Releases: tngan/samlify
v2.8.1
v2.8.0
We have a great release candidate for v2.8.0 that support SimpleSign binding, contributed by @yanbilik's team.
This pre-release includes the following changes.
Support SAML response over HTTP-REDIRECT binding
Add Login Request/Response over HTTP-POST SimpleSign binding
Enable clock drifts parameters from IDP setting
Fix NameIDFormat extraction from IDP metadata
Add AttributeStatementTemplate, AttributeTemplate and LoginResponseAdditionalTemplates interfaces
Modify attributeStatementBuilder
Contributors
Assets 2
v2.8.0-rc1
We have a great release candidate for v2.8.0 that support SimpleSign binding, contributed by @yanbilik's team.
This pre-release includes the following changes.
- Support SAML response over HTTP-REDIRECT binding
- Add Login Request/Response over HTTP-POST SimpleSign binding
- Enable clock drifts parameters from IDP setting
- Fix NameIDFormat extraction from IDP metadata
- Add AttributeStatementTemplate, AttributeTemplate and LoginResponseAdditionalTemplates interfaces
- Modify attributeStatementBuilder
We will wait for feedback and enhancements, and include some more fixes before we release the final v2.8.0. Feel free to comment and give it a try.
Another great news will be released around September this year, and v3 white paper is under construction as well.
Happy hacking
v2.7.7
This patch release includes the following updates.
- Bump @authenio/xml-encrpytion to v1.2.4 (Pulled the latest upstream)
- Upgrade xmldom (CVE-2021-21366)
- #398 Filter out empty node when extracting attributes from xml metadata (@zengling-zingbox)
- #424 Fix type error in inflateString function (@smali-kazmi)
Please upgrade to v2.7.7 to get the latest secure patch.
v2.7.6
This patch includes an important security fix of xml-crypto package. See https://github.com/yaronn/xml-crypto/releases/tag/v2.0.0 for more detail.
#395 Bump xml-crypto version for security reason
#392 Update Auth0 sponsorship link (@Sambego)
#391 Added aes128-gcm in the data encryption algorithm list (@wanyunli)
#387 Update forked xml-encryption for security fix
v2.7.5
v2.7.4
This patch has an important fixes for the use case of rolling certificate, and the return type of one function has been updated which is the getX509Certificate, it would either return a string or a list of string for the use of multiple certificates in metadata.
We have also upgraded some of dependencies to the latest one, we also dropped the maintenance of Node.js v8 because the official life cycle is already ended, and we add v14 to the CI test environment.
We have also dropped the usage of synk, and using npm audit to do the vulnerability check.
#354 Separate the type with alias for entity type and its constructor
#361 Add back missing assignment of nameIDFormat
#363 Add allowCreate property to ServiceProviderSettings type (@nflaig)
#364 Fix for supporting rolling certificates with response signature
#369 Update dev dependencies and CI settings
Samlify is now under the Github sponsorship program, your support would motivate the enhancement and maintenance of the project.
See more https://github.com/sponsors/tngan.
v2.7.3
It's a small patch release with the following change.
#355 Use the latest version of xml-encryption and fix the webpack build (@shellscape)
Samlify is now under the Github sponsorship program, your support would motivate the enhancement and maintenance of the project.
See more https://github.com/sponsors/tngan.
v2.7.2
#344 Make optional for time verification of SessionNotOnOrAfter attributes (@fas3r)
#346 Fix code block on markdown page (@lacivert)
#351 Add missing property to sp settings type (@nflaig)
#352 Remove invalid index attribute from the nodes with EndpointType (@matthewsanders)
Samlify is now under the Github sponsorship program, your support would motivate the enhancement and maintenance of the project.
See more https://github.com/sponsors/tngan.
v2.7.1
This quick patch includes one change in order to remove an unnecessary runtime dependency snyk, and put it back to devDependencies list. Otherwise, the yarn.lock of application will include those unused packages.
Thanks for the report from @tgabi333.
Samlify is now under the Github sponsorship program, your support would motivate the enhancement and maintenance of the project.
See more https://github.com/sponsors/tngan.