From e356bb60400f336d5e0abcef751f6a23fd78b444 Mon Sep 17 00:00:00 2001 From: Tim Rudat Date: Tue, 3 May 2022 22:55:59 +0200 Subject: [PATCH] Prepare release v2.4.0-beta1 --- AUTHORS | 113 ++++++++++++++++++++++++--------------------- CHANGELOG.md | 48 +++++++++++++++++++ lib/jwt/version.rb | 4 +- 3 files changed, 110 insertions(+), 55 deletions(-) diff --git a/AUTHORS b/AUTHORS index 90e08a7d..c0be88c3 100644 --- a/AUTHORS +++ b/AUTHORS @@ -1,6 +1,6 @@ Tim Rudat -Jeff Lindsay Joakim Antman +Jeff Lindsay A.B shields Bob Aman @@ -11,102 +11,109 @@ Nikita Shatov Paul Battley Oliver blackanger -Adam Michael -James Stonehill Ville Lautanala Tyler Pickett -Peter M. Goldstein +James Stonehill +Adam Michael Martin Emde +Saverio Trioni +Peter M. Goldstein Korstiaan de Ridder Richard Larocque Andrew Davis -Bill Mill Yason Khaburzaniya -Steve Sloan +Klaas Jan Wierenga Nick Hammond +Bart de Water +Steve Sloan Antonis Berkakis -Klaas Jan Wierenga -yann ARMAND -Brian Flethcer -Erik Michaels-Ober -Jurriaan Pruis +Bill Mill Kevin Olbrich -Larry Lv -Rodrigo López Dato Simon Fish -Steven Davidovitz -Tom Wey jb08 lukas +Rodrigo López Dato ojab +Ritikesh sawyerzhang +Larry Lv smudge wohlgejm -Julio Lopez -Katelyn Kasperowicz -fusagiko/takayamaki -Dorian Marié -rono23 -Leonardo Saraiva -Lowell Kirsh -Lucas Mazza -Makoto Chiba -Manuel Bustillo -Marco Adkins -Dave Grijalva -Micah Gates -Michał Begejowicz -Mike Eirih -Mike Pastore -Mingan -Mitch Birti -Dan Leyden +Tom Wey +yann ARMAND +Brian Flethcer +Jurriaan Pruis +Erik Michaels-Ober +Matthew Simpson +Steven Davidovitz Nicolas Leger -Brandon Keepers -Bouke van der Bijl -B Pierre Michard RahulBajaj -Austin Kabiru -Ritikesh Rob Wygand -Adam Greene Ryan Brushett Ryan McIlmoyl Ryan Metzler Severin Schoepke Shaun Guth -mai fujii -Artsiom Kuts Steve Teti -nycvotes-dev T.J. Schuck Taiki Sugawara Takehiro Adachi -Arnaud Mesureur Tobias Haar Toby Pinder -revodoge Tomé Duarte Travis Hunter -Ariel Salomon -Aman Gupta -Alexandr Kostrikov Yuji Yaginuma -Alexander Boyd Zuzanna Stolińska aarongray +danielgrippi +fusagiko/takayamaki +mai fujii +nycvotes-dev +revodoge +rono23 +antonmorant +Adam Greene +Alexander Boyd +Alexandr Kostrikov +Aman Gupta +Ariel Salomon +Arnaud Mesureur +Artsiom Kuts +Austin Kabiru +B +Bouke van der Bijl +Brandon Keepers +Dan Leyden +Dave Grijalva +Dmitry Pashkevich +Dorian Marié +Ernie Miller +Evgeni Golov +Ewoud Kohl van Wijngaarden HoneyryderChuck Igor Victor Ilyaaaaaaaaaaaaa Zhitomirskiy -Ewoud Kohl van Wijngaarden -Evgeni Golov Jens Hausherr Jeremiah Wuenschel -Ernie Miller John Downey Jordan Brough Josh Bodah JotaSe Juanito Fatas -danielgrippi +Julio Lopez +Katelyn Kasperowicz +Leonardo Saraiva +Lowell Kirsh +Loïc Lengrand +Lucas Mazza +Makoto Chiba +Manuel Bustillo +Marco Adkins +Meredith Leu +Micah Gates +Michał Begejowicz +Mike Eirih +Mike Pastore +Mingan +Mitch Birti diff --git a/CHANGELOG.md b/CHANGELOG.md index bc7d4c49..c5f45c3d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,52 @@ # Changelog +## [v2.4.0](https://github.com/jwt/ruby-jwt/tree/v2.4.0) (2022-05-03) + +[Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.3.0...v2.4.0) + +**Implemented enhancements:** + +- Ensure presence of claims [\#244](https://github.com/jwt/ruby-jwt/issues/244) +- Support verifying signature signed using x5c header [\#59](https://github.com/jwt/ruby-jwt/issues/59) +- Add x5c header key finder [\#338](https://github.com/jwt/ruby-jwt/pull/338) ([bdewater](https://github.com/bdewater)) + +**Security fixes:** + +- Importing JWK then exporting results in different `kid` [\#313](https://github.com/jwt/ruby-jwt/issues/313) + +**Closed issues:** + +- Is there a way to decode a ES256 encoded JWT with a root certificate but without a public key or a private key? [\#471](https://github.com/jwt/ruby-jwt/issues/471) +- Encode output with extra quote [\#469](https://github.com/jwt/ruby-jwt/issues/469) +- Please release new gem version [\#444](https://github.com/jwt/ruby-jwt/issues/444) +- HS512 signature verification fails for valid tokens [\#438](https://github.com/jwt/ruby-jwt/issues/438) +- ArgumentError: invalid base64 while calling JWT::JWK.import\(hash\) [\#361](https://github.com/jwt/ruby-jwt/issues/361) +- NoMethodError (undefined method `encode' for JsonWebToken:Module\) [\#329](https://github.com/jwt/ruby-jwt/issues/329) + +**Merged pull requests:** + +- Fix RuboCop TODOs [\#476](https://github.com/jwt/ruby-jwt/pull/476) ([typhoon2099](https://github.com/typhoon2099)) +- Update note about supported JWK types [\#475](https://github.com/jwt/ruby-jwt/pull/475) ([dpashkevich](https://github.com/dpashkevich)) +- Make specific algorithms in README linkable [\#472](https://github.com/jwt/ruby-jwt/pull/472) ([milieu](https://github.com/milieu)) +- Add tests for keyfinder logic to ensure the argument count does not matter [\#467](https://github.com/jwt/ruby-jwt/pull/467) ([anakinj](https://github.com/anakinj)) +- More tests for none token [\#466](https://github.com/jwt/ruby-jwt/pull/466) ([anakinj](https://github.com/anakinj)) +- Improve non algorithm tests [\#465](https://github.com/jwt/ruby-jwt/pull/465) ([anakinj](https://github.com/anakinj)) +- Bring back Ruby 2.5 support and CodeClimate coverage reports [\#464](https://github.com/jwt/ruby-jwt/pull/464) ([anakinj](https://github.com/anakinj)) +- Fix a little RuboCop issue [\#462](https://github.com/jwt/ruby-jwt/pull/462) ([anakinj](https://github.com/anakinj)) +- Fixes with latest RuboCop [\#459](https://github.com/jwt/ruby-jwt/pull/459) ([anakinj](https://github.com/anakinj)) +- Removed bundler-audit from codeclimate config [\#458](https://github.com/jwt/ruby-jwt/pull/458) ([anakinj](https://github.com/anakinj)) +- Updated rubocop to 1.23.0 [\#457](https://github.com/jwt/ruby-jwt/pull/457) ([anakinj](https://github.com/anakinj)) +- Add Ruby 3.1 to test matrix [\#456](https://github.com/jwt/ruby-jwt/pull/456) ([anakinj](https://github.com/anakinj)) +- Use Ruby built-in url-safe base64 methods [\#454](https://github.com/jwt/ruby-jwt/pull/454) ([bdewater](https://github.com/bdewater)) +- Stop running tests on EOL rubies. [\#453](https://github.com/jwt/ruby-jwt/pull/453) ([anakinj](https://github.com/anakinj)) +- Fix openssl gem version check to support versons greater than 3 [\#452](https://github.com/jwt/ruby-jwt/pull/452) ([anakinj](https://github.com/anakinj)) +- Readme: Typo fix re MissingRequiredClaim [\#451](https://github.com/jwt/ruby-jwt/pull/451) ([antonmorant](https://github.com/antonmorant)) +- Fix for exception after mergeing \#385 [\#450](https://github.com/jwt/ruby-jwt/pull/450) ([anakinj](https://github.com/anakinj)) +- Create CODE\_OF\_CONDUCT.md [\#449](https://github.com/jwt/ruby-jwt/pull/449) ([loic5](https://github.com/loic5)) +- Allow regular expressions and procs to verify issuer [\#437](https://github.com/jwt/ruby-jwt/pull/437) ([rewritten](https://github.com/rewritten)) +- Add Support to be able to verify from multiple keys [\#425](https://github.com/jwt/ruby-jwt/pull/425) ([ritikesh](https://github.com/ritikesh)) +- Define the secp256r1 curve [\#385](https://github.com/jwt/ruby-jwt/pull/385) ([anakinj](https://github.com/anakinj)) + ## [v2.3.0](https://github.com/jwt/ruby-jwt/tree/v2.3.0) (2021-10-03) [Full Changelog](https://github.com/jwt/ruby-jwt/compare/v2.2.3...v2.3.0) @@ -16,6 +63,7 @@ **Merged pull requests:** +- Release 2.3.0 [\#448](https://github.com/jwt/ruby-jwt/pull/448) ([excpt](https://github.com/excpt)) - Fix Style/MultilineIfModifier issues [\#447](https://github.com/jwt/ruby-jwt/pull/447) ([anakinj](https://github.com/anakinj)) - feat\(EdDSA\): Accept EdDSA as algorithm header [\#446](https://github.com/jwt/ruby-jwt/pull/446) ([Pierre-Michard](https://github.com/Pierre-Michard)) - Pass kid param through JWT::JWK.create\_from [\#445](https://github.com/jwt/ruby-jwt/pull/445) ([shaun-guth-allscripts](https://github.com/shaun-guth-allscripts)) diff --git a/lib/jwt/version.rb b/lib/jwt/version.rb index c3daa9c4..155d1838 100644 --- a/lib/jwt/version.rb +++ b/lib/jwt/version.rb @@ -11,11 +11,11 @@ module VERSION # major version MAJOR = 2 # minor version - MINOR = 3 + MINOR = 4 # tiny version TINY = 0 # alpha, beta, etc. tag - PRE = nil + PRE = 'beta1' # Build version string STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')