Skip to content

Latest commit

Β 

History

History
602 lines (344 loc) Β· 18.4 KB

CHANGELOG.md

File metadata and controls

602 lines (344 loc) Β· 18.4 KB
Raw

Changelog

v3.0.0 (2021-05-14)

πŸ’£ Major Changes:

  • Node saml separation #574
  • Remove support for deprecated privateCert #569
  • Enforce more secure XML encryption #584
  • Add Node 16 support; drop Node 10 #589
  • Update all dependencies to latest #590
  • Require cert for every strategy #548

πŸš€ Minor Changes:

  • Update xml-crypto to v2.1.1 #558
  • Allow for authnRequestBinding in SAML options #529
  • Add optional setting to set a ceiling on how old a SAML response is allowed to be #577
  • Move XML functions to utility module #571
  • Improve the typing of the Strategy class hierarchy. #554
  • Resolve XML-encoded carriage returns during signature validation #576
  • Make sure CI builds test latest versions of dependencies #570
  • Add WantAssertionsSigned #536

πŸ”— Dependencies:

  • bump xmldom to 0.5.x since all lower versions have security issue #551
  • Update xml-encryption to v1.2.3 #560
  • Update xml-encryption to v1.2.3 #567
  • Update all packages to latest semver-minor #588

πŸ› Bug Fixes:

  • Fix incorrect import of compiled files in tests #572

πŸ“š Documentation:

  • Remove deprecated field privateCert from README, tests #591
  • Add support for more tags in the changelog #592
  • Update readme on using multiSamlStrategy #531
  • Create of Code of Conduct #573
  • Changelog #587

βš™οΈ Technical Tasks:

  • remove old callback functions, tests use async/await #545
  • async/await for saml.ts #496
  • Format code and enforce code style on PR #527
  • Tests use typescript #534
  • async / await in cache interface #532
  • Fix lint npm script to match all files including in src/ #555

πŸ™ˆ Other:

  • Revert "Update xml-encryption to v1.2.3" #564

v2.2.0 (2021-04-23)

πŸš€ Minor Changes:

  • Add deprecation notices for renamed variables #568

πŸ› Bug Fixes:

  • Resolve XML-encoded carriage returns during signature validation (2.x) #578

v2.1.0 (2021-03-19)

πŸš€ Minor Changes:

  • Update xml-crypto to v2.1.1 #557

πŸ”— Dependencies:

  • Update xml-encryption to v1.2.3 #562

πŸ™ˆ Other:

  • Revert "Update xml-encryption to v1.2.3" #565
  • Update xml-encryption to v1.2.3 (branch 2.x) #566

v2.0.6 (2021-03-15)

πŸ”— Dependencies:

  • bump xmldom to 0.5.x since all lower versions have security issue (#551) #553

v2.0.5 (2021-01-29)

βš™οΈ Technical Tasks:

  • Ignore test folder when building npm package #526

v2.0.4 (2021-01-19)

βš™οΈ Technical Tasks:

  • Generating changelog using gren #518

v2.0.3 (2020-12-21)

πŸš€ Minor Changes:

  • dev: add @types/xml-encryption #517

πŸ”— Dependencies:

  • upgrade deps to latest versions #514
  • Bump ini from 1.3.5 to 1.3.8 #513

πŸ› Bug Fixes:

  • support windows line breaks in keys #500
  • add ts-ignore to generated type definitions for multisaml strategy #508
  • fix: derive SamlConfig from SAMLOptions #515
  • Reexport SamlConfig type to solve a regression in consumer packages #516
  • fix(typing): multi saml stratey export #503
  • normalize signature line endings before loading signature block to xml-crypto #512

πŸ“š Documentation:

  • docs(scoping): fix for example #504
  • minor - fix typo in README #506

πŸ™ˆ Other:

  • fix(typing): Export Multi SAML types #505
  • Prettier + ESLint + onchange = Happiness #493

v2.0.2 (2020-11-05)

πŸ› Bug Fixes:

  • normalize line endings before signature validation #498

v2.0.1 (2020-11-03)

πŸ™ˆ Other:

  • Add deprecation notice for privateCert; fix bug #492

v2.0.0 (2020-11-03)

πŸ’£ Major Changes:

  • Always throw error objects instead of strings #412

πŸš€ Minor Changes:

  • Allow for use of privateKey instead of privateCert #488
  • feat(authorize-request): idp scoping provider #428

πŸ› Bug Fixes:

  • update version of xml2js to 0.4.23, fixes #479 #486

πŸ™ˆ Other:

  • inlineSources option for better source maps #487
  • fix: disable esmoduleInterop setting #483

v1.5.0 (2020-10-29)

πŸš€ Minor Changes:

  • validateSignature: Support XML docs that contain multiple signed nodes #455

βš™οΈ Technical Tasks:

  • outdated Q library was removed #478

πŸ™ˆ Other:

  • validateSignature: Support XML docs that contain multiple signed node… #481
  • Revert "validateSignature: Support XML docs that contain multiple signed nodes" #480

v1.4.2 (2020-10-29)

βš™οΈ Technical Tasks:

  • Primary files use typescript #477

v1.4.1 (2020-10-29)

πŸ™ˆ Other:

  • compatibility with @types/passport-saml, fixes #475 #476

v1.4.0 (2020-10-28)

πŸ› Bug Fixes:

  • Only make an attribute an object if it has child elements #464

βš™οΈ Technical Tasks:

  • support typescript compilation #469

πŸ™ˆ Other:

  • try to use curl when wget is not available #468
  • Ts secondary files #474
  • bumped xml-crypto from 1.5.3 to 2.0.0 #470
  • Add PR template #473
  • Drop support for Node 8 #462
  • Fix typo #434
  • Upgrade xml-crypto dependancy #465
  • Add GitHub Actions as Continuos Integration provider #463
  • fix: add catch block to NameID decryption #461

v1.3.5 (2020-09-16)

πŸ”— Dependencies:

  • Bump lodash from 4.17.15 to 4.17.20 #449
  • Bump acorn from 7.1.0 to 7.4.0 #448

πŸ™ˆ Other:

  • Return object for XML-valued AttributeValues #447
  • Revert "doc: announce site move." #446

v1.3.4 (2020-07-21)

πŸ™ˆ Other:

  • Fix multi saml strategy race conditions #426

v1.3.3 (2020-02-19)

πŸ™ˆ Other:

  • Singleline private keys #423

v1.3.2 (2020-02-12)

πŸ™ˆ Other:

  • Revert "convert privateCert to PEM for signing" #421

v1.3.1 (2020-02-11)

πŸ™ˆ Other:

  • Upgrade xml-encryption to 1.0.0 #420

v1.3.0 (2020-01-28)

πŸš€ Minor Changes:

  • add support for encrypted nameIDs in SLO request handling #408
  • Issue #206: Support signing AuthnRequests using the HTTP-POST Binding #207
  • convert privateCert to PEM for signing #390

πŸ™ˆ Other:

  • Add tests to check for correct logout #418
  • added passReqToCallback to docs #417
  • Fix an issue readme formatting #416
  • attributeConsumingServiceIndex can be zero #414
  • fix #393 adding 'inResponseTo' in the profile #404
  • Fix #355 missing parts: tests. #402
  • Fix minimum version of Node.js in Travis #399
  • Add .editorconfig as suggested in #373 #398
  • Bring-up xml-crypto to 1.4.0 #400

v1.2.0 (2019-07-26)

πŸ™ˆ Other:

  • Remove InResponseTo value if response validation fails #341
  • NameIDFormat fix #375

v1.1.0 (2019-05-10)

πŸš€ Minor Changes:

  • feat: add RequestedAuthnContext Comparison Type parameter #360
  • Add option to disable SAML spec AuthnRequest optional value Assertion… #315

πŸ™ˆ Other:

  • Fix broken tests #367
  • Update README.md #363
  • Set explicitChar: true to make XML parsing consistent. Fixes issue #283 and #187 #361
  • update xml crypto to 1.1.4 #352
  • Upgrade xml-crypto to 1.1.2 #344
  • Add SamlResponseXML method to profile object #330
  • Fix Node Buffer deprecation warning: update 'new Buffer' to 'Buffer.from()' #342
  • Fix #128 documentation for body-parser dependancy #326
  • Update Node version in package.json to >=6 #340
  • Fix for failing test #347
  • Support InResponseTo validations in MultiSaml #350
  • InResponseTo support for logout #356
  • Create a way to get provider metadata when using the MultiSamlStrategy #323

v1.0.0 (2018-12-02)

πŸ’£ Major Changes:

  • Adds signing key in the metadata service provider generation. #306

πŸš€ Minor Changes:

  • Support dynamic SAML configuration lookup #276
  • Support redirect for Logout flows #277

πŸ™ˆ Other:

  • Include support for run-time params to be included in the generated URLs #136
  • support multiple authnContext #298
  • Handle case of missing InResponseTo when validation is on #302
  • Extend and document the profile object #301
  • Update xml-crypto to 1.0.2 #321
  • Validate issuer on logout requests/responses if configured #314
  • feat(logout): handle null and undefined on nameQualifier #311
  • entryPoint is compulsory for signed requests #299

v0.35.0 (2018-08-14)

No changelog for this release.

v0.34.0 (2018-08-14)

No changelog for this release.

v0.33.0 (2018-02-16)

πŸ™ˆ Other:

  • New Feature: allow customizing the name of the strategy. #262

v0.32.1 (2018-01-03)

πŸ™ˆ Other:

  • Audience validation #253
  • README: fix typo s/ADSF/ADFS/ #251

v0.31.0 (2017-11-01)

πŸš€ Minor Changes:

  • Support multiple and dynamic signing certificates #218

πŸ™ˆ Other:

  • Upd: Mention ADFS 2016 with NameIDFormatError. #242

v0.30.0 (2017-10-12)

πŸ› Bug Fixes:

  • [security] Use crypto.randomBytes for ID generation #235
  • Fix: "TypeError: Cannot read property 'documentElement' of null" #239

v0.20.2 (2017-10-10)

No changelog for this release.

v0.20.1 (2017-10-10)

πŸ™ˆ Other:

  • handle bad privateCert #231
  • Add support for ProviderName attribute #216

v0.20.0 (2017-10-09)

πŸ™ˆ Other:

  • Add badges to readme #202
  • Update README to clarify that saml.cert requires a PEM-encoded x509 c… #133

v0.16.2 (2017-10-05)

No changelog for this release.

v0.16.1 (2017-10-05)

No changelog for this release.

v0.16.0 (2017-04-01)

πŸ™ˆ Other:

  • Remove unused ejs package from devDeps #195
  • Fixes #170: Clarify that the certificate are looking for is: #171
  • Add the ability to sign with SHA-512 #173
  • Support detached encrypted key #166

v0.15.0 (2015-12-30)

No changelog for this release.

v0.14.0 (2015-11-02)

No changelog for this release.

v0.13.0 (2015-10-09)

No changelog for this release.

v0.12.0 (2015-08-19)

No changelog for this release.

v0.11.1 (2015-08-18)

No changelog for this release.

v0.11.0 (2015-08-10)

No changelog for this release.

v0.10.0 (2015-06-08)

No changelog for this release.

v0.9.2 (2015-04-26)

No changelog for this release.

v0.9.1 (2015-02-18)

No changelog for this release.

v0.9.0 (2015-02-05)

No changelog for this release.

v0.8.0 (2015-01-23)

No changelog for this release.

v0.7.0 (2015-01-13)

No changelog for this release.

v0.6.2 (2015-01-06)

No changelog for this release.

v0.6.1 (2014-12-18)

No changelog for this release.

v0.6.0 (2014-11-14)

No changelog for this release.

v0.5.3 (2014-09-11)

No changelog for this release.

v0.5.2 (2014-07-02)

No changelog for this release.

v0.5.1 (2014-07-02)

No changelog for this release.

v0.5.0 (2014-07-01)

No changelog for this release.

v0.4.0 (2014-06-20)

No changelog for this release.

v0.3.0 (2014-06-09)

No changelog for this release.

v0.2.1 (2014-06-05)

No changelog for this release.

v0.2.0 (2014-06-02)

No changelog for this release.

v0.1.0 (2014-05-31)

No changelog for this release.