passport-saml
Advanced tools
Changelog
v3.1.0 (2021-06-17)
🐛 Bug Fixes
- [security] Limit transforms for signed nodes #595
- Fix: Conflicting profile properties between profile and attributes #593
- Fix validateInResponseTo null check #596
📚 Documentation
- Rebuild changelog for 3.0.0 #605
- Fix typo OnBefore -> NotBefore #611
- Update README with new Cache Provider interface #608
Changelog
v3.0.0 (2021-05-14)
💣 Major Changes
- Update all dependencies to latest #590
- Add Node 16 support; drop Node 10 #589
- Enforce more secure XML encryption #584
- Node saml separation #574
- Remove support for deprecated
privateCert#569 - Require cert for every strategy #548
🚀 Minor Changes
- Add optional setting to set a ceiling on how old a SAML response is allowed to be #577
- Move XML functions to utility module #571
- Improve the typing of the Strategy class hierarchy. #554
- Resolve XML-encoded carriage returns during signature validation #576
- Make sure CI builds test latest versions of dependencies #570
- Add WantAssertionsSigned #536
- Update xml-crypto to v2.1.1 #558
- Allow for authnRequestBinding in SAML options #529
🔗 Dependencies
- Update all packages to latest semver-minor #588
- Update xml-encryption to v1.2.3 #567
- Revert "Update xml-encryption to v1.2.3" #564
- Update xml-encryption to v1.2.3 #560
- bump xmldom to 0.5.x since all lower versions have security issue #551
🐛 Bug Fixes
- Fix incorrect import of compiled files in tests #572
📚 Documentation
- Remove deprecated field
privateCertfrom README, tests #591 - Add support for more tags in the changelog #592
- Changelog #587
- Create of Code of Conduct #573
- Update readme on using multiSamlStrategy #531
⚙️ Technical Tasks
- Fix lint npm script to match all files including in src/ #555
- remove old callback functions, tests use async/await #545
- Tests use typescript #534
- async / await in cache interface #532
- Format code and enforce code style on PR #527
- async/await for saml.ts #496