fix(web): bind credential toJSON receiver

[reslear]

Fixes an Illegal invocation error in the web WebAuthn serializer.

Some browsers require native credential methods to be called with the original PublicKeyCredential receiver. Calling toJSON as a detached function can fail:

const toJSON = credential.toJSON;
const json = toJSON();

This keeps the existing native toJSON path but binds the receiver correctly:

const json = toJSON.call(credential);

verified in chrome

Summary by CodeRabbit

• Bug Fixes
  • Improved credential serialization to ensure proper method context binding when converting credentials to JSON format.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 821a7f2b-02fe-490c-b64b-9c7f88038857

📥 Commits

Reviewing files that changed from the base of the PR and between 5114ecd and 4619297.

📒 Files selected for processing (1)

• src/webauthn.ts

---

📝 Walkthrough

Walkthrough

This PR updates how the credentialWithToJSON function invokes the credential's toJSON method. The change switches from default invocation to explicit this binding using .call(), ensuring the method executes within the credential's context.

Changes

WebAuthn Credential Serialization

Layer / File(s)	Summary
toJSON explicit context binding src/webauthn.ts	The credentialWithToJSON function now calls toJSON.call(credential) instead of toJSON(), explicitly binding the credential object as the this context for the serialization method.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐰 A context binds true, with .call() we're clear,
The credential knows itself when serialization's near,
One line, one fix, the this is now right,
toJSON flows smoothly through passkey's light. ✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: fixing the toJSON method invocation by properly binding the credential as the receiver.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 ESLint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

src/webauthn.ts

Oops! Something went wrong! :(

ESLint: 8.57.1

ESLint couldn't find the plugin "@typescript-eslint/eslint-plugin".

(The package "@typescript-eslint/eslint-plugin" was not found when loaded as a Node module from the directory "".)

It's likely that the plugin isn't installed correctly. Try reinstalling by running the following:

npm install `@typescript-eslint/eslint-plugin`@latest --save-dev

The plugin "@typescript-eslint/eslint-plugin" was referenced from the config file in "package.json » @ionic/eslint-config/recommended » ./index".

If you still can't figure out the problem, please stop by https://eslint.org/chat/help to chat with the team.

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

• Generate code and open pull requests
• Plan features and break down work
• Investigate incidents and troubleshoot customer tickets together
• Automate recurring tasks and respond to alerts with triggers
• Summarize progress and report instantly

Built for teams:

• Shared memory across your entire org—no repeating context
• Per-thread sandboxes to safely plan and execute work
• Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

Beta npm build

This PR comes from a fork, so beta publish is disabled for security.

If you need a beta package, move the branch into this repository first.

[reslear]

cc @riderx