Minor Changes

• #543 70db0e1 Thanks @wKovacs64! - Add stealerLogsByEmailDomain module.

• #541 655b473 Thanks @wKovacs64! - Add stealerLogsByEmail module.

• #542 682cff7 Thanks @wKovacs64! - Add stealerLogsByWebsiteDomain module.

• #539 a0c6e9a Thanks @wKovacs64! - Add subscribedDomains module.

• #537 e15c6a7 Thanks @wKovacs64! - Add latestBreach module.

• #538 f08af27 Thanks @wKovacs64! - Add breachedDomain module.

Patch Changes

• #535 d47d462 Thanks @wKovacs64! - Add IncludesStealerLogs field to SubscriptionStatus interface and docs.

Patch Changes

• #510 879fe9f Thanks @wKovacs64! - Export the API data model types that were missing in v15.0.0.

Major Changes

• #509 e8d4986 Thanks @wKovacs64! - Drop support for Node 18 and remove the CommonJS and UMD builds:

  • Drop support for Node.js 18 as it is end-of-life, making the new minimum Node.js runtime v20.19.0. Please upgrade your Node.js environment if necessary, or continue using a previous release if you are unable to upgrade your environment.

    • This also allowed us to drop the fetch polyfill that was only necessary in Node 18, which reduced the bundle size by approximately 33%! 📉 The library now officially has zero dependencies. 🎉

  • Remove the CommonJS build since you can now require() ESM as of Node v20.19.0. Consumers in a CommonJS environment should still be able to use the library as before (given the appropriate Node.js version).

  • Remove the UMD build as all modern browsers support importing ESM via <script type="module"> tags. See the "Using in the browser" section of the README for more details.

Minor Changes

• #506 56fdf38 Thanks @wKovacs64! - Drop JSSHA dependency in favor of a native Web Crypto API SHA-1 hashing implementation. This change reduces the size of the library by approximately 30%! 📉

Patch Changes

• #502 e810e6b Thanks @dependabot! - Update undici to v6.21.1 (only matters on Node v18).

Patch Changes

• #479 f212d87 Thanks @wKovacs64! - Fix error handling for 401 Unauthorized API responses. The haveibeenpwned.com API (v3) changed its response type from a JSON body to text.

Patch Changes

• #464 1dd6547 Thanks @wKovacs64! - Fix consumption from Next.js client components.

Minor Changes

• #462 b6076f2 Thanks @wKovacs64! - Add the timeoutMs option to all modules, allowing the consumer to specify a timeout for the underlying network request (in milliseconds). Requests that take longer than the specified timeout period will throw/reject. There is no default timeout, as fetch itself has no timeout by default and providing one would be arbitrary, unexpected, and a breaking change.

• #458 0a82b8d Thanks @wKovacs64! - Only polyfill global fetch on Node.js v18, and use undici instead of @remix-run/web-fetch. This also enables use of hibp in web workers and extension background threads.

Patch Changes

• #461 aa90167 Thanks @wKovacs64! - Fix a bug in pwnedPassword and pwnedPasswordRange modules where the addPadding and userAgent options could not be used simultaneously.

Patch Changes

• #438 3da8b89 Thanks @wKovacs64! - Restore missing TypeScript declarations that were forgotten in v14.0.2 (PR #436).

Patch Changes

• #436 961d6e0 Thanks @wKovacs64! - Fix CommonJS exports that broke in v14.0.0.

  CommonJS consumers were getting an ERR_REQUIRE_ESM error as of v14.0.0 due to changing the project source to ESM in PR #420. This change resolves that by publishing the CommonJS files in dist/cjs with a .cjs file extension and the ESM files in dist/esm with the .js file extension.

Patch Changes

• #428 4a69884 Thanks @wKovacs64! - Add descriptions to each config option for a better IDE experience.