Changelog History
Page 2
-
v2.0.0.beta1 Changes
February 27, 2017🔄 Changelog
💎 v2.0.0.beta1 (2017-02-27)
Implemented enhancements:
- 💎 Error with method sign for String #171
- 🔨 Refactor the encondig code #121
- 🔨 Refactor #196 (EmilioCristalli)
- 🚚 Move signature logic to its own module #195 (EmilioCristalli)
- ➕ Add options for claim-specific leeway #187 (EmilioCristalli)
- ➕ Add user friendly encode error if private key is a String, #171 #176 (xamenrax)
- 💎 Return empty string if signature less than byte_size #155 #175 (xamenrax)
- ✂ Remove 'typ' optional parameter #174 (xamenrax)
- 🛰 Pass payload to keyfinder #172 (CodeMonkeySteve)
- 💎 Use RbNaCl for HMAC if available with fallback to OpenSSL #149 (mwpastore)
🛠 Fixed bugs:
- ruby-jwt::raw_to_asn1: Fails for signatures less than byte_size #155
- 💎 The leeway parameter is applies to all time based verifications #129
- ➕ Add options for claim-specific leeway #187 (EmilioCristalli)
- 💎 Make algorithm option required to verify signature #184 (EmilioCristalli)
- 🛰 Validate audience when payload is a scalar and options is an array #183 (steti)
Closed issues:
- 💎 Different encoded value between servers with same password #197
- 💎 Signature is different at each run #190
- 💎 Include custom headers with password #189
- 💎 can't create token - 'NotImplementedError: Unsupported signing method' #186
- 💎 Why jwt depends on json < 2.0 ? #179
- 💎 Cannot verify JWT at all?? #177
- 👌 verify_iss: true is raising JWT::DecodeError instead of JWT::InvalidIssuerError #170
🔀 Merged pull requests:
- 🔖 Version bump 2.0.0.beta1 #199 (excpt)
- ⚡️ Update CHANGELOG.md and minor fixes #198 (excpt)
- ➕ Add Codacy coverage reporter #194 (excpt)
- ➕ Add minimum required ruby version to gemspec #193 (excpt)
- 💎 Code smell fixes #192 (excpt)
- 🔖 Version bump to 2.0.0.dev #191 (excpt)
- 🔨 Basic encode module refactoring #121 #182 (xamenrax)
- 🛠 Fix travis ci build configuration #181 (excpt)
- 🛠 Fix travis ci build configuration #180 (excpt)
- 🛠 Fix typo in README #178 (tomeduarte)
- 🛠 Fix code style #173 (excpt)
- 🛠 Fixed a typo in a spec name #169 (Mingan)
-
v1.5.6 Changes
September 19, 2016 -
v1.5.5 Changes
September 16, 2016Implemented enhancements:
- 💎 JWT.decode always raises JWT::ExpiredSignature for tokens created with Time objects passed as the
expparameter #148
🛠 Fixed bugs:
- 💎 expiration check does not give "Signature has expired" error for the exact time of expiration #157
- 💎 JTI claim broken? #152
- 💎 Audience Claim broken? #151
- 💎 1.5.3 breaks compatibility with 1.5.2 #133
- 🔖 Version 1.5.3 breaks 1.9.3 compatibility, but not documented as such #132
- 🛠 Fix: exp claim check #161 (excpt)
Closed issues:
- 💎 Rendering Json Results in JWT::DecodeError #162
- 💎 PHP Libraries #154
- 🔒 [security] Signature verified after expiration/sub/iss checks #153
- 💎 Is ruby-jwt thread-safe? #150
- 💎 JWT 1.5.3 #143
- 💎 gem install v 1.5.3 returns error #141
- ➕ Adding a CHANGELOG #140
🔀 Merged pull requests:
- ⬆️ Bump version #165 (excpt)
- 👌 Improve error message for exp claim in payload #164 (excpt)
- 🛠 Fix #151 and code refactoring #163 (excpt)
- 💎 Signature validation before claim verification #160 (excpt)
- 💎 Create specs for README.md examples #159 (excpt)
- 💎 Tiny Readme Improvement #156 (b264)
- ➕ Added test execution to Rakefile #147 (jabbrwcky)
- ➕ Add more bling bling to the site #146 (excpt)
- ⬆️ Bump version #145 (excpt)
- ➕ Add first content and basic layout #144 (excpt)
- ➕ Add a changelog file #142 (excpt)
- 💎 Return decoded_segments #139 (akostrikov)
- 💎 JWT.decode always raises JWT::ExpiredSignature for tokens created with Time objects passed as the
-
v1.5.4 Changes
March 24, 2016 -
v1.5.3 Changes
February 24, 2016🔄 Changelog
- ⬇️ Dropped ruby 1.9.3 support #131
- 📚 Update README.md - improve documentation and fix typos
- ✂ Removed
echoedependency - 🛠 Fix hash/string key issue in options #130
- 👍 Allow a proc to be passed for JTI verification #126
- 🔨 Code refactoring and code smell fixes
Commits
🔀 4a0b939 Merge pull request #131 from jwt/drop-ruby-1.9.3-support
⚡️ cfc8362 Update .travis.yml
🔀 04120f6 Merge pull request #130 from tpickett66/hash-keys
💎 a4d0473 Bump version
💎 a6d1a33 Allow verification option keys to be strings or symbols
💎 b47ab94 Make Verify an instantiatable class
🛰 6a9b5cc Adjust aud checking to use a string key against the payload
🚚 7b80ec9 Move Verify specs to a separate file.
⚡️ 2c7837f update testing and install sections of readme
🔀 d4fca40 Merge pull request #126 from yahooguntu/master
💎 0100ad6 Allow a proc to be passed for JTI verification
🔨 b85b30e Merge pull request #122 from excpt/refactor-json-dependency
🔀 1499b16 Merge pull request #123 from excpt/ci-settings
🚚 2d5bc86 Remove obsolete json code
✅ a03fbaf Add ruby 2.3.0 for travis ci testing
⚡️ 91b4220 Update README.md
🔀 86f470b Merge pull request #118 from excpt/master
💎 a6672da Add fancy badges to README.md
🔀 0a2fa6c Merge pull request #117 from excpt/master
🔀 707376a Fix merge options bug
💎 f889e49 Fix some code smells
💎 a0815ee Fix some more code smells
💎 e556eb9 Fix some code smells in JWT::Verify class
🔨 7a7ac9a Refactor decode and verify functionality
🔀 59dd2e0 Merge pull request #116 from excpt/master
💎 79cdce8 Fix code smell reported by rubocop
💎 451d950 Fix code smells reported by rubocop
✅ 4d440dc Fix travis test command
🚚 279df0e Remove echoe dependency
🚚 4f45b66 Add version class, remove utf8 encoding comment
⚡️ 559a23b Update codeclimate settings
🔀 cabde34 Merge pull request #114 from FXFusion/master
⚡️ e5a94db Updated readme for iss/aud options
🔀 6c84213 Merge pull request #113 from lwe/lwe-jti-validation-fix
💎 320306b relax restrictions on "jti" claim verification
🔀 27c7412 Merge pull request #112 from kat3kasper/fix/misspelling
💎 02cbbd6 Fix error misspelling -
v1.5.2 Changes
October 27, 2015Implemented enhancements:
- 💎 Must we specify algorithm when calling decode to avoid vulnerabilities? #107
- 🔨 Code review: Rspec test refactoring #85 (excpt)
🛠 Fixed bugs:
- 💎 aud verifies if aud is passed in, :sub does not #102
- 💎 iat check does not use leeway so nbf could pass, but iat fail #83
Closed issues:
- ✅ Test ticket from Code Climate #104
- ✅ Test ticket from Code Climate #100
- 🛰 Is it possible to decode the payload without validating the signature? #97
- 💎 What is audience? #96
- 💎 Options hash uses both symbols and strings as keys. #95
🔀 Merged pull requests:
- 🛠 Fix incorrect
iatexamples #109 (kjwierenga) - ⚡️ Update docs to include instructions for the algorithm parameter. #108 (aarongray)
- 💎 make sure :sub check behaves like :aud check #103 (skippy)
- 🔄 Change hash syntax #101 (excpt)
- 💎 Include LICENSE and README.md in gem #99 (bkeepers)
- ✂ Remove unused variable in the sample code. #98 (hypermkt)
- 🛠 Fix iat claim example #94 (larrylv)
- 🛠 Fix wrong description in README.md #93 (larrylv)
- 💎 JWT and JWA are now RFC. #92 (aj-michael)
- ⚡️ Update README.md #91 (nsarno)
- 🛠 Fix missing verify parameter in docs #90 (ernie)
- 💎 Iat check uses leeway. #89 (aj-michael)
- 💎 nbf check allows exact time matches. #88 (aj-michael)
-
v1.5.1 Changes
June 22, 2015Implemented enhancements:
🛠 Fixed bugs:
- 💎 ECDSA signature verification fails for valid tokens #84
- 💎 Shouldn't verification of additional claims, like iss, aud etc. be enforced when in options? #81
- 🛠 Fix either README or source code #78
- 💎 decode fails with 'none' algorithm and verify #75
Closed issues:
- 💎 Doc mismatch: uninitialized constant JWT::ExpiredSignature #79
- 💎 TypeError when specifying a wrong algorithm #77
- 💎 jti verification doesn't prevent replays #73
🔀 Merged pull requests:
-
v1.5.0 Changes
May 09, 2015 -
v1.4.1 Changes
March 12, 2015🛠 Fixed bugs:
🔀 Merged pull requests:
-
v1.4.0 Changes
March 10, 2015Closed issues:
- 💎 The behavior using 'json' differs from 'multi_json' #41
🔀 Merged pull requests:
- 🚀 Release 1.4.0 #64 (excpt)
- ⚡️ Update README.md and remove dead code #63 (excpt)
- ➕ Add 'iat/ aud/ sub/ jti' support for ruby-jwt #62 (ZhangHanDong)
- ➕ Add 'iss' support for ruby-jwt #61 (ZhangHanDong)
- 💎 Clarify .encode API in README #60 (jbodah)