Fix.

2025-04-21 10:26:46 +00:00 · 2019-07-30 13:41:05 -04:00 · 2019-07-30 13:41:05 -04:00 · c1a589c5b6
commit c1a589c5b6
parent 596a6da241
7078 changed files with 1882834 additions and 319 deletions
--- a/node_modules/http-signature/CHANGES.md
+++ b/node_modules/http-signature/CHANGES.md
@ -0,0 +1,46 @@
+# node-http-signature changelog
+
+## 1.1.1
+
+- Version of dependency `assert-plus` updated: old version was missing
+  some license information
+- Corrected examples in `http_signing.md`, added auto-tests to
+  automatically validate these examples
+
+## 1.1.0
+
+- Bump version of `sshpk` dependency, remove peerDependency on it since
+  it now supports exchanging objects between multiple versions of itself
+  where possible
+
+## 1.0.2
+
+- Bump min version of `jsprim` dependency, to include fixes for using
+  http-signature with `browserify`
+
+## 1.0.1
+
+- Bump minimum version of `sshpk` dependency, to include fixes for
+  whitespace tolerance in key parsing.
+
+## 1.0.0
+
+- First semver release.
+- #36: Ensure verifySignature does not leak useful timing information
+- #42: Bring the library up to the latest version of the spec (including the 
+       request-target changes)
+- Support for ECDSA keys and signatures.
+- Now uses `sshpk` for key parsing, validation and conversion.
+- Fixes for #21, #47, #39 and compatibility with node 0.8
+
+## 0.11.0
+
+- Split up HMAC and Signature verification to avoid vulnerabilities where a
+  key intended for use with one can be validated against the other method
+  instead.
+
+## 0.10.2
+
+- Updated versions of most dependencies.
+- Utility functions exported for PEM => SSH-RSA conversion.
+- Improvements to tests and examples.