Releases: nearform/fast-jwt
v6.1.0
What's Changed
- [OPTIC-RELEASE-AUTOMATION] release/v6.0.2 by @optic-release-automation[bot] in #564
- chore(deps-dev): bump @types/node from 22.15.32 to 24.0.3 by @dependabot[bot] in #565
- chore(deps-dev): bump tsd from 0.32.0 to 0.33.0 by @dependabot[bot] in #567
- chore: import crypto once by @ilteoood in #568
- chore: migrate to OIDC publishing for npm releases by @zibs in #569
- feat: expose TOKEN_ERROR_CODES and derive duplicated error code types from it by @wopian in #573
New Contributors
Full Changelog: v6.0.2...v6.1.0
Contributors
Assets 2
v6.0.2
What's Changed
- [OPTIC-RELEASE-AUTOMATION] release/v6.0.1 by @optic-release-automation in #557
- chore(deps-dev): bump tsd from 0.31.2 to 0.32.0 by @dependabot in #558
- docs: Add error handling section with examples by @simoneb in #561
- Fix: error constructor in declaration file by @atlowChemi in #562
New Contributors
- @atlowChemi made their first contribution in #562
Full Changelog: v6.0.1...v6.0.2
Contributors
Assets 2
v6.0.1
What's Changed
- [OPTIC-RELEASE-AUTOMATION] release/v6.0.0 by @optic-release-automation in #554
- feature: support negative expiresIn when signing tokens by @agubler in #556
Full Changelog: v6.0.0...v6.0.1
Contributors
Assets 2
v6.0.0
BREAKING CHANGES
This is a semver major release containing breaking changes to address more thoroughly the security vulnerability fixed in v5.0.6, which only fixed the vulnerability without introducing breaking changes.
This release takes it one step further by adhering more closely to the JWT specification.
More specifically, verification now expects all claims except for the aud claim to be single values, instead of supporting arrays of values.
This is a breaking change because JWTs containing claims in array format (with the exception of aud), now cause verification errors, while they were previously allowed.
What's Changed
- [OPTIC-RELEASE-AUTOMATION] release/v5.0.6 by @optic-release-automation in #551
- feat!: align claim validation to specification by @agubler in #553
New Contributors
Full Changelog: v5.0.6...v6.0.0
Contributors
Assets 2
v5.0.6
SECURITY RELEASE
This release contains a fix for GHSA-gm45-q3v2-6cf8.
Upgrading is strongly recommended.
Thanks to @tibrn for reporting, and @agubler for fixing it.
What's Changed
- [OPTIC-RELEASE-AUTOMATION] release/v5.0.5 by @optic-release-automation in #540
- chore: fix node 23 by @ilteoood in #541
- chore(deps): bump mnemonist from 0.39.8 to 0.40.0 by @dependabot in #544
- chore: add type for cacheKeyBuilder by @aheckmann in #546
- Mitata benchmark by @andolivieri-nf in #548
- Fix benchmarks with regards to jsonwebtoken performance by @Gobd in #535
New Contributors
- @aheckmann made their first contribution in #546
- @andolivieri-nf made their first contribution in #548
- @Gobd made their first contribution in #535
Full Changelog: v5.0.5...v5.0.6
Contributors
Assets 2
v5.0.5
What's Changed
- [OPTIC-RELEASE-AUTOMATION] release/v5.0.2 by @optic-release-automation in #525
- chore: upgrade deps by @ilteoood in #526
- Chore/types definition by @ilteoood in #527
- chore: fake timer by @ilteoood in #528
- Feat/generic signer verifier by @ilteoood in #529
- [OPTIC-RELEASE-AUTOMATION] release/v5.0.3 by @optic-release-automation in #530
- update nearform banner link by @msgadi in #533
- chore(deps-dev): bump eslint-config-prettier from 9.1.0 to 10.0.1 by @dependabot in #538
- [OPTIC-RELEASE-AUTOMATION] release/v5.0.4 by @optic-release-automation in #539
Full Changelog: v5.0.2...v5.0.5
Contributors
Assets 2
v5.0.2
What's Changed
- [OPTIC-RELEASE-AUTOMATION] release/v5.0.1 by @optic-release-automation in #523
- chore(types): Add missing input type for DecodedJwt and Updated input field to return decoded 'input' by @msgadi in #524
New Contributors
Full Changelog: v5.0.1...v5.0.2
Contributors
Assets 2
v5.0.1
What's Changed
- [OPTIC-RELEASE-AUTOMATION] release/v5.0.0 by @optic-release-automation in #515
- fix: return token as input property in verify when complete is true by @simoneb in #522
Full Changelog: v5.0.0...v5.0.1
Contributors
Assets 2
v5.0.0
Breaking changes
This version supports Node 20 and above
What's Changed
- [OPTIC-RELEASE-AUTOMATION] release/v4.0.5 by @optic-release-automation in #478
- chore(deps-dev): bump fastify from 4.28.1 to 5.0.0 by @dependabot in #483
- chore(deps-dev): bump cronometro from 3.0.2 to 4.0.0 by @dependabot in #495
- Chore/node test runner by @ilteoood in #502
- feat: deprecate use new crypto by @ilteoood in #508
- Chore/code improvements by @ilteoood in #509
- feat: LRU cache key by @ilteoood in #504
Full Changelog: v4.0.5...v5.0.0
Contributors
Assets 2
v4.0.5
What's Changed
- [OPTIC-RELEASE-AUTOMATION] release/v4.0.3 by @optic-release-automation in #473
- Extend JwtHeader to allow additional fields by @Akallabet in #476
- [OPTIC-RELEASE-AUTOMATION] release/v4.0.4 by @optic-release-automation in #477
New Contributors
- @Akallabet made their first contribution in #476
Full Changelog: v4.0.3...v4.0.5
