Tags: jdreesen/jwt
Tags
### Release Notes for [5.3.0](https://github.com/lcobucci/jwt/milesto… …ne/53) This release ships a new validation constraint to assert that a private claim exists. ### 5.3.0 - Total issues resolved: **0** - Total pull requests resolved: **1** - Total contributors: **1** #### Improvement - [1053: Add constraint to verify the existence of a custom claim](lcobucci#1053) thanks to @freebuu
### Release Notes for [5.2.0](https://github.com/lcobucci/jwt/milesto… …ne/51) This release provides an API to ease key rotation procedures and dependency updates. ### 5.2.0 - Total issues resolved: **0** - Total pull requests resolved: **2** - Total contributors: **1** #### Improvement - [1033: Add support to validate against multiple keys](lcobucci#1033) thanks to @lcobucci - [1032: Remove requirement of core PHP extensions](lcobucci#1032) thanks to @lcobucci
### Release Notes for [5.1.0](https://github.com/lcobucci/jwt/milesto… …ne/48) This releases compatibility guarantees with PHP 8.3 and adds testing against PHP 8.4-dev. ### 5.1.0 - Total issues resolved: **1** - Total pull requests resolved: **8** - Total contributors: **4** #### Dependencies - [1030: Support PHP 8.3](lcobucci#1030) thanks to @javer #### renovate - [1025: Update all non-major dependencies](lcobucci#1025) thanks to @renovate[bot] - [1017: Update dependency phpstan/phpstan to v1.10.26](lcobucci#1017) thanks to @renovate[bot] - [1016: Update dependency lcobucci/coding-standard to v11](lcobucci#1016) thanks to @renovate[bot] - [1006: Lock file maintenance](lcobucci#1006) thanks to @renovate[bot] - [1004: Update all non-major dependencies](lcobucci#1004) thanks to @renovate[bot] - [1010: Fixed naming of `assertShouldRaiseExceptionWhenSignatureIsValid()`](lcobucci#1010) thanks to @rhertogh #### Improvement - [1002: Improve benchmarks](lcobucci#1002) thanks to @lcobucci
### Release Notes for [5.0.0](https://github.com/lcobucci/jwt/milesto… …ne/26) This release removes deprecated components, makes PHP 8.1 the minimum required version, and ships some API improvements. ### 5.0.0 - Total issues resolved: **2** - Total pull requests resolved: **25** - Total contributors: **9** #### Improvement - [1001: Support other PSR-20 implementations](lcobucci#1001) thanks to @lcobucci - [977: Builder fluent interface is confusing](lcobucci#977) thanks to @Slamdunk - [931: Make test assertion more strict](lcobucci#931) thanks to @peter279k - [880: PHP Version constraint: stick to tested versions only](lcobucci#880) thanks to @Slamdunk #### CI,Documentation - [1000: Update docs and CI files](lcobucci#1000) thanks to @lcobucci CI -- - [999: Use roave/backward-compatibility-check directly](lcobucci#999) thanks to @lcobucci #### Dependencies - [998: Update to PHPUnit 10](lcobucci#998) thanks to @Slamdunk - [906: Bump phpstan/phpdoc-parser from 1.7.0 to 1.8.0](lcobucci#906) thanks to @dependabot[bot] - [905: Bump nikic/php-parser from 4.14.0 to 4.15.1](lcobucci#905) thanks to @dependabot[bot] - [904: Bump phpstan/phpstan from 1.8.3 to 1.8.5](lcobucci#904) thanks to @dependabot[bot] - [902: Bump phpstan/phpstan-strict-rules from 1.4.2 to 1.4.3](lcobucci#902) thanks to @dependabot[bot] - [898: Bump phpstan/phpstan from 1.8.2 to 1.8.3](lcobucci#898) thanks to @dependabot[bot] #### Dependencies,Improvement - [988: Merge release 4.3.0 into 5.0.x](lcobucci#988) thanks to @github-actions[bot] - [960: Setup Renovate as a replacement for Dependabot](lcobucci#960) thanks to @Ocramius #### renovate - [984: Update dependency phpstan/phpstan to ^1.9.4](lcobucci#984) thanks to @renovate[bot] - [973: Update all non-major dependencies](lcobucci#973) thanks to @renovate[bot] #### Documentation - [981: &lcobucci#91;docs&lcobucci#93; Fix typo in code example comment](lcobucci#981) thanks to @LauLaman - [909: Clarify Ecdsa\Sha512::expectedKeyLength()](lcobucci#909) thanks to @enumag - [882: Fix typo: you must create a new token builder](lcobucci#882) thanks to @Slamdunk #### BC-break,Improvement - [979: Builder: make it immutable](lcobucci#979) thanks to @Slamdunk - [939: Remove empty Signer, empty Key, empty Signature, empty `string`s](lcobucci#939) thanks to @Slamdunk - [937: Remove `\Lcobucci\JWT\Signer\None`](lcobucci#937) thanks to @Slamdunk - [873: Use abstraction instead of concretion](lcobucci#873) thanks to @lcobucci - [872: Remove deprecated components](lcobucci#872) thanks to @lcobucci - [871: Require PHP 8.1+](lcobucci#871) thanks to @lcobucci - [969: 4.3.x merge up into 5.0.x](lcobucci#969) thanks to @lcobucci #### Improvement,Minor BC-break - [967: Make testing less painful](lcobucci#967) thanks to @lcobucci
### Release Notes for [4.3.0](https://github.com/lcobucci/jwt/milesto… …ne/43) Feature release (minor) ### 4.3.0 - Total issues resolved: **0** - Total pull requests resolved: **4** - Total contributors: **4** #### Dependencies,Improvement - [986: Allow `lcobucci/clock:^3.0` to be installed with `lcobucci/jwt:^4`](lcobucci#986) thanks to @Ocramius #### Improvement,Minor BC-break - [968: Deprecate Ecdsa create](lcobucci#968) thanks to @lcobucci #### Improvement - [938: Deprecate empty Signer, empty Key and empty Signature](lcobucci#938) thanks to @Slamdunk #### Documentation - [879: fix typo : you must create a new token builder,](lcobucci#879) thanks to @roxie-dev
### Release Notes for [4.2.1](https://github.com/lcobucci/jwt/milesto… …ne/42) This release fixes a documentation mistake. ### 4.2.1 - Total issues resolved: **0** - Total pull requests resolved: **1** - Total contributors: **1** #### Documentation,Minor BC-break - [874: Make method explicitly internal](lcobucci#874) thanks to @lcobucci
### Release Notes for [4.2.0](https://github.com/lcobucci/jwt/milesto… …ne/28) This release provides a high-level API, a new (non-standard) algorithm, and validation for key length requirements. The latter **is a minor BC-break for users that aren't following the RFC recommendations**. To contain the impact of the changes and give time for people to rotate keys, we have **deprecated** implementations that maintain the previous behaviour and allow unsafe keys. For more information, please read the [documentation[(https://lcobucci-jwt.readthedocs.io/en/4.2.0/supported-algorithms/). ### 4.2.0 - Total issues resolved: **3** - Total pull requests resolved: **15** - Total contributors: **7** #### Documentation - [866: Improve documentation](lcobucci#866) thanks to @lcobucci - [853: Add documentation for JwtFacade](lcobucci#853) thanks to @lcobucci - [768: Be more clear about adding validation constraints in the doc](lcobucci#768) thanks to @NicolasCARPi - [725: &lcobucci#91;docs&lcobucci#93; Clarify change in date-formats](lcobucci#725) thanks to @jaylinski #### Improvement - [865: Track constraint on violations](lcobucci#865) thanks to @lcobucci - [836: Key: require non-empty-string for factory methods too](lcobucci#836) thanks to @Slamdunk - [832: Add Blake2b signature algorithm](lcobucci#832) thanks to @Slamdunk - [827: Add constraint for private claim validation](lcobucci#827) thanks to @james-bw - [826: Add withClaim validation for custom claim validation](lcobucci#826) thanks to @james-bw - [759: Add simplified API](lcobucci#759) thanks to @Slamdunk #### Improvement,Minor BC-break,Security - [864: Fix ecdsa key size validation](lcobucci#864) thanks to @lcobucci - [855: Require minimum key size for OpenSSL keys](lcobucci#855) thanks to @Slamdunk - [854: Require minimum key size for RSA keys](lcobucci#854) thanks to @lcobucci - [835: Require minimum key size for HMAC algorithm](lcobucci#835) thanks to @Slamdunk - [833: Key: permit empty keys only with `::empty()` factory method](lcobucci#833) thanks to @Slamdunk #### Security - [789: Merge release 4.1.5 into 4.2.x](lcobucci#789) thanks to @github-actions[bot] - [704: Invalid signing with SHA256 alg using secp521r1 curve](lcobucci#704) thanks to @KartaviK CI -- - [657: Migrate to native dependabot](lcobucci#657) thanks to @lcobucci
### Release Notes for [4.1.5](https://github.com/lcobucci/jwt/milesto… …ne/37) This patch ships a minor security fix to prevent misuse of the `LocalFileReference` key. ### 4.1.5 - Total issues resolved: **0** - Total pull requests resolved: **1** - Total contributors: **1** #### Security - [788: Merge release 4.0.4 into 4.1.x](lcobucci#788) thanks to @github-actions[bot]
### Release Notes for [4.0.4](https://github.com/lcobucci/jwt/milesto… …ne/36) This patch ships a minor security fix to prevent misuse of the `LocalFileReference` key. ### 4.0.4 - Total issues resolved: **0** - Total pull requests resolved: **0** - Total contributors: **0**
PreviousNext