Releases: auth0/passport-auth0
Releases · auth0/passport-auth0
v1.4.5
Security
- Bump serialize-javascript and mocha #208 (dependabot[bot])
- Bump axios from 1.7.4 to 1.12.0 #207 (dependabot[bot])
- Bump form-data from 4.0.0 to 4.0.4 #206 (dependabot[bot])
- Bump braces from 3.0.2 to 3.0.3 #191 (dependabot[bot])
- Bump follow-redirects from 1.15.5 to 1.15.6 #190 (dependabot[bot])
- Bump follow-redirects from 1.15.0 to 1.15.4 #183 (dependabot[bot])
v1.4.4
Security
- bump axios to latest version #176 (frederikprijck)
v1.4.3
Fixed
- Add missing commas so that "use strict" works #161 (jimrandomh)
v1.4.2
v1.4.1
Changed
Replace request with axios #144 (frederikprijck)
v1.3.3
Closed issues
- Having a session is now required#107
Fixed
- Allow sessionless authentication #120 (davidpatrick)
Security
- Fixed dependency vulnerability in Mocha #121 (davidpatrick)
v1.3.2
Closed issues
- 1.2.1 -> 1.3.1 upgrade causes "Cannot read property 'scope' of undefined" #107
- TypeError: Cannot read property 'authParams' of undefined #106
- Cannot read property 'split' of undefined in Profile.js with GSuite login #105
Fixed
- Remove ID token
iatvalue check #109 (joshcanhelp) - Fix missing ID causing cannot read error #109 (joshcanhelp)
- Guard against undefined parameter access #108 (pihvi)
v1.3.1
v1.3.0
Added
- Improved OIDC compliance #97 (davidpatrick)
Security
- Update
lodashpackage to address security vulnerabilities #94 (https://github.com/is2ei) - Update
requestpackage to address security vulnerabilities with dependencycryptiles#98 (davidpatrick)
v1.2.1
Closed issues
- Strategy constructor mutates options argument #91
- Infinite redirect loop, "Invalid authorization request state." #89
- could I use cookie-session instead of express-session? #87
Fixed
- Fix strategy constructor to not mutate options argument #92 (naptowncode)