|
1 | | -# 2.5.0 (2021-05-11) |
2 | | -- Add support for Ruby 3.0 (#194 fwininger) |
3 | | -- Add support for Rails 6.1 (#194 fwininger) |
4 | | -- Drop support for Ruby 2.4 (#193 fwininger) |
5 | | -- Drop support for Rails 5.0 (#194 fwininger) |
6 | | -- Drop support for Rails 5.1 (#194 fwininger) |
7 | | -- Fix Faraday warning: `WARNING: Faraday::Request#method is deprecated` (#191 fwininger) |
8 | | - |
9 | | -# 2.4.1 (2020-06-23) |
10 | | -- Fix inadvertant ActiveSupport dependecy (#189 taylorthurlow) |
11 | | - |
12 | | -# 2.4.0 (2020-05-05) |
13 | | -- Improved support for Rails 6.0 (#179 taylorthurlow, #177 fwininger) |
14 | | -- Added Ruby 2.6.0 support (#174 fwininger) |
15 | | -- README updates (#186 iranthau) |
16 | | - |
17 | | -# 2.3.1 (2018-11-06) |
18 | | -- Fixed a regression in the http.rb driver (#173 tycooon) |
19 | | - |
20 | | -# 2.3.0 (2018-10-23) |
21 | | -- Added support for Grape API (#169 phuongnd08 & dunghuynh) |
| 1 | +# Changelog |
| 2 | + |
| 3 | +## 2.5.0 (2021-05-11) |
| 4 | +- Add support for Ruby 3.0 (##194 fwininger) |
| 5 | +- Add support for Rails 6.1 (##194 fwininger) |
| 6 | +- Drop support for Ruby 2.4 (##193 fwininger) |
| 7 | +- Drop support for Rails 5.0 (##194 fwininger) |
| 8 | +- Drop support for Rails 5.1 (##194 fwininger) |
| 9 | +- Fix Faraday warning: `WARNING: Faraday::Request##method is deprecated` (##191 fwininger) |
| 10 | + |
| 11 | +## 2.4.1 (2020-06-23) |
| 12 | +- Fix inadvertent ActiveSupport dependency (##189 taylorthurlow) |
| 13 | + |
| 14 | +## 2.4.0 (2020-05-05) |
| 15 | +- Improved support for Rails 6.0 (##179 taylorthurlow, ##177 fwininger) |
| 16 | +- Added Ruby 2.6.0 support (##174 fwininger) |
| 17 | +- README updates (##186 iranthau) |
| 18 | + |
| 19 | +## 2.3.1 (2018-11-06) |
| 20 | +- Fixed a regression in the http.rb driver (##173 tycooon) |
| 21 | + |
| 22 | +## 2.3.0 (2018-10-23) |
| 23 | +- Added support for Grape API (##169 phuongnd08 & dunghuynh) |
22 | 24 | - Added option for specifying customer headers to sign via new `headers_to_sign` |
23 | | - argument (#170 fakenine) |
24 | | -- Fix tests and drop support for Ruby < 2.3 (#171 fwininger) |
25 | | - |
26 | | -# 2.2.0 (2018-03-12) |
27 | | -- Drop support ruby 1.x, rails 2.x, rails 3.x (#141 fwininger) |
28 | | -- Add http.rb request driver (#164 tycooon) |
29 | | -- Fix POST and PUT requests in RestClient (#151 fwininger) |
30 | | -- Allow clock skew to be user-defined (#136 mlarraz) |
31 | | -- Adds #original_uri method to all request drivers (#137 iMacTia) |
| 25 | + argument (##170 fakenine) |
| 26 | +- Fix tests and drop support for Ruby < 2.3 (##171 fwininger) |
| 27 | + |
| 28 | +## 2.2.0 (2018-03-12) |
| 29 | +- Drop support ruby 1.x, rails 2.x, rails 3.x (##141 fwininger) |
| 30 | +- Add http.rb request driver (##164 tycooon) |
| 31 | +- Fix POST and PUT requests in RestClient (##151 fwininger) |
| 32 | +- Allow clock skew to be user-defined (##136 mlarraz) |
| 33 | +- Adds ##original_uri method to all request drivers (##137 iMacTia) |
32 | 34 | - Rubocop and test fixes (fwininger & nicolasleger) |
33 | | -- Changed return type for request #content_md5 #timestamp #content_type (fwininger) |
| 35 | +- Changed return type for request ##content_md5 ##timestamp ##content_type (fwininger) |
34 | 36 | - Fix URI edge case where a URI contains another URI (zfletch) |
35 | 37 | - Updates to the README (zfletch) |
36 | 38 |
|
37 | | -# 2.1.0 (2016-12-22) |
38 | | -- Fixed a NoMethodError that might occur when using the NetHttp Driver (#130 grahamkenville) |
39 | | -- More securely compare signatures in a way that prevents timing attacks (#56 leishman, #133 will0) |
40 | | -- Remove support for MD2 and MD4 hashing algorithms since they are insecure (#134 will0) |
41 | | -- Disallow requests that are too far in the future to limit the time available for a brute force signature guess (#119 fwininger) |
| 39 | +## 2.1.0 (2016-12-22) |
| 40 | +- Fixed a NoMethodError that might occur when using the NetHttp Driver (##130 grahamkenville) |
| 41 | +- More securely compare signatures in a way that prevents timing attacks (##56 leishman, ##133 will0) |
| 42 | +- Remove support for MD2 and MD4 hashing algorithms since they are insecure (##134 will0) |
| 43 | +- Disallow requests that are too far in the future to limit the time available for a brute force signature guess (##119 fwininger) |
42 | 44 |
|
43 | | -# 2.0.1 (2016-07-25) |
44 | | -- Support of `api_auth_options` in ActiveResource integration (#102 fwininger) |
45 | | -- Replace use of `#blank?` with `#nil?` to not depend on ActiveSupport (#114 packrat386) |
46 | | -- Fix Auth header matching to not match invalid SHA algorithms (#115 packrat386) |
| 45 | +## 2.0.1 (2016-07-25) |
| 46 | +- Support of `api_auth_options` in ActiveResource integration (##102 fwininger) |
| 47 | +- Replace use of `##blank?` with `##nil?` to not depend on ActiveSupport (##114 packrat386) |
| 48 | +- Fix Auth header matching to not match invalid SHA algorithms (##115 packrat386) |
47 | 49 | - Replace `alias_method_chain` with `alias_method` in the railtie since |
48 | | - alias_method_chain is deprecated in Rails 5 (#118 mlarraz) |
| 50 | + alias_method_chain is deprecated in Rails 5 (##118 mlarraz) |
49 | 51 |
|
50 | | -# 2.0.0 (2016-05-11) |
| 52 | +## 2.0.0 (2016-05-11) |
51 | 53 | - IMPORTANT: 2.0.0 is backwards incompatible with the default settings of v1.x |
52 | 54 | v2.0.0 always includes the http method in the canonical string. |
53 | 55 | You can use the upgrade strategy in v1.4.x and above to migrate to v2.0.0 |
54 | 56 | without any down time. Please see the 1.4.0 release nodes for more info |
55 | | -- Added support for other digest algorithms like SHA-256 (#98 fwininger) |
| 57 | +- Added support for other digest algorithms like SHA-256 (##98 fwininger) |
56 | 58 |
|
57 | | -# 1.5.0 (2016-01-21) |
| 59 | +## 1.5.0 (2016-01-21) |
58 | 60 | - Added a sign_with_http_method configuration option to the ActiveResource |
59 | 61 | rails tie to correspond to passing the `:with_http_method => true` into |
60 | 62 | `ApiAuth.sign!` |
61 | 63 |
|
62 | | -# 1.4.1 (2016-01-04) |
| 64 | +## 1.4.1 (2016-01-04) |
63 | 65 | - Fixed an issue where getters wouldn't immediately have the correct value after |
64 | | - setting a date or content md5 in some of the request drivers (#91) |
| 66 | + setting a date or content md5 in some of the request drivers (##91) |
65 | 67 |
|
66 | | -# 1.4.0 (2015-12-16) |
| 68 | +## 1.4.0 (2015-12-16) |
67 | 69 |
|
68 | | -## IMPORTANT SECURITY FIX (with backwards compatible fallback) |
| 70 | +#### IMPORTANT SECURITY FIX (with backwards compatible fallback) |
69 | 71 |
|
70 | 72 | This version introduces a security fix. In previous versions, the canonical |
71 | 73 | string does not include the http method used to make the request, this means |
|
94 | 96 | 4. Update server side code to ApiAuth v2.0 (removes the ability to authenticate without the http method) |
95 | 97 | 5. Update all client side code to ApiAuth v2.0 (forces all signatures to contain the http method) |
96 | 98 |
|
97 | | -## Additional changes |
| 99 | +#### Additional changes |
98 | 100 |
|
99 | | - - Performance enhancement: reduce allocation of Headers object (#81 pd) |
100 | | - - Performance enhancement: avoid reallocating static Regexps (#82 pd) |
| 101 | + - Performance enhancement: reduce allocation of Headers object (##81 pd) |
| 102 | + - Performance enhancement: avoid reallocating static Regexps (##82 pd) |
101 | 103 |
|
102 | | -# 1.3.2 (2015-08-28) |
| 104 | +## 1.3.2 (2015-08-28) |
103 | 105 | - Fixed a bug where some client adapters didn't treat an empty path as |
104 | | - "/" in the canonical string (#75 managr) |
| 106 | + "/" in the canonical string (##75 managr) |
105 | 107 |
|
106 | | -# 1.3.1 (2015-03-13) |
| 108 | +## 1.3.1 (2015-03-13) |
107 | 109 | - Fixed a bug where Faraday requests with no parameters were not signed |
108 | | - correctly (#65 nathanhoel) |
| 110 | + correctly (##65 nathanhoel) |
109 | 111 |
|
110 | | -# 1.3.0 (2015-03-12) |
111 | | -- Add a Faraday Request Driver (#64 nathanhoel) |
| 112 | +## 1.3.0 (2015-03-12) |
| 113 | +- Add a Faraday Request Driver (##64 nathanhoel) |
112 | 114 |
|
113 | | -# 1.2.6 (2014-10-01) |
| 115 | +## 1.2.6 (2014-10-01) |
114 | 116 | - Fix a bug in the ActionController request driver where calculated_md5 was |
115 | | - incorrect in certain scenarios. (#53 karl-petter) |
| 117 | + incorrect in certain scenarios. (##53 karl-petter) |
116 | 118 |
|
117 | | -# 1.2.5 (2014-09-09) |
| 119 | +## 1.2.5 (2014-09-09) |
118 | 120 | - Fix a bug where ApiAuth.authentic? would cause an ArgumentError when given a |
119 | 121 | request with an invalid date in the date header. It will now return false |
120 | | - instead. (#51 Nakort) |
| 122 | + instead. (##51 Nakort) |
121 | 123 |
|
122 | | -# 1.2.4 (2014-08-27) |
| 124 | +## 1.2.4 (2014-08-27) |
123 | 125 | - Fix a bug in the Net::HTTP request driver where the md5 isn't calculated |
124 | 126 | correctly when the content of the request is set with the `.body_stream` |
125 | | - method. (#49 adamcrown) |
| 127 | + method. (##49 adamcrown) |
126 | 128 |
|
127 | | -# 1.2.3 (2014-08-01) |
| 129 | +## 1.2.3 (2014-08-01) |
128 | 130 | - Update action controller request driver to fix a bug with OLD versions of |
129 | 131 | Rails using CGI |
130 | 132 |
|
131 | | -# 1.2.2 (2014-07-08) |
| 133 | +## 1.2.2 (2014-07-08) |
132 | 134 | - Fix Rest Client driver to account for the generated date when signing (cjeeky) |
133 | 135 |
|
134 | | -# 1.2.1 (2014-07-03) |
| 136 | +## 1.2.1 (2014-07-03) |
135 | 137 |
|
136 | 138 | - Fix Rest Client driver to account for the generated md5 when signing |
137 | | - (#45 cjeeky) |
138 | | -- Support for testing against Rails 4.1 (#42 awendt) |
139 | | -- Support all requests inheriting from Rack::Request (#43 mcls) |
| 139 | + (##45 cjeeky) |
| 140 | +- Support for testing against Rails 4.1 (##42 awendt) |
| 141 | +- Support all requests inheriting from Rack::Request (##43 mcls) |
140 | 142 |
|
141 | | -# 1.2.0 (2014-05-16) |
| 143 | +## 1.2.0 (2014-05-16) |
142 | 144 |
|
143 | 145 | - Fix ruby 1.8.7 support |
144 | 146 | - Test / support all major versions of rails 2.3 - 4.0 |
|
0 commit comments