JWT v2.3.0 Release Notes
Release Date: 2021-10-03 // over 2 years ago-
๐ Full Changelog
Closed issues:
- ๐ [SECURITY] Algorithm Confusion Through kid Header #440
- ๐ JWT to memory #436
- ๐ ArgumentError: wrong number of arguments (given 2, expected 1) #429
- ๐ HMAC section of README outdated #421
- ๐ NoMethodError: undefined method `zero?' for nil:NilClass if JWT has no 'alg' field #410
- ๐ Release new version #409
- ๐ NameError: uninitialized constant JWT::JWK #403
๐ Merged pull requests:
- ๐ Release 2.3.0 #448 (excpt)
- ๐ Fix Style/MultilineIfModifier issues #447 (anakinj)
- ๐ feat(EdDSA): Accept EdDSA as algorithm header #446 (Pierre-Michard)
- ๐ Pass kid param through JWT::JWK.create_from #445 (shaun-guth-allscripts)
- ๐ fix document about passing JWKs as a simple Hash #443 (takayamaki)
- โ Tests for mixing JWK keys with mismatching algorithms #441 (anakinj)
- โ verify_claims test shouldnt be within the verify_sub test #431 (andyjdavis)
- ๐ Allow decode options to specify required claims #430 (andyjdavis)
- ๐ Fix OpenSSL::PKey::EC public_key handing in tests #427 (anakinj)
- โ Add documentation for find_key #426 (ritikesh)
- ๐ Give ruby 3.0 as a string to avoid number formatting issues #424 (anakinj)
- โ Tests for iat verification behaviour #423 (anakinj)
- โ Remove HMAC with nil secret from documentation #422 (boardfish)
- โก๏ธ Update broken link in README #420 (severin)
- โ Add metadata for RubyGems #418 (nickhammond)
- ๐ Fixed a typo about class name #417 (mai-f)
- ๐ Fix references for v2.2.3 on CHANGELOG #416 (vyper)
- ๐ Raise IncorrectAlgorithm if token has no alg header #411 (bouk)