Skip to content

Latest commit

Β 

History

History
780 lines (475 loc) Β· 30 KB

CHANGELOG.md

File metadata and controls

780 lines (475 loc) Β· 30 KB
Raw

Changelog

5.0.0 (2024-03-27)

πŸ’£ Major Changes

  • Update major versions of dependencies #896
  • Update to @node-saml/node-saml v5 #894
  • Update to Node 18 #893
  • Clean up types #813

πŸš€ Minor Changes

  • Update minor dependencies #895

πŸ”— Dependencies

  • Update nested dependencies #898
  • Update prettier #897

πŸ› Bug Fixes

  • Fix circular references #879 #880
  • [needs-review] StrategyOptionsCallback shouldn't have to pass all SAML options #838

πŸ“š Documentation

  • Fix README to require correct module name #884
  • Update README to point to node-saml documentation #886
  • Clarify SLO support in passport-saml #862
  • Roll-up changelog entries for beta releases #867

βš™οΈ Technical Tasks

  • Adjust type enforcement to remove warnings #889
  • Update package.json script to mirror node-saml #888
  • Remove unused AuthorizeOptions type #887
  • Add bot to close stale issues #864

v4.0.4 (2023-05-30)

πŸ› Bug Fixes

  • Revised AbstractStrategy for authenticate method to match PassportStrategy expectation #861

πŸ“š Documentation

  • Update docs/adfs/README.md and move to wiki #840

v4.0.3 (2023-04-11)

πŸ”— Dependencies

  • [security] Use secure version of node-saml #855

πŸ“š Documentation

  • Fix minor typos #853

v4.0.2 (2022-12-13)

πŸ”— Dependencies

  • [javascript] Bump eslint from 8.26.0 to 8.29.0 #827
  • [javascript] Bump @typescript-eslint/parser from 5.41.0 to 5.46.1 #826
  • [javascript] Bump @xmldom/xmldom from 0.8.3 to 0.8.6 #825
  • [javascript] Bump prettier from 2.7.1 to 2.8.0 #821
  • [javascript] Bump @types/node from 14.18.33 to 14.18.34 #819
  • [javascript] Bump @typescript-eslint/eslint-plugin from 5.41.0 to 5.45.0 #818

πŸ“š Documentation

  • Reference node-saml documentation from README #815
  • Update README formatting and to provide clearer explanation of examples #812
  • Update README.md #810

v4.0.1 (2022-10-28)

πŸ“š Documentation

  • Update changelog #797

v4.0.0 (2022-10-28)

πŸ’£ Major Changes

πŸš€ Minor Changes

  • Add support for multiple signing certs in metadata #655

πŸ”— Dependencies

  • [javascript] Bump @xmldom/xmldom from 0.7.5 to 0.7.6 #794
  • [javascript] Bump @types/mocha from 9.1.1 to 10.0.0 #781
  • [javascript] Bump @types/express from 4.17.13 to 4.17.14 #785
  • [javascript] Bump @types/chai from 4.3.1 to 4.3.3 #787
  • [javascript] Bump @typescript-eslint/parser from 5.36.2 to 5.40.0 #786
  • [javascript] Bump eslint from 8.23.0 to 8.25.0 #784
  • [github_actions] Bump codecov/codecov-action from 3.1.0 to 3.1.1 #782
  • [javascript] Bump @types/passport from 1.0.10 to 1.0.11 #778
  • [javascript] Bump vm2 from 3.9.9 to 3.9.11 #777
  • [javascript] Bump concurrently from 7.3.0 to 7.4.0 #773
  • [javascript] Bump @types/node from 14.18.22 to 14.18.28 #772
  • [javascript] Bump @types/passport from 1.0.9 to 1.0.10 #771
  • [javascript] Bump @typescript-eslint/eslint-plugin from 5.30.7 to 5.36.2 #766
  • [javascript] Bump eslint from 8.20.0 to 8.23.0 #759
  • [javascript] Bump @typescript-eslint/parser from 5.30.7 to 5.36.2 #767
  • [javascript] Bump concurrently from 7.2.2 to 7.3.0 #741
  • [javascript] Bump @types/node from 14.18.21 to 14.18.22 #740
  • [javascript] Bump @typescript-eslint/parser from 5.30.5 to 5.30.7 #737
  • [javascript] Bump eslint from 8.19.0 to 8.20.0 #736
  • [javascript] Bump @types/sinon from 10.0.12 to 10.0.13 #738
  • [javascript] Bump ts-node from 10.8.2 to 10.9.1 #732
  • [javascript] Bump @typescript-eslint/eslint-plugin from 5.30.5 to 5.30.7 #739
  • [javascript] Bump parse-url from 6.0.0 to 6.0.2 #730
  • [javascript] Bump @typescript-eslint/parser from 5.30.3 to 5.30.5 #726
  • [javascript] Bump eslint-plugin-prettier from 4.0.0 to 4.2.1 #722
  • [javascript] Bump eslint from 8.18.0 to 8.19.0 #719
  • [javascript] Bump @typescript-eslint/eslint-plugin from 5.30.3 to 5.30.5 #725
  • [javascript] Bump ts-node from 10.8.0 to 10.8.2 #723
  • [javascript] Bump @typescript-eslint/eslint-plugin from 5.29.0 to 5.30.3 #716
  • [javascript] Bump @types/sinon from 10.0.11 to 10.0.12 #717
  • [javascript] Bump @typescript-eslint/parser from 5.29.0 to 5.30.3 #718
  • [github_actions] Bump actions/checkout from 2 to 3 #713
  • [github_actions] Bump github/codeql-action from 1 to 2 #712
  • Update dependencies #696
  • Bump follow-redirects from 1.14.4 to 1.15.1 #695
  • Bump npm from 8.6.0 to 8.12.0 #694
  • [security] Bump ansi-regex from 4.1.0 to 4.1.1 #688
  • Move TypeScript-required types to dependencies from devDependencies #686
  • Code cleanup in preparation for logout validation #658
  • Update packages #641

πŸ› Bug Fixes

  • add MultiStrategyConfig type export #675

πŸ“š Documentation

  • Update changelog and changelog building tools #774
  • Update badges for scoped package #710
  • Update badges for scoped package #709
  • docs: move history note to the bottom and expand it. #708
  • Update README to remove an insecure suggestion #704
  • Document passive option #660
  • Read me update for authnContext example for ADFS #647

βš™οΈ Technical Tasks

  • Clean working folder before doing a release build #793
  • Update changelog build tools #792
  • Add prerelease script #775
  • Reduce dependabot update frequency #765
  • Have dependabot update package.json too #764
  • Have dependabot update package.json too #724
  • Add dependabot config file #711
  • Move to NPM organization #705
  • Add code coverage workflow #706
  • Replace integration tests with unit tests #702
  • Add code coverage #701
  • Adjust .mochars.json #699
  • Migrate from "should" to "chai" #687
  • Update issue templates #652
  • Fix main path in package.json #623

v3.1.0 (2021-06-17)

πŸ› Bug Fixes

  • [security] Limit transforms for signed nodes #595
  • Fix: Conflicting profile properties between profile and attributes #593
  • Fix validateInResponseTo null check #596

πŸ“š Documentation

  • Rebuild changelog for 3.0.0 #605
  • Fix typo OnBefore -> NotBefore #611
  • Update README with new Cache Provider interface #608

v3.0.0 (2021-05-14)

πŸ’£ Major Changes

  • Update all dependencies to latest #590
  • Add Node 16 support; drop Node 10 #589
  • Enforce more secure XML encryption #584
  • Node saml separation #574
  • Remove support for deprecated privateCert #569
  • Require cert for every strategy #548

πŸš€ Minor Changes

  • Add optional setting to set a ceiling on how old a SAML response is allowed to be #577
  • Move XML functions to utility module #571
  • Improve the typing of the Strategy class hierarchy. #554
  • Resolve XML-encoded carriage returns during signature validation #576
  • Make sure CI builds test latest versions of dependencies #570
  • Add WantAssertionsSigned #536
  • Update xml-crypto to v2.1.1 #558
  • Allow for authnRequestBinding in SAML options #529

πŸ”— Dependencies

  • Update all packages to latest semver-minor #588
  • Update xml-encryption to v1.2.3 #567
  • Revert "Update xml-encryption to v1.2.3" #564
  • Update xml-encryption to v1.2.3 #560
  • bump xmldom to 0.5.x since all lower versions have security issue #551

πŸ› Bug Fixes

  • Fix incorrect import of compiled files in tests #572

πŸ“š Documentation

  • Remove deprecated field privateCert from README, tests #591
  • Add support for more tags in the changelog #592
  • Changelog #587
  • Create of Code of Conduct #573
  • Update readme on using multiSamlStrategy #531

βš™οΈ Technical Tasks

  • Fix lint npm script to match all files including in src/ #555
  • remove old callback functions, tests use async/await #545
  • Tests use typescript #534
  • async / await in cache interface #532
  • Format code and enforce code style on PR #527
  • async/await for saml.ts #496

v2.0.5 (2021-01-29)

βš™οΈ Technical Tasks

  • Ignore test folder when building npm package #526

v2.0.4 (2021-01-19)

βš™οΈ Technical Tasks

  • Generating changelog using gren #518

v2.0.3 (2020-12-21)

πŸš€ Minor Changes

  • dev: add @types/xml-encryption #517

πŸ”— Dependencies

  • upgrade deps to latest versions #514
  • Bump ini from 1.3.5 to 1.3.8 #513

πŸ› Bug Fixes

  • Reexport SamlConfig type to solve a regression in consumer packages #516
  • normalize signature line endings before loading signature block to xml-crypto #512
  • fix: derive SamlConfig from SAMLOptions #515
  • fix(typing): Export Multi SAML types #505
  • add ts-ignore to generated type definitions for multisaml strategy #508
  • fix(typing): multi saml strategy export #503
  • support windows line breaks in keys #500

πŸ“š Documentation

  • docs(scoping): fix for example #504
  • minor - fix typo in README #506

βš™οΈ Technical Tasks

  • Prettier + ESLint + onchange = Happiness #493

v2.0.2 (2020-11-05)

πŸ› Bug Fixes

  • normalize line endings before signature validation #498

v2.0.1 (2020-11-03)

πŸ› Bug Fixes

  • Add deprecation notice for privateCert; fix bug #492

v2.0.0 (2020-11-03)

πŸ’£ Major Changes

  • Always throw error objects instead of strings #412

πŸš€ Minor Changes

  • Allow for use of privateKey instead of privateCert #488
  • feat(authorize-request): idp scoping provider #428

πŸ› Bug Fixes

  • update version of xml2js to 0.4.23, fixes #479 #486
  • fix: disable esmoduleInterop setting #483

βš™οΈ Technical Tasks

  • inlineSources option for better source maps #487

v1.5.0 (2020-10-29)

πŸš€ Minor Changes

  • validateSignature: Support XML docs that contain multiple signed node… #481
  • validateSignature: Support XML docs that contain multiple signed nodes #455

πŸ› Bug Fixes

  • Revert "validateSignature: Support XML docs that contain multiple signed nodes" #480

βš™οΈ Technical Tasks

  • outdated Q library was removed #478

v1.4.2 (2020-10-29)

βš™οΈ Technical Tasks

  • Primary files use typescript #477

v1.4.1 (2020-10-29)

βš™οΈ Technical Tasks

  • compatibility with @types/passport-saml, fixes #475 #476

v1.4.0 (2020-10-28)

πŸ’£ Major Changes

  • Drop support for Node 8 #462

πŸš€ Minor Changes

  • try to use curl when wget is not available #468

πŸ”— Dependencies

  • bumped xml-crypto from 1.5.3 to 2.0.0 #470
  • Upgrade xml-crypto dependency #465

πŸ› Bug Fixes

  • Only make an attribute an object if it has child elements #464
  • fix: add catch block to NameID decryption #461

πŸ“š Documentation

βš™οΈ Technical Tasks

  • Ts secondary files #474
  • support typescript compilation #469
  • Add GitHub Actions as Continuos Integration provider #463

v1.3.5 (2020-09-16)

πŸš€ Minor Changes

  • Return object for XML-valued AttributeValues #447

πŸ”— Dependencies

  • Bump lodash from 4.17.15 to 4.17.20 #449
  • Bump acorn from 7.1.0 to 7.4.0 #448

πŸ“š Documentation

  • Revert "doc: announce site move." #446

v1.3.4 (2020-07-21)

πŸ› Bug Fixes

  • Fix multi saml strategy race conditions #426

v1.3.3 (2020-02-19)

πŸ™ˆ Other

  • Singleline private keys #423

v1.3.2 (2020-02-12)

πŸ™ˆ Other

  • Revert "convert privateCert to PEM for signing" #421

v1.3.1 (2020-02-11)

πŸ™ˆ Other

  • Upgrade xml-encryption to 1.0.0 #420

v1.3.0 (2020-01-28)

πŸš€ Minor Changes

  • convert privateCert to PEM for signing #390
  • add support for encrypted nameIDs in SLO request handling #408
  • Issue #206: Support signing AuthnRequests using the HTTP-POST Binding #207

πŸ™ˆ Other

  • Add tests to check for correct logout #418
  • added passReqToCallback to docs #417
  • Fix an issue readme formatting #416
  • attributeConsumingServiceIndex can be zero #414
  • Bring-up xml-crypto to 1.4.0 #400
  • fix #393 adding 'inResponseTo' in the profile #404
  • Fix #355 missing parts: tests. #402
  • Fix minimum version of Node.js in Travis #399
  • Add .editorconfig as suggested in #373 #398

v1.2.0 (2019-07-26)

πŸ™ˆ Other

  • NameIDFormat fix #375
  • Remove InResponseTo value if response validation fails #341

v1.1.0 (2019-05-10)

πŸš€ Minor Changes

  • feat: add RequestedAuthnContext Comparison Type parameter #360
  • Add option to disable SAML spec AuthnRequest optional value Assertion… #315

πŸ™ˆ Other

  • Fix broken tests #367
  • Update README.md #363
  • InResponseTo support for logout #356
  • Set explicitChar: true to make XML parsing consistent. Fixes issue #283 and #187 #361
  • update xml crypto to 1.1.4 #352
  • Create a way to get provider metadata when using the MultiSamlStrategy #323
  • Fix Node Buffer deprecation warning: update 'new Buffer' to 'Buffer.from()' #342
  • Fix #128 documentation for body-parser dependency #326
  • Update Node version in package.json to >=6 #340
  • Upgrade xml-crypto to 1.1.2 #344
  • Fix for failing test #347
  • Support InResponseTo validations in MultiSaml #350
  • Add SamlResponseXML method to profile object #330

v1.0.0 (2018-12-02)

πŸ’£ Major Changes

  • Adds signing key in the metadata service provider generation. #306

πŸš€ Minor Changes

  • Support redirect for Logout flows #277
  • Support dynamic SAML configuration lookup #276

πŸ™ˆ Other

  • Update xml-crypto to 1.0.2 #321
  • Validate issuer on logout requests/responses if configured #314
  • feat(logout): handle null and undefined on nameQualifier #311
  • Extend and document the profile object #301
  • Handle case of missing InResponseTo when validation is on #302
  • entryPoint is compulsory for signed requests #299
  • Include support for run-time params to be included in the generated URLs #136
  • support multiple authnContext #298

v0.35.0 (2018-08-14)

No changelog for this release.

v0.34.0 (2018-08-14)

No changelog for this release.

v0.33.0 (2018-02-16)

πŸ™ˆ Other

  • New Feature: allow customizing the name of the strategy. #262

v0.32.1 (2018-01-03)

No changelog for this release.

v0.32.0 (2018-01-03)

πŸ™ˆ Other

  • Audience validation #253
  • README: fix typo s/ADSF/ADFS/ #251

v0.31.0 (2017-11-01)

πŸš€ Minor Changes

  • Support multiple and dynamic signing certificates #218

πŸ™ˆ Other

  • Upd: Mention ADFS 2016 with NameIDFormatError. #242

v0.30.0 (2017-10-12)

πŸ› Bug Fixes

  • [security] Use crypto.randomBytes for ID generation #235
  • Fix: "TypeError: Cannot read property 'documentElement' of null" #239

v0.20.2 (2017-10-10)

No changelog for this release.

v0.20.1 (2017-10-10)

πŸ™ˆ Other

  • handle bad privateCert #231
  • Add support for ProviderName attribute #216

v0.20.0 (2017-10-09)

πŸ™ˆ Other

  • Add badges to readme #202
  • Update README to clarify that saml.cert requires a PEM-encoded x509 c… #133

v0.16.2 (2017-10-05)

No changelog for this release.

v0.16.1 (2017-10-05)

No changelog for this release.

v0.16.0 (2017-04-01)

πŸ™ˆ Other

  • Remove unused ejs package from devDeps #195
  • Add the ability to sign with SHA-512 #173
  • Support detached encrypted key #166
  • Fixes #170: Clarify that the certificate are looking for is: #171

v0.15.0 (2015-12-30)

No changelog for this release.

v0.14.0 (2015-11-02)

No changelog for this release.

v0.13.0 (2015-10-09)

No changelog for this release.

v0.12.0 (2015-08-19)

No changelog for this release.

v0.11.1 (2015-08-18)

No changelog for this release.

v0.11.0 (2015-08-10)

No changelog for this release.

v0.10.0 (2015-06-08)

No changelog for this release.

v0.9.2 (2015-04-26)

No changelog for this release.

v0.9.1 (2015-02-18)

No changelog for this release.

v0.9.0 (2015-02-05)

No changelog for this release.

v0.8.0 (2015-01-23)

No changelog for this release.

v0.7.0 (2015-01-13)

No changelog for this release.

v0.6.2 (2015-01-06)

No changelog for this release.

v0.6.1 (2014-12-18)

No changelog for this release.

v0.6.0 (2014-11-14)

No changelog for this release.

v0.5.3 (2014-09-11)

No changelog for this release.

v0.5.2 (2014-07-02)

No changelog for this release.

v0.5.1 (2014-07-02)

No changelog for this release.

v0.5.0 (2014-07-01)

No changelog for this release.

v0.4.0 (2014-06-20)

No changelog for this release.

v0.3.0 (2014-06-09)

No changelog for this release.

v0.2.1 (2014-06-05)

No changelog for this release.

v0.2.0 (2014-06-02)

No changelog for this release.

v0.1.0 (2014-05-31)

No changelog for this release.