jsonwebtoken/CHANGELOG.md

# Changelog

## 7.2.0 (2020-06-30)

- Add `dangerous_insecure_decode` to replace `dangerous_unsafe_decode`, which is now deprecated
- Add `dangerous_insecure_decode_with_validation`

## 7.1.2 (2020-06-16)

- Derive `Hash` for `Header` and `Algorithm`

## 7.1.1 (2020-06-09)

- Update dependencies

## 7.1.0 (2020-03-01)

- Add `into_static` to `DecodingKey` for easier re-use

# 7.0.0 (2020-01-28)

- Add support for PS256, PS384 and PS512
- Add support for verifying with modulus/exponent components for RSA
- Update to 2018 edition
- Changed aud field type in Validation to `Option<HashSet<String>>`.  Audience 
  validation now tests for "any-of-these" audience membership.
- Add support for keys in PEM format
- Add EncodingKey/DecodingKey API to improve performance and UX

## 6.0.1 (2019-05-10)

- Fix Algorithm mapping in FromStr for RSA

## 6.0.0 (2019-04-21)

- Update Ring to 0.14
- Remove `iat` check to match the JWT spec
- Add ES256 and ES384 signing decoding

## 5.0.1 (2018-09-10)

- Add implementation of FromStr for Algorithm

## 5.0.0 (2018-08-13)

- Update ring
- Change error handling to be based on simple struct/enum rather than error-chain
- Fix validations not being called properly in some cases
- Default validation is not checking `iat` and `nbf` anymore

## 4.0.1 (2018-03-19)

- Add method to decode a token without signature verification

## 4.0.0 (2017-11-22)

### Breaking changes

- Make it mandatory to specify the algorithm in `decode`

## 3.0.0 (2017-09-08)

### Breaking changes
- Remove `validate_signature` from `Validation`, use `decode_header` instead if you don't know the alg used
- Make `typ` optional in header, some providers apparently don't use it

### Others

- Update ring & error-chain
- Fix documentation about `leeway` being in seconds and not milliseconds
- Add `decode_header` to only decode the header: replaces the use case of `validate_signature`

## 2.0.3 (2017-07-18)

- Make `TokenData` public

## 2.0.2 (2017-06-24)

- Update ring & chrono

## 2.0.1 (2017-05-09)

- Update ring

## 2.0.0 (2017-04-23)

- Use Serde instead of rustc_serialize
- Add RSA support
- API overhaul, see README for new usage
- Add validation
- Update all dependencies

## Previous

- 1.1.7: update ring
- 1.1.6: update ring
- 1.1.5: update ring version
- 1.1.4: use ring instead of rust-crypto
- 1.1.3: Make sign and verify public
- 1.1.2: Update rust-crypto to 0.2.35
- 1.1.1: Don't serialize empty fields in header
- 1.1.0: Impl Error for jsonwebtoken errors
- 1.0: Initial release
RSA working 2017-04-10 23:40:01 -04:00			`# Changelog`

Prepare for 7.2.0 (#143) 2020-06-30 15:25:25 -04:00			`## 7.2.0 (2020-06-30)`

			- Add `dangerous_insecure_decode` to replace `dangerous_unsafe_decode`, which is now deprecated
			- Add `dangerous_insecure_decode_with_validation`

v7.1.2 2020-06-16 06:07:08 -04:00			`## 7.1.2 (2020-06-16)`

			- Derive `Hash` for `Header` and `Algorithm`

Update for 7.1.1 (#134) 2020-06-09 16:00:37 -04:00			`## 7.1.1 (2020-06-09)`

			`- Update dependencies`

			`## 7.1.0 (2020-03-01)`
Prepare for 7.1.0 2020-03-01 13:58:18 -05:00
			- Add `into_static` to `DecodingKey` for easier re-use

Prepare for release 2020-01-28 21:18:21 -05:00			`# 7.0.0 (2020-01-28)`
Start work on 7.0.0 2019-05-25 11:51:31 -04:00
Update changelog 2019-06-16 12:03:21 -04:00			`- Add support for PS256, PS384 and PS512`
Add support for modulus/exponent 2019-07-13 11:43:44 -04:00			`- Add support for verifying with modulus/exponent components for RSA`
Update to edition 2018 2019-07-06 14:36:32 -04:00			`- Update to 2018 edition`
markedown edit to changelog 2019-10-27 15:16:43 -04:00			- Changed aud field type in Validation to `Option<HashSet<String>>`. Audience
added update to aud type and aud validation 2019-10-27 15:14:52 -04:00			`validation now tests for "any-of-these" audience membership.`
Reorganise tests 2019-11-03 10:36:19 -05:00			`- Add support for keys in PEM format`
Prepare for release 2020-01-28 21:18:21 -05:00			`- Add EncodingKey/DecodingKey API to improve performance and UX`
Update changelog 2019-06-16 12:03:21 -04:00
Release new version 2019-05-10 19:49:31 -04:00			`## 6.0.1 (2019-05-10)`

			`- Fix Algorithm mapping in FromStr for RSA`

Add release date 2019-04-21 04:13:32 -04:00			`## 6.0.0 (2019-04-21)`
Start on v6 2019-02-04 12:35:39 -05:00
Update base64 2019-02-04 12:39:46 -05:00			`- Update Ring to 0.14`
Remove iat validation, it isnt supposed to be done 2019-02-04 12:44:08 -05:00			- Remove `iat` check to match the JWT spec
Update some things for v6 2019-03-22 04:40:08 -04:00			`- Add ES256 and ES384 signing decoding`
Start on v6 2019-02-04 12:35:39 -05:00
Release 5.0.1 2018-09-10 06:43:45 -04:00			`## 5.0.1 (2018-09-10)`

			`- Add implementation of FromStr for Algorithm`

Releasing v5 today 2018-08-13 10:06:55 -04:00			`## 5.0.0 (2018-08-13)`
Remove error-chain Fix #52, #56, #57 2018-07-25 08:43:58 -04:00
			`- Update ring`
			`- Change error handling to be based on simple struct/enum rather than error-chain`
Fix validation not working properly Close #51 2018-07-25 09:42:00 -04:00			`- Fix validations not being called properly in some cases`
			- Default validation is not checking `iat` and `nbf` anymore
Remove error-chain Fix #52, #56, #57 2018-07-25 08:43:58 -04:00
Update base64 2018-03-19 07:30:37 -04:00			`## 4.0.1 (2018-03-19)`

Remove error-chain Fix #52, #56, #57 2018-07-25 08:43:58 -04:00			`- Add method to decode a token without signature verification`

v4.0.0 2017-11-22 11:25:46 -05:00			`## 4.0.0 (2017-11-22)`

			`### Breaking changes`

			- Make it mandatory to specify the algorithm in `decode`

v3.0 2017-09-08 03:23:15 -04:00			`## 3.0.0 (2017-09-08)`
Remove validate_signature option and add decode_header 2017-08-25 04:48:53 -04:00
v4.0.0 2017-11-22 11:25:46 -05:00			`### Breaking changes`
Update error-chain and make typ public 2017-09-07 03:46:40 -04:00			- Remove `validate_signature` from `Validation`, use `decode_header` instead if you don't know the alg used
Make typ an Option in Header 2017-08-25 04:51:44 -04:00			- Make `typ` optional in header, some providers apparently don't use it
Remove validate_signature option and add decode_header 2017-08-25 04:48:53 -04:00
Update ring and fix leeway docs 2017-08-30 05:09:57 -04:00			`### Others`

Update error-chain and make typ public 2017-09-07 03:46:40 -04:00			`- Update ring & error-chain`
Update ring and fix leeway docs 2017-08-30 05:09:57 -04:00			- Fix documentation about `leeway` being in seconds and not milliseconds
Remove validate_signature option and add decode_header 2017-08-25 04:48:53 -04:00			- Add `decode_header` to only decode the header: replaces the use case of `validate_signature`

v2.0.3 2017-07-18 07:38:46 -04:00			`## 2.0.3 (2017-07-18)`

			- Make `TokenData` public

Update changelog and base64 2017-06-24 02:18:07 -04:00			`## 2.0.2 (2017-06-24)`

			`- Update ring & chrono`

Update changelog 2017-05-09 02:49:39 -04:00			`## 2.0.1 (2017-05-09)`

			`- Update ring`

Update base64 crate 2017-04-23 01:14:26 -04:00			`## 2.0.0 (2017-04-23)`
RSA working 2017-04-10 23:40:01 -04:00
			`- Use Serde instead of rustc_serialize`
			`- Add RSA support`
Update base64 crate 2017-04-23 01:14:26 -04:00			`- API overhaul, see README for new usage`
			`- Add validation`
			`- Update all dependencies`
RSA working 2017-04-10 23:40:01 -04:00
			`## Previous`

			`- 1.1.7: update ring`
			`- 1.1.6: update ring`
			`- 1.1.5: update ring version`
			`- 1.1.4: use ring instead of rust-crypto`
			`- 1.1.3: Make sign and verify public`
			`- 1.1.2: Update rust-crypto to 0.2.35`
			`- 1.1.1: Don't serialize empty fields in header`
			`- 1.1.0: Impl Error for jsonwebtoken errors`
			`- 1.0: Initial release`