Bump sodium-native from 3.4.1 to 4.0.0 (!352) · Merge requests · Wolf Yuan / Black Cat Legacy V2

Wolf Yuan requested to merge dependabot/npm_and_yarn/sodium-native-4.0.0 into main Jan 13, 2023

Created by: dependabot[bot]

Bumps sodium-native from 3.4.1 to 4.0.0.

Changelog

Sourced from sodium-native's changelog.

v4.0.0

crypto_secretstream_xchacha20poly1305_push accepts an int instead of a buffer for the tag param.

crypto_secretstream_xchacha20poly1305_TAG_MESSAGE is now an int.

crypto_secretstream_xchacha20poly1305_TAG_PUSH is now an int.

crypto_secretstream_xchacha20poly1305_TAG_REKEY is now an int.

crypto_secretstream_xchacha20poly1305_TAG_FINAL is not an int.

Move to 1.0.18-stable instead of fixed 1.0.18 for easier build.

Fix memleak in secure buffers.

Moved to uv workers instead of n-api ones for async methods.

musl prebuilds (for alpine linux).

Update experimental tweak api.

Commits

a38cb7a 4.0.0
fcfbc81 prepare 4.0.0
b2852c1 slim tarball
d04382d move to stable tarball
2d4e344 no need for debug symbols nor tweak import dir
70f951e Version 4
f421fb5 Standardise crypto_tweak api (#166)
1c76ab2 group exports in order (#169)
920e678 crypto_tweak_ed25519_sign_detached accepts precomputed public key (#161)
588eb28 Standard ignores fixture files (#165)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bump sodium-native from 3.4.1 to 4.0.0

v4.0.0

Merge request reports