Skip to content

fix: improve pbkdf2 type safety to match Node.js API#932

Merged
boorad merged 3 commits intomainfrom
fix/pbkdf2-types
Feb 15, 2026
Merged

fix: improve pbkdf2 type safety to match Node.js API#932
boorad merged 3 commits intomainfrom
fix/pbkdf2-types

Conversation

@boorad
Copy link
Copy Markdown
Collaborator

@boorad boorad commented Feb 15, 2026
edited
Loading

Summary

Aligns pbkdf2 and pbkdf2Sync type signatures with Node.js @types/node definitions and improves test fixture typing.

Changes

  • digest parameter: Changed from HashAlgorithm (narrow union) to string, matching Node.js
  • pbkdf2Sync digest required: Removed optional ? — digest is now required (no silent sha1 default)
  • Test fixture types: Split Fixture into discriminated ValidFixture / InvalidFixture interfaces, eliminating as casts in tests
  • Removed type casts: No more as HashAlgorithm or as number in test code
  • Cleaned up commented-out invalid tests: Replaced stale commented-out test block with a clear TODO(#931) explaining why they're disabled (native layer abort()s on invalid inputs instead of throwing)

Testing

  • bun tsc passes for both packages
  • Existing pbkdf2 tests continue to pass in the example app

Related Issues

Closes #592
Refs #931 (created for the JS-side validation work needed to enable invalid fixture tests)

@boorad
fix: use string type for pbkdf2 digest param, matching Node.js API (#592
6e373ec 
)

- Change digest param from HashAlgorithm to string in pbkdf2() and pbkdf2Sync()
- Split Fixture type into ValidFixture/InvalidFixture to eliminate as-number casts
- Remove as-HashAlgorithm casts from tests and benchmarks
- normalizeHashName validates at runtime, matching Node.js behavior
@boorad
fix: make pbkdf2Sync digest required, use proper BinaryLike import
6e8c24b 
Make digest parameter required in pbkdf2Sync to match Node.js API, which
throws when digest is omitted. Remove the silent sha1 default fallback.

Replace Parameters<> type extraction workaround with a direct import of
BinaryLike from the package.
@boorad
test: replace commented-out pbkdf2 invalid tests with TODO(#931)
f2edbfb 
Remove stale commented-out test code for invalid pbkdf2 fixtures.
Invalid iterations/keylen values (negative, NaN, Infinity) currently
reach the native C layer and trigger assert()/abort() instead of
throwing. Tests can be re-enabled once JS-side validation is added.
@boorad boorad self-assigned this Feb 15, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Feb 15, 2026

🤖 End-to-End Test Results - iOS

Status: ✅ Passed
Platform: iOS
Run: 22042153241

📸 Final Test Screenshot

Maestro Test Results - ios

Screenshot automatically captured from End-to-End tests and will expire in 30 days

This comment is automatically updated on each test run.

@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Feb 15, 2026

🤖 End-to-End Test Results - Android

Status: ✅ Passed
Platform: Android
Run: 22042153237

📸 Final Test Screenshot

Maestro Test Results - android

Screenshot automatically captured from End-to-End tests and will expire in 30 days

This comment is automatically updated on each test run.

@boorad boorad merged commit b585471 into main Feb 15, 2026
6 checks passed
@boorad boorad deleted the fix/pbkdf2-types branch February 15, 2026 20:56
boorad added a commit that referenced this pull request Feb 24, 2026
@boorad
docs: add missing API pages, update coverage, and add llms.txt
7e5e1f2 
New pages: PQC (ML-DSA/ML-KEM), Argon2, KMAC, Certificate (SPKAC),
and Utilities (one-shot hash, timingSafeEqual, primes, introspection).

Updated 8 existing pages with missing API sections: SubtleCrypto
(deriveBits, deriveKey, wrapKey/unwrapKey, encapsulation), Keys
(KeyObject.from, equals, toCryptoKey), Signing (standalone sign/verify),
DiffieHellman (diffieHellman function), Ed25519 (Ed448/X448), Hash
(crypto.hash one-shot, SHA3), ECDH (convertKey), and reorganized the
API index into Core/Key Exchange/Key Derivation/Advanced sections.

Annotated 7 pages with behavioral notes from recent fix PRs (#929,
#930, #932, #933, #939, #948, #949, #951, #954, #955): cipher
single-use warning, generateKeys preservation, PBKDF2 validation,
OAEP hash default, randomFill view correctness, RSA-* aliases, and
flexible curve names.

Added llms.txt index route and fixed llms-full.txt JSX stripping in
source.ts to produce clean LLM-friendly output.
@tp26610 tp26610 mentioned this pull request Mar 31, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@boorad boorad

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

🐛 Fix types in pbkdf2

1 participant

@boorad