High-level

• The package is now ESM-only. ESM can finally be loaded from common.js on node v20.19+
  • Node v20.19 is now the minimum required version
  • Package imports now work correctly in bundler-less environments, such as browsers
  • Reduces npm package size (traffic consumed): 118KB => 99KB
  • Reduces unpacked npm size (on-disk space): 753KB => 458KB
• Make bundle sizes smaller, compared to v1.x
• .js extension must be used for all modules
  • Old: @noble/ciphers/aes
  • New: @noble/ciphers/aes.js
  • This simplifies working in browsers natively without transpilers

Changes

• webcrypto: move randomBytes and managedNonce to utils.js
• ghash, poly1305, polyval: only allow Uint8Array as hash inputs, prohibit string
• utils: new abytes; remove ahash, toBytes
• Remove modules _assert (use utils), _micro and crypto (use webcrypto)
• Upgrade typescript compilation env to ts5.9 and es2022
• Massively improve error messages, make them more descriptive

Full Changelog: 1.3.0...2.0.0

• Modules are now available with .js extension
  • Old: @noble/ciphers/chacha
  • New: @noble/ciphers/chacha.js
  • Old path is still available
  • This simplifies working in browsers natively without transpilers

• utils: use built-in Uint8Array toHex / fromHex when available. Gives 13x speed-up on 256b arrays, 20x speed-up on 32kb arrays
• utils.randomBytes: ensure same return type Uint8Array in old nodejs
• Move _assert into utils
• Rename siv to gcmsiv
• Standalone build files are now attested in CI. Check out README for verification guide
• Typescript source can now be used without compilation in node.js v24, due to erasableSyntaxOnly

Full Changelog: 1.2.1...1.3.0

• Use typescript verbatimModuleSyntax to support future node.js type stripping

Full Changelog: 1.2.0...1.2.1

• The package is now available on JSR.
• Use isolatedDeclarations typescript option, which massively simplifies documentation auto-gen, and more
  • Check out JSR page for one example
• Add tons of comments everywhere to improve autocompletion, LLM code gen, and basic code understanding.
• Remove some exports from internal _assert

Full Changelog: 1.1.3...1.2.0

• Harden input / output buffer checks
  • Ensure all ciphers prohibit overlaps
  • Ensure salsapoly supports overlapping input / output
  • Ensure chachapoly also supports it. This brings v1.0.0 behavior

Full Changelog: 1.1.2...1.1.3

• Prohibit input and output overlaps
  • Reusing same buffer still works when indexes do not overlap with each other

Full Changelog: 1.1.1...1.1.2

• Fix usage with unaligned output. Closes gh-47
• Ensure output is zeroized before usage

Full Changelog: 1.1.0...1.1.1

• Improve input validation logic: move key, nonce & input validation into wrapCipher
  • Explicitly prohibit calling cipher more than once
• Speed-up byte array checks
• Decrease bundle size, improve tree-shaking

New Contributors

• @ChALkeR made their first contribution in #44

Full Changelog: 1.0.0...1.1.0

• First audited version
• Prohibit AES-GCM nonces smaller than 8 bytes
• Hide unnecessary data exposure in AES errors
• Improve FF1 type checks
• Add support for node.js v14

Full Changelog: 0.6.0...1.0.0

• Implement AESKW, AESKWP from RFC 3394 / RFC 5649
• Add support for unaligned byte arrays
• Improve typescript compatibility with different module resolutions

Full Changelog: 0.5.3...0.6.0