JWT v2.3.0 Release Notes

Release Date: 2021-10-03 // over 2 years ago
  • ๐Ÿ’Ž Full Changelog

    Closed issues:

    • ๐Ÿ”’ [SECURITY] Algorithm Confusion Through kid Header #440
    • ๐Ÿ’Ž JWT to memory #436
    • ๐Ÿ’Ž ArgumentError: wrong number of arguments (given 2, expected 1) #429
    • ๐Ÿ’Ž HMAC section of README outdated #421
    • ๐Ÿ’Ž NoMethodError: undefined method `zero?' for nil:NilClass if JWT has no 'alg' field #410
    • ๐Ÿš€ Release new version #409
    • ๐Ÿ’Ž NameError: uninitialized constant JWT::JWK #403

    ๐Ÿ”€ Merged pull requests:

    • ๐Ÿš€ Release 2.3.0 #448 (excpt)
    • ๐Ÿ›  Fix Style/MultilineIfModifier issues #447 (anakinj)
    • ๐Ÿ’Ž feat(EdDSA): Accept EdDSA as algorithm header #446 (Pierre-Michard)
    • ๐Ÿ’Ž Pass kid param through JWT::JWK.create_from #445 (shaun-guth-allscripts)
    • ๐Ÿ›  fix document about passing JWKs as a simple Hash #443 (takayamaki)
    • โœ… Tests for mixing JWK keys with mismatching algorithms #441 (anakinj)
    • โœ… verify_claims test shouldnt be within the verify_sub test #431 (andyjdavis)
    • ๐Ÿ‘ Allow decode options to specify required claims #430 (andyjdavis)
    • ๐Ÿ›  Fix OpenSSL::PKey::EC public_key handing in tests #427 (anakinj)
    • โž• Add documentation for find_key #426 (ritikesh)
    • ๐Ÿ’Ž Give ruby 3.0 as a string to avoid number formatting issues #424 (anakinj)
    • โœ… Tests for iat verification behaviour #423 (anakinj)
    • โœ‚ Remove HMAC with nil secret from documentation #422 (boardfish)
    • โšก๏ธ Update broken link in README #420 (severin)
    • โž• Add metadata for RubyGems #418 (nickhammond)
    • ๐Ÿ›  Fixed a typo about class name #417 (mai-f)
    • ๐Ÿ›  Fix references for v2.2.3 on CHANGELOG #416 (vyper)
    • ๐Ÿ’Ž Raise IncorrectAlgorithm if token has no alg header #411 (bouk)