Update @noble/curves 1.1.0 → 1.3.0 (minor)

[depfu]

Here is everything you need to know about this update. Please take a good look at what changed and the test results before merging this pull request.

What changed?

✳️ @​noble/curves (1.1.0 → 1.3.0) · Repo

Release Notes

1.3.0

• BLS:
  • Add support for short signatures. Short sigs allow using G1 as sig and G2 as pubkeys, instead of wise-versa.
  • Contributed by @randombit in #74
  • Refactor mask-bit settings, improve encoding resiliency
• ed25519, ed448: implement Group interface for DecafPoint and RistrettoPoint by @sublimator in #85
• ed448: Fix x448 private keys, to be 56 bytes, not 57
• weierstrass: fix weierstrassPoints missing CURVE object by @secure12 in #92
• utils:
  • hexToBytes: speed-up 6x, improve error formatting by @arobsn in #83
  • isBytes: improve reliability in bad environments such as jsdom
  • concatBytes: improve safety by early-checking the type
  • equalBytes: make constant-time
• Bump noble-hashes to 1.3.3
• Bump typescript version used to build the package to 5.3.2

New Contributors

• @randombit made their first contribution in #74
• @arobsn made their first contribution in #83
• @secure12 made their first contribution in #92
• @yhc125 made their first contribution in #93

Full Changelog: 1.2.0...1.3.0

1.2.0

• ed448: add decaf448 support
• weierstrass: improve security of random private keys
  by decreasing bias from 2^-64 to 2^-curve_security_level
• weierstrass: allow extraEntropy to take any amount of bytes
• poseidon: improve security, make sboxPower mandatory and prohibit values other than 3, 5, 7; prohibit odd roundsFull
• hash-to-curve: allow string and Uint8Array DSTs
• tree-shaking improvements: add sideEffects: false to package.json,
  add pure annotations to ed25519
• update noble-hashes to 1.3.2

New Contributors

• @stknob made their first contribution in #59
• @mahnunchik made their first contribution in #56
• @steveluscher made their first contribution in #62

Full Changelog: 1.1.0...1.2.0

Does any of this look wrong? Please let us know.

Commits

See the full diff on Github. The new version differs by more commits than we can show here.

---

Depfu will automatically keep this PR conflict-free, as long as you don't add any commits to this branch yourself. You can also trigger a rebase manually by commenting with @depfu rebase.

All Depfu comment commands

@​depfu rebase

Rebases against your default branch and redoes this update

@​depfu recreate

Recreates this PR, overwriting any edits that you've made to it

@​depfu merge

Merges this PR once your tests are passing and conflicts are resolved

@​depfu cancel merge

Cancels automatic merging of this PR

@​depfu close

Closes this PR and deletes the branch

@​depfu reopen

Restores the branch and reopens this PR (if it's closed)

@​depfu pause

Ignores all future updates for this dependency and closes this PR

@​depfu pause [minor|major]

Ignores all future minor/major updates for this dependency and closes this PR

@​depfu resume

Future versions of this dependency will create PRs again (leaves this PR as is)