chore(deps): bump @simplewebauthn/server from 13.1.2 to 13.2.0

[dependabot]

Bumps @simplewebauthn/server from 13.1.2 to 13.2.0.

Release notes

Sourced from @​simplewebauthn/server's releases.

v13.2.0

• [server] The return value from verifyRegistrationResponse() has been defined more strictly to communicate that registrationInfo will only ever be present if verified is true (#715)
• [server] verifyRegistrationResponse() can now verify attestations containing SHA256 hashes by using EC public keys with the P-384 curve (#721)
• [server] The Android SafetyNet "CTS profile match" system integrity check can now be disabled by setting attestationSafetyNetEnforceCTSCheck: false when calling verifyRegistrationResponse(). This check remains enforced by default (#722)
• [browser] [server] These libraries now have better support in Deno 2.2+ projects which use generic typing for Uint8Array via TypeScript 5.7. SimpleWebAuthn values of type Uint8Array_ are equivalent to Uint8Array in Deno 2.1 and earlier, and Uint8Array<ArrayBuffer> in Deno 2.2 and later. (#717)

Changelog

Sourced from @​simplewebauthn/server's changelog.

v13.2.0

Changes

• [server] The return value from verifyRegistrationResponse() has been defined more strictly to communicate that registrationInfo will only ever be present if verified is true (#715)
• [server] verifyRegistrationResponse() can now verify attestations containing SHA256 hashes by using EC public keys with the P-384 curve (#721)
• [server] The Android SafetyNet "CTS profile match" system integrity check can now be disabled by setting attestationSafetyNetEnforceCTSCheck: false when calling verifyRegistrationResponse(). This check remains enforced by default (#722)
• [browser] [server] These libraries now have better support in Deno 2.2+ projects which use generic typing for Uint8Array via TypeScript 5.7. SimpleWebAuthn values of type Uint8Array_ are equivalent to Uint8Array in Deno 2.1 and earlier, and Uint8Array<ArrayBuffer> in Deno 2.2 and later. (#717)

Commits

• 84c61db Publish v13.2.0
• ba14832 Add tests
• 43200d9 Consume arg to skip CTS profile match enforcement
• 4c7e930 Add new attestationSafetyNetEnforceCTSCheck arg
• 521aa6f Minor bit of cleanup
• 13db34f Some minor cleanup
• 4dee70c Maybe this fixes it?
• 56697e7 Update new test to only run in Deno v2.2+
• e2b498a Reinstall @​peculiar/x509 with Deno v2.1
• 225e868 Revert "Add @​peculiar/x509 to server"
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #60.