Skip to content

Latest commit

 

History

History
412 lines (222 loc) · 23.1 KB

CHANGELOG.md

File metadata and controls

412 lines (222 loc) · 23.1 KB

Release Notes

2.0.1 (2021-11-15)

The changes in this release are only dependency updates.

Update

  • update dependencies using minor releases for buffer, and lodash
  • updated devDependencies using minor releases for bowser, browserify-istanbul, chai, gulp-eslint, gulp-istanbul, gulp-rename, json-loader, karma, karma-chrome-launcher, karma-coverage, karma-firefox-launcher, karma-mocha-reporter, karma-safari-applescript-launcher, karma-sauce-launcher, karma-sourcemap-loader, mocha, run-sequence, webpack-stream, and yargs
  • updated devDependencies use major release for webpack, and karma-webpack

2.0.0 (2020-09-20)

While all of the changes in this release are only dependency updates and otherwise patch-level changes, it does break compatibility with versions of node.js older than version 10.

Update

  • switch to karma-safari-applescript-launcher for improved local Safari testing (a0db723)
  • update dependencies for karma, karma-mocha, mocha, webpack-stream, and yargs (96ee8ff)
  • update node-forge to latest (shahar-h)(277aab5)
  • cherry-pick lodash modules to effect smaller footprint (tychenjianjun)(003ef1c)
  • replace browserify-zlib with pako (taymoork2)(85610d6)

1.1.4 (2020-03-26)

Bug Fixes

  • fixed issues when used in react-native (8126622)
  • fixed incorrect usage of node-forge buffers (7e46c1f) (4014f5c)
  • updated dependencies.

Style

  • avoid using var shorthands for UglifyJS's sake (44edb0a)

1.1.3 (2019-03-18)

  • fail to verify PS signatures with incorrect padding in node (93399b6)

1.1.2 (2019-02-28)

  • replaced outdated vulnerable lodash dependencies (b9c4f0e)

1.1.1 (2019-02-01)

1.1.0 (2018-11-05)

Bug Fixes

  • remove setImmediate/nextTick hack (fixes #203) (4e24931)
  • correct jws verify input validation check (fixes #210) (be66519)
  • [node] use native crypto for RS signing (fixes #202) (59636c3)

Features

  • [node] use native crypto for AES-KW Key-Wrapping (f18011f)
  • [node] use native crypto for RSA-OAEP and RSA1_5 encryption (bba0a13)
  • [node] use native crypto for RSA1_5 decryption (2a9e48a)
  • [node] use native crypto for RSA-PSS (8a05f35)
  • [node] use native crypto for ECDSA (aa5a48d)

1.0.0 (2018-05-30)

Update

Fix

Build

Package

0.11.1 (2018-05-15)

NOTE: This is a security patch, replacing base64url with b64u to address a vulnerability in the previous dependency.

Chore

0.11.0 (2017-11-30)

NOTICE This release includes a potentially breaking change. The default of jose.JWS.Verifier.verify() before 0.11.0 was to successfully verify if an embedded key was present and verification succeeds. Now the default is to instead fail verification. Applications that rely on embedded keys for JWS verification now must provide an opts Object to either jose.JWS.createVerify() or jose.JWS.Verifier.verify(), with the member allowEmbeddedKeys set to true.

Update

Doc

0.10.0 (2017-09-29)

Update

Fix

Build

0.9.5 (2017-08-07)

Update

Fix

Doc

Build

0.9.4 (2017-04-13)

Update

Doc

Build

0.9.3 (2017-02-20)

Update

Fix

Doc

Build

0.9.2 (2016-12-29)

Build

Fix

0.9.1 (2016-08-23)

Build

0.9.0 (2016-07-17)

Update

Fix

0.8.1 (2016-07-13)

Fix

Build

0.8.0 (2016-04-18)

Update

Fix

Build

0.7.1 (2016-02-09)

Fix

0.7.0 (2016-01-14)

Update

0.6.0 (2015-12-12)

Update

0.5.2 (2015-11-30)

Fix

Doc

Build

0.5.1 (2015-11-19)

Fix

Build

0.5.0 (2015-10-31)

Update

Fix

0.4.0 (2015-10-12)

Breaking

Update

0.3.1 (2015-10-06)

Fix

Update

Doc

Build

[0.3.0] (2015-09-11)

Initial public release.