Yubico
diff --git a/‎.github/workflows/build.yml
Lines changed: 2 additions & 2 deletions b/‎.github/workflows/build.yml
Lines changed: 2 additions & 2 deletions
diff --git a/‎.github/workflows/code-formatting.yml
Lines changed: 25 additions & 0 deletions b/‎.github/workflows/code-formatting.yml
Lines changed: 25 additions & 0 deletions
diff --git a/‎NEWS
Lines changed: 74 additions & 0 deletions b/‎NEWS
Lines changed: 74 additions & 0 deletions
@@ -10,7 +10,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        java: [8, 11, 15]
+        java: [8, 11, 16]
 
     steps:
     - name: Check out code
@@ -22,7 +22,7 @@ jobs:
         java-version: ${{ matrix.java }}
 
     - name: Run tests
-      run: ./gradlew cleanTest check
+      run: ./gradlew cleanTest test
 
     - name: Archive HTML test report
       if: ${{ always() }}
 
@@ -0,0 +1,25 @@
+# This name is shown in the status badge in the README
+name: code-formatting
+
+on: [push, pull_request]
+
+jobs:
+  test:
+    name: JDK ${{matrix.java}}
+
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        java: [11]
+
+    steps:
+    - name: Check out code
+      uses: actions/checkout@v1
+
+    - name: Set up JDK
+      uses: actions/setup-java@v1
+      with:
+        java-version: ${{ matrix.java }}
+
+    - name: Check code formatting
+      run: ./gradlew spotlessCheck
@@ -1,3 +1,77 @@
+== Version 1.11.0 ==
+
+Deprecated features:
+
+* `AuthenticatorSelectionCriteria` methods
+  `builder().requireResidentKey(boolean)` and `isRequireResidentKey()`
+  deprecated in favor of a new option, see below.
+* The `icon` field in `RelyingPartyIdentity` and `UserIdentity`, and its
+  associated methods, are now deprecated. The corresponding property was removed
+  in WebAuthn Level 2.
+
+Deprecated features will be removed in the next major version release.
+
+Changes:
+
+* `RelyingParty.startAssertion()` no longer overwrites the `appid` extension
+  input in the `StartAssertionOptions` argument.
+* `RelyingParty.appId` setting now also activates the `appidExclude` extension in
+  addition to the `appid` extension.
+* `RelyingParty.startRegistration()` now enables the `credProps` extension by
+  default. The extension output, if any, is available as
+  `RegistrationResult.isDiscoverable()` and
+  `RegistrationResult.getClientExtensionOutputs().getCredProps()`.
+
+New features:
+
+* `RegistrationResult.keyId()` now includes `transports` if any were included in
+  the `AuthenticatorAttestatationResponse`. To get transports passed through,
+  call `PublicKeyCredential.response.getTransports()` on the client side after
+  successful registration, and add the result as the property
+  `response.transports` in the JSON passed into
+  `PublicKeyCredential.parseRegistrationResponseJson`. See the project README
+  for an example.
+* Added support for the `appidExclude`, `credProps`, `largeBlob` and `uvm`
+  extensions.
+* Added support for the new `authenticatorSelectionCriteria.residentKey` option:
+ ** Added method
+    `AuthenticatorSelectionCriteria.builder().residentKey(ResidentKeyRequirement)`.
+ ** Added method `AuthenticatorSelectionCriteria.getResidentKey()`.
+ ** Methods `builder().requireResidentKey(boolean)` and `isRequireResidentKey()`
+    deprecated in favor of the above two new methods.
+ ** The builder methods `requireResidentKey(boolean)` and
+    `residentKey(ResidentKeyRequirement)` both control one shared setting, which
+    sets both the `requireResidentKey` and `residentKey` options simultaneously
+    and in agreement with each other for backwards compatibility with older
+    browsers.
+* Added methods `PublicKeyCredentialCreationOptions.toCredentialsCreateJson()`,
+  `PublicKeyCredentialRequestOptions.toCredentialsGetJson()` and
+  `AssertionRequest.toCredentialsGetJson()` for serializing to JSON without
+  having to use Jackson directly.
+* Added methods `PublicKeyCredentialCreationOptions.toJson()` and
+  `.fromJson(String)` suitable for encoding to and decoding from JSON.
+* Added methods `AssertionRequest.toJson()` and `.fromJson(String)` suitable for
+  encoding to and decoding from JSON.
+* Added methods `StartAssertionOptions.builder().userHandle(ByteArray)` and
+  `.userHandle(Optional<ByteArray>)` as alternatives to `.username(String)` and
+  `.username(Optional<String>)`. The `userHandle` methods fill the same function
+  as, and are mutually exclusive with, the `username` methods.
+
+Fixes:
+
+* Added missing JavaDoc for `id` and `name` methods of initial
+  `RelyingPartyIdentityBuilder` stages.
+* Added and improved JavaDoc for required builder methods.
+* Javadoc for `TokenBindingInfo.id` incorrectly stated that the value is
+  base64url encoded.
+* Javadoc for `TokenBindingStatus.PRESENT` incorrectly referenced its own
+  (private) `id` member instead of `TokenBindingInfo.id`.
+* Improved JavaDoc for `StartRegistrationOptions.authenticatorSelection`
+* Improved JavaDoc for `RelyingParty.appid`
+* Make the `RelyingParty.validateSignatureCounter` JavaDoc also cover the
+  success case where stored and received signature count are both zero.
+
+
 == Version 1.10.1 ==
 
 webauthn-server-attestation: