saml - npm Package Compare versions
Comparing version 0.15.0 to 1.0.0
@@ -5,2 +5,21 @@ # Changelog | ||
| ## [1.0.0](https://github.com/auth0/node-saml/compare/v0.15.0...v1.0.0) (2020-11-04) | ||
| ### ⚠ BREAKING CHANGES | ||
| * update xml-crypto and xmldom dependencies to fix sec issues | ||
| * stop supporting node v4 and v8 | ||
| * xml-encryption major version bump, fix typo in config property | ||
| from `keyEncryptionAlgorighm` to `keyEncryptionAlgorithm` consumed by | ||
| new xml-encryption library version. | ||
| ### Features | ||
| * fix sec issues with dependencies ([06acc02](https://github.com/auth0/node-saml/commit/06acc0238d7161c123f2f6924aa9f5984a5a2f32)) | ||
| * update xml-crypto and xmldom dependencies to fix sec issues ([772c30e](https://github.com/auth0/node-saml/commit/772c30e4333d0af0e783c163e371c49ec0386c23)) | ||
| * remove node v4 and v8 in travis configuration ([d8c62af](https://github.com/auth0/node-saml/commit/d8c62af972e6c6edbc052fafed749b254e73569c)) | ||
| ## [0.15.0](https://github.com/auth0/node-saml/compare/v0.13.0...v0.15.0) (2020-10-01) | ||
@@ -7,0 +26,0 @@ |
@@ -58,3 +58,3 @@ var path = require('path'); | ||
| * @param [options.encryptionAlgorithm] {string} | ||
| * @param [options.keyEncryptionAlgorighm] {string} | ||
| * @param [options.keyEncryptionAlgorithm] {string} | ||
| * | ||
@@ -92,3 +92,3 @@ * @param {Function} [callback] required if encrypting | ||
| * @param [options.encryptionAlgorithm] {string} | ||
| * @param [options.keyEncryptionAlgorighm] {string} | ||
| * @param [options.keyEncryptionAlgorithm] {string} | ||
| * | ||
@@ -95,0 +95,0 @@ * @param {Function} [callback] required if encrypting |
@@ -97,3 +97,3 @@ var path = require('path'); | ||
| * @param [options.encryptionAlgorithm] {string} | ||
| * @param [options.keyEncryptionAlgorighm] {string} | ||
| * @param [options.keyEncryptionAlgorithm] {string} | ||
| * | ||
@@ -137,3 +137,3 @@ * @param {Function} [callback] required if encrypting | ||
| * @param [options.encryptionAlgorithm] {string} | ||
| * @param [options.keyEncryptionAlgorighm] {string} | ||
| * @param [options.keyEncryptionAlgorithm] {string} | ||
| * | ||
@@ -140,0 +140,0 @@ * @param {Function} [callback] required if encrypting |
@@ -13,3 +13,3 @@ var xmlenc = require('xml-encryption'); | ||
| encryptionAlgorithm: options.encryptionAlgorithm || 'http://www.w3.org/2001/04/xmlenc#aes256-cbc', | ||
| keyEncryptionAlgorighm: options.keyEncryptionAlgorighm || 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p', | ||
| keyEncryptionAlgorithm: options.keyEncryptionAlgorithm || 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p', | ||
| }; | ||
@@ -16,0 +16,0 @@ |
| { | ||
| "name": "saml", | ||
| "version": "0.15.0", | ||
| "version": "1.0.0", | ||
| "devDependencies": { | ||
| "@commitlint/cli": "^9.1.2", | ||
| "@commitlint/config-conventional": "^9.1.2", | ||
| "@commitlint/cli": "^11.0.0", | ||
| "@commitlint/config-conventional": "^11.0.0", | ||
| "chai": "^4.2.0", | ||
| "husky": "^4.3.0", | ||
| "mocha": "3.5.3", | ||
| "mocha": "^8.2.0", | ||
| "should": "~1.2.1", | ||
@@ -25,6 +25,6 @@ "standard-version": "^9.0.0" | ||
| "valid-url": "~1.0.9", | ||
| "xml-crypto": "~1.0.1", | ||
| "xml-encryption": "0.11.2", | ||
| "xml-crypto": "2.0.0", | ||
| "xml-encryption": "^1.2.1", | ||
| "xml-name-validator": "~2.0.1", | ||
| "xmldom": "=0.1.15", | ||
| "xmldom": "0.1.17", | ||
| "xpath": "0.0.5" | ||
@@ -31,0 +31,0 @@ }, |
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.95%
85757
- Number of low quality alerts
- decreased by-50%
1
Worsened metrics
- Number of medium supply chain risk alerts
- increased byInfinity%
1
Dependency changes
+ Added@xmldom/xmldom@0.7.13(transitive)
+ Addedescape-html@1.0.3(transitive)
+ Addednode-forge@0.10.0(transitive)
+ Addedxml-crypto@2.0.0(transitive)
+ Addedxml-encryption@1.3.0(transitive)
+ Addedxmldom@0.1.17(transitive)
+ Addedxpath@0.0.32(transitive)
- Removedasync@2.6.4(transitive)
- Removedejs@2.7.4(transitive)
- Removedlodash@4.17.21(transitive)
- Removednode-forge@0.7.6(transitive)
- Removedxml-crypto@1.0.2(transitive)
- Removedxml-encryption@0.11.2(transitive)
- Removedxpath.js@1.1.0(transitive)
Updatedxml-crypto@2.0.0
Updatedxml-encryption@^1.2.1
Updatedxmldom@0.1.17