Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merge upstream #5

Merged
merged 2 commits into from
Nov 19, 2021
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
58 changes: 29 additions & 29 deletions CHANGES.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,88 +6,88 @@

## 1.3.6

- Remove leading newline from signing string (#2)
- Add colon after (request-target) in docs (joyent#120)
* Remove leading newline from signing string (#2)
* Add colon after (request-target) in docs (joyent#120)

## 1.3.5

- Add keyPassphrase option to signer (#115)
- Add support for created and expires values (#110)
* Add keyPassphrase option to signer (#115)
* Add support for created and expires values (#110)

## 1.3.4

- Fix breakage in v1.3.3 with the setting of the "algorithm" field in the
* Fix breakage in v1.3.3 with the setting of the "algorithm" field in the
Authorization header (#102)

## 1.3.3

**Bad release. Use 1.3.4.**

- Add support for an opaque param in the Authorization header (#101)
- Add support for adding the keyId and algorithm params into the signing string (#100)
* Add support for an opaque param in the Authorization header (#101)
* Add support for adding the keyId and algorithm params into the signing string (#100)

## 1.3.2

- Allow Buffers to be used for verifyHMAC (#98)
* Allow Buffers to be used for verifyHMAC (#98)

## 1.3.1

- Fix node 0.10 usage (#90)
* Fix node 0.10 usage (#90)

## 1.3.0

**Known issue:** This release broken http-signature with node 0.10.

- Bump dependency `sshpk`
- Add `Signature` header support (#83)
* Bump dependency `sshpk`
* Add `Signature` header support (#83)

## 1.2.0

- Bump dependency `assert-plus`
- Add ability to pass a custom header name
- Replaced dependency `node-uuid` with `uuid`
* Bump dependency `assert-plus`
* Add ability to pass a custom header name
* Replaced dependency `node-uuid` with `uuid`

## 1.1.1

- Version of dependency `assert-plus` updated: old version was missing
* Version of dependency `assert-plus` updated: old version was missing
some license information
- Corrected examples in `http_signing.md`, added auto-tests to
* Corrected examples in `http_signing.md`, added auto-tests to
automatically validate these examples

## 1.1.0

- Bump version of `sshpk` dependency, remove peerDependency on it since
* Bump version of `sshpk` dependency, remove peerDependency on it since
it now supports exchanging objects between multiple versions of itself
where possible

## 1.0.2

- Bump min version of `jsprim` dependency, to include fixes for using
* Bump min version of `jsprim` dependency, to include fixes for using
http-signature with `browserify`

## 1.0.1

- Bump minimum version of `sshpk` dependency, to include fixes for
* Bump minimum version of `sshpk` dependency, to include fixes for
whitespace tolerance in key parsing.

## 1.0.0

- First semver release.
- #36: Ensure verifySignature does not leak useful timing information
- #42: Bring the library up to the latest version of the spec (including the
* First semver release.
* #36: Ensure verifySignature does not leak useful timing information
* #42: Bring the library up to the latest version of the spec (including the
request-target changes)
- Support for ECDSA keys and signatures.
- Now uses `sshpk` for key parsing, validation and conversion.
- Fixes for #21, #47, #39 and compatibility with node 0.8
* Support for ECDSA keys and signatures.
* Now uses `sshpk` for key parsing, validation and conversion.
* Fixes for #21, #47, #39 and compatibility with node 0.8

## 0.11.0

- Split up HMAC and Signature verification to avoid vulnerabilities where a
* Split up HMAC and Signature verification to avoid vulnerabilities where a
key intended for use with one can be validated against the other method
instead.

## 0.10.2

- Updated versions of most dependencies.
- Utility functions exported for PEM => SSH-RSA conversion.
- Improvements to tests and examples.
* Updated versions of most dependencies.
* Utility functions exported for PEM => SSH-RSA conversion.
* Improvements to tests and examples.
4 changes: 2 additions & 2 deletions Jenkinsfile
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
@Library('jenkins-joylib@v1.0.2') _
@Library('jenkins-joylib@v1.0.8') _

pipeline {

Expand Down Expand Up @@ -80,7 +80,7 @@ pipeline {

post {
always {
joyMattermostNotification()
joySlackNotifications()
}
}
}
16 changes: 8 additions & 8 deletions package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@
},
"dependencies": {
"assert-plus": "^1.0.0",
"jsprim": "^1.2.2",
"jsprim": "^2.0.2",
"sshpk": "^1.14.1"
},
"devDependencies": {
Expand Down