Socket
Socket
Sign inDemoInstall

http-signature

Package Overview
Dependencies
15
Maintainers
12
Versions
28
Alerts
File Explorer

Advanced tools

npm Scripts

Install Socket

Detect and block malicious and high-risk dependencies

Install
Previous13Next

1.1.0

Diff
arekinath
 published 1.1.0 •

Changelog

Source

1.1.0

  • Bump version of sshpk dependency, remove peerDependency on it since it now supports exchanging objects between multiple versions of itself where possible

1.0.2

Diff
arekinath
 published 1.0.2 •

Changelog

Source

1.0.2

  • Bump min version of jsprim dependency, to include fixes for using http-signature with browserify

1.0.1

Diff
arekinath
 published 1.0.1 •

Changelog

Source

1.0.1

  • Bump minimum version of sshpk dependency, to include fixes for whitespace tolerance in key parsing.

1.0.0

Diff
arekinath
 published 1.0.0 •

Changelog

Source

1.0.0

  • First semver release.
  • #36: Ensure verifySignature does not leak useful timing information
  • #42: Bring the library up to the latest version of the spec (including the request-target changes)
  • Support for ECDSA keys and signatures.
  • Now uses sshpk for key parsing, validation and conversion.
  • Fixes for #21, #47, #39 and compatibility with node 0.8

0.11.0

Diff
pfmooney
 published 0.11.0 •

Changelog

Source

0.11.0

  • Split up HMAC and Signature verification to avoid vulnerabilities where a key intended for use with one can be validated against the other method instead.

0.10.1

Diff
pfmooney
 published 0.10.1 •

0.10.0

Diff
mcavage
 published 0.10.0 •

0.9.11

Diff
mcavage
 published 0.9.11 •

0.9.10

Diff
mcavage
 published 0.9.10 •

0.9.9

Diff
mcavage
 published 0.9.9 •
Previous13Next
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc