Bump playwright from 1.51.0 to 1.51.1 (#1834 )

Bumps [playwright](https://github.com/microsoft/playwright) from 1.51.0 to 1.51.1. - [Release notes](https://github.com/microsoft/playwright/releases) - [Commits](https://github.com/microsoft/playwright/compare/v1.51.0...v1.51.1) --- updated-dependencies: - dependency-name: playwright dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Tests: bump playwright from 1.50.1 to 1.51.0 (#1831 )
2025-03-30 15:08:32 +00:00 · 2025-03-18 13:56:54 +01:00 · 2025-03-07 15:53:39 +01:00 · 2025-03-05 11:51:40 +01:00 · 2025-02-26 13:00:14 +01:00 · 2025-02-26 12:15:17 +01:00
313 changed files with 168280 additions and 19839 deletions
--- a/.eslintignore
+++ b/.eslintignore
@ -0,0 +1,4 @@
 dist
 test/lib/
 test/typescript/
 docs
--- a/.eslintrc.cjs
+++ b/.eslintrc.cjs
@ -0,0 +1,142 @@
 module.exports = {
  'extends': [
    'airbnb-base',
    'airbnb-typescript/base'
  ],
  'parser': '@typescript-eslint/parser',
  'parserOptions': {
    'ecmaVersion': 11,
    'sourceType': 'module',
    'project': 'tsconfig.json'
  },
  'env': {
    'browser': true,
    'es6': true,
    'node': true
  },
  'plugins': [
    '@typescript-eslint',
    'chai-friendly',
    'import',
    'unicorn'
  ],
  'settings': {
    'import/resolver': {
      'typescript': {}
    }
  },
  'globals': { // TODO are all these necessary?
    'globalThis': true,
    'console': true,
    'Promise': true,
    'importScripts': true,
    'process': true,
    'Event': true,
    'describe': true,
    'it': true,
    'mocha': true,
    'before': true,
    'beforeEach': true,
    'after': true,
    'afterEach': true,
    'escape': true,
    'unescape': true,
    'resolves': true,
    'rejects': true,
    'TransformStream': true,
    'BigInt': true
  },
  'rules': {
    'arrow-body-style': 'off',
    'arrow-parens': ['error','as-needed'],
    'class-methods-use-this': 'off',
    '@typescript-eslint/comma-dangle': ['error', 'never'],
    '@typescript-eslint/comma-spacing': 'off',
    'consistent-return': 'off',
    'default-case': 'off',
    '@typescript-eslint/default-param-last': 'off',
    'eol-last': ['error', 'always'],
    'function-call-argument-newline': 'off',
    'func-names': ['error', 'never'],
    'function-paren-newline': 'off',
    'global-require': 'off',
    'key-spacing': 'off',
    'keyword-spacing': 'error',
    'max-classes-per-file': 'off',
    'max-len': 'off',
    'newline-per-chained-call': 'off',
    'no-bitwise': 'off',
    'no-continue': 'off',
    'no-else-return': 'off',
    'no-empty': ['error', { 'allowEmptyCatch': true }],
    'no-multiple-empty-lines': ['error', { 'max': 2, 'maxEOF': 1, 'maxBOF':0 }],
    'no-nested-ternary': 'off',
    'no-param-reassign': 'off', // TODO get rid of this
    'no-plusplus': 'off',
    'no-restricted-syntax': ['error', 'ForInStatement', 'LabeledStatement', 'WithStatement'],
    'object-curly-newline': 'off',
    '@typescript-eslint/no-shadow': 'off', // TODO get rid of this
    'object-property-newline': [
      'error',
      {
        'allowMultiplePropertiesPerLine': true
      }
    ],
    'object-shorthand': 'off',
    'operator-assignment': 'off',
    'operator-linebreak': [
      'error',
      'after'
    ],
    'padded-blocks': 'off',
    'prefer-arrow-callback': 'off',
    'prefer-destructuring': 'off',
    'prefer-rest-params': 'off', // TODO get rid of this
    'prefer-spread': 'off', // TODO get rid of this
    'prefer-template': 'off',
    'quote-props': 'off',
    'quotes': ['error', 'single', { 'avoidEscape': true }],
    '@typescript-eslint/space-before-function-paren': ['error', { 'anonymous': 'ignore', 'named': 'never', 'asyncArrow': 'always' }],
    'spaced-comment': 'off',
    'indent': 'off',
    '@typescript-eslint/indent': ['error', 2, { 'SwitchCase': 1 }],
    'no-unused-vars': 'off',
    '@typescript-eslint/no-unused-vars': 'error',
    // eslint-plugin-import rules:
    'import/named': 'error',
    'import/extensions': 'off', // temporary: we use them in tests (ESM compliant), but not in the lib (to limit diff)
    'import/first': 'off',
    'import/no-extraneous-dependencies': ['error', { 'devDependencies': true, 'optionalDependencies': false, 'peerDependencies': false }],
    'import/no-unassigned-import': 'error',
    'import/no-unresolved': 'error',
    'import/prefer-default-export': 'off',
    // Custom silencers:
    'no-multi-assign': 'off',
    'no-underscore-dangle': 'off',
    'no-await-in-loop': 'off',
    'camelcase': 'off', // snake_case used in tests, need to fix separately
    '@typescript-eslint/naming-convention': 'off', // supersedes 'camelcase' rule
    '@typescript-eslint/lines-between-class-members': 'off',
    // Custom errors:
    '@typescript-eslint/no-use-before-define': ['error', { 'functions': false, 'classes': true, 'variables': false, 'allowNamedExports': true }],
    'no-constant-condition': [2, { 'checkLoops': false }],
    'new-cap': [2, { 'properties': false, 'capIsNewExceptionPattern': 'EAX|OCB|GCM|CMAC|CBC|OMAC|CTR', 'newIsCapExceptionPattern': 'type|hash*' }],
    'max-lines': [2, { 'max': 620, 'skipBlankLines': true, 'skipComments': true }],
    '@typescript-eslint/no-unused-expressions': 0,
    'chai-friendly/no-unused-expressions': [2, { 'allowShortCircuit': true }],
    'unicorn/switch-case-braces': ['error', 'avoid'],
    // Custom warnings:
    'no-console': 1
  }
 };
--- a/.github/ISSUE_TEMPLATE/BUG_REPORT.md
+++ b/.github/ISSUE_TEMPLATE/BUG_REPORT.md
@ -0,0 +1,10 @@
 ---
 name: Bug report
 about: Report an issue with this library
 ---
 <!-- Please search existing issues and discussions to avoid creating duplicates. -->
 - OpenPGP.js version:
 - Affected platform (Browser or Node.js version):
 <!-- Describe the bug you have encountered -->
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@ -0,0 +1,8 @@
 blank_issues_enabled: false
 contact_links:
  - name: Feature request
    url: https://github.com/openpgpjs/openpgpjs/discussions/categories/ideas
    about: Suggest an idea for this project
  - name: Question
    url: https://github.com/openpgpjs/openpgpjs/discussions/categories/q-a
    about: Please ask any questions here
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -0,0 +1,33 @@
 version: 2
 updates:
  - package-ecosystem: "npm"
    # The redundant target-branch directive is needed to set two different update schedules for npm,
    # working around a dependabot limitation:
    # see https://github.com/dependabot/dependabot-core/issues/1778#issuecomment-1988140219 .
    target-branch: main
    directory: "/"
    schedule:
      interval: "daily"
    allow:
      - dependency-name: "playwright"
    versioning-strategy: increase
  - package-ecosystem: "npm"
    directory: "/"
    schedule:
      interval: "weekly"
    allow:
      - dependency-name: "@noble*"
      - dependency-name: "fflate"
    versioning-strategy: increase
    groups:
      # Any packages matching the pattern @noble* where the highest resolvable
      # version is minor or patch will be grouped together.
      # Grouping rules apply to version updates only.
      noble:
        applies-to: version-updates
        patterns:
        - "@noble*"
        update-types:
        - "minor"
        - "patch"
--- a/.github/test-suite/config.json.template
+++ b/.github/test-suite/config.json.template
@ -0,0 +1,39 @@
 {
    "drivers": [
      {
        "id": "sop-openpgpjs-branch",
        "path": "__SOP_OPENPGPJS__",
        "env": {
          "OPENPGPJS_PATH": "__OPENPGPJS_BRANCH__"
        }
      },
      {
        "id": "sop-openpgpjs-main",
        "path": "__SOP_OPENPGPJS__",
        "env": {
          "OPENPGPJS_PATH": "__OPENPGPJS_MAIN__",
          "DISABLE_PROFILES": "true"
        }
      },
      {
        "path": "__SQOP__"
      },
      {
        "path": "__GPGME_SOP__"
      },
      {
        "id": "gosop-v2",
        "path": "__GOSOP_V2__"
      },
      {
        "path": "__RNP_SOP__"
      },
      {
        "path": "__RSOP__"
      }
    ],
    "rlimits": {
      "DATA": 1073741824
    }
 }
--- a/.github/test-suite/prepare_config.sh
+++ b/.github/test-suite/prepare_config.sh
@ -0,0 +1,14 @@
 CONFIG_TEMPLATE=$1
 CONFIG_OUTPUT=$2
 OPENPGPJS_BRANCH=$3
 OPENPGPJS_MAIN=$4
 cat $CONFIG_TEMPLATE \
    | sed "s@__OPENPGPJS_BRANCH__@${OPENPGPJS_BRANCH}@g" \
    | sed "s@__OPENPGPJS_MAIN__@${OPENPGPJS_MAIN}@g" \
    | sed "s@__SQOP__@${SQOP}@g" \
    | sed "s@__GPGME_SOP__@${GPGME_SOP}@g" \
    | sed "s@__GOSOP_V2__@${GOSOP_V2}@g" \
    | sed "s@__SOP_OPENPGPJS__@${SOP_OPENPGPJS_V2}@g" \
    | sed "s@__RNP_SOP__@${RNP_SOP}@g" \
    | sed "s@__RSOP__@${RSOP}@g" \
    > $CONFIG_OUTPUT
--- a/.github/workflows/benchmark.yml
+++ b/.github/workflows/benchmark.yml
@ -0,0 +1,67 @@
 name: Performance Regression Test
 on:
  pull_request:
    branches: [main]
 jobs:
  benchmark:
    name: Time and memory usage benchmark
    runs-on: ubuntu-latest
    steps:
      # check out pull request branch
      - uses: actions/checkout@v4
        with:
          path: pr
      # check out main branch (to compare performance)
      - uses: actions/checkout@v4
        with:
          ref: main
          path: main
      - uses: actions/setup-node@v4
        with:
          node-version: '>=20.6.0'
      - name: Run pull request time benchmark
        run: cd pr && npm install && npm run --silent benchmark-time > benchmarks.txt && cat benchmarks.txt
      - name: Run pull request memory usage benchmark
        run: cd pr && npm run --silent benchmark-memory-usage > memory_usage.txt && cat memory_usage.txt
      - name: Run time benchmark on main (baseline)
        run: cd main && npm install && npm run --silent benchmark-time > benchmarks.txt && cat benchmarks.txt
      - name: Run memory usage benchmark on main (baseline)
        run: cd main && npm run --silent benchmark-memory-usage > memory_usage.txt && cat memory_usage.txt
      - name: Compare time benchmark result
        uses: openpgpjs/github-action-pull-request-benchmark@v1
        with:
          tool: 'benchmarkjs'
          name: 'Time benchmark'
          pr-benchmark-file-path: pr/benchmarks.txt
          base-benchmark-file-path: main/benchmarks.txt
          github-token: ${{ secrets.GITHUB_TOKEN }}
          # trigger alert comment if 1.3 times slower
          alert-threshold: '130%'
          comment-on-alert: false
          # fail workdlow if 1.5 times slower
          fail-threshold: '150%'
          fail-on-alert: true
          file-to-annotate: ${{ github.workspace }}/test/benchmarks/time.js
      - name: Compare memory usage benchmark result
        uses: openpgpjs/github-action-pull-request-benchmark@v1
        with:
          tool: 'raw'
          name: 'Memory usage benchmark'
          pr-benchmark-file-path: pr/memory_usage.txt
          base-benchmark-file-path: main/memory_usage.txt
          github-token: ${{ secrets.GITHUB_TOKEN }}
          alert-threshold: '102%'
          comment-on-alert: false
          fail-threshold: '110%'
          fail-on-alert: true
          file-to-annotate: ${{ github.workspace }}/test/benchmarks/memory_usage.js
--- a/.github/workflows/docs.yml
+++ b/.github/workflows/docs.yml
@ -0,0 +1,19 @@
 name: Documentation
 on:
  push:
    branches: [main]
  pull_request:
    branches: [main]
 jobs:
  lint:
    name: JSDoc
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v4
    - uses: actions/setup-node@v4
    - run: npm ci --ignore-scripts
    - run: npm run docs
--- a/.github/workflows/sop-test-suite.yml
+++ b/.github/workflows/sop-test-suite.yml
@ -0,0 +1,87 @@
 name: SOP interoperability test suite
 on:
  pull_request:
    branches: [ main ]
 jobs:
  test-suite:
    name: Run interoperability test suite
    runs-on: ubuntu-latest
    container: 
      image: ghcr.io/protonmail/openpgp-interop-test-docker:v1.1.12
      credentials:
        username: ${{ github.actor }}
        password: ${{ secrets.github_token }}
    steps:
      # check out repo for scripts
      - uses: actions/checkout@v4
      # check out pull request branch
      - name: Checkout openpgpjs-branch
        uses: actions/checkout@v4
        with:
          path: openpgpjs-branch
      - name: Install openpgpjs-branch
        run: cd openpgpjs-branch && npm install
      - name: Print openpgpjs-branch version
        run: $SOP_OPENPGPJS_V2 version --extended
        env: 
          OPENPGPJS_PATH: ${{ github.workspace }}/openpgpjs-branch
      # check out main branch
      - name: Checkout openpgpjs-main
        uses: actions/checkout@v4
        with:
          ref: main
          path: openpgpjs-main
      - name: Install openpgpjs-main
        run: cd openpgpjs-main && npm install
      - name: Print openpgpjs-main version
        run: $SOP_OPENPGPJS_V2 version --extended
        env: 
          OPENPGPJS_PATH: ${{ github.workspace }}/openpgpjs-main
      # Run test suite
      - name: Prepare test configuration
        run: ./.github/test-suite/prepare_config.sh $CONFIG_TEMPLATE $CONFIG_OUTPUT $GITHUB_WORKSPACE/openpgpjs-branch $GITHUB_WORKSPACE/openpgpjs-main
        env:
         CONFIG_TEMPLATE: .github/test-suite/config.json.template
         CONFIG_OUTPUT: .github/test-suite/config.json
      - name: Display configuration
        run: cat .github/test-suite/config.json
      - name: Run interoperability test suite
        run: cd $TEST_SUITE_DIR && $TEST_SUITE --config $GITHUB_WORKSPACE/$CONFIG --json-out $GITHUB_WORKSPACE/$RESULTS_JSON --html-out $GITHUB_WORKSPACE/$RESULTS_HTML
        env:
         CONFIG: .github/test-suite/config.json
         RESULTS_JSON: .github/test-suite/test-suite-results.json
         RESULTS_HTML: .github/test-suite/test-suite-results.html
      # Upload results
      - name: Upload test results json artifact
        uses: actions/upload-artifact@v4
        with:
          name: test-suite-results.json
          path: .github/test-suite/test-suite-results.json
      - name: Upload test results html artifact
        uses: actions/upload-artifact@v4
        with:
          name: test-suite-results.html
          path: .github/test-suite/test-suite-results.html
  compare-with-main:
    name: Compare with main
    runs-on: ubuntu-latest
    needs: test-suite
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Download test results json artifact
        id: download-test-results
        uses: actions/download-artifact@v4
        with:
          name: test-suite-results.json
      - name: Compare with baseline
        uses: ProtonMail/openpgp-interop-test-analyzer@v2
        with: 
          results: ${{ steps.download-test-results.outputs.download-path }}/test-suite-results.json
          output: baseline-comparison.json
          baseline: sop-openpgpjs-main
          target: sop-openpgpjs-branch
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@ -0,0 +1,206 @@
 name: Code Tests
 on:
  push:
    branches: [main]
  pull_request:
    branches: [main]
 jobs:
  build: # cache both dist and tests (non-lightweight only), based on commit hash
    name: Build
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
      - name: Check for cached folders
        id: cache-full
        uses: actions/cache@v4
        with:
          path: |
            dist
            test/lib
          key: cache-${{ github.sha }}
      - name: Build dist and tests
        if: steps.cache-full.outputs.cache-hit != 'true'
        run: |
          npm ci
          npm run build-test
  node:
    strategy:
      fail-fast: false # if tests for one version fail, continue with the rest
      matrix:
        node-version: [18.x, 20.x, 22.x]
        # See supported Node.js release schedule at https://nodejs.org/en/about/releases/
    name: Node ${{ matrix.node-version }}
    runs-on: ubuntu-latest
    needs: build
    steps:
    - uses: actions/checkout@v4
    - uses: actions/setup-node@v4
      with:
        node-version: ${{ matrix.node-version }}
    - run: npm ci --ignore-scripts # for mocha
    - name: Retrieve cached folders
      uses: actions/cache/restore@v4
      id: cache-full
      with:
        # test/lib is not needed, but the path must be specified fully for a cache-hit
        path: |
          dist
          test/lib
        key: cache-${{ github.sha }}
        # ignore cache miss, since it was taken care of the `build` step and it should never occur here
    - run: npm test
  test-browsers-latest:
    name: Browsers (latest)
    needs: build
    strategy:
      fail-fast: false # if tests for one version fail, continue with the rest
      matrix:
        # run on all main platforms to test platform-specific code, if present
        # (e.g. webkit's WebCrypto API implementation is different in macOS vs Linux)
        # TODO: windows-latest fails to fetch resources from the wtr server; investigate if the problem is with path declaration or permissions
        runner: ['ubuntu-latest', 'macos-latest']
    runs-on: ${{ matrix.runner }}
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
      - name: Retrieve cached built folders
        uses: actions/cache/restore@v4
        id: cache-full
        with:
          path: |
            dist
            test/lib
          key: cache-${{ github.sha }}
      - name: Install dependencies
        # cannot use `--ignore-scripts` since playwright seems to use it to set ENV vars
        run: |
          npm pkg delete scripts.prepare
          npm ci
      - name: Get Playwright version and cache location
        id: playwright-version
        run: |
          PLAYWRIGHT_VERSION=$(npm ls playwright --depth=0 | grep playwright | sed 's/.*@//')
          echo "version=$PLAYWRIGHT_VERSION" >> $GITHUB_OUTPUT
          PLAYWRIGHT_CACHE=${{ fromJSON('{"ubuntu-latest": "~/.cache/ms-playwright", "macos-latest": "~/Library/Caches/ms-playwright"}')[matrix.runner] }}
          echo "playwright_cache=$PLAYWRIGHT_CACHE" >> $GITHUB_OUTPUT
      - name: Check for cached browsers
        id: cache-playwright-browsers
        uses: actions/cache@v4
        with:
          path: ${{ steps.playwright-version.outputs.playwright_cache }}
          key: playwright-browsers-${{ matrix.runner }}-${{ steps.playwright-version.outputs.version }}
      - name: Install browsers
        if: steps.cache-playwright-browsers.outputs.cache-hit != 'true'
        run: |
          npx playwright install --with-deps chromium
          npx playwright install --with-deps firefox
      - name: Install WebKit # caching not possible, external shared libraries required
        if: ${{ matrix.runner == 'macos-latest' }} # do not install on ubuntu, since the X25519 WebCrypto implementation has issues
        run: npx playwright install --with-deps webkit
      - name: Run browser tests
        run: npm run test-browser:ci -- --static-logging
      - name: Run browser tests (lightweight) # overwrite test/lib
        run: |
          npm run build-test --lightweight
          npm run test-browser:ci -- --static-logging
  test-browsers-compatibility:
    name: Browsers (older, on Browserstack)
    runs-on: ubuntu-latest
    needs: test-browsers-latest
    env: # credentials need hardcoding for now since Github secrets aren't accessible on pull requests from forks
      BROWSERSTACK_USERNAME: openpgpjs_PlY4Uq885CQ
      BROWSERSTACK_ACCESS_KEY: VjgBVRMxNVBj7SjJFiau
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
      - name: Generate self-signed HTTPS certificates for web-test-runner server
        uses: kofemann/action-create-certificate@v0.0.4
        with:
          hostcert: '127.0.0.1.pem'
          hostkey:  '127.0.0.1-key.pem'
          cachain:  'ca-chain.pem'
      - name: Adjust HTTPS certificates permissions
        run: sudo chown runner:docker *.pem
      - name: Install dependencies
        run: npm ci --ignore-scripts
      - name: Retrieve cached dist folder
        uses: actions/cache/restore@v4
        id: cache-full
        with:
          path: |
            dist
            test/lib
          key: cache-${{ github.sha }}
      - name: Wait for other Browserstack tests to finish
        uses: softprops/turnstyle@v1
        with:
          poll-interval-seconds: 30
          abort-after-seconds: 900
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      - name: Run browserstack tests
        run: npm run test-browserstack -- --static-logging
      - name: Run browserstack tests (lightweight) # overwrite test/lib
        run: |
          npm run build-test --lightweight
          npm run test-browserstack -- --static-logging
        env:
          LIGHTWEIGHT: true
  types:
    name: Type definitions
    runs-on: ubuntu-latest
    needs: build
    steps:
    - uses: actions/checkout@v4
    - uses: actions/setup-node@v4
    - run: npm ci --ignore-scripts # TS
    - name: Retrieve cached folders
      uses: actions/cache/restore@v4
      id: cache-full
      with:
        path: |
          dist
          test/lib
        key: cache-${{ github.sha }}
    - run: npm run test-type-definitions
  lint:
    name: ESLint
    runs-on: ubuntu-latest
    needs: build
    steps:
    - uses: actions/checkout@v4
    - uses: actions/setup-node@v4
    - run: npm ci --ignore-scripts # linter
    - name: Retrieve cached folders
      uses: actions/cache/restore@v4
      id: cache-full
      with:
        path: |
          dist
          test/lib
        key: cache-${{ github.sha }}
    - run: npm run lint
--- a/.gitignore
+++ b/.gitignore
@ -1,8 +1,8 @@
 build/
 .DS_Store
 node_modules/
 npm*
 test/lib/
 test/typescript/definitions.js
 dist/
 openpgp.store/
-doc/
+coverage
--- a/.jsdocrc.cjs
+++ b/.jsdocrc.cjs
@ -0,0 +1,17 @@
 const pkg = require('./package.json');
 module.exports = {
    plugins: ['plugins/markdown'],
    markdown: {
        idInHeadings: true
    },
    templates: {
        default: {
            includeDate: false,
            outputSourceFiles: false,
            externalSourceLinks: {
                urlPrefix: `${pkg.repository.url}/blob/v${pkg.version}/src/`
            }
        }
    }
 };
--- a/.mocharc.json
+++ b/.mocharc.json
@ -0,0 +1,6 @@
 {
 	"node-option": [
 		"experimental-specifier-resolution=node",
 		"loader=ts-node/esm"
 	]
 }
--- a/.travis.yml
+++ b/.travis.yml
@ -1,5 +0,0 @@
 language: node_js
 node_js:
  - "0.10"
 before_install:
  - npm install -g grunt-cli
--- a/Gruntfile.js
+++ b/Gruntfile.js
@ -1,186 +0,0 @@
 module.exports = function(grunt) {
  // Project configuration.
  grunt.initConfig({
    pkg: grunt.file.readJSON('package.json'),
    browserify: {
      openpgp: {
        files: {
          'dist/openpgp.js': [ './src/index.js' ]
        },
        options: {
          standalone: 'openpgp',
          external: [ 'crypto', 'node-localstorage' ]
        }
      },
      openpgp_debug: {
        files: {
          'dist/openpgp_debug.js': [ './src/index.js' ]
        },
        options: {
          debug: true,
          standalone: 'openpgp',
          external: [ 'crypto', 'node-localstorage' ]
        }
      },
      worker: {
        files: {
          'dist/openpgp.worker.js': [ './src/worker/worker.js' ]
        }
      },
      worker_min: {
        files: {
          'dist/openpgp.worker.min.js': [ './src/worker/worker.js' ]
        }
      },
      unittests: {
        files: {
          'test/lib/unittests-bundle.js': [ './test/unittests.js' ]
        },
        options: {
          external: [ 'openpgp', 'crypto', 'node-localstorage' ]
        }
      }
    },
    replace: {
      openpgp: {
        src: ['dist/openpgp.js'],
        dest: ['dist/openpgp.js'],
        replacements: [{
          from: /OpenPGP.js VERSION/g,
          to: 'OpenPGP.js v<%= pkg.version %>'
        }]
      },
      openpgp_debug: {
        src: ['dist/openpgp_debug.js'],
        dest: ['dist/openpgp_debug.js'],
        replacements: [{
          from: /OpenPGP.js VERSION/g,
          to: 'OpenPGP.js v<%= pkg.version %>'
        }]
      },
      worker_min: {
        src: ['dist/openpgp.worker.min.js'],
        dest: ['dist/openpgp.worker.min.js'],
        replacements: [{
          from: "importScripts('openpgp.js')",
          to: "importScripts('openpgp.min.js')"
        }]
      }
    },
    uglify: {
      openpgp: {
        files: {
          'dist/openpgp.min.js' : [ 'dist/openpgp.js' ],
          'dist/openpgp.worker.min.js' : [ 'dist/openpgp.worker.min.js' ]
        }
      },
      options: {
        banner: '/*! OpenPGPjs.org  this is LGPL licensed code, see LICENSE/our website for more information.- v<%= pkg.version %> - ' +
          '<%= grunt.template.today("yyyy-mm-dd") %> */'
      }
    },
    jsbeautifier: {
      files: ['src/**/*.js'],
      options: {
        indent_size: 2,
        preserve_newlines: true,
        keep_array_indentation: false,
        keep_function_indentation: false,
        wrap_line_length: 120
      }
    },
    jshint: {
      all: ['src/**/*.js']
    },
    jsdoc: {
      dist: {
        src: ['README.md', 'src'],
        options: {
          destination: 'doc',
          recurse: true,
          template: 'jsdoc.template'
        }
      }
    },
    mochaTest: {
      unittests: {
        options: {
          reporter: 'spec'
        },
        src: [ 'test/unittests.js' ]
      }
    },
    copy: {
      npm: {
        expand: true,
        flatten: true,
        cwd: 'node_modules/',
        src: ['mocha/mocha.css', 'mocha/mocha.js', 'chai/chai.js'],
        dest: 'test/lib/'
      }
    },
    clean: ['dist/'],
    connect: {
      dev: {
        options: {
          port: 8588,
          base: '.',
          keepalive: true
        }
      }
    }
  });
  // Load the plugin(s)
  grunt.loadNpmTasks('grunt-browserify');
  grunt.loadNpmTasks('grunt-contrib-uglify');
  grunt.loadNpmTasks('grunt-text-replace');
  grunt.loadNpmTasks('grunt-jsbeautifier');
  grunt.loadNpmTasks('grunt-contrib-jshint');
  grunt.loadNpmTasks('grunt-jsdoc');
  grunt.loadNpmTasks('grunt-mocha-test');
  grunt.loadNpmTasks('grunt-contrib-copy');
  grunt.loadNpmTasks('grunt-contrib-clean');
  grunt.loadNpmTasks('grunt-contrib-connect');
  grunt.registerTask('default', 'Build OpenPGP.js', function() {
    grunt.task.run(['clean', 'browserify', 'replace', 'uglify', 'npm_pack']);
    //TODO jshint is not run because of too many discovered issues, once these are addressed it should autorun
    grunt.log.ok('Before Submitting a Pull Request please also run `grunt jshint`.');
  });
  grunt.registerTask('documentation', ['jsdoc']);
  // Alias the `mocha_phantomjs` task to run `mocha-phantomjs`
  grunt.registerTask('mocha_phantomjs', 'mocha-phantomjs', function () {
    var done = this.async();
    var mocha = require('child_process').exec('node_modules/mocha-phantomjs/bin/mocha-phantomjs ./test/unittests.html', function (err) {
      done(err);
    });
    mocha.stdout.pipe(process.stdout);
    mocha.stderr.pipe(process.stderr);
  });
  // Alias the `npm_pack` task to run `npm pack`
  grunt.registerTask('npm_pack', 'npm pack', function () {
    var done = this.async();
    var npm = require('child_process').exec('npm pack ../', { cwd: 'dist'}, function (err, stdout) {
      var package = stdout;
      if (err === null) {
        var install = require('child_process').exec('npm install dist/' + package, function (err) {
          done(err);
        });
        install.stdout.pipe(process.stdout);
        install.stderr.pipe(process.stderr);
      } else {
        done(err);
      }
    });
    npm.stdout.pipe(process.stdout);
    npm.stderr.pipe(process.stderr);
  });
    // Test/Dev tasks
  grunt.registerTask('test', ['copy', 'mochaTest', 'mocha_phantomjs']);
 };
--- a/615
+++ b/615
@ -1,502 +1,165 @@
-                  GNU LESSER GENERAL PUBLIC LICENSE
+                   GNU LESSER GENERAL PUBLIC LICENSE
-                       Version 2.1, February 1999
+                       Version 3, 29 June 2007
- Copyright (C) 1991, 1999 Free Software Foundation, Inc.
+ Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 Everyone is permitted to copy and distribute verbatim copies
 of this license document, but changing it is not allowed.
 [This is the first released version of the Lesser GPL.  It also counts
 as the successor of the GNU Library Public License, version 2, hence
 the version number 2.1.]
-                            Preamble
+  This version of the GNU Lesser General Public License incorporates
 the terms and conditions of version 3 of the GNU General Public
 License, supplemented by the additional permissions listed below.
-  The licenses for most software are designed to take away your
+  0. Additional Definitions.
 freedom to share and change it.  By contrast, the GNU General Public
 Licenses are intended to guarantee your freedom to share and change
 free software--to make sure the software is free for all its users.
-  This license, the Lesser General Public License, applies to some
+  As used herein, "this License" refers to version 3 of the GNU Lesser
-specially designated software packages--typically libraries--of the
+General Public License, and the "GNU GPL" refers to version 3 of the GNU
-Free Software Foundation and other authors who decide to use it.  You
+General Public License.
 can use it too, but we suggest you first think carefully about whether
 this license or the ordinary General Public License is the better
 strategy to use in any particular case, based on the explanations below.
-  When we speak of free software, we are referring to freedom of use,
+  "The Library" refers to a covered work governed by this License,
-not price.  Our General Public Licenses are designed to make sure that
+other than an Application or a Combined Work as defined below.
 you have the freedom to distribute copies of free software (and charge
 for this service if you wish); that you receive source code or can get
 it if you want it; that you can change the software and use pieces of
 it in new free programs; and that you are informed that you can do
 these things.
-  To protect your rights, we need to make restrictions that forbid
+  An "Application" is any work that makes use of an interface provided
-distributors to deny you these rights or to ask you to surrender these
+by the Library, but which is not otherwise based on the Library.
-rights.  These restrictions translate to certain responsibilities for
+Defining a subclass of a class defined by the Library is deemed a mode
-you if you distribute copies of the library or if you modify it.
+of using an interface provided by the Library.
-  For example, if you distribute copies of the library, whether gratis
+  A "Combined Work" is a work produced by combining or linking an
-or for a fee, you must give the recipients all the rights that we gave
+Application with the Library.  The particular version of the Library
-you.  You must make sure that they, too, receive or can get the source
+with which the Combined Work was made is also called the "Linked
-code.  If you link other code with the library, you must provide
+Version".
 complete object files to the recipients, so that they can relink them
 with the library after making changes to the library and recompiling
 it.  And you must show them these terms so they know their rights.
-  We protect your rights with a two-step method: (1) we copyright the
+  The "Minimal Corresponding Source" for a Combined Work means the
-library, and (2) we offer you this license, which gives you legal
+Corresponding Source for the Combined Work, excluding any source code
-permission to copy, distribute and/or modify the library.
+for portions of the Combined Work that, considered in isolation, are
 based on the Application, and not on the Linked Version.
-  To protect each distributor, we want to make it very clear that
+  The "Corresponding Application Code" for a Combined Work means the
-there is no warranty for the free library.  Also, if the library is
+object code and/or source code for the Application, including any data
-modified by someone else and passed on, the recipients should know
+and utility programs needed for reproducing the Combined Work from the
-that what they have is not the original version, so that the original
+Application, but excluding the System Libraries of the Combined Work.
 author's reputation will not be affected by problems that might be
 introduced by others.
  Finally, software patents pose a constant threat to the existence of
 any free program.  We wish to make sure that a company cannot
 effectively restrict the users of a free program by obtaining a
 restrictive license from a patent holder.  Therefore, we insist that
 any patent license obtained for a version of the library must be
 consistent with the full freedom of use specified in this license.
-  Most GNU software, including some libraries, is covered by the
+  1. Exception to Section 3 of the GNU GPL.
 ordinary GNU General Public License.  This license, the GNU Lesser
 General Public License, applies to certain designated libraries, and
 is quite different from the ordinary General Public License.  We use
 this license for certain libraries in order to permit linking those
 libraries into non-free programs.
-  When a program is linked with a library, whether statically or using
+  You may convey a covered work under sections 3 and 4 of this License
-a shared library, the combination of the two is legally speaking a
+without being bound by section 3 of the GNU GPL.
 combined work, a derivative of the original library.  The ordinary
 General Public License therefore permits such linking only if the
 entire combination fits its criteria of freedom.  The Lesser General
 Public License permits more lax criteria for linking other code with
 the library.
-  We call this license the "Lesser" General Public License because it
+  2. Conveying Modified Versions.
 does Less to protect the user's freedom than the ordinary General
 Public License.  It also provides other free software developers Less
 of an advantage over competing non-free programs.  These disadvantages
 are the reason we use the ordinary General Public License for many
 libraries.  However, the Lesser license provides advantages in certain
 special circumstances.
-  For example, on rare occasions, there may be a special need to
+  If you modify a copy of the Library, and, in your modifications, a
-encourage the widest possible use of a certain library, so that it becomes
+facility refers to a function or data to be supplied by an Application
-a de-facto standard.  To achieve this, non-free programs must be
+that uses the facility (other than as an argument passed when the
-allowed to use the library.  A more frequent case is that a free
+facility is invoked), then you may convey a copy of the modified
-library does the same job as widely used non-free libraries.  In this
+version:
 case, there is little to gain by limiting the free library to free
 software only, so we use the Lesser General Public License.
-  In other cases, permission to use a particular library in non-free
+   a) under this License, provided that you make a good faith effort to
-programs enables a greater number of people to use a large body of
+   ensure that, in the event an Application does not supply the
-free software.  For example, permission to use the GNU C Library in
+   function or data, the facility still operates, and performs
-non-free programs enables many more people to use the whole GNU
+   whatever part of its purpose remains meaningful, or
 operating system, as well as its variant, the GNU/Linux operating
 system.
-  Although the Lesser General Public License is Less protective of the
+   b) under the GNU GPL, with none of the additional permissions of
-users' freedom, it does ensure that the user of a program that is
+   this License applicable to that copy.
 linked with the Library has the freedom and the wherewithal to run
 that program using a modified version of the Library.
-  The precise terms and conditions for copying, distribution and
+  3. Object Code Incorporating Material from Library Header Files.
 modification follow.  Pay close attention to the difference between a
 "work based on the library" and a "work that uses the library".  The
 former contains code derived from the library, whereas the latter must
 be combined with the library in order to run.
                  GNU LESSER GENERAL PUBLIC LICENSE
   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
-  0. This License Agreement applies to any software library or other
+  The object code form of an Application may incorporate material from
-program which contains a notice placed by the copyright holder or
+a header file that is part of the Library.  You may convey such object
-other authorized party saying it may be distributed under the terms of
+code under terms of your choice, provided that, if the incorporated
-this Lesser General Public License (also called "this License").
+material is not limited to numerical parameters, data structure
-Each licensee is addressed as "you".
+layouts and accessors, or small macros, inline functions and templates
 (ten or fewer lines in length), you do both of the following:
-  A "library" means a collection of software functions and/or data
+   a) Give prominent notice with each copy of the object code that the
-prepared so as to be conveniently linked with application programs
+   Library is used in it and that the Library and its use are
-(which use some of those functions and data) to form executables.
+   covered by this License.
-  The "Library", below, refers to any such software library or work
+   b) Accompany the object code with a copy of the GNU GPL and this license
-which has been distributed under these terms.  A "work based on the
+   document.
 Library" means either the Library or any derivative work under
 copyright law: that is to say, a work containing the Library or a
 portion of it, either verbatim or with modifications and/or translated
 straightforwardly into another language.  (Hereinafter, translation is
 included without limitation in the term "modification".)
-  "Source code" for a work means the preferred form of the work for
+  4. Combined Works.
 making modifications to it.  For a library, complete source code means
 all the source code for all modules it contains, plus any associated
 interface definition files, plus the scripts used to control compilation
 and installation of the library.
-  Activities other than copying, distribution and modification are not
+  You may convey a Combined Work under terms of your choice that,
-covered by this License; they are outside its scope.  The act of
+taken together, effectively do not restrict modification of the
-running a program using the Library is not restricted, and output from
+portions of the Library contained in the Combined Work and reverse
-such a program is covered only if its contents constitute a work based
+engineering for debugging such modifications, if you also do each of
-on the Library (independent of the use of the Library in a tool for
+the following:
 writing it).  Whether that is true depends on what the Library does
 and what the program that uses the Library does.
-  1. You may copy and distribute verbatim copies of the Library's
+   a) Give prominent notice with each copy of the Combined Work that
-complete source code as you receive it, in any medium, provided that
+   the Library is used in it and that the Library and its use are
-you conspicuously and appropriately publish on each copy an
+   covered by this License.
-appropriate copyright notice and disclaimer of warranty; keep intact
+
-all the notices that refer to this License and to the absence of any
+   b) Accompany the Combined Work with a copy of the GNU GPL and this license
-warranty; and distribute a copy of this License along with the
+   document.
   c) For a Combined Work that displays copyright notices during
   execution, include the copyright notice for the Library among
   these notices, as well as a reference directing the user to the
   copies of the GNU GPL and this license document.
   d) Do one of the following:
       0) Convey the Minimal Corresponding Source under the terms of this
       License, and the Corresponding Application Code in a form
       suitable for, and under terms that permit, the user to
       recombine or relink the Application with a modified version of
       the Linked Version to produce a modified Combined Work, in the
       manner specified by section 6 of the GNU GPL for conveying
       Corresponding Source.
       1) Use a suitable shared library mechanism for linking with the
       Library.  A suitable mechanism is one that (a) uses at run time
       a copy of the Library already present on the user's computer
       system, and (b) will operate properly with a modified version
       of the Library that is interface-compatible with the Linked
       Version.
   e) Provide Installation Information, but only if you would otherwise
   be required to provide such information under section 6 of the
   GNU GPL, and only to the extent that such information is
   necessary to install and execute a modified version of the
   Combined Work produced by recombining or relinking the
   Application with a modified version of the Linked Version. (If
   you use option 4d0, the Installation Information must accompany
   the Minimal Corresponding Source and Corresponding Application
   Code. If you use option 4d1, you must provide the Installation
   Information in the manner specified by section 6 of the GNU GPL
   for conveying Corresponding Source.)
  5. Combined Libraries.
  You may place library facilities that are a work based on the
 Library side by side in a single library together with other library
 facilities that are not Applications and are not covered by this
 License, and convey such a combined library under terms of your
 choice, if you do both of the following:
   a) Accompany the combined library with a copy of the same work based
   on the Library, uncombined with any other library facilities,
   conveyed under the terms of this License.
   b) Give prominent notice with the combined library that part of it
   is a work based on the Library, and explaining where to find the
   accompanying uncombined form of the same work.
  6. Revised Versions of the GNU Lesser General Public License.
  The Free Software Foundation may publish revised and/or new versions
 of the GNU Lesser General Public License from time to time. Such new
 versions will be similar in spirit to the present version, but may
 differ in detail to address new problems or concerns.
  Each version is given a distinguishing version number. If the
 Library as you received it specifies that a certain numbered version
 of the GNU Lesser General Public License "or any later version"
 applies to it, you have the option of following the terms and
 conditions either of that published version or of any later version
 published by the Free Software Foundation. If the Library as you
 received it does not specify a version number of the GNU Lesser
 General Public License, you may choose any version of the GNU Lesser
 General Public License ever published by the Free Software Foundation.
  If the Library as you received it specifies that a proxy can decide
 whether future versions of the GNU Lesser General Public License shall
 apply, that proxy's public statement of acceptance of any version is
 permanent authorization for you to choose that version for the
 Library.
  You may charge a fee for the physical act of transferring a copy,
 and you may at your option offer warranty protection in exchange for a
 fee.
  2. You may modify your copy or copies of the Library or any portion
 of it, thus forming a work based on the Library, and copy and
 distribute such modifications or work under the terms of Section 1
 above, provided that you also meet all of these conditions:
    a) The modified work must itself be a software library.
    b) You must cause the files modified to carry prominent notices
    stating that you changed the files and the date of any change.
    c) You must cause the whole of the work to be licensed at no
    charge to all third parties under the terms of this License.
    d) If a facility in the modified Library refers to a function or a
    table of data to be supplied by an application program that uses
    the facility, other than as an argument passed when the facility
    is invoked, then you must make a good faith effort to ensure that,
    in the event an application does not supply such function or
    table, the facility still operates, and performs whatever part of
    its purpose remains meaningful.
    (For example, a function in a library to compute square roots has
    a purpose that is entirely well-defined independent of the
    application.  Therefore, Subsection 2d requires that any
    application-supplied function or table used by this function must
    be optional: if the application does not supply it, the square
    root function must still compute square roots.)
 These requirements apply to the modified work as a whole.  If
 identifiable sections of that work are not derived from the Library,
 and can be reasonably considered independent and separate works in
 themselves, then this License, and its terms, do not apply to those
 sections when you distribute them as separate works.  But when you
 distribute the same sections as part of a whole which is a work based
 on the Library, the distribution of the whole must be on the terms of
 this License, whose permissions for other licensees extend to the
 entire whole, and thus to each and every part regardless of who wrote
 it.
 Thus, it is not the intent of this section to claim rights or contest
 your rights to work written entirely by you; rather, the intent is to
 exercise the right to control the distribution of derivative or
 collective works based on the Library.
 In addition, mere aggregation of another work not based on the Library
 with the Library (or with a work based on the Library) on a volume of
 a storage or distribution medium does not bring the other work under
 the scope of this License.
  3. You may opt to apply the terms of the ordinary GNU General Public
 License instead of this License to a given copy of the Library.  To do
 this, you must alter all the notices that refer to this License, so
 that they refer to the ordinary GNU General Public License, version 2,
 instead of to this License.  (If a newer version than version 2 of the
 ordinary GNU General Public License has appeared, then you can specify
 that version instead if you wish.)  Do not make any other change in
 these notices.
  Once this change is made in a given copy, it is irreversible for
 that copy, so the ordinary GNU General Public License applies to all
 subsequent copies and derivative works made from that copy.
  This option is useful when you wish to copy part of the code of
 the Library into a program that is not a library.
  4. You may copy and distribute the Library (or a portion or
 derivative of it, under Section 2) in object code or executable form
 under the terms of Sections 1 and 2 above provided that you accompany
 it with the complete corresponding machine-readable source code, which
 must be distributed under the terms of Sections 1 and 2 above on a
 medium customarily used for software interchange.
  If distribution of object code is made by offering access to copy
 from a designated place, then offering equivalent access to copy the
 source code from the same place satisfies the requirement to
 distribute the source code, even though third parties are not
 compelled to copy the source along with the object code.
  5. A program that contains no derivative of any portion of the
 Library, but is designed to work with the Library by being compiled or
 linked with it, is called a "work that uses the Library".  Such a
 work, in isolation, is not a derivative work of the Library, and
 therefore falls outside the scope of this License.
  However, linking a "work that uses the Library" with the Library
 creates an executable that is a derivative of the Library (because it
 contains portions of the Library), rather than a "work that uses the
 library".  The executable is therefore covered by this License.
 Section 6 states terms for distribution of such executables.
  When a "work that uses the Library" uses material from a header file
 that is part of the Library, the object code for the work may be a
 derivative work of the Library even though the source code is not.
 Whether this is true is especially significant if the work can be
 linked without the Library, or if the work is itself a library.  The
 threshold for this to be true is not precisely defined by law.
  If such an object file uses only numerical parameters, data
 structure layouts and accessors, and small macros and small inline
 functions (ten lines or less in length), then the use of the object
 file is unrestricted, regardless of whether it is legally a derivative
 work.  (Executables containing this object code plus portions of the
 Library will still fall under Section 6.)
  Otherwise, if the work is a derivative of the Library, you may
 distribute the object code for the work under the terms of Section 6.
 Any executables containing that work also fall under Section 6,
 whether or not they are linked directly with the Library itself.
  6. As an exception to the Sections above, you may also combine or
 link a "work that uses the Library" with the Library to produce a
 work containing portions of the Library, and distribute that work
 under terms of your choice, provided that the terms permit
 modification of the work for the customer's own use and reverse
 engineering for debugging such modifications.
  You must give prominent notice with each copy of the work that the
 Library is used in it and that the Library and its use are covered by
 this License.  You must supply a copy of this License.  If the work
 during execution displays copyright notices, you must include the
 copyright notice for the Library among them, as well as a reference
 directing the user to the copy of this License.  Also, you must do one
 of these things:
    a) Accompany the work with the complete corresponding
    machine-readable source code for the Library including whatever
    changes were used in the work (which must be distributed under
    Sections 1 and 2 above); and, if the work is an executable linked
    with the Library, with the complete machine-readable "work that
    uses the Library", as object code and/or source code, so that the
    user can modify the Library and then relink to produce a modified
    executable containing the modified Library.  (It is understood
    that the user who changes the contents of definitions files in the
    Library will not necessarily be able to recompile the application
    to use the modified definitions.)
    b) Use a suitable shared library mechanism for linking with the
    Library.  A suitable mechanism is one that (1) uses at run time a
    copy of the library already present on the user's computer system,
    rather than copying library functions into the executable, and (2)
    will operate properly with a modified version of the library, if
    the user installs one, as long as the modified version is
    interface-compatible with the version that the work was made with.
    c) Accompany the work with a written offer, valid for at
    least three years, to give the same user the materials
    specified in Subsection 6a, above, for a charge no more
    than the cost of performing this distribution.
    d) If distribution of the work is made by offering access to copy
    from a designated place, offer equivalent access to copy the above
    specified materials from the same place.
    e) Verify that the user has already received a copy of these
    materials or that you have already sent this user a copy.
  For an executable, the required form of the "work that uses the
 Library" must include any data and utility programs needed for
 reproducing the executable from it.  However, as a special exception,
 the materials to be distributed need not include anything that is
 normally distributed (in either source or binary form) with the major
 components (compiler, kernel, and so on) of the operating system on
 which the executable runs, unless that component itself accompanies
 the executable.
  It may happen that this requirement contradicts the license
 restrictions of other proprietary libraries that do not normally
 accompany the operating system.  Such a contradiction means you cannot
 use both them and the Library together in an executable that you
 distribute.
  7. You may place library facilities that are a work based on the
 Library side-by-side in a single library together with other library
 facilities not covered by this License, and distribute such a combined
 library, provided that the separate distribution of the work based on
 the Library and of the other library facilities is otherwise
 permitted, and provided that you do these two things:
    a) Accompany the combined library with a copy of the same work
    based on the Library, uncombined with any other library
    facilities.  This must be distributed under the terms of the
    Sections above.
    b) Give prominent notice with the combined library of the fact
    that part of it is a work based on the Library, and explaining
    where to find the accompanying uncombined form of the same work.
  8. You may not copy, modify, sublicense, link with, or distribute
 the Library except as expressly provided under this License.  Any
 attempt otherwise to copy, modify, sublicense, link with, or
 distribute the Library is void, and will automatically terminate your
 rights under this License.  However, parties who have received copies,
 or rights, from you under this License will not have their licenses
 terminated so long as such parties remain in full compliance.
  9. You are not required to accept this License, since you have not
 signed it.  However, nothing else grants you permission to modify or
 distribute the Library or its derivative works.  These actions are
 prohibited by law if you do not accept this License.  Therefore, by
 modifying or distributing the Library (or any work based on the
 Library), you indicate your acceptance of this License to do so, and
 all its terms and conditions for copying, distributing or modifying
 the Library or works based on it.
  10. Each time you redistribute the Library (or any work based on the
 Library), the recipient automatically receives a license from the
 original licensor to copy, distribute, link with or modify the Library
 subject to these terms and conditions.  You may not impose any further
 restrictions on the recipients' exercise of the rights granted herein.
 You are not responsible for enforcing compliance by third parties with
 this License.
  11. If, as a consequence of a court judgment or allegation of patent
 infringement or for any other reason (not limited to patent issues),
 conditions are imposed on you (whether by court order, agreement or
 otherwise) that contradict the conditions of this License, they do not
 excuse you from the conditions of this License.  If you cannot
 distribute so as to satisfy simultaneously your obligations under this
 License and any other pertinent obligations, then as a consequence you
 may not distribute the Library at all.  For example, if a patent
 license would not permit royalty-free redistribution of the Library by
 all those who receive copies directly or indirectly through you, then
 the only way you could satisfy both it and this License would be to
 refrain entirely from distribution of the Library.
 If any portion of this section is held invalid or unenforceable under any
 particular circumstance, the balance of the section is intended to apply,
 and the section as a whole is intended to apply in other circumstances.
 It is not the purpose of this section to induce you to infringe any
 patents or other property right claims or to contest validity of any
 such claims; this section has the sole purpose of protecting the
 integrity of the free software distribution system which is
 implemented by public license practices.  Many people have made
 generous contributions to the wide range of software distributed
 through that system in reliance on consistent application of that
 system; it is up to the author/donor to decide if he or she is willing
 to distribute software through any other system and a licensee cannot
 impose that choice.
 This section is intended to make thoroughly clear what is believed to
 be a consequence of the rest of this License.
  12. If the distribution and/or use of the Library is restricted in
 certain countries either by patents or by copyrighted interfaces, the
 original copyright holder who places the Library under this License may add
 an explicit geographical distribution limitation excluding those countries,
 so that distribution is permitted only in or among countries not thus
 excluded.  In such case, this License incorporates the limitation as if
 written in the body of this License.
  13. The Free Software Foundation may publish revised and/or new
 versions of the Lesser General Public License from time to time.
 Such new versions will be similar in spirit to the present version,
 but may differ in detail to address new problems or concerns.
 Each version is given a distinguishing version number.  If the Library
 specifies a version number of this License which applies to it and
 "any later version", you have the option of following the terms and
 conditions either of that version or of any later version published by
 the Free Software Foundation.  If the Library does not specify a
 license version number, you may choose any version ever published by
 the Free Software Foundation.
  14. If you wish to incorporate parts of the Library into other free
 programs whose distribution conditions are incompatible with these,
 write to the author to ask for permission.  For software which is
 copyrighted by the Free Software Foundation, write to the Free
 Software Foundation; we sometimes make exceptions for this.  Our
 decision will be guided by the two goals of preserving the free status
 of all derivatives of our free software and of promoting the sharing
 and reuse of software generally.
                            NO WARRANTY
  15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO
 WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW.
 EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR
 OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY
 KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE
 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE
 LIBRARY IS WITH YOU.  SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME
 THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
  16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
 WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY
 AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU
 FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR
 CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
 LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
 RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A
 FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
 SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
 DAMAGES.
                     END OF TERMS AND CONDITIONS
           How to Apply These Terms to Your New Libraries
  If you develop a new library, and you want it to be of the greatest
 possible use to the public, we recommend making it free software that
 everyone can redistribute and change.  You can do so by permitting
 redistribution under these terms (or, alternatively, under the terms of the
 ordinary General Public License).
  To apply these terms, attach the following notices to the library.  It is
 safest to attach them to the start of each source file to most effectively
 convey the exclusion of warranty; and each file should have at least the
 "copyright" line and a pointer to where the full notice is found.
    <one line to give the library's name and a brief idea of what it does.>
    Copyright (C) <year>  <name of author>
    This library is free software; you can redistribute it and/or
    modify it under the terms of the GNU Lesser General Public
    License as published by the Free Software Foundation; either
    version 2.1 of the License, or (at your option) any later version.
    This library is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    Lesser General Public License for more details.
    You should have received a copy of the GNU Lesser General Public
    License along with this library; if not, write to the Free Software
    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 Also add information on how to contact you by electronic and paper mail.
 You should also get your employer (if you work as a programmer) or your
 school, if any, to sign a "copyright disclaimer" for the library, if
 necessary.  Here is a sample; alter the names:
  Yoyodyne, Inc., hereby disclaims all copyright interest in the
  library `Frob' (a library for tweaking knobs) written by James Random Hacker.
  <signature of Ty Coon>, 1 April 1990
  Ty Coon, President of Vice
 That's all there is to it!
--- a/README.md
+++ b/README.md
@ -1,77 +1,677 @@
-OpenPGP.js
+OpenPGP.js [![Join the chat on Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/openpgpjs/openpgpjs?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
 ==========
-[OpenPGP.js](http://openpgpjs.org/) is a Javascript implementation of the OpenPGP protocol. This is defined in [RFC 4880](http://tools.ietf.org/html/rfc4880).
+[OpenPGP.js](https://openpgpjs.org/) is a JavaScript implementation of the OpenPGP protocol. It implements [RFC 9580](https://datatracker.ietf.org/doc/rfc9580/) (superseding [RFC 4880](https://tools.ietf.org/html/rfc4880) and [RFC 4880bis](https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-10)).
-[![Build Status](https://secure.travis-ci.org/openpgpjs/openpgpjs.png?branch=master,v0.1.x)](http://travis-ci.org/openpgpjs/openpgpjs)
+**Table of Contents**
-### Node support
+- [OpenPGP.js](#openpgpjs)
    - [Platform Support](#platform-support)
    - [Performance](#performance)
    - [Getting started](#getting-started)
        - [Node.js](#nodejs)
        - [Deno (experimental)](#deno-experimental)
        - [Browser (webpack)](#browser-webpack)
        - [Browser (plain files)](#browser-plain-files)
    - [Examples](#examples)
        - [Encrypt and decrypt *Uint8Array* data with a password](#encrypt-and-decrypt-uint8array-data-with-a-password)
        - [Encrypt and decrypt *String* data with PGP keys](#encrypt-and-decrypt-string-data-with-pgp-keys)
        - [Encrypt symmetrically with compression](#encrypt-symmetrically-with-compression)
        - [Streaming encrypt *Uint8Array* data with a password](#streaming-encrypt-uint8array-data-with-a-password)
        - [Streaming encrypt and decrypt *String* data with PGP keys](#streaming-encrypt-and-decrypt-string-data-with-pgp-keys)
        - [Generate new key pair](#generate-new-key-pair)
        - [Revoke a key](#revoke-a-key)
        - [Sign and verify cleartext messages](#sign-and-verify-cleartext-messages)
        - [Create and verify *detached* signatures](#create-and-verify-detached-signatures)
        - [Streaming sign and verify *Uint8Array* data](#streaming-sign-and-verify-uint8array-data)
    - [Documentation](#documentation)
    - [Security Audit](#security-audit)
    - [Security recommendations](#security-recommendations)
    - [Development](#development)
    - [How do I get involved?](#how-do-i-get-involved)
    - [License](#license)
-For server side use, install via npm:
+### Platform Support
-    npm install openpgp
+* The `dist/openpgp.min.js` (or `.mjs`) bundle works with recent versions of Chrome, Firefox, Edge and Safari 14+.
 * The `dist/node/openpgp.min.mjs` (or `.cjs`) bundle works in Node.js v18+: it is used by default when you `import ... from 'openpgp'` (or `require('openpgp')`, respectively).
 * Support for the [Web Cryptography API](https://w3c.github.io/webcrypto/)'s `SubtleCrypto` is required.
  * In browsers, `SubtleCrypto` is only available in [secure contexts](https://developer.mozilla.org/en-US/docs/Web/Security/Secure_Contexts).
  * In supported versions of Node.js, `SubtleCrypto` is always available.
 * Support for the [Web Streams API](https://streams.spec.whatwg.org/) is required.
  * In browsers: the latest versions of Chrome, Firefox, Edge and Safari support Streams, including `TransformStream`s.
    These are needed if you use the library with stream inputs.
    In previous versions of OpenPGP.js, Web Streams were automatically polyfilled by the library,
    but from v6 this task is left up to the library user, due to the more extensive browser support, and the
    polyfilling side-effects. If you're working with [older browsers versions which do not implement e.g. TransformStreams](https://developer.mozilla.org/en-US/docs/Web/API/TransformStream#browser_compatibility), you can manually
    load the [Web Streams polyfill](https://github.com/MattiasBuelens/web-streams-polyfills).
    Please note that when you load the polyfills, the global `ReadableStream` property (if it exists) gets overwritten with the polyfill version.
    In some edge cases, you might need to use the native
    `ReadableStream` (for example when using it to create a `Response`
    object), in which case you should store a reference to it before loading
    the polyfills. There is also the [web-streams-adapter](https://github.com/MattiasBuelens/web-streams-adapter)
    library to convert back and forth between them.
  * In Node.js: OpenPGP.js v6 no longer supports native Node `Readable` streams in inputs, and instead expects (and outputs) [Node's Web Streams](https://nodejs.org/api/webstreams.html#class-readablestream). [Node v17+ includes utilities to convert from and to Web Streams](https://nodejs.org/api/stream.html#streamreadabletowebstreamreadable-options).
 ### Performance
 * Version 3.0.0 of the library introduced support for public-key cryptography using [elliptic curves](https://wiki.gnupg.org/ECC). We use native implementations on browsers and Node.js when available. Compared to RSA, elliptic curve cryptography provides stronger security per bits of key, which allows for much faster operations. Currently the following curves are supported:
    | Curve           | Encryption | Signature | NodeCrypto | WebCrypto | Constant-Time     |
    |:---------------:|:----------:|:---------:|:----------:|:---------:|:-----------------:|
    | curve25519      | ECDH       | N/A       | No         | No        | Algorithmically  |
    | ed25519         | N/A        | EdDSA     | No         | Yes*      | If native**      |
    | nistP256        | ECDH       | ECDSA     | Yes*       | Yes*      | If native**      |
    | nistP384        | ECDH       | ECDSA     | Yes*       | Yes*      | If native**      |
    | nistP521        | ECDH       | ECDSA     | Yes*       | Yes*      | If native**      |
    | brainpoolP256r1 | ECDH       | ECDSA     | Yes*       | No        | If native**      |
    | brainpoolP384r1 | ECDH       | ECDSA     | Yes*       | No        | If native**      |
    | brainpoolP512r1 | ECDH       | ECDSA     | Yes*       | No        | If native**      |
    | secp256k1       | ECDH       | ECDSA     | Yes*       | No        | If native**      |
   \* when available  
   \** these curves are only constant-time if the underlying native implementation is available and constant-time
 * The platform's [native Web Crypto API](https://w3c.github.io/webcrypto/) is used for performance. On Node.js the native [crypto module](https://nodejs.org/api/crypto.html#crypto_crypto) is also used, in cases where it offers additional functionality.
 * The library implements authenticated encryption (AEAD) as per [RFC 9580](https://datatracker.ietf.org/doc/rfc9580/) using AES-GCM, OCB, or EAX. This makes symmetric encryption faster on platforms with native implementations. However, since the specification is very recent and other OpenPGP implementations are in the process of adopting it, the feature is currently behind a flag. **Note: activating this setting can break compatibility with other OpenPGP implementations which have yet to implement the feature.** You can enable it by setting `openpgp.config.aeadProtect = true`.
  Note that this setting has a different effect from the one in OpenPGP.js v5, which implemented support for a provisional version of AEAD from [RFC 4880bis](https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-10), which was modified in RFC 9580.
  You can change the AEAD mode by setting one of the following options:
  ```
  openpgp.config.preferredAEADAlgorithm = openpgp.enums.aead.gcm; // Default, native in WebCrypto and Node.js
  openpgp.config.preferredAEADAlgorithm = openpgp.enums.aead.ocb; // Non-native, but supported across RFC 9580 implementations
  openpgp.config.preferredAEADAlgorithm = openpgp.enums.aead.eax; // Native in Node.js
  ```
 ### Getting started
 #### Node.js
 Install OpenPGP.js using npm and save it in your dependencies:
 ```sh
 npm install --save openpgp
 ```
 And import it as an ES module, from a .mjs file:
 ```js
 import * as openpgp from 'openpgp';
 ```
 Or as a CommonJS module:
 ```js
 const openpgp = require('openpgp');
 ```
 #### Deno (experimental)
 Import as an ES6 module, using /dist/openpgp.mjs.
 ```js
 import * as openpgp from './openpgpjs/dist/openpgp.mjs';
 ```
 #### Browser (webpack)
 Install OpenPGP.js using npm and save it in your devDependencies:
 ```sh
 npm install --save-dev openpgp
 ```
 And import it as an ES6 module:
 ```js
 import * as openpgp from 'openpgp';
 ```
 You can also only import the functions you need, as follows:
 ```js
 import { readMessage, decrypt } from 'openpgp';
 ```
 Or, if you want to use the lightweight build (which is smaller, and lazily loads non-default curves on demand):
 ```js
 import * as openpgp from 'openpgp/lightweight';
 ```
 To test whether the lazy loading works, try to generate a key with a non-standard curve:
 ```js
 import { generateKey } from 'openpgp/lightweight';
 await generateKey({ curve: 'brainpoolP512r1',  userIDs: [{ name: 'Test', email: 'test@test.com' }] });
 ```
 For more examples of how to generate a key, see [Generate new key pair](#generate-new-key-pair). It is recommended to use `curve25519` instead of `brainpoolP512r1` by default.
 #### Browser (plain files)
 Grab `openpgp.min.js` from [unpkg.com/openpgp/dist](https://unpkg.com/openpgp/dist/), and load it in a script tag:
 ```html
 <script src="openpgp.min.js"></script>
 ```
 Or, to load OpenPGP.js as an ES6 module, grab `openpgp.min.mjs` from [unpkg.com/openpgp/dist](https://unpkg.com/openpgp/dist/), and import it as follows:
 ```html
 <script type="module">
 import * as openpgp from './openpgp.min.mjs';
 </script>
 ```
 To offload cryptographic operations off the main thread, you can implement a Web Worker in your application and load OpenPGP.js from there. For an example Worker implementation, see `test/worker/worker_example.js`.
 #### TypeScript
 Since TS is not fully integrated in the library, TS-only dependencies are currently listed as `devDependencies`, so to compile the project you’ll need to add `@openpgp/web-stream-tools` manually:
 ```sh
 npm install --save-dev @openpgp/web-stream-tools
 ```
 If you notice missing or incorrect type definitions, feel free to open a PR.
 ### Examples
-#### Encryption
+Here are some examples of how to use OpenPGP.js v6. For more elaborate examples and working code, please check out the [public API unit tests](https://github.com/openpgpjs/openpgpjs/blob/main/test/general/openpgp.js). If you're upgrading from v4 it might help to check out the [changelog](https://github.com/openpgpjs/openpgpjs/wiki/v6-Changelog) and [documentation](https://github.com/openpgpjs/openpgpjs#documentation).
    var openpgp = require('openpgp');
    var key = '-----BEGIN PGP PUBLIC KEY BLOCK ... END PGP PUBLIC KEY BLOCK-----';
    var publicKey = openpgp.key.readArmored(key);
    var pgpMessage = openpgp.encryptMessage(publicKey.keys, 'Hello, World!');
-#### Decryption
+#### Encrypt and decrypt *Uint8Array* data with a password
    var openpgp = require('openpgp');
    var key = '-----BEGIN PGP PRIVATE KEY BLOCK ... END PGP PRIVATE KEY BLOCK-----';
    var privateKey = openpgp.key.readArmored(key).keys[0];
    privateKey.decrypt('passphrase');
    var pgpMessage = '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----';
    pgpMessage = openpgp.message.readArmored(pgpMessage);
    var plaintext = openpgp.decryptMessage(privateKey, pgpMessage);
-### Browser support
+Encryption will use the algorithm specified in config.preferredSymmetricAlgorithm (defaults to aes256), and decryption will use the algorithm used for encryption.
-Fetch a minified build under [releases](https://github.com/openpgpjs/openpgpjs/releases). The library can be loaded via  AMD/require.js or accessed globally via `window.openpgp`.
+```js
 (async () => {
    const message = await openpgp.createMessage({ binary: new Uint8Array([0x01, 0x01, 0x01]) });
    const encrypted = await openpgp.encrypt({
        message, // input as Message object
        passwords: ['secret stuff'], // multiple passwords possible
        format: 'binary' // don't ASCII armor (for Uint8Array output)
    });
    console.log(encrypted); // Uint8Array
-OpenPGP.js currently only fully supports browsers that implement `window.crypto.getRandomValues`. If you can help us support more browsers and runtimes, please chip in!
+    const encryptedMessage = await openpgp.readMessage({
        binaryMessage: encrypted // parse encrypted bytes
    });
    const { data: decrypted } = await openpgp.decrypt({
        message: encryptedMessage,
        passwords: ['secret stuff'], // decrypt with password
        format: 'binary' // output as Uint8Array
    });
    console.log(decrypted); // Uint8Array([0x01, 0x01, 0x01])
 })();
 ```
 #### Encrypt and decrypt *String* data with PGP keys
 Encryption will use the algorithm preferred by the public (encryption) key (defaults to aes256 for keys generated in OpenPGP.js), and decryption will use the algorithm used for encryption.
 ```js
 const openpgp = require('openpgp'); // use as CommonJS, AMD, ES6 module or via window.openpgp
 (async () => {
    // put keys in backtick (``) to avoid errors caused by spaces or tabs
    const publicKeyArmored = `-----BEGIN PGP PUBLIC KEY BLOCK-----
 ...
 -----END PGP PUBLIC KEY BLOCK-----`;
    const privateKeyArmored = `-----BEGIN PGP PRIVATE KEY BLOCK-----
 ...
 -----END PGP PRIVATE KEY BLOCK-----`; // encrypted private key
    const passphrase = `yourPassphrase`; // what the private key is encrypted with
    const publicKey = await openpgp.readKey({ armoredKey: publicKeyArmored });
    const privateKey = await openpgp.decryptKey({
        privateKey: await openpgp.readPrivateKey({ armoredKey: privateKeyArmored }),
        passphrase
    });
    const encrypted = await openpgp.encrypt({
        message: await openpgp.createMessage({ text: 'Hello, World!' }), // input as Message object
        encryptionKeys: publicKey,
        signingKeys: privateKey // optional
    });
    console.log(encrypted); // '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----'
    const message = await openpgp.readMessage({
        armoredMessage: encrypted // parse armored message
    });
    const { data: decrypted, signatures } = await openpgp.decrypt({
        message,
        verificationKeys: publicKey, // optional
        decryptionKeys: privateKey
    });
    console.log(decrypted); // 'Hello, World!'
    // check signature validity (signed messages only)
    try {
        await signatures[0].verified; // throws on invalid signature
        console.log('Signature is valid');
    } catch (e) {
        throw new Error('Signature could not be verified: ' + e.message);
    }
 })();
 ```
 Encrypt to multiple public keys:
 ```js
 (async () => {
    const publicKeysArmored = [
        `-----BEGIN PGP PUBLIC KEY BLOCK-----
 ...
 -----END PGP PUBLIC KEY BLOCK-----`,
        `-----BEGIN PGP PUBLIC KEY BLOCK-----
 ...
 -----END PGP PUBLIC KEY BLOCK-----`
    ];
    const privateKeyArmored = `-----BEGIN PGP PRIVATE KEY BLOCK-----
 ...
 -----END PGP PRIVATE KEY BLOCK-----`;    // encrypted private key
    const passphrase = `yourPassphrase`; // what the private key is encrypted with
    const plaintext = 'Hello, World!';
    const publicKeys = await Promise.all(publicKeysArmored.map(armoredKey => openpgp.readKey({ armoredKey })));
    const privateKey = await openpgp.decryptKey({
        privateKey: await openpgp.readKey({ armoredKey: privateKeyArmored }),
        passphrase
    });
    const message = await openpgp.createMessage({ text: plaintext });
    const encrypted = await openpgp.encrypt({
        message, // input as Message object
        encryptionKeys: publicKeys,
        signingKeys: privateKey // optional
    });
    console.log(encrypted); // '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----'
 })();
 ```
 If you expect an encrypted message to be signed with one of the public keys you have, and do not want to trust the decrypted data otherwise, you can pass the decryption option `expectSigned = true`, so that the decryption operation will fail if no valid signature is found:
 ```js
 (async () => {
    // put keys in backtick (``) to avoid errors caused by spaces or tabs
    const publicKeyArmored = `-----BEGIN PGP PUBLIC KEY BLOCK-----
 ...
 -----END PGP PUBLIC KEY BLOCK-----`;
    const privateKeyArmored = `-----BEGIN PGP PRIVATE KEY BLOCK-----
 ...
 -----END PGP PRIVATE KEY BLOCK-----`; // encrypted private key
    const passphrase = `yourPassphrase`; // what the private key is encrypted with
    const publicKey = await openpgp.readKey({ armoredKey: publicKeyArmored });
    const privateKey = await openpgp.decryptKey({
        privateKey: await openpgp.readPrivateKey({ armoredKey: privateKeyArmored }),
        passphrase
    });
    const encryptedAndSignedMessage = `-----BEGIN PGP MESSAGE-----
 ...
 -----END PGP MESSAGE-----`;
    const message = await openpgp.readMessage({
        armoredMessage: encryptedAndSignedMessage // parse armored message
    });
    // decryption will fail if all signatures are invalid or missing
    const { data: decrypted, signatures } = await openpgp.decrypt({
        message,
        decryptionKeys: privateKey,
        expectSigned: true,
        verificationKeys: publicKey, // mandatory with expectSigned=true
    });
    console.log(decrypted); // 'Hello, World!'
 })();
 ```
 #### Encrypt symmetrically with compression
 By default, `encrypt` will not use any compression when encrypting symmetrically only (i.e. when no `encryptionKeys` are given).
 It's possible to change that behaviour by enabling compression through the config, either for the single encryption:
 ```js
 (async () => {
    const message = await openpgp.createMessage({ binary: new Uint8Array([0x01, 0x02, 0x03]) }); // or createMessage({ text: 'string' })
    const encrypted = await openpgp.encrypt({
        message,
        passwords: ['secret stuff'], // multiple passwords possible
        config: { preferredCompressionAlgorithm: openpgp.enums.compression.zlib } // compress the data with zlib
    });
 })();
 ```
 or by changing the default global configuration:
 ```js
 openpgp.config.preferredCompressionAlgorithm = openpgp.enums.compression.zlib
 ```
 Where the value can be any of:
 * `openpgp.enums.compression.zip`
 * `openpgp.enums.compression.zlib`
 * `openpgp.enums.compression.uncompressed` (default)
 #### Streaming encrypt *Uint8Array* data with a password
 ```js
 (async () => {
    const readableStream = new ReadableStream({
        start(controller) {
            controller.enqueue(new Uint8Array([0x01, 0x02, 0x03]));
            controller.close();
        }
    });
    const message = await openpgp.createMessage({ binary: readableStream });
    const encrypted = await openpgp.encrypt({
        message, // input as Message object
        passwords: ['secret stuff'], // multiple passwords possible
        format: 'binary' // don't ASCII armor (for Uint8Array output)
    });
    console.log(encrypted); // raw encrypted packets as ReadableStream<Uint8Array>
    // Either pipe the above stream somewhere, pass it to another function,
    // or read it manually as follows:
    for await (const chunk of encrypted) {
        console.log('new chunk:', chunk); // Uint8Array
    }
 })();
 ```
 For more information on using ReadableStreams (both in browsers and Node.js), see [the MDN Documentation on the
 Streams API](https://developer.mozilla.org/en-US/docs/Web/API/Streams_API) .
 #### Streaming encrypt and decrypt *String* data with PGP keys
 ```js
 (async () => {
    const publicKeyArmored = `-----BEGIN PGP PUBLIC KEY BLOCK-----
 ...
 -----END PGP PUBLIC KEY BLOCK-----`; // Public key
    const privateKeyArmored = `-----BEGIN PGP PRIVATE KEY BLOCK-----
 ...
 -----END PGP PRIVATE KEY BLOCK-----`; // Encrypted private key
    const passphrase = `yourPassphrase`; // Password that private key is encrypted with
    const publicKey = await openpgp.readKey({ armoredKey: publicKeyArmored });
    const privateKey = await openpgp.decryptKey({
        privateKey: await openpgp.readPrivateKey({ armoredKey: privateKeyArmored }),
        passphrase
    });
    const readableStream = new ReadableStream({
        start(controller) {
            controller.enqueue('Hello, world!');
            controller.close();
        }
    });
    const encrypted = await openpgp.encrypt({
        message: await openpgp.createMessage({ text: readableStream }), // input as Message object
        encryptionKeys: publicKey,
        signingKeys: privateKey // optional
    });
    console.log(encrypted); // ReadableStream containing '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----'
    const message = await openpgp.readMessage({
        armoredMessage: encrypted // parse armored message
    });
    const decrypted = await openpgp.decrypt({
        message,
        verificationKeys: publicKey, // optional
        decryptionKeys: privateKey
    });
    const chunks = [];
    for await (const chunk of decrypted.data) {
        chunks.push(chunk);
    }
    const plaintext = chunks.join('');
    console.log(plaintext); // 'Hello, World!'
 })();
 ```
 #### Generate new key pair
 ECC keys (smaller and faster to generate):
 Possible values for `curve` are: `curve25519`, `ed25519`, `nistP256`, `nistP384`, `nistP521`,
 `brainpoolP256r1`, `brainpoolP384r1`, `brainpoolP512r1`, and `secp256k1`.
 Note that both the `curve25519` and `ed25519` options generate a primary key for signing using Ed25519
 and a subkey for encryption using Curve25519.
 ```js
 (async () => {
    const { privateKey, publicKey, revocationCertificate } = await openpgp.generateKey({
        type: 'ecc', // Type of the key, defaults to ECC
        curve: 'curve25519', // ECC curve name, defaults to curve25519
        userIDs: [{ name: 'Jon Smith', email: 'jon@example.com' }], // you can pass multiple user IDs
        passphrase: 'super long and hard to guess secret', // protects the private key
        format: 'armored' // output key format, defaults to 'armored' (other options: 'binary' or 'object')
    });
    console.log(privateKey);     // '-----BEGIN PGP PRIVATE KEY BLOCK ... '
    console.log(publicKey);      // '-----BEGIN PGP PUBLIC KEY BLOCK ... '
    console.log(revocationCertificate); // '-----BEGIN PGP PUBLIC KEY BLOCK ... '
 })();
 ```
 RSA keys (increased compatibility):
 ```js
 (async () => {
    const { privateKey, publicKey } = await openpgp.generateKey({
        type: 'rsa', // Type of the key
        rsaBits: 4096, // RSA key size (defaults to 4096 bits)
        userIDs: [{ name: 'Jon Smith', email: 'jon@example.com' }], // you can pass multiple user IDs
        passphrase: 'super long and hard to guess secret' // protects the private key
    });
 })();
 ```
 #### Revoke a key
 Using a revocation certificate:
 ```js
 (async () => {
    const { publicKey: revokedKeyArmored } = await openpgp.revokeKey({
        key: await openpgp.readKey({ armoredKey: publicKeyArmored }),
        revocationCertificate,
        format: 'armored' // output armored keys
    });
    console.log(revokedKeyArmored); // '-----BEGIN PGP PUBLIC KEY BLOCK ... '
 })();
 ```
 Using the private key:
 ```js
 (async () => {
    const { publicKey: revokedKeyArmored } = await openpgp.revokeKey({
        key: await openpgp.readKey({ armoredKey: privateKeyArmored }),
        format: 'armored' // output armored keys
    });
    console.log(revokedKeyArmored); // '-----BEGIN PGP PUBLIC KEY BLOCK ... '
 })();
 ```
 #### Sign and verify cleartext messages
 ```js
 (async () => {
    const publicKeyArmored = `-----BEGIN PGP PUBLIC KEY BLOCK-----
 ...
 -----END PGP PUBLIC KEY BLOCK-----`;
    const privateKeyArmored = `-----BEGIN PGP PRIVATE KEY BLOCK-----
 ...
 -----END PGP PRIVATE KEY BLOCK-----`; // encrypted private key
    const passphrase = `yourPassphrase`; // what the private key is encrypted with
    const publicKey = await openpgp.readKey({ armoredKey: publicKeyArmored });
    const privateKey = await openpgp.decryptKey({
        privateKey: await openpgp.readPrivateKey({ armoredKey: privateKeyArmored }),
        passphrase
    });
    const unsignedMessage = await openpgp.createCleartextMessage({ text: 'Hello, World!' });
    const cleartextMessage = await openpgp.sign({
        message: unsignedMessage, // CleartextMessage or Message object
        signingKeys: privateKey
    });
    console.log(cleartextMessage); // '-----BEGIN PGP SIGNED MESSAGE ... END PGP SIGNATURE-----'
    const signedMessage = await openpgp.readCleartextMessage({
        cleartextMessage // parse armored message
    });
    const verificationResult = await openpgp.verify({
        message: signedMessage,
        verificationKeys: publicKey
    });
    const { verified, keyID } = verificationResult.signatures[0];
    try {
        await verified; // throws on invalid signature
        console.log('Signed by key id ' + keyID.toHex());
    } catch (e) {
        throw new Error('Signature could not be verified: ' + e.message);
    }
 })();
 ```
 #### Create and verify *detached* signatures
 ```js
 (async () => {
    const publicKeyArmored = `-----BEGIN PGP PUBLIC KEY BLOCK-----
 ...
 -----END PGP PUBLIC KEY BLOCK-----`;
    const privateKeyArmored = `-----BEGIN PGP PRIVATE KEY BLOCK-----
 ...
 -----END PGP PRIVATE KEY BLOCK-----`; // encrypted private key
    const passphrase = `yourPassphrase`; // what the private key is encrypted with
    const publicKey = await openpgp.readKey({ armoredKey: publicKeyArmored });
    const privateKey = await openpgp.decryptKey({
        privateKey: await openpgp.readPrivateKey({ armoredKey: privateKeyArmored }),
        passphrase
    });
    const message = await openpgp.createMessage({ text: 'Hello, World!' });
    const detachedSignature = await openpgp.sign({
        message, // Message object
        signingKeys: privateKey,
        detached: true
    });
    console.log(detachedSignature);
    const signature = await openpgp.readSignature({
        armoredSignature: detachedSignature // parse detached signature
    });
    const verificationResult = await openpgp.verify({
        message, // Message object
        signature,
        verificationKeys: publicKey
    });
    const { verified, keyID } = verificationResult.signatures[0];
    try {
        await verified; // throws on invalid signature
        console.log('Signed by key id ' + keyID.toHex());
    } catch (e) {
        throw new Error('Signature could not be verified: ' + e.message);
    }
 })();
 ```
 #### Streaming sign and verify *Uint8Array* data
 ```js
 (async () => {
    var readableStream = new ReadableStream({
        start(controller) {
            controller.enqueue(new Uint8Array([0x01, 0x02, 0x03]));
            controller.close();
        }
    });
    const publicKeyArmored = `-----BEGIN PGP PUBLIC KEY BLOCK-----
 ...
 -----END PGP PUBLIC KEY BLOCK-----`;
    const privateKeyArmored = `-----BEGIN PGP PRIVATE KEY BLOCK-----
 ...
 -----END PGP PRIVATE KEY BLOCK-----`; // encrypted private key
    const passphrase = `yourPassphrase`; // what the private key is encrypted with
    const privateKey = await openpgp.decryptKey({
        privateKey: await openpgp.readPrivateKey({ armoredKey: privateKeyArmored }),
        passphrase
    });
    const message = await openpgp.createMessage({ binary: readableStream }); // or createMessage({ text: ReadableStream<String> })
    const signatureArmored = await openpgp.sign({
        message,
        signingKeys: privateKey
    });
    console.log(signatureArmored); // ReadableStream containing '-----BEGIN PGP MESSAGE ... END PGP MESSAGE-----'
    const verificationResult = await openpgp.verify({
        message: await openpgp.readMessage({ armoredMessage: signatureArmored }), // parse armored signature
        verificationKeys: await openpgp.readKey({ armoredKey: publicKeyArmored })
    });
    for await (const chunk of verificationResult.data) {}
    // Note: you *have* to read `verificationResult.data` in some way or other,
    // even if you don't need it, as that is what triggers the
    // verification of the data.
    try {
        await verificationResult.signatures[0].verified; // throws on invalid signature
        console.log('Signed by key id ' + verificationResult.signatures[0].keyID.toHex());
     } catch (e) {
        throw new Error('Signature could not be verified: ' + e.message);
    }
 })();
 ```
 ### Documentation
 The full documentation is available at [openpgpjs.org](https://docs.openpgpjs.org/).
 ### Security Audit
 To date the OpenPGP.js code base has undergone two complete security audits from [Cure53](https://cure53.de). The first audit's report has been published [here](https://github.com/openpgpjs/openpgpjs/wiki/Cure53-security-audit).
 ### Security recommendations
-It should be noted that js crypto apps deployed via regular web hosting (a.k.a. [**host-based security**](https://www.schneier.com/blog/archives/2012/08/cryptocat.html)) provide users with less security than installable apps with auditable static versions. Installable apps can be deployed as a [Firefox](https://developer.mozilla.org/en-US/Marketplace/Publishing/Packaged_apps) or [Chrome](http://developer.chrome.com/apps/about_apps.html) packaged app. These apps are basically signed zip files and their runtimes typically enforce a strict [Content Security Policy (CSP)](http://www.html5rocks.com/en/tutorials/security/content-security-policy/) to protect users against [XSS](http://en.wikipedia.org/wiki/Cross-site_scripting). This [blogpost](http://tonyarcieri.com/whats-wrong-with-webcrypto) explains the trust model of the web quite well.
+It should be noted that js crypto apps deployed via regular web hosting (a.k.a. [**host-based security**](https://www.schneier.com/blog/archives/2012/08/cryptocat.html)) provide users with less security than installable apps with auditable static versions. Installable apps can be deployed as a [Firefox](https://developer.mozilla.org/en-US/Marketplace/Options/Packaged_apps) or [Chrome](https://developer.chrome.com/apps/about_apps.html) packaged app. These apps are basically signed zip files and their runtimes typically enforce a strict [Content Security Policy (CSP)](https://www.html5rocks.com/en/tutorials/security/content-security-policy/) to protect users against [XSS](https://en.wikipedia.org/wiki/Cross-site_scripting). This [blogpost](https://tankredhase.com/2014/04/13/heartbleed-and-javascript-crypto/) explains the trust model of the web quite well.
 It is also recommended to set a strong passphrase that protects the user's private key on disk.
 ### Development
-To create your own build of the library, just run the following command after cloning the git repo. This will download all dependencies, run the tests and create a minifed bundle under `dist/openpgp.min.js` to use in your project:
+To create your own build of the library, just run the following command after cloning the git repo. This will download all dependencies, run the tests and create a minified bundle under `dist/openpgp.min.js` to use in your project:
    npm install && npm test
-### Documentation
+For debugging browser errors, run the following command:
-A jsdoc build of our code comments is available at [doc/index.html](http://openpgpjs.org/openpgpjs/doc/index.html). Public calls should generally be made through the OpenPGP object [doc/openpgp.html](http://openpgpjs.org/openpgpjs/doc/module-openpgp.html).
+    npm run browsertest
 ### Mailing List
 You can [sign up](http://list.openpgpjs.org/) for our mailing list and ask for help there.  We've recently worked on getting our [archive up and running](http://www.mail-archive.com/list@openpgpjs.org/).
 ### How do I get involved?
-You want to help, great! Go ahead and fork our repo, make your changes and send us a pull request.
+You want to help, great! It's probably best to send us a message on [Gitter](https://gitter.im/openpgpjs/openpgpjs) before you start your undertaking, to make sure nobody else is working on it, and so we can discuss the best course of action. Other than that, just go ahead and fork our repo, make your changes and send us a pull request! :)
 ### License
-GNU Lesser General Public License (2.1). Please take a look at the [LICENSE](LICENSE) file for more information.
+[GNU Lesser General Public License](https://www.gnu.org/licenses/lgpl-3.0.en.html) (3.0 or any later version). Please take a look at the [LICENSE](LICENSE) file for more information.
 ### Resources
 Below is a collection of resources, many of these were projects that were in someway a precursor to the current OpenPGP.js project. If you'd like to add your link here, please do so in a pull request or email to the list.
 * [http://www.hanewin.net/encrypt/](http://www.hanewin.net/encrypt/)
 * [https://github.com/seancolyer/gmail-crypt](https://github.com/seancolyer/gmail-crypt)
 * [https://github.com/mete0r/openpgp-js](https://github.com/mete0r/openpgp-js)
 * [http://fitblip.github.com/JSPGP-Stuffs/](http://fitblip.github.com/JSPGP-Stuffs/)
 * [http://qooxdoo.org/contrib/project/crypto](http://qooxdoo.org/contrib/project/crypto)
 * [https://github.com/GPGTools/Mobile/wiki/Introduction](https://github.com/GPGTools/Mobile/wiki/Introduction)
 * [http://gpg4browsers.recurity.com/](http://gpg4browsers.recurity.com/)
--- a/SECURITY.md
+++ b/SECURITY.md
@ -0,0 +1,7 @@
 ## Reporting Security Issues
 **Please do not report security vulnerabilities through public GitHub issues.**
 If you believe you have found a security vulnerability in OpenPGP.js, please report it via email to [security@openpgpjs.org](mailto:security@openpgpjs.org). If possible, encrypt your message with our PGP key: it can be downloaded automatically using [WKD](https://wiki.gnupg.org/WKD), or manually on [openpgpjs.org](https://openpgpjs.org/.well-known/openpgpkey/hu/t5s8ztdbon8yzntexy6oz5y48etqsnbb?l=security).
 You should receive a response within 2 working days.
--- a/docs/AEADEncryptedDataPacket.html
+++ b/docs/AEADEncryptedDataPacket.html
--- a/docs/Argon2S2K.html
+++ b/docs/Argon2S2K.html
--- a/docs/CNAME
+++ b/docs/CNAME
@ -0,0 +1 @@
 docs.openpgpjs.org
--- a/docs/CleartextMessage.html
+++ b/docs/CleartextMessage.html
--- a/docs/CompressedDataPacket.html
+++ b/docs/CompressedDataPacket.html
--- a/docs/Key.html
+++ b/docs/Key.html
--- a/docs/LiteralDataPacket.html
+++ b/docs/LiteralDataPacket.html
--- a/docs/MarkerPacket.html
+++ b/docs/MarkerPacket.html
--- a/docs/Message.html
+++ b/docs/Message.html
--- a/docs/OnePassSignaturePacket.html
+++ b/docs/OnePassSignaturePacket.html
--- a/docs/PacketList.html
+++ b/docs/PacketList.html
--- a/docs/PaddingPacket.html
+++ b/docs/PaddingPacket.html
--- a/docs/PrivateKey.html
+++ b/docs/PrivateKey.html
--- a/docs/PublicKey.html
+++ b/docs/PublicKey.html
--- a/docs/PublicKeyEncryptedSessionKeyPacket.html
+++ b/docs/PublicKeyEncryptedSessionKeyPacket.html
--- a/docs/PublicKeyPacket.html
+++ b/docs/PublicKeyPacket.html
--- a/docs/PublicSubkeyPacket.html
+++ b/docs/PublicSubkeyPacket.html
--- a/docs/SecretKeyPacket.html
+++ b/docs/SecretKeyPacket.html
--- a/docs/SecretSubkeyPacket.html
+++ b/docs/SecretSubkeyPacket.html
--- a/docs/Signature.html
+++ b/docs/Signature.html
--- a/docs/SignaturePacket.html
+++ b/docs/SignaturePacket.html
--- a/docs/SymEncryptedIntegrityProtectedDataPacket.html
+++ b/docs/SymEncryptedIntegrityProtectedDataPacket.html
--- a/docs/SymEncryptedSessionKeyPacket.html
+++ b/docs/SymEncryptedSessionKeyPacket.html
--- a/docs/SymmetricallyEncryptedDataPacket.html
+++ b/docs/SymmetricallyEncryptedDataPacket.html
--- a/docs/TrustPacket.html
+++ b/docs/TrustPacket.html
--- a/docs/UserAttributePacket.html
+++ b/docs/UserAttributePacket.html
--- a/docs/UserIDPacket.html
+++ b/docs/UserIDPacket.html
--- a/docs/fonts/OpenSans-Bold-webfont.eot
+++ b/docs/fonts/OpenSans-Bold-webfont.eot
--- a/docs/fonts/OpenSans-Bold-webfont.svg
+++ b/docs/fonts/OpenSans-Bold-webfont.svg
--- a/docs/fonts/OpenSans-Bold-webfont.woff
+++ b/docs/fonts/OpenSans-Bold-webfont.woff
--- a/docs/fonts/OpenSans-BoldItalic-webfont.eot
+++ b/docs/fonts/OpenSans-BoldItalic-webfont.eot
--- a/docs/fonts/OpenSans-BoldItalic-webfont.svg
+++ b/docs/fonts/OpenSans-BoldItalic-webfont.svg
--- a/docs/fonts/OpenSans-BoldItalic-webfont.woff
+++ b/docs/fonts/OpenSans-BoldItalic-webfont.woff
--- a/docs/fonts/OpenSans-Italic-webfont.eot
+++ b/docs/fonts/OpenSans-Italic-webfont.eot
--- a/docs/fonts/OpenSans-Italic-webfont.svg
+++ b/docs/fonts/OpenSans-Italic-webfont.svg
--- a/docs/fonts/OpenSans-Italic-webfont.woff
+++ b/docs/fonts/OpenSans-Italic-webfont.woff
--- a/docs/fonts/OpenSans-Light-webfont.eot
+++ b/docs/fonts/OpenSans-Light-webfont.eot
--- a/docs/fonts/OpenSans-Light-webfont.svg
+++ b/docs/fonts/OpenSans-Light-webfont.svg
--- a/docs/fonts/OpenSans-Light-webfont.woff
+++ b/docs/fonts/OpenSans-Light-webfont.woff
--- a/docs/fonts/OpenSans-LightItalic-webfont.eot
+++ b/docs/fonts/OpenSans-LightItalic-webfont.eot
--- a/docs/fonts/OpenSans-LightItalic-webfont.svg
+++ b/docs/fonts/OpenSans-LightItalic-webfont.svg
--- a/docs/fonts/OpenSans-LightItalic-webfont.woff
+++ b/docs/fonts/OpenSans-LightItalic-webfont.woff
--- a/docs/fonts/OpenSans-Regular-webfont.eot
+++ b/docs/fonts/OpenSans-Regular-webfont.eot
--- a/docs/fonts/OpenSans-Regular-webfont.svg
+++ b/docs/fonts/OpenSans-Regular-webfont.svg
--- a/docs/fonts/OpenSans-Regular-webfont.woff
+++ b/docs/fonts/OpenSans-Regular-webfont.woff
--- a/docs/global.html
+++ b/docs/global.html
--- a/docs/index.html
+++ b/docs/index.html
--- a/docs/module-config.html
+++ b/docs/module-config.html
--- a/docs/module-crypto.html
+++ b/docs/module-crypto.html
--- a/docs/module-crypto_aes_kw.html
+++ b/docs/module-crypto_aes_kw.html
--- a/docs/module-crypto_cipherMode.html
+++ b/docs/module-crypto_cipherMode.html
--- a/docs/module-crypto_cmac.html
+++ b/docs/module-crypto_cmac.html
--- a/docs/module-crypto_crypto.html
+++ b/docs/module-crypto_crypto.html
--- a/docs/module-crypto_hash.html
+++ b/docs/module-crypto_hash.html
--- a/docs/module-crypto_hkdf.html
+++ b/docs/module-crypto_hkdf.html
--- a/docs/module-crypto_mode_cfb.html
+++ b/docs/module-crypto_mode_cfb.html
--- a/docs/module-crypto_mode_eax.html
+++ b/docs/module-crypto_mode_eax.html
--- a/docs/module-crypto_mode_gcm.html
+++ b/docs/module-crypto_mode_gcm.html
--- a/docs/module-crypto_mode_ocb.html
+++ b/docs/module-crypto_mode_ocb.html
--- a/docs/module-crypto_pkcs1.html
+++ b/docs/module-crypto_pkcs1.html
--- a/docs/module-crypto_public_key.html
+++ b/docs/module-crypto_public_key.html
--- a/docs/module-crypto_public_key_dsa.html
+++ b/docs/module-crypto_public_key_dsa.html
--- a/docs/module-crypto_public_key_elgamal.html
+++ b/docs/module-crypto_public_key_elgamal.html
--- a/docs/module-crypto_public_key_elliptic.html
+++ b/docs/module-crypto_public_key_elliptic.html
--- a/docs/module-crypto_public_key_elliptic_curve.html
+++ b/docs/module-crypto_public_key_elliptic_curve.html
--- a/docs/module-crypto_public_key_elliptic_ecdh.html
+++ b/docs/module-crypto_public_key_elliptic_ecdh.html
--- a/docs/module-crypto_public_key_elliptic_ecdsa.html
+++ b/docs/module-crypto_public_key_elliptic_ecdsa.html
--- a/docs/module-crypto_public_key_elliptic_eddsa.html
+++ b/docs/module-crypto_public_key_elliptic_eddsa.html
--- a/docs/module-crypto_public_key_elliptic_eddsa_legacy.html
+++ b/docs/module-crypto_public_key_elliptic_eddsa_legacy.html
--- a/docs/module-crypto_public_key_rsa.html
+++ b/docs/module-crypto_public_key_rsa.html
--- a/docs/module-crypto_random.html
+++ b/docs/module-crypto_random.html
--- a/docs/module-crypto_signature.html
+++ b/docs/module-crypto_signature.html
--- a/docs/module-encoding_base64.html
+++ b/docs/module-encoding_base64.html
--- a/docs/module-enums.html
+++ b/docs/module-enums.html
--- a/docs/module-key_Subkey-Subkey.html
+++ b/docs/module-key_Subkey-Subkey.html
--- a/docs/module-key_Subkey.html
+++ b/docs/module-key_Subkey.html
--- a/docs/module-key_User-User.html
+++ b/docs/module-key_User-User.html
--- a/docs/module-key_User.html
+++ b/docs/module-key_User.html
--- a/docs/module-key_helper.html
+++ b/docs/module-key_helper.html
--- a/docs/module-packet_packet.html
+++ b/docs/module-packet_packet.html
--- a/docs/module-type_ecdh_symkey.html
+++ b/docs/module-type_ecdh_symkey.html
--- a/Show More
+++ b/Show More