alu/tra-analysis

mirror of https://github.com/titanscouting/tra-analysis.git synced 2025-10-24 01:49:20 +00:00

Files

Jacob Levine d2d5d4c04e push all website files

2019-01-06 13:14:45 -06:00

1.4 KiB

Raw Blame History

Change Log

All notable changes to this project will be documented in this file.

[3.0.0]

Changed

BREAKING: jwt.verify now requires an algorithm parameter, and jws.createVerify requires an algorithm option. The "alg" field signature headers is ignored. This mitigates a critical security flaw in the library which would allow an attacker to generate signatures with arbitrary contents that would be accepted by jwt.verify. See https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/ for details.

2.0.0 - 2015-01-30

Changed

BREAKING: Default payload encoding changed from binary to utf8. utf8 is a is a more sensible default than binary because many payloads, as far as I can tell, will contain user-facing strings that could be in any language. (6b6de48)
Code reorganization, thanks @fearphage! (7880050)

Added

Option in all relevant methods for encoding. For those few users that might be depending on a binary encoding of the messages, this is for them. (6b6de48)