node-http-signature changelog
1.1.1
Version of dependency
assert-plus
updated: old version was missing some license informationCorrected examples in
http_signing.md
, added auto-tests to automatically validate these examples
1.1.0
Bump version of
sshpk
dependency, remove peerDependency on it since it now supports exchanging objects between multiple versions of itself where possible
1.0.2
Bump min version of
jsprim
dependency, to include fixes for using http-signature withbrowserify
1.0.1
Bump minimum version of
sshpk
dependency, to include fixes for whitespace tolerance in key parsing.
1.0.0
First semver release.
#36: Ensure verifySignature does not leak useful timing information
#42: Bring the library up to the latest version of the spec (including the request-target changes)
Support for ECDSA keys and signatures.
Now uses
sshpk
for key parsing, validation and conversion.Fixes for #21, #47, #39 and compatibility with node 0.8
0.11.0
Split up HMAC and Signature verification to avoid vulnerabilities where a key intended for use with one can be validated against the other method instead.
0.10.2
Updated versions of most dependencies.
Utility functions exported for PEM => SSH-RSA conversion.
Improvements to tests and examples.
Last updated