a collection of lightweight TypeScript packages for AT Protocol, the protocol powering Bluesky
atproto bluesky typescript npm
101
fork

Configure Feed

Select the types of activity you want to include in your feed.

chore: bump versions

Mary aecd964d f0a69729

+166 -175
-5
.changeset/afraid-points-grin.md
··· 1 - --- 2 - '@atcute/xrpc-server': minor 3 - --- 4 - 5 - XRPC subscriptions support
-5
.changeset/breezy-candles-fold.md
··· 1 - --- 2 - '@atcute/xrpc-server': minor 3 - --- 4 - 5 - deprecate `router.add()` in favor of `.addQuery()` and `.addProcedure()` instead
-5
.changeset/cruel-bats-prove.md
··· 1 - --- 2 - '@atcute/lexicon-doc': patch 3 - --- 4 - 5 - throw if definition ID is invalid
-5
.changeset/eleven-rules-rhyme.md
··· 1 - --- 2 - '@atcute/xrpc-server': patch 3 - --- 4 - 5 - clean up Valita schemas
-22
.changeset/hungry-points-press.md
··· 1 - --- 2 - '@atcute/oauth-browser-client': major 3 - --- 4 - 5 - allow passing user-provided state during authorization 6 - 7 - `createAuthorizationUrl` now takes in an optional `state` property 8 - 9 - ```ts 10 - const authUrl = await createAuthorizationUrl({ 11 - // ... 12 - state: { 13 - // ... 14 - }, 15 - }); 16 - ``` 17 - 18 - `finalizeAuthorization` now returns an object containing `session` and your provided `state`. 19 - 20 - ```ts 21 - const { session, state } = await finalizeAuthorization(params); 22 - ```
-5
.changeset/loud-rice-sink.md
··· 1 - --- 2 - '@atcute/jetstream': patch 3 - --- 4 - 5 - clean up Valita schemas
-58
.changeset/puny-areas-warn.md
··· 1 - --- 2 - '@atcute/oauth-browser-client': major 3 - --- 4 - 5 - handle and DID document resolution are now externalized. 6 - 7 - although we've provided a "guide" on how to do your own handle resolution, the client itself still 8 - had to make its own resolution for post-authorization verification checks. this change finally makes 9 - it possible for you to supply a resolver for the client to use, and you're required to provide them. 10 - 11 - after upgrading, you would supply an `identityResolver` to `configureOAuth`. there is a built-in 12 - identity resolver implementation that takes in a handle and DID document resolver (which you can use 13 - `@atcute/identity-resolver` with.) 14 - 15 - ```ts 16 - import { configureOAuth, defaultIdentityResolver } from '@atcute/oauth-browser-client'; 17 - 18 - import { 19 - CompositeDidDocumentResolver, 20 - PlcDidDocumentResolver, 21 - WebDidDocumentResolver, 22 - XrpcHandleResolver, 23 - } from '@atcute/identity-resolver'; 24 - 25 - configureOAuth({ 26 - // ... existing config 27 - 28 - identityResolver: defaultIdentityResolver({ 29 - // AT Protocol handles resolve via DNS TXT record or HTTP well-known endpoints. 30 - // since web apps lack direct DNS access and face CORS restrictions, we're using 31 - // Bluesky's AppView for this example. 32 - // 33 - // NOTE: Bluesky may log handle resolutions and requester info per their privacy 34 - // policy. consider the privacy implications of this arrangement and change this 35 - // setup if unsuitable for your use case. 36 - handleResolver: new XrpcHandleResolver({ serviceUrl: 'https://public.api.bsky.app' }), 37 - 38 - didDocumentResolver: new CompositeDidDocumentResolver({ 39 - methods: { 40 - plc: new PlcDidDocumentResolver(), 41 - web: new WebDidDocumentResolver(), 42 - }, 43 - }), 44 - }), 45 - }); 46 - ``` 47 - 48 - `resolveFromIdentity` and `resolveFromService` has been removed as a result. instead, pass the 49 - target directly to `createAuthorizationUrl`. 50 - 51 - ```ts 52 - const authUrl = await createAuthorizationUrl({ 53 - target: { type: 'account', identifier: 'mary.my.id' }, 54 - // or { type: 'pds', serviceUrl: 'https://bsky.social' } 55 - 56 - // ... existing options 57 - }); 58 - ```
-5
.changeset/quick-poets-fix.md
··· 1 - --- 2 - '@atcute/lexicon-doc': patch 3 - --- 4 - 5 - add JSON schema for lexicon schemas
-14
.changeset/ready-bears-heal.md
··· 1 - --- 2 - '@atcute/oauth-browser-client': minor 3 - --- 4 - 5 - allow customizing some parts of the authorization process 6 - 7 - `createAuthorizationUrl` now takes in optional `prompt`, `display`, `locale` fields. 8 - 9 - ```ts 10 - const authUrl = createAuthorizationUrl({ 11 - // ... 12 - display: 'popup', 13 - }); 14 - ```
-36
.changeset/swift-owls-sin.md
··· 1 - --- 2 - '@atcute/oauth-browser-client': minor 3 - --- 4 - 5 - add support for client assertions. 6 - 7 - this adds an optional `fetchClientAssertion` callback to `configureOAuth` that lets you fetch client 8 - assertions from your backend, allowing your client to be classified as a confidential client. 9 - 10 - ```ts 11 - import { configureOAuth } from '@atcute/oauth-browser-client'; 12 - 13 - configureOAuth({ 14 - // ... existing config 15 - 16 - async fetchClientAssertion({ jkt, aud, createDpopProof }) { 17 - const dpop = await createDpopProof('https://example.com/api/client-assertion'); 18 - 19 - const response = await fetch('https://example.com/api/client-assertion', { 20 - method: 'POST', 21 - headers: { 22 - dpop: dpop, 23 - 'content-type': 'application/json', 24 - }, 25 - body: JSON.stringify({ jkt, aud }), 26 - }); 27 - 28 - const data = await response.json(); 29 - 30 - return { 31 - client_assertion_type: 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer', 32 - client_assertion: data.assertion, 33 - }; 34 - }, 35 - }); 36 - ```
-5
.changeset/violet-experts-drum.md
··· 1 - --- 2 - '@atcute/lexicon-doc': patch 3 - --- 4 - 5 - clean up Valita schemas
-5
.changeset/whole-windows-spend.md
··· 1 - --- 2 - '@atcute/lex-cli': patch 3 - --- 4 - 5 - remove Valibot, consistently use Valita
+6
packages/clients/jetstream/CHANGELOG.md
··· 1 1 # @atcute/jetstream 2 2 3 + ## 1.1.2 4 + 5 + ### Patch Changes 6 + 7 + - dc9fe6f: clean up Valita schemas 8 + 3 9 ## 1.1.1 4 10 5 11 ### Patch Changes
+1 -1
packages/clients/jetstream/package.json
··· 1 1 { 2 2 "type": "module", 3 3 "name": "@atcute/jetstream", 4 - "version": "1.1.1", 4 + "version": "1.1.2", 5 5 "description": "lightweight and cute Jetstream subscriber for AT Protocol", 6 6 "license": "0BSD", 7 7 "repository": {
+10
packages/lexicons/lex-cli/CHANGELOG.md
··· 1 1 # @atcute/lex-cli 2 2 3 + ## 2.3.1 4 + 5 + ### Patch Changes 6 + 7 + - 8c5ec99: remove Valibot, consistently use Valita 8 + - Updated dependencies [d901d8a] 9 + - Updated dependencies [c603d16] 10 + - Updated dependencies [84b135f] 11 + - @atcute/lexicon-doc@1.1.4 12 + 3 13 ## 2.3.0 4 14 5 15 ### Minor Changes
+1 -1
packages/lexicons/lex-cli/package.json
··· 1 1 { 2 2 "type": "module", 3 3 "name": "@atcute/lex-cli", 4 - "version": "2.3.0", 4 + "version": "2.3.1", 5 5 "description": "cli tool to generate type definitions for atcute", 6 6 "license": "0BSD", 7 7 "repository": {
+8
packages/lexicons/lexicon-doc/CHANGELOG.md
··· 1 1 # @atcute/lexicon-doc 2 2 3 + ## 1.1.4 4 + 5 + ### Patch Changes 6 + 7 + - d901d8a: throw if definition ID is invalid 8 + - c603d16: add JSON schema for lexicon schemas 9 + - 84b135f: clean up Valita schemas 10 + 3 11 ## 1.1.3 4 12 5 13 ### Patch Changes
+1 -1
packages/lexicons/lexicon-doc/package.json
··· 1 1 { 2 2 "type": "module", 3 3 "name": "@atcute/lexicon-doc", 4 - "version": "1.1.3", 4 + "version": "1.1.4", 5 5 "description": "type definitions and schemas for atproto lexicon documents", 6 6 "license": "0BSD", 7 7 "repository": {
+126
packages/oauth/browser-client/CHANGELOG.md
··· 1 1 # @atcute/oauth-browser-client 2 2 3 + ## 2.0.0 4 + 5 + ### Major Changes 6 + 7 + - bac1b0f: allow passing user-provided state during authorization 8 + 9 + `createAuthorizationUrl` now takes in an optional `state` property 10 + 11 + ```ts 12 + const authUrl = await createAuthorizationUrl({ 13 + // ... 14 + state: { 15 + // ... 16 + }, 17 + }); 18 + ``` 19 + 20 + `finalizeAuthorization` now returns an object containing `session` and your provided `state`. 21 + 22 + ```ts 23 + const { session, state } = await finalizeAuthorization(params); 24 + ``` 25 + 26 + - bac1b0f: handle and DID document resolution are now externalized. 27 + 28 + although we've provided a "guide" on how to do your own handle resolution, the client itself still 29 + had to make its own resolution for post-authorization verification checks. this change finally 30 + makes it possible for you to supply a resolver for the client to use, and you're required to 31 + provide them. 32 + 33 + after upgrading, you would supply an `identityResolver` to `configureOAuth`. there is a built-in 34 + identity resolver implementation that takes in a handle and DID document resolver (which you can 35 + use `@atcute/identity-resolver` with.) 36 + 37 + ```ts 38 + import { configureOAuth, defaultIdentityResolver } from '@atcute/oauth-browser-client'; 39 + 40 + import { 41 + CompositeDidDocumentResolver, 42 + PlcDidDocumentResolver, 43 + WebDidDocumentResolver, 44 + XrpcHandleResolver, 45 + } from '@atcute/identity-resolver'; 46 + 47 + configureOAuth({ 48 + // ... existing config 49 + 50 + identityResolver: defaultIdentityResolver({ 51 + // AT Protocol handles resolve via DNS TXT record or HTTP well-known endpoints. 52 + // since web apps lack direct DNS access and face CORS restrictions, we're using 53 + // Bluesky's AppView for this example. 54 + // 55 + // NOTE: Bluesky may log handle resolutions and requester info per their privacy 56 + // policy. consider the privacy implications of this arrangement and change this 57 + // setup if unsuitable for your use case. 58 + handleResolver: new XrpcHandleResolver({ serviceUrl: 'https://public.api.bsky.app' }), 59 + 60 + didDocumentResolver: new CompositeDidDocumentResolver({ 61 + methods: { 62 + plc: new PlcDidDocumentResolver(), 63 + web: new WebDidDocumentResolver(), 64 + }, 65 + }), 66 + }), 67 + }); 68 + ``` 69 + 70 + `resolveFromIdentity` and `resolveFromService` has been removed as a result. instead, pass the 71 + target directly to `createAuthorizationUrl`. 72 + 73 + ```ts 74 + const authUrl = await createAuthorizationUrl({ 75 + target: { type: 'account', identifier: 'mary.my.id' }, 76 + // or { type: 'pds', serviceUrl: 'https://bsky.social' } 77 + 78 + // ... existing options 79 + }); 80 + ``` 81 + 82 + ### Minor Changes 83 + 84 + - bac1b0f: allow customizing some parts of the authorization process 85 + 86 + `createAuthorizationUrl` now takes in optional `prompt`, `display`, `locale` fields. 87 + 88 + ```ts 89 + const authUrl = createAuthorizationUrl({ 90 + // ... 91 + display: 'popup', 92 + }); 93 + ``` 94 + 95 + - 80b400e: add support for client assertions. 96 + 97 + this adds an optional `fetchClientAssertion` callback to `configureOAuth` that lets you fetch 98 + client assertions from your backend, allowing your client to be classified as a confidential 99 + client. 100 + 101 + ```ts 102 + import { configureOAuth } from '@atcute/oauth-browser-client'; 103 + 104 + configureOAuth({ 105 + // ... existing config 106 + 107 + async fetchClientAssertion({ jkt, aud, createDpopProof }) { 108 + const dpop = await createDpopProof('https://example.com/api/client-assertion'); 109 + 110 + const response = await fetch('https://example.com/api/client-assertion', { 111 + method: 'POST', 112 + headers: { 113 + dpop: dpop, 114 + 'content-type': 'application/json', 115 + }, 116 + body: JSON.stringify({ jkt, aud }), 117 + }); 118 + 119 + const data = await response.json(); 120 + 121 + return { 122 + client_assertion_type: 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer', 123 + client_assertion: data.assertion, 124 + }; 125 + }, 126 + }); 127 + ``` 128 + 3 129 ## 1.0.27 4 130 5 131 ### Patch Changes
+1 -1
packages/oauth/browser-client/package.json
··· 1 1 { 2 2 "type": "module", 3 3 "name": "@atcute/oauth-browser-client", 4 - "version": "1.0.27", 4 + "version": "2.0.0", 5 5 "description": "minimal OAuth browser client implementation for AT Protocol", 6 6 "license": "0BSD", 7 7 "repository": {
+11
packages/servers/xrpc-server/CHANGELOG.md
··· 1 1 # @atcute/xrpc-server 2 2 3 + ## 0.1.3 4 + 5 + ### Minor Changes 6 + 7 + - 913bf06: XRPC subscriptions support 8 + - 93bfccf: deprecate `router.add()` in favor of `.addQuery()` and `.addProcedure()` instead 9 + 10 + ### Patch Changes 11 + 12 + - b07ccbb: clean up Valita schemas 13 + 3 14 ## 0.1.2 4 15 5 16 ### Patch Changes
+1 -1
packages/servers/xrpc-server/package.json
··· 1 1 { 2 2 "type": "module", 3 3 "name": "@atcute/xrpc-server", 4 - "version": "0.1.2", 4 + "version": "0.1.3", 5 5 "description": "a small web framework for handling XRPC operations", 6 6 "license": "0BSD", 7 7 "repository": {