-objects/v/2.9.0
- Pull request: #17
- Source branch:
feat/owasp-crypto-recommendations - Version bump:
minor
Pull request notes
- Added versioned asymmetric payload encryption with ephemeral X25519, HKDF-SHA256 and AES-256-GCM.
- Added symmetric AES-256-GCM keys and password-derived keys.
- Added encrypted private key v3 with
scrypt.N16384.r8.p5 + AES-256-GCM. - Preserved backward-compatible decrypt support for previous payload formats.
- Added strict Base64 validation and domain errors for encrypted private key format issues.
v2.8.0
Changes
- feat(crypto): ✨ Add symmetric encrypted payloads
Release details
- npm: https://www.npmjs.com/package/@haskou/value-objects/v/2.8.0
- Pull request: #16
- Source branch:
feat/symmetric-encrypted-payload - Version bump:
minor
Pull request notes
Summary
- Add
SymmetricKeyfor AES-256-GCM payload encryption and decryption. - Add typed symmetric/asymmetric encrypted payload value objects and scheme detection.
- Reuse
SymmetricKeyinternally forEncryptedPrivateKeyV2while keeping the existing serialized private-key format. - Document symmetric encryption, deterministic password-based key derivation, payload formats, and security boundaries.
- Extend tests to keep global coverage at 100%.
Validation
yarn lintyarn test:coverage(100% statements, branches, functions, and lines)yarn build