diff --git a/.changeset/keys-secp256r1-export.md b/.changeset/keys-secp256r1-export.md new file mode 100644 index 0000000..e1f1cc9 --- /dev/null +++ b/.changeset/keys-secp256r1-export.md @@ -0,0 +1,8 @@ +--- +"@agentcommercekit/keys": patch +--- + +Build the `./secp256r1` subpath export. The export was declared in `package.json` +but its entry was missing from `tsdown.config.ts`, so `dist/curves/secp256r1.{js,d.ts}` +were never emitted and importing `@agentcommercekit/keys/secp256r1` failed (and +`publint` flagged the missing files). Added the build entry so the export resolves. diff --git a/.changeset/web-identity-schemas-adoption.md b/.changeset/web-identity-schemas-adoption.md new file mode 100644 index 0000000..a4dd289 --- /dev/null +++ b/.changeset/web-identity-schemas-adoption.md @@ -0,0 +1,42 @@ +--- +"@agentcommercekit/did": major +"@agentcommercekit/jwt": major +"@agentcommercekit/vc": major +"@agentcommercekit/caip": major +"@agentcommercekit/ack-id": major +"@agentcommercekit/ack-pay": major +"agentcommercekit": major +--- + +Adopt [`web-identity-schemas`](https://github.com/catena-labs/web-identity-schemas) +as the source of truth for DID/JWT/VC validation schemas and DID/JWT types, and +**drop Zod v3 support**. + +Breaking changes: + +- **Zod v3 is no longer supported.** The `./schemas/zod/v3` and `./schemas/zod/v4` + subpath exports are removed; each package now exports a single `./schemas/zod` + (Zod v4). The `zod` optional peer range is now `^4.0.0`. Import from + `@agentcommercekit//schemas/zod` instead of `.../schemas/zod/v3` or + `.../schemas/zod/v4`. +- **DID validation is stricter.** `didUriSchema` and `isDidUri` now enforce the + full DID-core syntax (via `web-identity-schemas`' `DidSchema`/`isDid`) instead of + a permissive `startsWith("did:")` check. Malformed DIDs that previously passed + are now rejected (and validation error details have changed). +- `DidUri` and `JwtString` are now re-exported from `web-identity-schemas` (`Did` + and `JwtString` respectively). They remain structurally compatible; `JwtString` + widens to `string`. +- **VC validation is stricter.** `credentialSchema` (and the `isCredential` guard + built on it) is now backed by w-i-s' `CredentialV1Schema`, which enforces the VC + Data Model v1.1 shape: the `@context` must start with the v1 core URI, `type` + must include `"VerifiableCredential"`, `issuanceDate` must be an ISO-8601 + datetime, and `id` must be a URI. Loosely-shaped objects that the previous + hand-rolled schema accepted may now be rejected. ACK-issued credentials (always + v1) are unaffected, and the credential-verification path + (`parseJwtCredential`/`verifyParsedCredential`) is unchanged — it still uses a + separate structural guard, not this authoring schema. + +`web-identity-schemas` is now a dependency of `did`, `jwt`, and `vc`. The VC +credential schema is now backed by w-i-s' `CredentialV1Schema` while preserving +ACK's issuer-normalization and `JwtProof2020` handling. CAIP, payment, A2A, +controller-claim, and `JwtProof2020` schemas remain hand-rolled. diff --git a/AGENTS.md b/AGENTS.md index 4a8ca0b..8b1a969 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -41,17 +41,15 @@ agentcommercekit (umbrella re-export) ### Dual Validation Schemas -Valibot is primary (runtime dependency); Zod is an optional peer everywhere. Most packages expose schemas through three files / four export paths: +Valibot is primary (runtime dependency); Zod (v4) is an optional peer everywhere. Standards-tracked DID/JWT/VC schemas come from the [`web-identity-schemas`](https://github.com/catena-labs/web-identity-schemas) package; ACK only hand-rolls the schemas w-i-s doesn't cover (CAIP, payment, A2A, controller-claim, JwtProof2020). Each package exposes schemas through two files / two export paths: ``` src/schemas/ ├── valibot.ts → ./schemas/valibot -└── zod/ - ├── v3.ts → ./schemas/zod/v3 AND ./schemas/zod (alias) - └── v4.ts → ./schemas/zod/v4 +└── zod.ts → ./schemas/zod (zod v4 only; zod v3 is not supported) ``` -Adding a new type requires updating all three schema files **and** the `exports` map in `package.json` **and** the entry array in `tsdown.config.ts`. (`keys` is the exception — it exports curve-specific files and encoding, no schemas.) +Adding a new type requires updating both schema files **and** the `exports` map in `package.json` **and** the entry array in `tsdown.config.ts`. (`keys` is the exception — it exports curve-specific files and encoding, no schemas.) ### Dependencies diff --git a/demos/e2e/src/index.ts b/demos/e2e/src/index.ts index 1e96944..7f2c4f3 100644 --- a/demos/e2e/src/index.ts +++ b/demos/e2e/src/index.ts @@ -128,7 +128,7 @@ Agent 1 (Client Agent): ) logJson(await parseJwtCredential(ownershipVc1, resolver)) log(` -colors.dim("This VC, issued by User 1, proves they control Agent 1.")} +${colors.dim("This VC, issued by User 1, proves they control Agent 1.")} ${successMessage("User 1 and Agent 1 (Client) setup complete")} diff --git a/demos/skyfire-kya/src/kya-token.ts b/demos/skyfire-kya/src/kya-token.ts index 5ad8d3c..dc07fe3 100644 --- a/demos/skyfire-kya/src/kya-token.ts +++ b/demos/skyfire-kya/src/kya-token.ts @@ -5,21 +5,22 @@ import { type JwtString, type Keypair, } from "agentcommercekit" -import { jwtPayloadSchema } from "agentcommercekit/schemas/zod/v4" +import { jwtPayloadSchema } from "agentcommercekit/schemas/zod" import { decodeJwt } from "jose" -import * as z from "zod/v4" +import * as z from "zod" -const skyfireKyaJwtPayloadSchema = z.object({ - ...jwtPayloadSchema.shape, - ssi: z.string(), - jti: z.string(), - bid: z.object({ - agentName: z.string(), - ownerId: z.string(), - nameFirst: z.string(), - nameLast: z.string(), - }), -}) +const skyfireKyaJwtPayloadSchema = z + .object({ + ssi: z.string(), + jti: z.string(), + bid: z.object({ + agentName: z.string(), + ownerId: z.string(), + nameFirst: z.string(), + nameLast: z.string(), + }), + }) + .and(jwtPayloadSchema) export type SkyfireKyaJwtPayload = z.output diff --git a/examples/issuer/src/routes/credentials.test.ts b/examples/issuer/src/routes/credentials.test.ts index 548b64b..5ac96d6 100644 --- a/examples/issuer/src/routes/credentials.test.ts +++ b/examples/issuer/src/routes/credentials.test.ts @@ -317,12 +317,7 @@ describe("POST /credentials/controller", () => { error: "Invalid request", issues: [ { - kind: "schema", - type: "custom", - expected: "unknown", - received: '"not-a-valid-did"', input: "not-a-valid-did", - message: "Invalid DID format", path: [{ key: "controller", value: "not-a-valid-did" }], }, ], diff --git a/examples/issuer/src/routes/receipts.test.ts b/examples/issuer/src/routes/receipts.test.ts index deda6c2..15e7aa1 100644 --- a/examples/issuer/src/routes/receipts.test.ts +++ b/examples/issuer/src/routes/receipts.test.ts @@ -253,12 +253,7 @@ describe("POST /credentials/receipts", () => { error: "Invalid request", issues: [ { - kind: "schema", - type: "custom", - expected: "unknown", - received: '"invalid-did"', input: "invalid-did", - message: "Invalid DID format", path: [{ key: "payerDid", value: "invalid-did" }], }, ], diff --git a/packages/ack-id/README.md b/packages/ack-id/README.md index de6b87b..cba107b 100644 --- a/packages/ack-id/README.md +++ b/packages/ack-id/README.md @@ -91,9 +91,8 @@ isControllerClaim(credential.credentialSubject) // Valibot schema import { controllerClaimSchema } from "@agentcommercekit/ack-id/schemas/valibot" -// Zod v3 schema -import { controllerClaimSchema } from "@agentcommercekit/ack-id/schemas/zod/v3" -import { controllerClaimSchema } from "@agentcommercekit/ack-id/schemas/zod/v4" +// Zod schema +import { controllerClaimSchema } from "@agentcommercekit/ack-id/schemas/zod" ``` ## A2A Support diff --git a/packages/ack-id/package.json b/packages/ack-id/package.json index 2a529cc..72bb909 100644 --- a/packages/ack-id/package.json +++ b/packages/ack-id/package.json @@ -33,16 +33,8 @@ "default": "./dist/schemas/valibot.js" }, "./schemas/zod": { - "types": "./dist/schemas/zod/v3.d.ts", - "default": "./dist/schemas/zod/v3.js" - }, - "./schemas/zod/v3": { - "types": "./dist/schemas/zod/v3.d.ts", - "default": "./dist/schemas/zod/v3.js" - }, - "./schemas/zod/v4": { - "types": "./dist/schemas/zod/v4.d.ts", - "default": "./dist/schemas/zod/v4.js" + "types": "./dist/schemas/zod.d.ts", + "default": "./dist/schemas/zod.js" }, "./a2a": { "types": "./dist/a2a/index.d.ts", @@ -53,16 +45,8 @@ "default": "./dist/a2a/schemas/valibot.js" }, "./a2a/schemas/zod": { - "types": "./dist/a2a/schemas/zod/v3.d.ts", - "default": "./dist/a2a/schemas/zod/v3.js" - }, - "./a2a/schemas/zod/v3": { - "types": "./dist/a2a/schemas/zod/v3.d.ts", - "default": "./dist/a2a/schemas/zod/v3.js" - }, - "./a2a/schemas/zod/v4": { - "types": "./dist/a2a/schemas/zod/v4.d.ts", - "default": "./dist/a2a/schemas/zod/v4.js" + "types": "./dist/a2a/schemas/zod.d.ts", + "default": "./dist/a2a/schemas/zod.js" } }, "publishConfig": { @@ -91,7 +75,7 @@ }, "peerDependencies": { "@a2a-js/sdk": "^0.2.2", - "zod": "^3.25.0" + "zod": "^4.0.0" }, "peerDependenciesMeta": { "@a2a-js/sdk": { diff --git a/packages/ack-id/src/a2a/schemas/zod/v4.ts b/packages/ack-id/src/a2a/schemas/zod.ts similarity index 97% rename from packages/ack-id/src/a2a/schemas/zod/v4.ts rename to packages/ack-id/src/a2a/schemas/zod.ts index a6e9425..f6575bd 100644 --- a/packages/ack-id/src/a2a/schemas/zod/v4.ts +++ b/packages/ack-id/src/a2a/schemas/zod.ts @@ -1,4 +1,4 @@ -import * as z from "zod/v4" +import * as z from "zod" const roleSchema = z.enum(["agent", "user"]) diff --git a/packages/ack-id/src/a2a/schemas/zod/v3.ts b/packages/ack-id/src/a2a/schemas/zod/v3.ts deleted file mode 100644 index 6c72eb7..0000000 --- a/packages/ack-id/src/a2a/schemas/zod/v3.ts +++ /dev/null @@ -1,52 +0,0 @@ -import { z } from "zod/v3" - -const roleSchema = z.enum(["agent", "user"]) - -const metadataSchema = z.record(z.string(), z.unknown()).nullable() - -// Base schema for common part properties -const partBaseSchema = z.object({ - metadata: metadataSchema.optional(), -}) - -// Text part schema -export const textPartSchema = partBaseSchema.extend({ - type: z.literal("text"), - text: z.string(), -}) - -// Data part schema -export const dataPartSchema = partBaseSchema.extend({ - type: z.literal("data"), - data: z.union([z.record(z.string(), z.unknown()), z.array(z.unknown())]), -}) - -// File content schema -export const fileContentSchema = z.object({ - name: z.string().nullable().optional(), - mimeType: z.string().nullable().optional(), - bytes: z.string().nullable().optional(), - uri: z.string().nullable().optional(), -}) - -// File part schema -export const filePartSchema = partBaseSchema.extend({ - type: z.literal("file"), - file: fileContentSchema, -}) - -// Union of all part types using discriminated union -export const partSchema = z.discriminatedUnion("type", [ - textPartSchema, - dataPartSchema, - filePartSchema, -]) - -// Message schema -export const messageSchema = z - .object({ - role: roleSchema, - parts: z.array(partSchema), - metadata: metadataSchema.optional(), - }) - .passthrough() diff --git a/packages/ack-id/src/schemas/zod/v3.ts b/packages/ack-id/src/schemas/zod.ts similarity index 78% rename from packages/ack-id/src/schemas/zod/v3.ts rename to packages/ack-id/src/schemas/zod.ts index 1aab7e8..30751a5 100644 --- a/packages/ack-id/src/schemas/zod/v3.ts +++ b/packages/ack-id/src/schemas/zod.ts @@ -1,4 +1,4 @@ -import { z } from "zod/v3" +import * as z from "zod" export const controllerClaimSchema = z.object({ id: z.string(), diff --git a/packages/ack-id/src/schemas/zod/v4.ts b/packages/ack-id/src/schemas/zod/v4.ts deleted file mode 100644 index 389ee73..0000000 --- a/packages/ack-id/src/schemas/zod/v4.ts +++ /dev/null @@ -1,6 +0,0 @@ -import * as z from "zod/v4" - -export const controllerClaimSchema = z.object({ - id: z.string(), - controller: z.string(), -}) diff --git a/packages/ack-id/tsdown.config.ts b/packages/ack-id/tsdown.config.ts index a78f602..3534d6e 100644 --- a/packages/ack-id/tsdown.config.ts +++ b/packages/ack-id/tsdown.config.ts @@ -4,11 +4,9 @@ export default defineConfig({ entry: [ "src/index.ts", "src/schemas/valibot.ts", - "src/schemas/zod/v3.ts", - "src/schemas/zod/v4.ts", + "src/schemas/zod.ts", "src/a2a/index.ts", - "src/a2a/schemas/zod/v3.ts", - "src/a2a/schemas/zod/v4.ts", + "src/a2a/schemas/zod.ts", "src/a2a/schemas/valibot.ts", ], dts: true, diff --git a/packages/ack-pay/README.md b/packages/ack-pay/README.md index ad1cc35..3e3f788 100644 --- a/packages/ack-pay/README.md +++ b/packages/ack-pay/README.md @@ -121,9 +121,8 @@ isPaymentReceiptCredential(credential) // Valibot schema import { paymentRequestSchema } from "@agentcommercekit/ack-pay/schemas/valibot" -// Zod v3 schema -import { paymentRequestSchema } from "@agentcommercekit/ack-pay/schemas/zod/v3" -import { paymentRequestSchema } from "@agentcommercekit/ack-pay/schemas/zod/v4" +// Zod schema +import { paymentRequestSchema } from "@agentcommercekit/ack-pay/schemas/zod" ``` ## Agent Commerce Kit Version diff --git a/packages/ack-pay/package.json b/packages/ack-pay/package.json index 3c395fa..9ba5a43 100644 --- a/packages/ack-pay/package.json +++ b/packages/ack-pay/package.json @@ -29,16 +29,8 @@ "default": "./dist/index.js" }, "./schemas/zod": { - "types": "./dist/schemas/zod/v3.d.ts", - "default": "./dist/schemas/zod/v3.js" - }, - "./schemas/zod/v3": { - "types": "./dist/schemas/zod/v3.d.ts", - "default": "./dist/schemas/zod/v3.js" - }, - "./schemas/zod/v4": { - "types": "./dist/schemas/zod/v4.d.ts", - "default": "./dist/schemas/zod/v4.js" + "types": "./dist/schemas/zod.d.ts", + "default": "./dist/schemas/zod.js" }, "./schemas/valibot": { "types": "./dist/schemas/valibot.d.ts", @@ -67,7 +59,7 @@ "zod": "catalog:" }, "peerDependencies": { - "zod": "^3.25.0" + "zod": "^4.0.0" }, "peerDependenciesMeta": { "zod": { diff --git a/packages/ack-pay/src/schemas/zod/v4.ts b/packages/ack-pay/src/schemas/zod.ts similarity index 90% rename from packages/ack-pay/src/schemas/zod/v4.ts rename to packages/ack-pay/src/schemas/zod.ts index 55c19f0..66ceffd 100644 --- a/packages/ack-pay/src/schemas/zod/v4.ts +++ b/packages/ack-pay/src/schemas/zod.ts @@ -1,6 +1,6 @@ -import { didUriSchema } from "@agentcommercekit/did/schemas/zod/v4" -import { jwtStringSchema } from "@agentcommercekit/jwt/schemas/zod/v4" -import * as z from "zod/v4" +import { didUriSchema } from "@agentcommercekit/did/schemas/zod" +import { jwtStringSchema } from "@agentcommercekit/jwt/schemas/zod" +import * as z from "zod" const urlOrDidUri = z.union([z.url(), didUriSchema]) diff --git a/packages/ack-pay/src/schemas/zod/v3.ts b/packages/ack-pay/src/schemas/zod/v3.ts deleted file mode 100644 index 2e3ee83..0000000 --- a/packages/ack-pay/src/schemas/zod/v3.ts +++ /dev/null @@ -1,33 +0,0 @@ -import { didUriSchema } from "@agentcommercekit/did/schemas/zod/v3" -import { jwtStringSchema } from "@agentcommercekit/jwt/schemas/zod" -import { z } from "zod/v3" - -const urlOrDidUri = z.union([z.string().url(), didUriSchema]) - -export const paymentOptionSchema = z.object({ - id: z.string(), - amount: z.union([z.number().int().positive(), z.string()]), - decimals: z.number().int().nonnegative(), - currency: z.string(), - recipient: z.string(), - network: z.string().optional(), - paymentService: urlOrDidUri.optional(), - receiptService: urlOrDidUri.optional(), -}) - -export const paymentRequestSchema = z.object({ - id: z.string(), - description: z.string().optional(), - serviceCallback: z.string().url().optional(), - expiresAt: z - .union([z.date(), z.string()]) - .transform((val) => new Date(val).toISOString()) - .optional(), - paymentOptions: z.array(paymentOptionSchema).nonempty(), -}) - -export const paymentReceiptClaimSchema = z.object({ - paymentRequestToken: jwtStringSchema, - paymentOptionId: z.string(), - metadata: z.record(z.string(), z.unknown()).optional(), -}) diff --git a/packages/ack-pay/tsdown.config.ts b/packages/ack-pay/tsdown.config.ts index b3f56b0..b547a19 100644 --- a/packages/ack-pay/tsdown.config.ts +++ b/packages/ack-pay/tsdown.config.ts @@ -1,12 +1,7 @@ import { defineConfig } from "tsdown/config" export default defineConfig({ - entry: [ - "src/index.ts", - "src/schemas/zod/v3.ts", - "src/schemas/zod/v4.ts", - "src/schemas/valibot.ts", - ], + entry: ["src/index.ts", "src/schemas/zod.ts", "src/schemas/valibot.ts"], dts: true, silent: true, }) diff --git a/packages/agentcommercekit/AGENTS.md b/packages/agentcommercekit/AGENTS.md index b90ac25..ed01aae 100644 --- a/packages/agentcommercekit/AGENTS.md +++ b/packages/agentcommercekit/AGENTS.md @@ -21,5 +21,5 @@ This package only contains re-exports. If you need to add new functionality, add - `src/index.ts` - Main re-exports - `src/schemas/valibot.ts` - Aggregated valibot schemas -- `src/schemas/zod/v3.ts` / `v4.ts` - Aggregated zod schemas +- `src/schemas/zod.ts` - Aggregated zod schemas - `src/a2a/` - A2A re-exports diff --git a/packages/agentcommercekit/package.json b/packages/agentcommercekit/package.json index 00513fe..1e2b1bd 100644 --- a/packages/agentcommercekit/package.json +++ b/packages/agentcommercekit/package.json @@ -33,16 +33,8 @@ "default": "./dist/schemas/valibot.js" }, "./schemas/zod": { - "types": "./dist/schemas/zod/v3.d.ts", - "default": "./dist/schemas/zod/v3.js" - }, - "./schemas/zod/v3": { - "types": "./dist/schemas/zod/v3.d.ts", - "default": "./dist/schemas/zod/v3.js" - }, - "./schemas/zod/v4": { - "types": "./dist/schemas/zod/v4.d.ts", - "default": "./dist/schemas/zod/v4.js" + "types": "./dist/schemas/zod.d.ts", + "default": "./dist/schemas/zod.js" }, "./a2a": { "types": "./dist/a2a/index.d.ts", @@ -53,16 +45,8 @@ "default": "./dist/a2a/schemas/valibot.js" }, "./a2a/schemas/zod": { - "types": "./dist/a2a/schemas/zod/v3.d.ts", - "default": "./dist/a2a/schemas/zod/v3.js" - }, - "./a2a/schemas/zod/v3": { - "types": "./dist/a2a/schemas/zod/v3.d.ts", - "default": "./dist/a2a/schemas/zod/v3.js" - }, - "./a2a/schemas/zod/v4": { - "types": "./dist/a2a/schemas/zod/v4.d.ts", - "default": "./dist/a2a/schemas/zod/v4.js" + "types": "./dist/a2a/schemas/zod.d.ts", + "default": "./dist/a2a/schemas/zod.js" } }, "publishConfig": { @@ -93,7 +77,7 @@ "peerDependencies": { "@a2a-js/sdk": "^0.2.2", "valibot": "^1.0.0", - "zod": "^3.25.0" + "zod": "^4.0.0" }, "peerDependenciesMeta": { "@a2a-js/sdk": { diff --git a/packages/agentcommercekit/src/a2a/schemas/zod.ts b/packages/agentcommercekit/src/a2a/schemas/zod.ts new file mode 100644 index 0000000..29e0005 --- /dev/null +++ b/packages/agentcommercekit/src/a2a/schemas/zod.ts @@ -0,0 +1 @@ +export * from "@agentcommercekit/ack-id/a2a/schemas/zod" diff --git a/packages/agentcommercekit/src/a2a/schemas/zod/v3.ts b/packages/agentcommercekit/src/a2a/schemas/zod/v3.ts deleted file mode 100644 index f387196..0000000 --- a/packages/agentcommercekit/src/a2a/schemas/zod/v3.ts +++ /dev/null @@ -1 +0,0 @@ -export * from "@agentcommercekit/ack-id/a2a/schemas/zod/v3" diff --git a/packages/agentcommercekit/src/a2a/schemas/zod/v4.ts b/packages/agentcommercekit/src/a2a/schemas/zod/v4.ts deleted file mode 100644 index b16e198..0000000 --- a/packages/agentcommercekit/src/a2a/schemas/zod/v4.ts +++ /dev/null @@ -1 +0,0 @@ -export * from "@agentcommercekit/ack-id/a2a/schemas/zod/v4" diff --git a/packages/agentcommercekit/src/schemas/zod.ts b/packages/agentcommercekit/src/schemas/zod.ts new file mode 100644 index 0000000..53aa9e9 --- /dev/null +++ b/packages/agentcommercekit/src/schemas/zod.ts @@ -0,0 +1,6 @@ +export * from "@agentcommercekit/ack-pay/schemas/zod" +export * from "@agentcommercekit/ack-id/schemas/zod" +export * from "@agentcommercekit/caip/schemas/zod" +export * from "@agentcommercekit/did/schemas/zod" +export * from "@agentcommercekit/jwt/schemas/zod" +export * from "@agentcommercekit/vc/schemas/zod" diff --git a/packages/agentcommercekit/src/schemas/zod/v3.ts b/packages/agentcommercekit/src/schemas/zod/v3.ts deleted file mode 100644 index 7da8fa8..0000000 --- a/packages/agentcommercekit/src/schemas/zod/v3.ts +++ /dev/null @@ -1,6 +0,0 @@ -export * from "@agentcommercekit/ack-pay/schemas/zod/v3" -export * from "@agentcommercekit/ack-id/schemas/zod/v3" -export * from "@agentcommercekit/caip/schemas/zod/v3" -export * from "@agentcommercekit/did/schemas/zod/v3" -export * from "@agentcommercekit/jwt/schemas/zod/v3" -export * from "@agentcommercekit/vc/schemas/zod/v3" diff --git a/packages/agentcommercekit/src/schemas/zod/v4.ts b/packages/agentcommercekit/src/schemas/zod/v4.ts deleted file mode 100644 index 26459b5..0000000 --- a/packages/agentcommercekit/src/schemas/zod/v4.ts +++ /dev/null @@ -1,6 +0,0 @@ -export * from "@agentcommercekit/ack-pay/schemas/zod/v4" -export * from "@agentcommercekit/ack-id/schemas/zod/v4" -export * from "@agentcommercekit/caip/schemas/zod/v4" -export * from "@agentcommercekit/did/schemas/zod/v4" -export * from "@agentcommercekit/jwt/schemas/zod/v4" -export * from "@agentcommercekit/vc/schemas/zod/v4" diff --git a/packages/agentcommercekit/tsdown.config.ts b/packages/agentcommercekit/tsdown.config.ts index a78f602..3534d6e 100644 --- a/packages/agentcommercekit/tsdown.config.ts +++ b/packages/agentcommercekit/tsdown.config.ts @@ -4,11 +4,9 @@ export default defineConfig({ entry: [ "src/index.ts", "src/schemas/valibot.ts", - "src/schemas/zod/v3.ts", - "src/schemas/zod/v4.ts", + "src/schemas/zod.ts", "src/a2a/index.ts", - "src/a2a/schemas/zod/v3.ts", - "src/a2a/schemas/zod/v4.ts", + "src/a2a/schemas/zod.ts", "src/a2a/schemas/valibot.ts", ], dts: true, diff --git a/packages/caip/AGENTS.md b/packages/caip/AGENTS.md index 6ae381e..12978bf 100644 --- a/packages/caip/AGENTS.md +++ b/packages/caip/AGENTS.md @@ -8,9 +8,8 @@ None (leaf package). ## Subpath Exports -Standard schema exports (`./schemas/valibot`, `./schemas/zod/v3`, `./schemas/zod/v4`). - -Note: unlike most packages, `caip` does **not** have the `./schemas/zod` alias. +Standard schema exports (`./schemas/valibot`, `./schemas/zod`). CAIP schemas are +hand-rolled (not covered by `web-identity-schemas`). ## Key Types @@ -25,4 +24,4 @@ Predefined chain IDs available via `caip2ChainIds` (ethereumMainnet, solanaMainn ## Source Layout - `src/caips/` - One file per CAIP standard (caip-2.ts, caip-10.ts, caip-19.ts) -- `src/schemas/` - Dual validation schemas (valibot + zod v3/v4) +- `src/schemas/` - Dual validation schemas (valibot + zod v4) diff --git a/packages/caip/README.md b/packages/caip/README.md index 63706a7..a2a3a18 100644 --- a/packages/caip/README.md +++ b/packages/caip/README.md @@ -138,15 +138,11 @@ import { caip2ChainIdSchema, caip10AccountIdSchema, } from "@agentcommercekit/caip/schemas/valibot" -// Zod v3 schemas +// Zod schemas import { caip2ChainIdSchema, caip10AccountIdSchema, -} from "@agentcommercekit/caip/schemas/zod/v3" -import { - caip2ChainIdSchema, - caip10AccountIdSchema, -} from "@agentcommercekit/caip/schemas/zod/v4" +} from "@agentcommercekit/caip/schemas/zod" ``` ## Resources diff --git a/packages/caip/package.json b/packages/caip/package.json index 44b30c4..d0c4ccc 100644 --- a/packages/caip/package.json +++ b/packages/caip/package.json @@ -28,13 +28,9 @@ "types": "./dist/index.d.ts", "default": "./dist/index.js" }, - "./schemas/zod/v3": { - "types": "./dist/schemas/zod/v3.d.ts", - "default": "./dist/schemas/zod/v3.js" - }, - "./schemas/zod/v4": { - "types": "./dist/schemas/zod/v4.d.ts", - "default": "./dist/schemas/zod/v4.js" + "./schemas/zod": { + "types": "./dist/schemas/zod.d.ts", + "default": "./dist/schemas/zod.js" }, "./schemas/valibot": { "types": "./dist/schemas/valibot.d.ts", @@ -60,7 +56,7 @@ }, "peerDependencies": { "valibot": "^1.1.0", - "zod": "^3.25.0" + "zod": "^4.0.0" }, "peerDependenciesMeta": { "valibot": { diff --git a/packages/caip/src/schemas/schemas.test.ts b/packages/caip/src/schemas/schemas.test.ts index bd073ee..31de703 100644 --- a/packages/caip/src/schemas/schemas.test.ts +++ b/packages/caip/src/schemas/schemas.test.ts @@ -8,13 +8,11 @@ import type { Caip19AssetType, } from "../caips" import * as valibot from "./valibot" -import * as zodv3 from "./zod/v3" -import * as zodv4 from "./zod/v4" +import * as zod from "./zod" const schemas = { valibot, - zodv3, - zodv4, + zod, } describe.each(Object.entries(schemas))("CAIP (%s)", (_name, schemas) => { diff --git a/packages/caip/src/schemas/zod/v3.ts b/packages/caip/src/schemas/zod.ts similarity index 97% rename from packages/caip/src/schemas/zod/v3.ts rename to packages/caip/src/schemas/zod.ts index d5a7713..50d1beb 100644 --- a/packages/caip/src/schemas/zod/v3.ts +++ b/packages/caip/src/schemas/zod.ts @@ -1,4 +1,4 @@ -import { z } from "zod/v3" +import * as z from "zod" import { caip2ChainIdRegex, @@ -11,7 +11,7 @@ import { type Caip19AssetId, type Caip19AssetName, type Caip19AssetType, -} from "../../caips" +} from "../caips" export const caip2ChainIdSchema = z .string() diff --git a/packages/caip/src/schemas/zod/v4.ts b/packages/caip/src/schemas/zod/v4.ts deleted file mode 100644 index bac8da3..0000000 --- a/packages/caip/src/schemas/zod/v4.ts +++ /dev/null @@ -1,65 +0,0 @@ -import * as z from "zod/v4" - -import { - caip2ChainIdRegex, - caip10AccountIdRegex, - caip19AssetIdRegex, - caip19AssetNameRegex, - caip19AssetTypeRegex, - type Caip2ChainId, - type Caip10AccountId, - type Caip19AssetId, - type Caip19AssetName, - type Caip19AssetType, -} from "../../caips" - -export const caip2ChainIdSchema = z - .string() - .regex(caip2ChainIdRegex) - .pipe(z.custom(() => true)) - -export function isCaip2ChainId(chainId: unknown): chainId is Caip2ChainId { - return caip2ChainIdSchema.safeParse(chainId).success -} - -export const caip10AccountIdSchema = z - .string() - .regex(caip10AccountIdRegex) - .pipe(z.custom(() => true)) - -export function isCaip10AccountId( - accountId: unknown, -): accountId is Caip10AccountId { - return caip10AccountIdSchema.safeParse(accountId).success -} - -export const caip19AssetNameSchema = z - .string() - .regex(caip19AssetNameRegex) - .pipe(z.custom(() => true)) - -export function isCaip19AssetName( - assetName: unknown, -): assetName is Caip19AssetName { - return caip19AssetNameSchema.safeParse(assetName).success -} - -export const caip19AssetTypeSchema = z - .string() - .regex(caip19AssetTypeRegex) - .pipe(z.custom(() => true)) - -export function isCaip19AssetType( - assetType: unknown, -): assetType is Caip19AssetType { - return caip19AssetTypeSchema.safeParse(assetType).success -} - -export const caip19AssetIdSchema = z - .string() - .regex(caip19AssetIdRegex) - .pipe(z.custom(() => true)) - -export function isCaip19AssetId(assetId: unknown): assetId is Caip19AssetId { - return caip19AssetIdSchema.safeParse(assetId).success -} diff --git a/packages/caip/tsdown.config.ts b/packages/caip/tsdown.config.ts index b3f56b0..b547a19 100644 --- a/packages/caip/tsdown.config.ts +++ b/packages/caip/tsdown.config.ts @@ -1,12 +1,7 @@ import { defineConfig } from "tsdown/config" export default defineConfig({ - entry: [ - "src/index.ts", - "src/schemas/zod/v3.ts", - "src/schemas/zod/v4.ts", - "src/schemas/valibot.ts", - ], + entry: ["src/index.ts", "src/schemas/zod.ts", "src/schemas/valibot.ts"], dts: true, silent: true, }) diff --git a/packages/did/README.md b/packages/did/README.md index aba231d..4c2a0a2 100644 --- a/packages/did/README.md +++ b/packages/did/README.md @@ -130,9 +130,8 @@ const { did, didDocument } = createDidWebDocumentFromKeypair({ // Valibot schemas import { didUriSchema } from "@agentcommercekit/did/schemas/valibot" -// Zod v3 schemas -import { didUriSchema } from "@agentcommercekit/did/schemas/zod/v3" -import { didUriSchema } from "@agentcommercekit/did/schemas/zod/v4" +// Zod schema +import { didUriSchema } from "@agentcommercekit/did/schemas/zod" ``` ## License (MIT) diff --git a/packages/did/package.json b/packages/did/package.json index ebbaa0e..77b46c9 100644 --- a/packages/did/package.json +++ b/packages/did/package.json @@ -29,16 +29,8 @@ "default": "./dist/index.js" }, "./schemas/zod": { - "types": "./dist/schemas/zod/v3.d.ts", - "default": "./dist/schemas/zod/v3.js" - }, - "./schemas/zod/v3": { - "types": "./dist/schemas/zod/v3.d.ts", - "default": "./dist/schemas/zod/v3.js" - }, - "./schemas/zod/v4": { - "types": "./dist/schemas/zod/v4.d.ts", - "default": "./dist/schemas/zod/v4.js" + "types": "./dist/schemas/zod.d.ts", + "default": "./dist/schemas/zod.js" }, "./schemas/valibot": { "types": "./dist/schemas/valibot.d.ts", @@ -62,7 +54,8 @@ "jwks-did-resolver": "1.1.0", "key-did-resolver": "4.0.0", "valibot": "catalog:", - "varint": "6.0.0" + "varint": "6.0.0", + "web-identity-schemas": "catalog:" }, "devDependencies": { "@repo/typescript-config": "workspace:*", @@ -71,7 +64,7 @@ "zod": "catalog:" }, "peerDependencies": { - "zod": "^3.25.0" + "zod": "^4.0.0" }, "peerDependenciesMeta": { "zod": { diff --git a/packages/did/src/did-uri.ts b/packages/did/src/did-uri.ts index 727461f..df39906 100644 --- a/packages/did/src/did-uri.ts +++ b/packages/did/src/did-uri.ts @@ -1,18 +1,28 @@ +import type { Did } from "web-identity-schemas" +import { isDid } from "web-identity-schemas/valibot" + +export type { Did } + +/** + * A DID URI, e.g. `did:web:example.com`. + * + * Backed by `web-identity-schemas`' `Did` type, which is structurally a + * `did:${method}:${identifier}` template literal. + */ export type DidUri< TMethod extends string = string, TIdentifier extends string = string, -> = `did:${TMethod}:${TIdentifier}` +> = Did /** * Check if a value is a did uri * + * Delegates to `web-identity-schemas`' `isDid`, which enforces the full DID-core + * syntax, so the runtime guard and the `didUriSchema` agree on strictness. + * * @param val - The value to check * @returns `true` if the value is a did uri, `false` otherwise */ export function isDidUri(val: unknown): val is DidUri { - return ( - typeof val === "string" && - val.startsWith("did:") && - val.split(":").length >= 3 - ) + return isDid(val) } diff --git a/packages/did/src/schemas/valibot.ts b/packages/did/src/schemas/valibot.ts index 37269bc..1a2c1d5 100644 --- a/packages/did/src/schemas/valibot.ts +++ b/packages/did/src/schemas/valibot.ts @@ -1,9 +1,10 @@ import { caip2ChainIdSchema } from "@agentcommercekit/caip/schemas/valibot" -import * as v from "valibot" +import { DidSchema } from "web-identity-schemas/valibot" -import { isDidUri, type DidUri } from "../did-uri" - -export const didUriSchema = v.custom(isDidUri, "Invalid DID format") +/** + * Validates a DID URI, backed by `web-identity-schemas`' DID-core schema. + */ +export const didUriSchema = DidSchema /** * @deprecated Use `caip2ChainIdSchema` instead diff --git a/packages/did/src/schemas/zod.ts b/packages/did/src/schemas/zod.ts new file mode 100644 index 0000000..aadc6e6 --- /dev/null +++ b/packages/did/src/schemas/zod.ts @@ -0,0 +1,12 @@ +import { caip2ChainIdSchema } from "@agentcommercekit/caip/schemas/zod" +import { DidSchema } from "web-identity-schemas/zod" + +/** + * Validates a DID URI, backed by `web-identity-schemas`' DID-core schema. + */ +export const didUriSchema = DidSchema + +/** + * @deprecated Use `caip2ChainIdSchema` instead + */ +export const didPkhChainIdSchema = caip2ChainIdSchema diff --git a/packages/did/src/schemas/zod/v3.ts b/packages/did/src/schemas/zod/v3.ts deleted file mode 100644 index e53f208..0000000 --- a/packages/did/src/schemas/zod/v3.ts +++ /dev/null @@ -1,11 +0,0 @@ -import { caip2ChainIdSchema } from "@agentcommercekit/caip/schemas/zod/v3" -import { z } from "zod/v3" - -import { isDidUri, type DidUri } from "../../did-uri" - -export const didUriSchema = z.custom(isDidUri, "Invalid DID format") - -/** - * @deprecated Use `caip2ChainIdSchema` instead - */ -export const didPkhChainIdSchema = caip2ChainIdSchema diff --git a/packages/did/src/schemas/zod/v4.ts b/packages/did/src/schemas/zod/v4.ts deleted file mode 100644 index 811b667..0000000 --- a/packages/did/src/schemas/zod/v4.ts +++ /dev/null @@ -1,11 +0,0 @@ -import { caip2ChainIdSchema } from "@agentcommercekit/caip/schemas/zod/v4" -import * as z from "zod/v4" - -import { isDidUri, type DidUri } from "../../did-uri" - -export const didUriSchema = z.custom(isDidUri, "Invalid DID format") - -/** - * @deprecated Use `caip2ChainIdSchema` instead - */ -export const didPkhChainIdSchema = caip2ChainIdSchema diff --git a/packages/did/tsdown.config.ts b/packages/did/tsdown.config.ts index b3f56b0..b547a19 100644 --- a/packages/did/tsdown.config.ts +++ b/packages/did/tsdown.config.ts @@ -1,12 +1,7 @@ import { defineConfig } from "tsdown/config" export default defineConfig({ - entry: [ - "src/index.ts", - "src/schemas/zod/v3.ts", - "src/schemas/zod/v4.ts", - "src/schemas/valibot.ts", - ], + entry: ["src/index.ts", "src/schemas/zod.ts", "src/schemas/valibot.ts"], dts: true, silent: true, }) diff --git a/packages/jwt/README.md b/packages/jwt/README.md index ddd40df..54127d1 100644 --- a/packages/jwt/README.md +++ b/packages/jwt/README.md @@ -57,9 +57,8 @@ The package provides schemas for validating JWT strings with Zod and Valibot: // Valibot import { jwtStringSchema } from "@agentcommercekit/jwt/schemas/valibot" -// Zod v3 -import { jwtStringSchema } from "@agentcommercekit/jwt/schemas/zod/v3" -import { jwtStringSchema } from "@agentcommercekit/jwt/schemas/zod/v4" +// Zod schema +import { jwtStringSchema } from "@agentcommercekit/jwt/schemas/zod" ``` ## API diff --git a/packages/jwt/package.json b/packages/jwt/package.json index 8833761..774f477 100644 --- a/packages/jwt/package.json +++ b/packages/jwt/package.json @@ -29,16 +29,8 @@ "default": "./dist/index.js" }, "./schemas/zod": { - "types": "./dist/schemas/zod/v3.d.ts", - "default": "./dist/schemas/zod/v3.js" - }, - "./schemas/zod/v3": { - "types": "./dist/schemas/zod/v3.d.ts", - "default": "./dist/schemas/zod/v3.js" - }, - "./schemas/zod/v4": { - "types": "./dist/schemas/zod/v4.d.ts", - "default": "./dist/schemas/zod/v4.js" + "types": "./dist/schemas/zod.d.ts", + "default": "./dist/schemas/zod.js" }, "./schemas/valibot": { "types": "./dist/schemas/valibot.d.ts", @@ -57,7 +49,8 @@ }, "dependencies": { "@agentcommercekit/keys": "workspace:*", - "did-jwt": "8.0.18" + "did-jwt": "8.0.18", + "web-identity-schemas": "catalog:" }, "devDependencies": { "@repo/typescript-config": "workspace:*", @@ -66,7 +59,7 @@ }, "peerDependencies": { "valibot": "^1.0.0", - "zod": "^3.25.0" + "zod": "^4.0.0" }, "peerDependenciesMeta": { "valibot": { diff --git a/packages/jwt/src/jwt-string.ts b/packages/jwt/src/jwt-string.ts index 4593d30..d44d8f4 100644 --- a/packages/jwt/src/jwt-string.ts +++ b/packages/jwt/src/jwt-string.ts @@ -1,12 +1,15 @@ -/** - * A JWT String, which at a minimum has 3 segments - */ -export type JwtString = `${string}.${string}.${string}` +import type { JwtString } from "web-identity-schemas" + +export type { JwtString } /** * Checks if a string is formatted correctly as a JWT string. This * does not verify the JWT's integrity, only that it is formatted correctly. * + * Requires a non-empty signature segment (ACK always signs its JWTs; it never + * issues unsecured tokens), so this is stricter than `web-identity-schemas`' + * `JwtStringSchema`, which permits an empty signature. + * * @param value - The value to check * @returns `true` if the value is a valid JWT string, `false` otherwise */ diff --git a/packages/jwt/src/schemas/valibot.ts b/packages/jwt/src/schemas/valibot.ts index ac9625f..c3dcb5a 100644 --- a/packages/jwt/src/schemas/valibot.ts +++ b/packages/jwt/src/schemas/valibot.ts @@ -1,21 +1,22 @@ import * as v from "valibot" +import { JwtPayloadSchema } from "web-identity-schemas/valibot" -import type { JwtHeader, JwtPayload } from "../create-jwt" +import type { JwtHeader } from "../create-jwt" import { jwtAlgorithms } from "../jwt-algorithm" -import type { JwtString } from "../jwt-string" -export const jwtPayloadSchema = v.pipe( - v.looseObject({ - iss: v.optional(v.string()), - sub: v.optional(v.string()), - aud: v.optional(v.union([v.string(), v.array(v.string())])), - iat: v.optional(v.number()), - nbf: v.optional(v.number()), - exp: v.optional(v.number()), - }), - v.custom(() => true), -) +/** + * JWT payload schema, backed by `web-identity-schemas`. Kept as a raw + * loose-object schema so consumers can spread `.entries`. + */ +export const jwtPayloadSchema = JwtPayloadSchema +/** + * JWT header restricted to the algorithms ACK signs with. + * + * `web-identity-schemas`' `JwtHeaderSignedSchema` allows all JOSE algorithms; + * ACK only ever signs with `ES256`/`ES256K`/`EdDSA`, so this wrapper keeps the + * narrow set. + */ export const jwtHeaderSchema = v.pipe( v.looseObject({ typ: v.literal("JWT"), @@ -24,8 +25,13 @@ export const jwtHeaderSchema = v.pipe( v.custom(() => true), ) +/** + * JWT string schema requiring a non-empty signature segment. + * + * Stricter than `web-identity-schemas`' `JwtStringSchema` (which permits an + * empty signature) — see {@link isJwtString}. + */ export const jwtStringSchema = v.pipe( v.string(), v.regex(/^[a-zA-Z0-9-_]+\.[a-zA-Z0-9-_]+\.[a-zA-Z0-9-_]+$/), - v.transform((input) => input as JwtString), ) diff --git a/packages/jwt/src/schemas/zod.ts b/packages/jwt/src/schemas/zod.ts new file mode 100644 index 0000000..8d886ad --- /dev/null +++ b/packages/jwt/src/schemas/zod.ts @@ -0,0 +1,38 @@ +import { JwtPayloadSchema } from "web-identity-schemas/zod" +import * as z from "zod" + +import type { JwtHeader } from "../create-jwt" +import { jwtAlgorithms } from "../jwt-algorithm" + +/** + * JWT payload schema, backed by `web-identity-schemas`. + * + * Note: w-i-s types this as a `z.ZodType` (not a `ZodObject`), so `.shape` is + * not available to consumers — compose with `jwtPayloadSchema.and(...)` to + * extend it (see `demos/skyfire-kya`). + */ +export const jwtPayloadSchema = JwtPayloadSchema + +/** + * JWT header restricted to the algorithms ACK signs with. + * + * `web-identity-schemas`' `JwtHeaderSignedSchema` allows all JOSE algorithms; + * ACK only ever signs with `ES256`/`ES256K`/`EdDSA`, so this wrapper keeps the + * narrow set. + */ +export const jwtHeaderSchema = z + .looseObject({ + typ: z.literal("JWT"), + alg: z.enum(jwtAlgorithms), + }) + .refine((val): val is JwtHeader => true) + +/** + * JWT string schema requiring a non-empty signature segment. + * + * Stricter than `web-identity-schemas`' `JwtStringSchema` (which permits an + * empty signature) — see {@link isJwtString}. + */ +export const jwtStringSchema = z + .string() + .regex(/^[a-zA-Z0-9-_]+\.[a-zA-Z0-9-_]+\.[a-zA-Z0-9-_]+$/) diff --git a/packages/jwt/src/schemas/zod/v3.ts b/packages/jwt/src/schemas/zod/v3.ts deleted file mode 100644 index 8d29542..0000000 --- a/packages/jwt/src/schemas/zod/v3.ts +++ /dev/null @@ -1,32 +0,0 @@ -import { z } from "zod/v3" - -import type { JwtHeader, JwtPayload } from "../../create-jwt" -import { jwtAlgorithms } from "../../jwt-algorithm" -import { isJwtString } from "../../jwt-string" - -export const jwtPayloadSchema = z - .object({ - iss: z.optional(z.string()), - sub: z.optional(z.string()), - aud: z.optional(z.union([z.string(), z.array(z.string())])), - iat: z.optional(z.number()), - nbf: z.optional(z.number()), - exp: z.optional(z.number()), - }) - .passthrough() - .refine((val): val is JwtPayload => true) - -export const jwtHeaderSchema = z - .object({ - typ: z.literal("JWT"), - alg: z.enum(jwtAlgorithms), - }) - .passthrough() - .refine((val): val is JwtHeader => true) - -export const jwtStringSchema = z - .string() - .regex(/^[a-zA-Z0-9-_]+\.[a-zA-Z0-9-_]+\.[a-zA-Z0-9-_]+$/) - .refine((input) => isJwtString(input), { - message: "Invalid JWT string", - }) diff --git a/packages/jwt/src/schemas/zod/v4.ts b/packages/jwt/src/schemas/zod/v4.ts deleted file mode 100644 index 1b1c4e0..0000000 --- a/packages/jwt/src/schemas/zod/v4.ts +++ /dev/null @@ -1,30 +0,0 @@ -import * as z from "zod/v4" - -import type { JwtHeader, JwtPayload } from "../../create-jwt" -import { jwtAlgorithms } from "../../jwt-algorithm" -import { isJwtString } from "../../jwt-string" - -export const jwtPayloadSchema = z - .looseObject({ - iss: z.optional(z.string()), - sub: z.optional(z.string()), - aud: z.optional(z.union([z.string(), z.array(z.string())])), - iat: z.optional(z.number()), - nbf: z.optional(z.number()), - exp: z.optional(z.number()), - }) - .refine((val): val is JwtPayload => true) - -export const jwtHeaderSchema = z - .looseObject({ - typ: z.literal("JWT"), - alg: z.enum(jwtAlgorithms), - }) - .refine((val): val is JwtHeader => true) - -export const jwtStringSchema = z - .string() - .regex(/^[a-zA-Z0-9-_]+\.[a-zA-Z0-9-_]+\.[a-zA-Z0-9-_]+$/) - .refine((input) => isJwtString(input), { - message: "Invalid JWT string", - }) diff --git a/packages/jwt/tsdown.config.ts b/packages/jwt/tsdown.config.ts index b3f56b0..b547a19 100644 --- a/packages/jwt/tsdown.config.ts +++ b/packages/jwt/tsdown.config.ts @@ -1,12 +1,7 @@ import { defineConfig } from "tsdown/config" export default defineConfig({ - entry: [ - "src/index.ts", - "src/schemas/zod/v3.ts", - "src/schemas/zod/v4.ts", - "src/schemas/valibot.ts", - ], + entry: ["src/index.ts", "src/schemas/zod.ts", "src/schemas/valibot.ts"], dts: true, silent: true, }) diff --git a/packages/keys/tsdown.config.ts b/packages/keys/tsdown.config.ts index a0b930a..12203f8 100644 --- a/packages/keys/tsdown.config.ts +++ b/packages/keys/tsdown.config.ts @@ -6,6 +6,7 @@ export default defineConfig({ "src/encoding/index.ts", "src/curves/ed25519.ts", "src/curves/secp256k1.ts", + "src/curves/secp256r1.ts", ], dts: true, silent: true, diff --git a/packages/vc/README.md b/packages/vc/README.md index 837355b..6b3ef99 100644 --- a/packages/vc/README.md +++ b/packages/vc/README.md @@ -111,9 +111,8 @@ const revoked = await isRevoked(credential) // Valibot schemas import { credentialSchema } from "@agentcommercekit/vc/schemas/valibot" -// Zod v3 schemas -import { credentialSchema } from "@agentcommercekit/vc/schemas/zod/v3" -import { credentialSchema } from "@agentcommercekit/vc/schemas/zod/v4" +// Zod schema +import { credentialSchema } from "@agentcommercekit/vc/schemas/zod" ``` ## License (MIT) diff --git a/packages/vc/package.json b/packages/vc/package.json index 0a233f5..56f0600 100644 --- a/packages/vc/package.json +++ b/packages/vc/package.json @@ -29,16 +29,8 @@ "default": "./dist/index.js" }, "./schemas/zod": { - "types": "./dist/schemas/zod/v3.d.ts", - "default": "./dist/schemas/zod/v3.js" - }, - "./schemas/zod/v3": { - "types": "./dist/schemas/zod/v3.d.ts", - "default": "./dist/schemas/zod/v3.js" - }, - "./schemas/zod/v4": { - "types": "./dist/schemas/zod/v4.d.ts", - "default": "./dist/schemas/zod/v4.js" + "types": "./dist/schemas/zod.d.ts", + "default": "./dist/schemas/zod.js" }, "./schemas/valibot": { "types": "./dist/schemas/valibot.d.ts", @@ -61,14 +53,15 @@ "@agentcommercekit/keys": "workspace:*", "bit-buffers": "catalog:", "did-jwt-vc": "4.0.16", - "valibot": "catalog:" + "valibot": "catalog:", + "web-identity-schemas": "catalog:" }, "devDependencies": { "@repo/typescript-config": "workspace:*", "zod": "catalog:" }, "peerDependencies": { - "zod": "^3.25.0" + "zod": "^4.0.0" }, "peerDependenciesMeta": { "zod": { diff --git a/packages/vc/src/schemas/valibot.ts b/packages/vc/src/schemas/valibot.ts index eb816a1..4eba358 100644 --- a/packages/vc/src/schemas/valibot.ts +++ b/packages/vc/src/schemas/valibot.ts @@ -1,33 +1,33 @@ import * as v from "valibot" +import { CredentialV1Schema } from "web-identity-schemas/valibot" import type { W3CCredential } from "../types" -const baseSchema = v.object({ - "@context": v.array(v.string()), - credentialStatus: v.optional( - v.object({ - id: v.string(), - type: v.string(), - }), - ), - credentialSubject: v.looseObject({ id: v.optional(v.string()) }), - expirationDate: v.optional(v.string()), - id: v.optional(v.string()), - issuanceDate: v.string(), - issuer: v.union([v.string(), v.object({ id: v.string() })]), - type: v.array(v.string()), - proof: v.optional(v.looseObject({ type: v.optional(v.string()) })), -}) - +/** + * Validates an unsigned W3C VC Data Model v1.1 credential, backed by + * `web-identity-schemas`' `CredentialV1Schema`. + * + * Built on the *unsigned* V1 base (not the verifiable schema) so it stays + * unsigned-compatible and accepts ACK's `JwtProof2020` proofs — the base is a + * loose object, so an existing `proof` passes through untouched. The transform + * preserves ACK's two invariants: a top-level string `issuer` is normalized to + * `{ id }` (downstream reads `issuer.id`), and `type` is coerced to an array. + */ export const credentialSchema = v.pipe( - baseSchema, + CredentialV1Schema, v.transform((input) => { const issuer = typeof input.issuer === "string" ? { id: input.issuer } : input.issuer + const type = Array.isArray(input.type) ? input.type : [input.type] + const context = Array.isArray(input["@context"]) + ? input["@context"] + : [input["@context"]] return { ...input, + "@context": context, issuer, + type, } as W3CCredential }), ) diff --git a/packages/vc/src/schemas/zod.ts b/packages/vc/src/schemas/zod.ts new file mode 100644 index 0000000..3f425b1 --- /dev/null +++ b/packages/vc/src/schemas/zod.ts @@ -0,0 +1,41 @@ +import { CredentialV1Schema } from "web-identity-schemas/zod" +import * as z from "zod" + +import type { W3CCredential } from "../types" + +/** + * Validates an unsigned W3C VC Data Model v1.1 credential, backed by + * `web-identity-schemas`' `CredentialV1Schema`. + * + * Built on the *unsigned* V1 base (not the verifiable schema) so it stays + * unsigned-compatible and accepts ACK's `JwtProof2020` proofs. The transform + * preserves ACK's two invariants: a top-level string `issuer` is normalized to + * `{ id }`, and `type` is coerced to an array. + */ +export const credentialSchema = CredentialV1Schema.transform((input) => { + const issuer = + typeof input.issuer === "string" ? { id: input.issuer } : input.issuer + const type = Array.isArray(input.type) ? input.type : [input.type] + const context = Array.isArray(input["@context"]) + ? input["@context"] + : [input["@context"]] + + return { + ...input, + "@context": context, + issuer, + type, + } as W3CCredential +}) + +export const jwtProofSchema = z.object({ + type: z.literal("JwtProof2020"), + jwt: z.string(), +}) + +export const bitstringStatusListClaimSchema = z.object({ + id: z.string(), + type: z.literal("BitstringStatusList"), + statusPurpose: z.string(), + encodedList: z.string(), +}) diff --git a/packages/vc/src/schemas/zod/v3.ts b/packages/vc/src/schemas/zod/v3.ts deleted file mode 100644 index 845d5ca..0000000 --- a/packages/vc/src/schemas/zod/v3.ts +++ /dev/null @@ -1,46 +0,0 @@ -import { z } from "zod/v3" - -import type { W3CCredential } from "../../types" - -export const credentialSchema = z - .object({ - "@context": z.array(z.string()), - credentialStatus: z - .object({ - id: z.string(), - type: z.string(), - }) - .optional(), - credentialSubject: z.object({ id: z.string().optional() }).passthrough(), - expirationDate: z.string().optional(), - id: z.string().optional(), - issuanceDate: z.string(), - issuer: z.string().or(z.object({ id: z.string() })), - type: z.array(z.string()), - proof: z - .object({ - type: z.string().optional(), - }) - .passthrough() - .optional(), - }) - .transform((v) => { - const issuer = typeof v.issuer === "string" ? { id: v.issuer } : v.issuer - - return { - ...v, - issuer, - } as W3CCredential - }) - -export const jwtProofSchema = z.object({ - type: z.literal("JwtProof2020"), - jwt: z.string(), -}) - -export const bitstringStatusListClaimSchema = z.object({ - id: z.string(), - type: z.literal("BitstringStatusList"), - statusPurpose: z.string(), - encodedList: z.string(), -}) diff --git a/packages/vc/src/schemas/zod/v4.ts b/packages/vc/src/schemas/zod/v4.ts deleted file mode 100644 index 5f6b5de..0000000 --- a/packages/vc/src/schemas/zod/v4.ts +++ /dev/null @@ -1,45 +0,0 @@ -import * as z from "zod/v4" - -import type { W3CCredential } from "../../types" - -export const credentialSchema = z - .object({ - "@context": z.array(z.string()), - credentialStatus: z - .object({ - id: z.string(), - type: z.string(), - }) - .optional(), - credentialSubject: z.looseObject({ id: z.string().optional() }), - expirationDate: z.string().optional(), - id: z.string().optional(), - issuanceDate: z.string(), - issuer: z.string().or(z.object({ id: z.string() })), - type: z.array(z.string()), - proof: z - .looseObject({ - type: z.string().optional(), - }) - .optional(), - }) - .transform((v) => { - const issuer = typeof v.issuer === "string" ? { id: v.issuer } : v.issuer - - return { - ...v, - issuer, - } as W3CCredential - }) - -export const jwtProofSchema = z.object({ - type: z.literal("JwtProof2020"), - jwt: z.string(), -}) - -export const bitstringStatusListClaimSchema = z.object({ - id: z.string(), - type: z.literal("BitstringStatusList"), - statusPurpose: z.string(), - encodedList: z.string(), -}) diff --git a/packages/vc/tsdown.config.ts b/packages/vc/tsdown.config.ts index b3f56b0..b547a19 100644 --- a/packages/vc/tsdown.config.ts +++ b/packages/vc/tsdown.config.ts @@ -1,12 +1,7 @@ import { defineConfig } from "tsdown/config" export default defineConfig({ - entry: [ - "src/index.ts", - "src/schemas/zod/v3.ts", - "src/schemas/zod/v4.ts", - "src/schemas/valibot.ts", - ], + entry: ["src/index.ts", "src/schemas/zod.ts", "src/schemas/valibot.ts"], dts: true, silent: true, }) diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 1263b70..d31382c 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -39,9 +39,12 @@ catalogs: viem: specifier: 2.52.2 version: 2.52.2 + web-identity-schemas: + specifier: 0.3.0 + version: 0.3.0 zod: - specifier: 3.25.4 - version: 3.25.4 + specifier: 4.4.3 + version: 4.4.3 importers: @@ -113,13 +116,13 @@ importers: dependencies: '@ai-sdk/anthropic': specifier: 1.2.11 - version: 1.2.11(zod@3.25.4) + version: 1.2.11(zod@4.4.3) '@ai-sdk/openai': specifier: 1.3.22 - version: 1.3.22(zod@3.25.4) + version: 1.3.22(zod@4.4.3) '@ai-sdk/valibot': specifier: 0.1.28 - version: 0.1.28(@valibot/to-json-schema@1.3.0(valibot@1.4.1(typescript@5.9.3)))(react@19.2.3)(valibot@1.4.1(typescript@5.9.3))(zod@3.25.4) + version: 0.1.28(@valibot/to-json-schema@1.3.0(valibot@1.4.1(typescript@5.9.3)))(react@19.2.3)(valibot@1.4.1(typescript@5.9.3))(zod@4.4.3) '@hono/node-server': specifier: 'catalog:' version: 2.0.5(hono@4.12.26) @@ -137,7 +140,7 @@ importers: version: link:../../packages/agentcommercekit ai: specifier: 4.3.16 - version: 4.3.16(react@19.2.3)(zod@3.25.4) + version: 4.3.16(react@19.2.3)(zod@4.4.3) hono: specifier: 'catalog:' version: 4.12.26 @@ -146,7 +149,7 @@ importers: version: 1.4.1(typescript@5.9.3) zod: specifier: 'catalog:' - version: 3.25.4 + version: 4.4.3 devDependencies: '@repo/typescript-config': specifier: workspace:* @@ -227,7 +230,7 @@ importers: version: 6.2.3 zod: specifier: 'catalog:' - version: 3.25.4 + version: 4.4.3 devDependencies: '@repo/typescript-config': specifier: workspace:* @@ -364,7 +367,7 @@ importers: version: link:../../tools/typescript-config zod: specifier: 'catalog:' - version: 3.25.4 + version: 4.4.3 packages/ack-pay: dependencies: @@ -389,7 +392,7 @@ importers: version: link:../../tools/typescript-config zod: specifier: 'catalog:' - version: 3.25.4 + version: 4.4.3 packages/agentcommercekit: dependencies: @@ -426,7 +429,7 @@ importers: version: 1.4.1(typescript@5.9.3) zod: specifier: 'catalog:' - version: 3.25.4 + version: 4.4.3 packages/caip: devDependencies: @@ -435,13 +438,13 @@ importers: version: link:../../tools/typescript-config standard-parse: specifier: 'catalog:' - version: 0.5.0(arktype@2.1.29)(valibot@1.4.1(typescript@5.9.3))(vitest@4.1.9(@opentelemetry/api@1.9.0)(@types/node@24.9.2)(vite@7.1.12(@types/node@24.9.2)(jiti@2.7.0)(tsx@4.22.4)(yaml@2.9.0)))(zod@3.25.4) + version: 0.5.0(arktype@2.1.29)(valibot@1.4.1(typescript@5.9.3))(vitest@4.1.9(@opentelemetry/api@1.9.0)(@types/node@24.9.2)(vite@7.1.12(@types/node@24.9.2)(jiti@2.7.0)(tsx@4.22.4)(yaml@2.9.0)))(zod@4.4.3) valibot: specifier: 'catalog:' version: 1.4.1(typescript@5.9.3) zod: specifier: 'catalog:' - version: 3.25.4 + version: 4.4.3 packages/did: dependencies: @@ -456,7 +459,7 @@ importers: version: 4.1.0 jwks-did-resolver: specifier: 1.1.0 - version: 1.1.0(typescript@5.9.3)(zod@3.25.4) + version: 1.1.0(typescript@5.9.3)(zod@4.4.3) key-did-resolver: specifier: 4.0.0 version: 4.0.0 @@ -466,6 +469,9 @@ importers: varint: specifier: 6.0.0 version: 6.0.0 + web-identity-schemas: + specifier: 'catalog:' + version: 0.3.0(valibot@1.4.1(typescript@5.9.3))(zod@4.4.3) devDependencies: '@repo/typescript-config': specifier: workspace:* @@ -475,10 +481,10 @@ importers: version: 6.0.3 standard-parse: specifier: 'catalog:' - version: 0.5.0(arktype@2.1.29)(valibot@1.4.1(typescript@5.9.3))(vitest@4.1.9(@opentelemetry/api@1.9.0)(@types/node@24.9.2)(vite@7.1.12(@types/node@24.9.2)(jiti@2.7.0)(tsx@4.22.4)(yaml@2.9.0)))(zod@3.25.4) + version: 0.5.0(arktype@2.1.29)(valibot@1.4.1(typescript@5.9.3))(vitest@4.1.9(@opentelemetry/api@1.9.0)(@types/node@24.9.2)(vite@7.1.12(@types/node@24.9.2)(jiti@2.7.0)(tsx@4.22.4)(yaml@2.9.0)))(zod@4.4.3) zod: specifier: 'catalog:' - version: 3.25.4 + version: 4.4.3 packages/jwt: dependencies: @@ -488,6 +494,9 @@ importers: did-jwt: specifier: 8.0.18 version: 8.0.18 + web-identity-schemas: + specifier: 'catalog:' + version: 0.3.0(valibot@1.4.1(typescript@5.9.3))(zod@4.4.3) devDependencies: '@repo/typescript-config': specifier: workspace:* @@ -497,7 +506,7 @@ importers: version: 1.4.1(typescript@5.9.3) zod: specifier: 'catalog:' - version: 3.25.4 + version: 4.4.3 packages/keys: dependencies: @@ -538,13 +547,16 @@ importers: valibot: specifier: 'catalog:' version: 1.4.1(typescript@5.9.3) + web-identity-schemas: + specifier: 'catalog:' + version: 0.3.0(valibot@1.4.1(typescript@5.9.3))(zod@4.4.3) devDependencies: '@repo/typescript-config': specifier: workspace:* version: link:../../tools/typescript-config zod: specifier: 'catalog:' - version: 3.25.4 + version: 4.4.3 tools/api-utils: dependencies: @@ -7173,6 +7185,18 @@ packages: zod: optional: true + web-identity-schemas@0.3.0: + resolution: {integrity: sha512-zO3eGqDpHkU5xmfVW3rc2eYbTNEr4xq5GeXRvbhpLu33Qzlx+9Pj/7t+v7/tvpIy0sJxLiLbsynDMiYtFoETdg==} + engines: {node: '>=22', pnpm: '>=10'} + peerDependencies: + valibot: ^1.0.0 + zod: ^4.0.0 + peerDependenciesMeta: + valibot: + optional: true + zod: + optional: true + web-namespaces@2.0.1: resolution: {integrity: sha512-bKr1DkiNa2krS7qxNtdrtHAmzuYGFQLiQ13TsorsdT6ULTkPLKuu5+GsFpDlg6JFjUTwX2DyhMPG2be8uPrqsQ==} @@ -7341,9 +7365,6 @@ packages: zod@3.24.0: resolution: {integrity: sha512-Hz+wiY8yD0VLA2k/+nsg2Abez674dDGTai33SwNvMPuf9uIrBC9eFgIMQxBBbHFxVXi8W+5nX9DcAh9YNSQm/w==} - zod@3.25.4: - resolution: {integrity: sha512-7zz8qNtVv37yCd8OeUW37PMXrR0K/zg+6vw+Z2FJ2+oozVdRbFKldkCoqxd9nJflDrx2ZkjUJrPF2DMj+L4pBQ==} - zod@4.4.3: resolution: {integrity: sha512-ytENFjIJFl2UwYglde2jchW2Hwm4GJFLDiSXWdTrJQBIN9Fcyp7n4DhxJEiWNAJMV1/BqWfW/kkg71UDcHJyTQ==} @@ -7365,50 +7386,50 @@ snapshots: '@adraffy/ens-normalize@1.11.1': {} - '@ai-sdk/anthropic@1.2.11(zod@3.25.4)': + '@ai-sdk/anthropic@1.2.11(zod@4.4.3)': dependencies: '@ai-sdk/provider': 1.1.3 - '@ai-sdk/provider-utils': 2.2.8(zod@3.25.4) - zod: 3.25.4 + '@ai-sdk/provider-utils': 2.2.8(zod@4.4.3) + zod: 4.4.3 - '@ai-sdk/openai@1.3.22(zod@3.25.4)': + '@ai-sdk/openai@1.3.22(zod@4.4.3)': dependencies: '@ai-sdk/provider': 1.1.3 - '@ai-sdk/provider-utils': 2.2.8(zod@3.25.4) - zod: 3.25.4 + '@ai-sdk/provider-utils': 2.2.8(zod@4.4.3) + zod: 4.4.3 - '@ai-sdk/provider-utils@2.2.8(zod@3.25.4)': + '@ai-sdk/provider-utils@2.2.8(zod@4.4.3)': dependencies: '@ai-sdk/provider': 1.1.3 nanoid: 3.3.11 secure-json-parse: 2.7.0 - zod: 3.25.4 + zod: 4.4.3 '@ai-sdk/provider@1.1.3': dependencies: json-schema: 0.4.0 - '@ai-sdk/react@1.2.12(react@19.2.3)(zod@3.25.4)': + '@ai-sdk/react@1.2.12(react@19.2.3)(zod@4.4.3)': dependencies: - '@ai-sdk/provider-utils': 2.2.8(zod@3.25.4) - '@ai-sdk/ui-utils': 1.2.11(zod@3.25.4) + '@ai-sdk/provider-utils': 2.2.8(zod@4.4.3) + '@ai-sdk/ui-utils': 1.2.11(zod@4.4.3) react: 19.2.3 swr: 2.3.6(react@19.2.3) throttleit: 2.1.0 optionalDependencies: - zod: 3.25.4 + zod: 4.4.3 - '@ai-sdk/ui-utils@1.2.11(zod@3.25.4)': + '@ai-sdk/ui-utils@1.2.11(zod@4.4.3)': dependencies: '@ai-sdk/provider': 1.1.3 - '@ai-sdk/provider-utils': 2.2.8(zod@3.25.4) - zod: 3.25.4 - zod-to-json-schema: 3.24.6(zod@3.25.4) + '@ai-sdk/provider-utils': 2.2.8(zod@4.4.3) + zod: 4.4.3 + zod-to-json-schema: 3.24.6(zod@4.4.3) - '@ai-sdk/valibot@0.1.28(@valibot/to-json-schema@1.3.0(valibot@1.4.1(typescript@5.9.3)))(react@19.2.3)(valibot@1.4.1(typescript@5.9.3))(zod@3.25.4)': + '@ai-sdk/valibot@0.1.28(@valibot/to-json-schema@1.3.0(valibot@1.4.1(typescript@5.9.3)))(react@19.2.3)(valibot@1.4.1(typescript@5.9.3))(zod@4.4.3)': dependencies: '@valibot/to-json-schema': 1.3.0(valibot@1.4.1(typescript@5.9.3)) - ai: 4.3.16(react@19.2.3)(zod@3.25.4) + ai: 4.3.16(react@19.2.3)(zod@4.4.3) valibot: 1.4.1(typescript@5.9.3) transitivePeerDependencies: - react @@ -10402,15 +10423,15 @@ snapshots: clean-stack: 4.2.0 indent-string: 5.0.0 - ai@4.3.16(react@19.2.3)(zod@3.25.4): + ai@4.3.16(react@19.2.3)(zod@4.4.3): dependencies: '@ai-sdk/provider': 1.1.3 - '@ai-sdk/provider-utils': 2.2.8(zod@3.25.4) - '@ai-sdk/react': 1.2.12(react@19.2.3)(zod@3.25.4) - '@ai-sdk/ui-utils': 1.2.11(zod@3.25.4) + '@ai-sdk/provider-utils': 2.2.8(zod@4.4.3) + '@ai-sdk/react': 1.2.12(react@19.2.3)(zod@4.4.3) + '@ai-sdk/ui-utils': 1.2.11(zod@4.4.3) '@opentelemetry/api': 1.9.0 jsondiffpatch: 0.6.0 - zod: 3.25.4 + zod: 4.4.3 optionalDependencies: react: 19.2.3 @@ -11035,10 +11056,10 @@ snapshots: devtools-protocol@0.0.1312386: {} - did-jwks@1.1.0(typescript@5.9.3)(zod@3.25.4): + did-jwks@1.1.0(typescript@5.9.3)(zod@4.4.3): dependencies: valibot: 1.4.1(typescript@5.9.3) - web-identity-schemas: 0.1.6(valibot@1.4.1(typescript@5.9.3))(zod@3.25.4) + web-identity-schemas: 0.1.6(valibot@1.4.1(typescript@5.9.3))(zod@4.4.3) transitivePeerDependencies: - typescript - zod @@ -12423,9 +12444,9 @@ snapshots: jsonpointer@5.0.1: {} - jwks-did-resolver@1.1.0(typescript@5.9.3)(zod@3.25.4): + jwks-did-resolver@1.1.0(typescript@5.9.3)(zod@4.4.3): dependencies: - did-jwks: 1.1.0(typescript@5.9.3)(zod@3.25.4) + did-jwks: 1.1.0(typescript@5.9.3)(zod@4.4.3) transitivePeerDependencies: - typescript - zod @@ -14418,14 +14439,14 @@ snapshots: stackback@0.0.2: {} - standard-parse@0.5.0(arktype@2.1.29)(valibot@1.4.1(typescript@5.9.3))(vitest@4.1.9(@opentelemetry/api@1.9.0)(@types/node@24.9.2)(vite@7.1.12(@types/node@24.9.2)(jiti@2.7.0)(tsx@4.22.4)(yaml@2.9.0)))(zod@3.25.4): + standard-parse@0.5.0(arktype@2.1.29)(valibot@1.4.1(typescript@5.9.3))(vitest@4.1.9(@opentelemetry/api@1.9.0)(@types/node@24.9.2)(vite@7.1.12(@types/node@24.9.2)(jiti@2.7.0)(tsx@4.22.4)(yaml@2.9.0)))(zod@4.4.3): dependencies: '@standard-schema/spec': 1.1.0 optionalDependencies: arktype: 2.1.29 valibot: 1.4.1(typescript@5.9.3) vitest: 4.1.9(@opentelemetry/api@1.9.0)(@types/node@24.9.2)(vite@7.1.12(@types/node@24.9.2)(jiti@2.7.0)(tsx@4.22.4)(yaml@2.9.0)) - zod: 3.25.4 + zod: 4.4.3 statuses@2.0.1: {} @@ -15072,10 +15093,15 @@ snapshots: walk-up-path@4.0.0: {} - web-identity-schemas@0.1.6(valibot@1.4.1(typescript@5.9.3))(zod@3.25.4): + web-identity-schemas@0.1.6(valibot@1.4.1(typescript@5.9.3))(zod@4.4.3): optionalDependencies: valibot: 1.4.1(typescript@5.9.3) - zod: 3.25.4 + zod: 4.4.3 + + web-identity-schemas@0.3.0(valibot@1.4.1(typescript@5.9.3))(zod@4.4.3): + optionalDependencies: + valibot: 1.4.1(typescript@5.9.3) + zod: 4.4.3 web-namespaces@2.0.1: {} @@ -15234,9 +15260,9 @@ snapshots: dependencies: zod: 3.24.0 - zod-to-json-schema@3.24.6(zod@3.25.4): + zod-to-json-schema@3.24.6(zod@4.4.3): dependencies: - zod: 3.25.4 + zod: 4.4.3 zod@3.21.4: {} @@ -15244,8 +15270,6 @@ snapshots: zod@3.24.0: {} - zod@3.25.4: {} - zod@4.4.3: {} zwitch@2.0.4: {} diff --git a/pnpm-workspace.yaml b/pnpm-workspace.yaml index 6f25a7d..19c53eb 100644 --- a/pnpm-workspace.yaml +++ b/pnpm-workspace.yaml @@ -6,9 +6,9 @@ packages: - tools/* catalog: - '@a2a-js/sdk': 0.2.2 - '@hono/node-server': 2.0.5 - '@hono/standard-validator': 0.2.2 + "@a2a-js/sdk": 0.2.2 + "@hono/node-server": 2.0.5 + "@hono/standard-validator": 0.2.2 bit-buffers: 1.0.2 hono: 4.12.26 jose: 6.2.3 @@ -17,7 +17,8 @@ catalog: uuid: 14.0.0 valibot: 1.4.1 viem: 2.52.2 - zod: 3.25.4 + web-identity-schemas: 0.3.0 + zod: 4.4.3 ignoredBuiltDependencies: - puppeteer