@raytio/core 9.0.1 → 10.0.0

package/CHANGELOG.md

@@ -0,0 +1,153 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [Unreleased]
+
+## 10.0.0 (2022-04-11)
+
+- 💥 BREAKING CHANGE: `calculateScore` is now an async function, and returns extra diagnostics.
+
+## 9.0.3 (2022-02-22)
+
+- fixed a bug which caused valid live persons to show up as Not Verified.
+
+## 9.0.2 (2022-02-10)
+
+- removed the `UNSAFE_treatNoValueAsVerified` option. This option was never documented or officially supported, so this is not considered a breaking change.
+- use the `date_component` schema field tag in date-related code
+
+## 9.0.1 (2022-02-09)
+
+- update `@raytio/types` to v6
+
+## 9.0.0 (2022-02-01)
+
+- 💥 BREAKING CHANGE: the value returned by `getPOVerification` has changed slightly: the `details` property is now an object
+- 💥 BREAKING CHANGE: `getRealVerifications` has been removed. It has been replaced by the following two methods:
+  - `getSomeoneElsesRealVerifications` is identical to the former `getRealVerifications` - it requires calling the API
+  - `getOwnRealVerifications` verifies the signature locally, but can only be used if you're verifying your own data.
+- create the `calculateScore` and `convertInstanceToRuleInput` for working with SubmissionRules
+- support 1 level of sub-fields in SubmissionRules
+- 💥 BREAKING CHANGE: `getSomeoneElsesRealVerifications` now requires you to supply the `aId` of the submission
+
+## 8.1.3 (2021-10-05)
+
+- published updated README.md
+
+## 8.1.2 (2021-09-24)
+
+- update API format for `nId`s that start with `HASHED::`
+- move `cleanInstance` to `@raytio/core`
+
+## 8.1.1 (2021-09-15)
+
+- fix a bug with `nId`s that start with `HASHED::`
+
+## 8.1.0 (2021-08-31)
+
+- update `getRealVerifications` to support `nId`s that start with `HASHED::`
+- changed the behaviour of `isConditionMet` when the condition is an empty object. It now returns false in this case
+- use new format for verify_check API
+
+## 8.0.0 (2021-07-28)
+
+- support conditionally verifiable fields. This only works if the schema is processed by `processSchema`
+- added `isConditionMet` to assit conditionally hidden/required/verifiable fields
+- 💥 BREAKING CHANGE: `getPOVerification` no longer accepts `allSchema` and `schemaName` as an argument, this has been replaced with `schema`.
+- 💥 BREAKING CHANGE: `calcSafeHarbourScore` is now async and no longer accepts `allSchema`, ths has been replaced with an argumnet called `getSchema`.
+
+## 7.0.0 (2021-04-07)
+
+- 💥 BREAKING CHANGE: (TS) `POVerification` and `FieldVerification` are now enums, not string unions
+- fixed a commonjs export bug in v6.0.1
+
+## 6.0.1 (2021-04-06)
+
+- update `calcSafeHarbourScore` to ignore duplicate verifications
+
+## 6.0.0 (2021-03-05)
+
+- 💥 BREAKING CHANGE: `decryptSharedData` now return `instance` and `applicationDecryptor`
+
+## 5.0.0 (2021-03-03)
+
+- deps: upgrade maxcryptor to `0.3.0`
+- 💥 BREAKING CHANGE: (TS) all IDs (e.g. `n_id`, `a_id`) now use nominal types (e.g. `NId`, `AId`)
+- 💥 BREAKING CHANGE: require TypeScipt@4.2 or later
+
+## 4.0.1 (2021-02-05)
+
+- fixed an npm publishing issue with `v4.0.0`
+
+## 4.0.0 (2021-02-04)
+
+- 💥 BREAKING CHANGE: `LABELS_DENYLIST` is no longer exported. It was never documented and there should be no reason to use it. Use `findSchemaLabel` instead.
+- 💥 BREAKING CHANGE: `createAA` should be supplied an `org_id` within the `application` attribute, not as a seperate attribute called `orgId`.
+- 💥 BREAKING CHANGE: `decryptSharedData` no longer needs an `aId` attribute since it can get that information from the `instance` attribute. This isn't a breaking change per-se, but will cause type errors.
+- use `unknown` instead of `any` in some predominantly internal types.
+
+## 3.2.2 (2021-01-19)
+
+- reverted a bug fix from v3.2.1 which was a work-around for badly formatted data.
+
+## 3.2.1 (2021-01-18)
+
+- fixed a bug where verified numbers weren't showing up as verified (reverted in v3.2.2)
+- added `onCorruptedData` option to `decryptSharedData`
+
+## 3.2.0 (2021-01-06)
+
+- added `toCognitoAttributes` and `fromCognitoAttributes`
+- properly handle errors from all API requests
+
+## 3.1.0 (2020-12-19)
+
+- add function to create an access application (`createAA`)
+
+## 3.0.0 (2020-12-17)
+
+- 💥 BREAKING CHANGE: change safe harbour calculation to compare against a base person, instead of using relationships
+
+## 2.2.0 (2020-12-16)
+
+- add Safe Harbour Compliance calculation (`calcSafeHarbourScore`)
+
+## 2.1.0 (2020-12-11)
+
+- add a new type of [`FieldVerification`](https://www.npmjs.com/package/@raytio/types#fieldverification): `Expired`
+- add a new type of [`POVerification`](https://www.npmjs.com/package/@raytio/types#poverification): `Expired`
+- add a `expired` attribute to [`RealVer`](https://www.npmjs.com/package/@raytio/types#realver).
+- update `getPOVerification` to return `Expired` for verifications where all fields are expired
+- [internal] snapshot tests for auto generated documentation
+
+## 2.0.0 (2020-12-07)
+
+- 💥 BREAKING CHANGE: support multiple verifications for the same data. This means that the `details` attribute returned by `getPOVerification` is now an array of [`VerificationProvider`](https://www.npmjs.com/package/@raytio/types#verificationprovider), instead of one [`VerificationProvider`](https://www.npmjs.com/package/@raytio/types#verificationprovider).
+
+## 1.0.4 (2020-12-06)
+
+- fixed a bug where verification details were wrong if the same field name and value were verified by two sources
+- include metadata from the verifier in `RealVer`s
+- fix a bug where verifications for referenced files weren't working
+
+## 1.0.3 (2020-11-23)
+
+- add `UNSAFE_treatNoValueAsVerified` option to getRealVerifications
+- add `date` to `RealVer` type.
+
+## 1.0.2 (2020-11-20)
+
+- `findSchemaLabel` can cope with it's argument being undefined.
+- added `"receiverCreated"` to the list of internal labels
+
+## 1.0.1 (2020-11-18)
+
+- `getRealVerifications` no longer requires an `apiToken` argument, since the API is available without authentication.
+
+## 1.0.0 (2020-11-11)
+
+First stable release

package/README.md

@@ -25,6 +25,7 @@ If you wish to use `@raytio/core` directly, an example of configuring polyfills
 
 - [calcSafeHarbourScore](#calcsafeharbourscore)
 - [calculateScore](#calculatescore)
+- [checkJsonSignature](#checkjsonsignature)
 - [cleanInstance](#cleaninstance)
 - [convertInstanceToRuleInput](#convertinstancetoruleinput)
 - [createAA](#createaa)
@@ -94,7 +95,7 @@ ___
 
 ### calculateScore
 
-▸ **calculateScore**(`ruleConfig`, `ruleInput`): `ScoreResult`
+▸ **calculateScore**(`ruleConfig`, `ruleInput`): `Promise`<`ScoreResult`\>
 
 the main function to calculate a score and category.
 Might throw an error.
@@ -108,7 +109,28 @@ Might throw an error.
 
 #### Returns
 
-`ScoreResult`
+`Promise`<`ScoreResult`\>
+
+___
+
+### checkJsonSignature
+
+▸ `Const` **checkJsonSignature**(`data`, `signature`): `Promise`<`boolean`\>
+
+checks that a json object was signed by the provided signature. Unless you're
+dealing with bundled verifications, you should use `getOwnRealVerifications`
+or `getSomeoneElsesRealVerifications` instead.
+
+#### Parameters
+
+| Name | Type |
+| :------ | :------ |
+| `data` | `unknown` |
+| `signature` | `string` |
+
+#### Returns
+
+`Promise`<`boolean`\>
 
 ___
 

package/dist/accessApplication/index.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

package/dist/crypto/helpers.js

@@ -17,7 +17,7 @@ exports.isEncrypted = isEncrypted;
  * @param value anything
  * @returns true or false depending on whether the input is an encrypted Raytio file
  */
-const isEncryptedFile = (value) => { var _a, _b; return (0, exports.isEncrypted)(value) && ((_b = (_a = value === null || value === void 0 ? void 0 : value.encrypted_data) === null || _a === void 0 ? void 0 : _a.data) === null || _b === void 0 ? void 0 : _b.substr(0, 4)) === "urn:"; };
+const isEncryptedFile = (value) => { var _a, _b; return (0, exports.isEncrypted)(value) && ((_b = (_a = value === null || value === void 0 ? void 0 : value.encrypted_data) === null || _a === void 0 ? void 0 : _a.data) === null || _b === void 0 ? void 0 : _b.slice(0, 4)) === "urn:"; };
 exports.isEncryptedFile = isEncryptedFile;
 /**
  * Given a profile object's properties, returns the number

package/dist/crypto/index.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

package/dist/general/index.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

package/dist/index.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

package/dist/rules/calculateScore.d.ts

@@ -3,9 +3,19 @@ import { RuleData, ScoreConfig } from "./types";
 export declare type ScoreResult = {
     score: number;
     category: string;
+    diagnostics: {
+        config: {
+            id: string;
+            rules: {
+                id: string;
+                name: string;
+                passed: boolean;
+            }[];
+        };
+    };
 };
 /**
  * the main function to calculate a score and category.
  * Might throw an error.
  */
-export declare function calculateScore(ruleConfig: ScoreConfig, ruleInput: RuleData): ScoreResult;
+export declare function calculateScore(ruleConfig: ScoreConfig, ruleInput: RuleData): Promise<ScoreResult>;

package/dist/rules/calculateScore.js

@@ -3,6 +3,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.calculateScore = void 0;
 const evaluateScoreCondition_1 = require("./evaluateScoreCondition");
 const helpers_1 = require("./helpers");
+const general_1 = require("../general");
 function evaluateASTNode(node, data) {
     if (node.type === "LanguageOperator") {
         if (!node.children.length) {
@@ -27,16 +28,26 @@ function evaluateRule(rule, data) {
         throw new Error("A rule may only have 1 root node");
     }
     const rulePassed = rule.tree.every(n => evaluateASTNode(n, data));
-    return rulePassed ? rule.trueWeight : rule.falseWeight;
+    return {
+        passed: rulePassed,
+        score: rulePassed ? rule.trueWeight : rule.falseWeight,
+    };
 }
+/**
+ * We guarantee that the same configId or ruleId will always produce the same output.
+ * This is the closest thing we have to versioning.
+ */
+const jsonId = (json) => (0, general_1.hashPassword)(JSON.stringify(json)).then(hash => hash.slice(0, 10));
 /**
  * the main function to calculate a score and category.
  * Might throw an error.
  */
-function calculateScore(ruleConfig, ruleInput) {
+async function calculateScore(ruleConfig, ruleInput) {
     const result = ruleConfig.rules.map(rule => evaluateRule(rule, ruleInput));
     const [addOrMultiply, initialValue] = (0, helpers_1.getCombinator)(ruleConfig.combinator);
-    const finalScore = result.reduce(addOrMultiply, initialValue);
+    const finalScore = result
+        .map(x => x.score)
+        .reduce(addOrMultiply, initialValue);
     const matchingCategories = (0, helpers_1.addInfiniteThresholdBoundaries)(ruleConfig.scoreThresholds).filter(threshold => finalScore >= threshold.from && finalScore <= threshold.to);
     if (matchingCategories.length === 0) {
         throw new Error(`No categories match the final score (${finalScore})`);
@@ -47,6 +58,16 @@ function calculateScore(ruleConfig, ruleInput) {
     return {
         score: finalScore,
         category: matchingCategories[0].name,
+        diagnostics: {
+            config: {
+                id: await jsonId(ruleConfig),
+                rules: await Promise.all(result.map(async ({ passed }, i) => {
+                    const r = ruleConfig.rules[i];
+                    const ruleId = await jsonId(r);
+                    return { id: ruleId, name: r.name, passed };
+                })),
+            },
+        },
     };
 }
 exports.calculateScore = calculateScore;

package/dist/rules/convertInstanceToRuleInput.js

@@ -72,10 +72,9 @@ const convertInstanceToRuleInput = async (instance, realVers, getSchema) => {
                 memberFieldNames.includes(x.fieldName) &&
                 x.provider.verifierNId)) === null || _a === void 0 ? void 0 : _a.map(v => v.provider.verifierNId).filter((val) => !!val));
             const values = Object.fromEntries(members);
-            // TODO: better system
-            const dayFieldName = memberFieldNames.find(f => f.includes("day"));
-            const monthFieldName = memberFieldNames.find(f => f.includes("month"));
-            const yearFieldName = memberFieldNames.find(f => f.includes("year"));
+            const dayFieldName = memberFieldNames.find(f => { var _a; return (_a = schema.properties[f].tags) === null || _a === void 0 ? void 0 : _a.includes("date_component:day"); });
+            const monthFieldName = memberFieldNames.find(f => { var _a; return (_a = schema.properties[f].tags) === null || _a === void 0 ? void 0 : _a.includes("date_component:month"); });
+            const yearFieldName = memberFieldNames.find(f => { var _a; return (_a = schema.properties[f].tags) === null || _a === void 0 ? void 0 : _a.includes("date_component:year"); });
             if (!dayFieldName || !monthFieldName || !yearFieldName) {
                 throw new Error("Failed to infer date component field");
             }

package/dist/rules/evaluateScoreCondition.js

@@ -27,7 +27,7 @@ function evaluateScoreCondition(node, data) {
         const values = rawValues[i];
         if (!values.length) {
             // TODO: if one of the values required for your rule doesn't exist, then what?
-            // for now, the rule will return value
+            // for now, the rule will return false.
             return false;
         }
         // also check if the claimed type of the value matches the actual type of the value

package/dist/rules/helpers/index.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

package/dist/rules/index.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

package/dist/rules/types/index.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

package/dist/schema/index.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

package/dist/util/canonicalJsonify.js

@@ -28,8 +28,10 @@ function copyObjectWithSortedKeys(object) {
         return `[${object.map(copyObjectWithSortedKeys).join(",")}]`;
     }
     if (typeof object === "number" && object % 1 !== 0) {
+        if (Number.isNaN(object) || !Number.isFinite(object))
+            return "null";
         // float
-        const exponent = Math.round(Math.log10(Math.abs(object)));
+        const exponent = Math.floor(Math.log10(Math.abs(object)));
         let mantissa = `${object / 10 ** exponent}`;
         if (!mantissa.includes("."))
             mantissa += ".0";

package/dist/util/index.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

package/dist/verifications/getPOVerification.js

@@ -43,7 +43,7 @@ function getPOVerification({ PO, schema, realVers, }) {
     const fieldVerifications = (0, ramda_1.mapObjIndexed)((content, fieldName) => {
         const pertainingVers = realVers.filter(x => x.fieldName === fieldName &&
             // using ramda's `equals` because this needs to work for objects/arrays
-            (0, ramda_1.equals)(x.value, (0, maybeRereference_1.maybeRereference)(content)) &&
+            (0, ramda_1.equals)((0, maybeRereference_1.maybeRereference)(x.value), (0, maybeRereference_1.maybeRereference)(content)) &&
             // if an nId is supplied, also filter out verifications that don't relate to that n_id
             (PO.n_id ? x.belongsToNId === PO.n_id : true));
         // .every() illogically returns true for arrays with zero length

package/dist/verifications/getVerifiedBy.js

@@ -10,7 +10,7 @@ const getVerifiedBy = ({ nId, realVers, shouldBeVerifiedProps, }) => {
     const pertainingVers = realVers
         .filter(x => mayBeVerifiedFields.includes(x.fieldName) &&
         // using ramda's `equals` because this needs to work for objects/arrays
-        (0, ramda_1.equals)((0, maybeRereference_1.maybeRereference)(shouldBeVerifiedProps[x.fieldName]), x.value) &&
+        (0, ramda_1.equals)((0, maybeRereference_1.maybeRereference)(shouldBeVerifiedProps[x.fieldName]), (0, maybeRereference_1.maybeRereference)(x.value)) &&
         // if an nId is supplied, also filter out verifications that don't relate to that n_id
         (nId ? x.belongsToNId === nId : true))
         .map(x => x.provider);

package/dist/verifications/index.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -10,7 +14,6 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-// not exporting checkVerifications; it's not a public API
 __exportStar(require("./cleanInstance"), exports);
 __exportStar(require("./getPOVerification"), exports);
 __exportStar(require("./verifyCheck"), exports);

package/dist/verifications/verifyCheck/getSomeoneElsesRealVerifications.d.ts

@@ -5,13 +5,6 @@ declare type Props = {
     verifications: Verification[];
     profileObjects: ProfileObject[];
     controller?: AbortController;
-    /**
-     * do NOT use this option. If the value of a field
-     * equals the value of this prop, that field will be treated
-     * as verified, even if the API says it's not verified. See
-     * #614 for context. @deprecated
-     */
-    UNSAFE_treatNoValueAsVerified?: string;
 };
 /**
  * Given a list of verifications and decrypted profile objects, this function calls
@@ -22,5 +15,5 @@ declare type Props = {
  *
  * @returns a list of fileNames/values that are verified.
  */
-export declare const getSomeoneElsesRealVerifications: ({ aId, apiUrl, verifications, profileObjects, controller, UNSAFE_treatNoValueAsVerified, }: Props) => Promise<RealVer[]>;
+export declare const getSomeoneElsesRealVerifications: ({ aId, apiUrl, verifications, profileObjects, controller, }: Props) => Promise<RealVer[]>;
 export {};

package/dist/verifications/verifyCheck/getSomeoneElsesRealVerifications.js

@@ -17,7 +17,7 @@ POs.map(x => { var _a; return (_a = x.properties) === null || _a === void 0 ? vo
  *
  * @returns a list of fileNames/values that are verified.
  */
-const getSomeoneElsesRealVerifications = async ({ aId, apiUrl, verifications, profileObjects, controller, UNSAFE_treatNoValueAsVerified, }) => {
+const getSomeoneElsesRealVerifications = async ({ aId, apiUrl, verifications, profileObjects, controller, }) => {
     // for each verification (including passed: false), create a list of every possible that
     // value that that verification might have been for. Flatten the list
     // and send the whole thing to the API.
@@ -46,12 +46,7 @@ const getSomeoneElsesRealVerifications = async ({ aId, apiUrl, verifications, pr
     // do NOT expose the `verified` prop from the /verify_check API to avoid semantic confusion,
     // since verified: true does not mean that the verification is verified!
     const realVers = apiResponse
-        .filter(x => x.verified ||
-        // if UNSAFE_treatNoValueAsVerified is enabled, and we don't know the value of this field,
-        // treat is as verified if the `passed` property is true (this is NOT a safe check).
-        (!!UNSAFE_treatNoValueAsVerified &&
-            x.data.value === UNSAFE_treatNoValueAsVerified &&
-            x.data.passed))
+        .filter(x => x.verified)
         .map(({ signature, data, n_id: nID, valid_until }) => ({
         fieldName: data.field,
         value: data.value,

package/dist/verifications/verifyCheck/index.d.ts

@@ -1,2 +1,3 @@
 export * from "./getOwnRealVerifications";
 export * from "./getSomeoneElsesRealVerifications";
+export { checkJsonSignature } from "./operations";

package/dist/verifications/verifyCheck/index.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];
@@ -10,5 +14,8 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
     for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
 };
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.checkJsonSignature = void 0;
 __exportStar(require("./getOwnRealVerifications"), exports);
 __exportStar(require("./getSomeoneElsesRealVerifications"), exports);
+var operations_1 = require("./operations");
+Object.defineProperty(exports, "checkJsonSignature", { enumerable: true, get: function () { return operations_1.checkJsonSignature; } });

package/dist/verifications/verifyCheck/operations/checkOwnVerification.d.ts

@@ -5,5 +5,11 @@ declare type SingleVerToCheck = {
     userId: UId;
     value: unknown;
 };
+/**
+ * checks that a json object was signed by the provided signature. Unless you're
+ * dealing with bundled verifications, you should use `getOwnRealVerifications`
+ * or `getSomeoneElsesRealVerifications` instead.
+ */
+export declare const checkJsonSignature: (data: unknown, signature: string) => Promise<boolean>;
 export declare const checkOwnVerification: ({ verObject, signature, userId, value, }: SingleVerToCheck) => Promise<boolean>;
 export {};

package/dist/verifications/verifyCheck/operations/checkOwnVerification.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.checkOwnVerification = exports.checkSignature = void 0;
+exports.checkOwnVerification = exports.checkJsonSignature = exports.checkSignature = void 0;
 const util_1 = require("../../../util");
 let cache; // eslint-disable-line fp/no-let
 const base64ToArrayBuffer = (str) => Uint8Array.from(atob(str), c => c.charCodeAt(0));
@@ -19,13 +19,21 @@ async function checkSignature(publicCryptoKey, signature, data) {
     return isVerified;
 }
 exports.checkSignature = checkSignature;
-const checkOwnVerification = async ({ verObject, signature, userId, value, }) => {
+/**
+ * checks that a json object was signed by the provided signature. Unless you're
+ * dealing with bundled verifications, you should use `getOwnRealVerifications`
+ * or `getSomeoneElsesRealVerifications` instead.
+ */
+const checkJsonSignature = async (data, signature) => {
     const jwk = await getJwk();
-    if (!userId)
-        throw new Error("No userId supplied");
-    const exapandedObject = Object.assign(Object.assign({}, verObject), { sub: userId, value });
-    const stringified = (0, util_1.canonicalJsonify)(exapandedObject);
+    const stringified = (0, util_1.canonicalJsonify)(data);
     const result = await checkSignature(jwk, signature, stringified);
     return result;
 };
+exports.checkJsonSignature = checkJsonSignature;
+const checkOwnVerification = async ({ verObject, signature, userId, value, }) => {
+    if (!userId)
+        throw new Error("No userId supplied");
+    return (0, exports.checkJsonSignature)(Object.assign(Object.assign({}, verObject), { sub: userId, value }), signature);
+};
 exports.checkOwnVerification = checkOwnVerification;

package/dist/verifications/verifyCheck/operations/index.js

@@ -1,7 +1,11 @@
 "use strict";
 var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
-    Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
 }) : (function(o, m, k, k2) {
     if (k2 === undefined) k2 = k;
     o[k2] = m[k];

package/package.json

@@ -1,12 +1,13 @@
 {
   "name": "@raytio/core",
-  "version": "9.0.1",
+  "version": "10.0.0",
   "license": "MIT",
   "main": "index",
   "types": "index",
   "files": [
     "index.js",
     "index.d.ts",
+    "CHANGELOG.md",
     "dist"
   ],
   "scripts": {
@@ -16,14 +17,14 @@
   },
   "dependencies": {
     "@raytio/maxcryptor": "3.1.0",
-    "@raytio/types": "6.0.0",
+    "@raytio/types": "6.0.1",
     "ramda": "0.28.0"
   },
   "devDependencies": {
-    "@types/ramda": "0.27.64",
-    "jest": "27.4.7",
+    "@types/ramda": "0.28.11",
+    "jest": "27.5.1",
     "localstorage-polyfill": "1.0.1",
-    "ts-jest": "27.1.3"
+    "ts-jest": "27.1.4"
   },
   "jest": {
     "transform": {