Skip to content

Releases: koajs/jwt

v4.0.4: Bump jsonwebtoken from 8.5.1 to 9.0.0

08 Jan 10:39
@sdd sdd
Compare
Choose a tag to compare

Bumps jsonwebtoken from 8.5.1 to 9.0.0.


updated-dependencies:

  • dependency-name: jsonwebtoken
    dependency-type: direct:production
    ...

v4.0.1: Bump y18n from 4.0.0 to 4.0.1

02 Apr 07:41
@sdd sdd
Compare
Choose a tag to compare
  • Fix typing of getToken (Thanks @gustavkj)
  • Bump lodash from 4.17.15 to 4.17.19
  • Bump y18n from 4.0.0 to 4.0.1

v4.0.0

17 May 19:26
@sdd sdd
Compare
Choose a tag to compare

MAJOR VERSION BUMP: due to the change in the minimum supported Node version from 7.6 to 8.

Contains the following changes:

  • corrected typescript definition for path property (@thwonghin)
  • updated typescript definitions, fix types/index.ts, make the type hint support more argument for koa-unless, such as `custom, ext, method (@buuug7)
  • dependency bumps and yarn.lock updates (@niftylettuce)
  • documentation code example typo fix (@Perlover)
  • stale link fixes (@ontouchstart)
  • removal of node 7 support (@3imed-jaberi)
  • A load of long-overdue documentation, config, formatting and CI changes 👍 (@3imed-jaberi)
  • Allow String arrays for Options.issuer (@raman-nbg)
  • koa-unless path supports strings, RegExps and arrays of these (typing issue). (@bmisiak)

v3.6.0

11 Jul 08:54
@sdd sdd
Compare
Choose a tag to compare

Sorry for the delay with this one!

This is a minor release, adding the following changes:

  • update jsonwebtoken to 8.5.1 (thanks @jakesjews)
  • Let downstream middlewares handle JWT exceptions (thanks @hassan-jahan)
  • Fix audience definition to match RFC (thanks @sjmcdowall)

v3.5.1

06 Sep 08:24
@sdd sdd
Compare
Choose a tag to compare

Patch release - updated typescript definitions

creds: @eterna2

v3.5.0

29 Aug 08:24
@sdd sdd
Compare
Choose a tag to compare

Added support for multiple secrets.

This allows servers to use rolling shared secrets, or to concurrently support Auth0 authentication (via PEM file), in addition to a shared secret (or public/private key pair) used for self-signed JWTs.

Credits: @ferguscan

v3.4.0

29 Aug 06:53
@sdd sdd
Compare
Choose a tag to compare
  • Update jsonwebtoken dependency to 8.3.0
  • Update typescript definitions
  • Update koa-unless to 1.0.7

Thanks to:

v3.2.2

23 May 20:09
@sdd sdd
Compare
Choose a tag to compare

Patch update to update dependency on jsonwebtoken due to Regex DoS vuln in ms package.

Thanks @snyk-bot - the system works.

v3.2.1

30 Mar 20:55
@sdd sdd
Compare
Choose a tag to compare

Patch release with a documentation update to accompany the switch of the old master branch to a new koa-v1 branch, and the koa-v2 branch to master.

v3.2.0

30 Mar 07:31
@sdd sdd
Compare
Choose a tag to compare
  • add /.idea to .gitignore for webstorm devs
  • remove mocha --bail flag on test run to show all errors
  • catch invalid token errors before calling secret provider function
  • Remove the trailing newlines from thrown errors
  • For security, when debug=false, all thrown errors have the same message
  • Koa defaults ctx.state to {} so no need to do this ourselves
  • add test for passthrough with bad token to give us 100% coverage
  • fixed some minor linting issues and phrasing