All Versions
33
Latest Version
Avg Release Cycle
132 days
Latest Release
166 days ago

Changelog History
Page 2

  • v2.0.0.beta1 Changes

    February 27, 2017

    ๐Ÿ”„ Changelog

    ๐Ÿ’Ž v2.0.0.beta1 (2017-02-27)

    ๐Ÿ’Ž Full Changelog

    Implemented enhancements:

    ๐Ÿ›  Fixed bugs:

    • ruby-jwt::raw_to_asn1: Fails for signatures less than byte_size #155
    • ๐Ÿ’Ž The leeway parameter is applies to all time based verifications #129
    • โž• Add options for claim-specific leeway #187 (EmilioCristalli)
    • ๐Ÿ’Ž Make algorithm option required to verify signature #184 (EmilioCristalli)
    • ๐Ÿ›ฐ Validate audience when payload is a scalar and options is an array #183 (steti)

    Closed issues:

    • ๐Ÿ’Ž Different encoded value between servers with same password #197
    • ๐Ÿ’Ž Signature is different at each run #190
    • ๐Ÿ’Ž Include custom headers with password #189
    • ๐Ÿ’Ž can't create token - 'NotImplementedError: Unsupported signing method' #186
    • ๐Ÿ’Ž Why jwt depends on json < 2.0 ? #179
    • ๐Ÿ’Ž Cannot verify JWT at all?? #177
    • ๐Ÿ‘Œ verify_iss: true is raising JWT::DecodeError instead of JWT::InvalidIssuerError #170

    ๐Ÿ”€ Merged pull requests:

    • ๐Ÿ”– Version bump 2.0.0.beta1 #199 (excpt)
    • โšก๏ธ Update CHANGELOG.md and minor fixes #198 (excpt)
    • โž• Add Codacy coverage reporter #194 (excpt)
    • โž• Add minimum required ruby version to gemspec #193 (excpt)
    • ๐Ÿ’Ž Code smell fixes #192 (excpt)
    • ๐Ÿ”– Version bump to 2.0.0.dev #191 (excpt)
    • ๐Ÿ”จ Basic encode module refactoring #121 #182 (xamenrax)
    • ๐Ÿ›  Fix travis ci build configuration #181 (excpt)
    • ๐Ÿ›  Fix travis ci build configuration #180 (excpt)
    • ๐Ÿ›  Fix typo in README #178 (tomeduarte)
    • ๐Ÿ›  Fix code style #173 (excpt)
    • ๐Ÿ›  Fixed a typo in a spec name #169 (Mingan)
  • v1.5.6 Changes

    September 19, 2016

    ๐Ÿ’Ž Full Changelog

    ๐Ÿ›  Fixed bugs:

    • ๐Ÿ›  Fix missing symbol handling in aud verify code #166 (excpt)

    ๐Ÿ”€ Merged pull requests:

    • โšก๏ธ Update changelog #168 (excpt)
    • ๐Ÿ›  Fix rubocop code smells #167 (excpt)
  • v1.5.5 Changes

    September 16, 2016

    ๐Ÿ’Ž Full Changelog

    Implemented enhancements:

    • ๐Ÿ’Ž JWT.decode always raises JWT::ExpiredSignature for tokens created with Time objects passed as the exp parameter #148

    ๐Ÿ›  Fixed bugs:

    • ๐Ÿ’Ž expiration check does not give "Signature has expired" error for the exact time of expiration #157
    • ๐Ÿ’Ž JTI claim broken? #152
    • ๐Ÿ’Ž Audience Claim broken? #151
    • ๐Ÿ’Ž 1.5.3 breaks compatibility with 1.5.2 #133
    • ๐Ÿ”– Version 1.5.3 breaks 1.9.3 compatibility, but not documented as such #132
    • ๐Ÿ›  Fix: exp claim check #161 (excpt)

    Closed issues:

    • ๐Ÿ’Ž Rendering Json Results in JWT::DecodeError #162
    • ๐Ÿ’Ž PHP Libraries #154
    • ๐Ÿ”’ [security] Signature verified after expiration/sub/iss checks #153
    • ๐Ÿ’Ž Is ruby-jwt thread-safe? #150
    • ๐Ÿ’Ž JWT 1.5.3 #143
    • ๐Ÿ’Ž gem install v 1.5.3 returns error #141
    • โž• Adding a CHANGELOG #140

    ๐Ÿ”€ Merged pull requests:

    • โฌ†๏ธ Bump version #165 (excpt)
    • ๐Ÿ‘Œ Improve error message for exp claim in payload #164 (excpt)
    • ๐Ÿ›  Fix #151 and code refactoring #163 (excpt)
    • ๐Ÿ’Ž Signature validation before claim verification #160 (excpt)
    • ๐Ÿ’Ž Create specs for README.md examples #159 (excpt)
    • ๐Ÿ’Ž Tiny Readme Improvement #156 (b264)
    • โž• Added test execution to Rakefile #147 (jabbrwcky)
    • โž• Add more bling bling to the site #146 (excpt)
    • โฌ†๏ธ Bump version #145 (excpt)
    • โž• Add first content and basic layout #144 (excpt)
    • โž• Add a changelog file #142 (excpt)
    • ๐Ÿ’Ž Return decoded_segments #139 (akostrikov)
  • v1.5.4 Changes

    March 24, 2016

    ๐Ÿ’Ž Full Changelog

    Closed issues:

    ๐Ÿ”€ Merged pull requests:

    • โšก๏ธ Update README.md #138 (excpt)
    • ๐Ÿ›  Fix base64url_decode #136 (excpt)
    • ๐Ÿ›  Fix ruby 1.9.3 compatibility #135 (excpt)
    • ๐Ÿ’Ž iat can be a float value #134 (llimllib)
  • v1.5.3 Changes

    February 24, 2016

    ๐Ÿ”„ Changelog

    • โฌ‡๏ธ Dropped ruby 1.9.3 support #131
    • ๐Ÿ“š Update README.md - improve documentation and fix typos
    • โœ‚ Removed echoe dependency
    • ๐Ÿ›  Fix hash/string key issue in options #130
    • ๐Ÿ‘ Allow a proc to be passed for JTI verification #126
    • ๐Ÿ”จ Code refactoring and code smell fixes

    Commits

    ๐Ÿ”€ 4a0b939 Merge pull request #131 from jwt/drop-ruby-1.9.3-support
    โšก๏ธ cfc8362 Update .travis.yml
    ๐Ÿ”€ 04120f6 Merge pull request #130 from tpickett66/hash-keys
    ๐Ÿ’Ž a4d0473 Bump version
    ๐Ÿ’Ž a6d1a33 Allow verification option keys to be strings or symbols
    ๐Ÿ’Ž b47ab94 Make Verify an instantiatable class
    ๐Ÿ›ฐ 6a9b5cc Adjust aud checking to use a string key against the payload
    ๐Ÿšš 7b80ec9 Move Verify specs to a separate file.
    โšก๏ธ 2c7837f update testing and install sections of readme
    ๐Ÿ”€ d4fca40 Merge pull request #126 from yahooguntu/master
    ๐Ÿ’Ž 0100ad6 Allow a proc to be passed for JTI verification
    ๐Ÿ”จ b85b30e Merge pull request #122 from excpt/refactor-json-dependency
    ๐Ÿ”€ 1499b16 Merge pull request #123 from excpt/ci-settings
    ๐Ÿšš 2d5bc86 Remove obsolete json code
    โœ… a03fbaf Add ruby 2.3.0 for travis ci testing
    โšก๏ธ 91b4220 Update README.md
    ๐Ÿ”€ 86f470b Merge pull request #118 from excpt/master
    ๐Ÿ’Ž a6672da Add fancy badges to README.md
    ๐Ÿ”€ 0a2fa6c Merge pull request #117 from excpt/master
    ๐Ÿ”€ 707376a Fix merge options bug
    ๐Ÿ’Ž f889e49 Fix some code smells
    ๐Ÿ’Ž a0815ee Fix some more code smells
    ๐Ÿ’Ž e556eb9 Fix some code smells in JWT::Verify class
    ๐Ÿ”จ 7a7ac9a Refactor decode and verify functionality
    ๐Ÿ”€ 59dd2e0 Merge pull request #116 from excpt/master
    ๐Ÿ’Ž 79cdce8 Fix code smell reported by rubocop
    ๐Ÿ’Ž 451d950 Fix code smells reported by rubocop
    โœ… 4d440dc Fix travis test command
    ๐Ÿšš 279df0e Remove echoe dependency
    ๐Ÿšš 4f45b66 Add version class, remove utf8 encoding comment
    โšก๏ธ 559a23b Update codeclimate settings
    ๐Ÿ”€ cabde34 Merge pull request #114 from FXFusion/master
    โšก๏ธ e5a94db Updated readme for iss/aud options
    ๐Ÿ”€ 6c84213 Merge pull request #113 from lwe/lwe-jti-validation-fix
    ๐Ÿ’Ž 320306b relax restrictions on "jti" claim verification
    ๐Ÿ”€ 27c7412 Merge pull request #112 from kat3kasper/fix/misspelling
    ๐Ÿ’Ž 02cbbd6 Fix error misspelling

  • v1.5.2 Changes

    October 27, 2015

    ๐Ÿ’Ž Full Changelog

    Implemented enhancements:

    • ๐Ÿ’Ž Must we specify algorithm when calling decode to avoid vulnerabilities? #107
    • ๐Ÿ”จ Code review: Rspec test refactoring #85 (excpt)

    ๐Ÿ›  Fixed bugs:

    • ๐Ÿ’Ž aud verifies if aud is passed in, :sub does not #102
    • ๐Ÿ’Ž iat check does not use leeway so nbf could pass, but iat fail #83

    Closed issues:

    • โœ… Test ticket from Code Climate #104
    • โœ… Test ticket from Code Climate #100
    • ๐Ÿ›ฐ Is it possible to decode the payload without validating the signature? #97
    • ๐Ÿ’Ž What is audience? #96
    • ๐Ÿ’Ž Options hash uses both symbols and strings as keys. #95

    ๐Ÿ”€ Merged pull requests:

    • ๐Ÿ›  Fix incorrect iat examples #109 (kjwierenga)
    • โšก๏ธ Update docs to include instructions for the algorithm parameter. #108 (aarongray)
    • ๐Ÿ’Ž make sure :sub check behaves like :aud check #103 (skippy)
    • ๐Ÿ”„ Change hash syntax #101 (excpt)
    • ๐Ÿ’Ž Include LICENSE and README.md in gem #99 (bkeepers)
    • โœ‚ Remove unused variable in the sample code. #98 (hypermkt)
    • ๐Ÿ›  Fix iat claim example #94 (larrylv)
    • ๐Ÿ›  Fix wrong description in README.md #93 (larrylv)
    • ๐Ÿ’Ž JWT and JWA are now RFC. #92 (aj-michael)
    • โšก๏ธ Update README.md #91 (nsarno)
    • ๐Ÿ›  Fix missing verify parameter in docs #90 (ernie)
    • ๐Ÿ’Ž Iat check uses leeway. #89 (aj-michael)
    • ๐Ÿ’Ž nbf check allows exact time matches. #88 (aj-michael)
  • v1.5.1 Changes

    June 22, 2015

    ๐Ÿ’Ž Full Changelog

    Implemented enhancements:

    • ๐Ÿ›  Fix either README or source code #78
    • ๐Ÿ’Ž Validate against draft 20 #38

    ๐Ÿ›  Fixed bugs:

    • ๐Ÿ’Ž ECDSA signature verification fails for valid tokens #84
    • ๐Ÿ’Ž Shouldn't verification of additional claims, like iss, aud etc. be enforced when in options? #81
    • ๐Ÿ›  Fix either README or source code #78
    • ๐Ÿ’Ž decode fails with 'none' algorithm and verify #75

    Closed issues:

    • ๐Ÿ’Ž Doc mismatch: uninitialized constant JWT::ExpiredSignature #79
    • ๐Ÿ’Ž TypeError when specifying a wrong algorithm #77
    • ๐Ÿ’Ž jti verification doesn't prevent replays #73

    ๐Ÿ”€ Merged pull requests:

    • ๐Ÿ’Ž Correctly sign ECDSA JWTs #87 (jurriaan)
    • ๐Ÿ›  fixed results of decoded tokens in readme #86 (piscolomo)
    • ๐Ÿ’Ž Force verification of "iss" and "aud" claims #82 (lwe)
  • v1.5.0 Changes

    May 09, 2015

    ๐Ÿ’Ž Full Changelog

    Implemented enhancements:

    • ๐Ÿ’Ž Needs to support asymmetric key signatures over shared secrets #46
    • ๐Ÿ’Ž Implement Elliptic Curve Crypto Signatures #74 (jtdowney)
    • โž• Add an option to verify the signature on decode #71 (javawizard)

    Closed issues:

    • ๐Ÿ’Ž Check JWT vulnerability #76

    ๐Ÿ”€ Merged pull requests:

    • ๐Ÿ›  Fixed some examples to make them copy-pastable #72 (jer)
  • v1.4.1 Changes

    March 12, 2015

    ๐Ÿ’Ž Full Changelog

    ๐Ÿ›  Fixed bugs:

    • ๐Ÿ’Ž jti verification not working per the spec #68
    • ๐Ÿ‘Œ Verify ISS should be off by default #66

    ๐Ÿ”€ Merged pull requests:

    • ๐Ÿ›  Fix #66 #68 #69 (excpt)
    • ๐Ÿ’Ž When throwing errors, mention expected/received values #65 (rolodato)
    • โž• Add 'iss' support for ruby-jwt #61 (ZhangHanDong)
  • v1.4.0 Changes

    March 10, 2015

    ๐Ÿ’Ž Full Changelog

    Closed issues:

    • ๐Ÿ’Ž The behavior using 'json' differs from 'multi_json' #41

    ๐Ÿ”€ Merged pull requests:

    • ๐Ÿš€ Release 1.4.0 #64 (excpt)
    • โšก๏ธ Update README.md and remove dead code #63 (excpt)
    • โž• Add 'iat/ aud/ sub/ jti' support for ruby-jwt #62 (ZhangHanDong)
    • โž• Add 'iss' support for ruby-jwt #61 (ZhangHanDong)
    • ๐Ÿ’Ž Clarify .encode API in README #60 (jbodah)