分支自 ard/ruoyi-api
编辑 | blame | 历史 | 原始文档

node-http-signature changelog

1.1.1

  • Version of dependency assert-plus updated: old version was missing
    some license information
  • Corrected examples in http_signing.md, added auto-tests to
    automatically validate these examples

1.1.0

  • Bump version of sshpk dependency, remove peerDependency on it since
    it now supports exchanging objects between multiple versions of itself
    where possible

1.0.2

  • Bump min version of jsprim dependency, to include fixes for using
    http-signature with browserify

1.0.1

  • Bump minimum version of sshpk dependency, to include fixes for
    whitespace tolerance in key parsing.

1.0.0

  • First semver release.

  • 36: Ensure verifySignature does not leak useful timing information

  • 42: Bring the library up to the latest version of the spec (including the

    request-target changes)
  • Support for ECDSA keys and signatures.
  • Now uses sshpk for key parsing, validation and conversion.
  • Fixes for #21, #47, #39 and compatibility with node 0.8

0.11.0

  • Split up HMAC and Signature verification to avoid vulnerabilities where a
    key intended for use with one can be validated against the other method
    instead.

0.10.2

  • Updated versions of most dependencies.
  • Utility functions exported for PEM => SSH-RSA conversion.
  • Improvements to tests and examples.