Releases: fastify/csrf-protection
Releases · fastify/csrf-protection
v5.0.0
What's Changed
- Bump sinon from 13.0.2 to 14.0.0 by @dependabot in #88
- ci: migrate to fastify reusable workflow by @Fdawgs in #90
- fix: module rename namespace cleanup in README by @DRoet in #91
- docs(readme): remove snyk badge by @Fdawgs in #93
New Contributors
Full Changelog: v4.0.0...v5.0.0
Contributors
DRoet, dependabot, and Fdawgs
Assets 2
v4.0.1
What's Changed
- Bump sinon from 13.0.2 to 14.0.0 by @dependabot in #88
- ci: migrate to fastify reusable workflow by @Fdawgs in #90
- fix: module rename namespace cleanup in README by @DRoet in #91
- fix: revert fastify 4 by @climba03003 in #92
New Contributors
- @DRoet made their first contribution in #91
- @climba03003 made their first contribution in #92
Full Changelog: v4.0.0...v4.0.1
Contributors
DRoet, climba03003, and 2 other contributors
Assets 2
v4.0.0
What's Changed
- Bump sinon from 10.0.1 to 11.0.0 by @dependabot in #52
- Bump fastify/github-action-merge-dependabot from 2.0.0 to 2.1.0 by @dependabot in #53
- Bump tsd from 0.15.1 to 0.16.0 by @dependabot in #54
- Bump fastify/github-action-merge-dependabot from 2.1.0 to 2.1.1 by @dependabot in #55
- Bump tsd from 0.16.0 to 0.17.0 by @dependabot in #56
- Bump actions/setup-node from 2.1.5 to 2.2.0 by @dependabot in #57
- Bump @types/node from 15.14.1 to 16.0.0 by @dependabot in #58
- Bump fastify/github-action-merge-dependabot from 2.1.1 to 2.2.0 by @dependabot in #59
- Bump actions/setup-node from 2.2.0 to 2.3.0 by @dependabot in #60
- Bump actions/setup-node from 2.3.0 to 2.3.1 by @dependabot in #61
- Bump actions/setup-node from 2.3.1 to 2.3.2 by @dependabot in #62
- Bump actions/setup-node from 2.3.2 to 2.4.0 by @dependabot in #63
- Bump fastify/github-action-merge-dependabot from 2.2.0 to 2.3.0 by @dependabot in #64
- Bump fastify/github-action-merge-dependabot from 2.3.0 to 2.4.0 by @dependabot in #65
- Bump fastify/github-action-merge-dependabot from 2.4.0 to 2.5.0 by @dependabot in #66
- Bump actions/setup-node from 2.4.0 to 2.4.1 by @dependabot in #67
- Bump tsd from 0.17.0 to 0.18.0 by @dependabot in #68
- Bump fastify-secure-session from 2.3.1 to 3.0.0 by @dependabot in #69
- Bump sinon from 11.1.2 to 12.0.0 by @dependabot in #70
- Bump tsd from 0.18.0 to 0.19.0 by @dependabot in #71
- Bump fastify/github-action-merge-dependabot from 2.5.0 to 2.6.0 by @dependabot in #72
- build(dependabot): ignore minor and patch github-actions updates by @Fdawgs in #73
- Bump fastify/github-action-merge-dependabot from 2.6.0 to 2.7.0 by @dependabot in #74
- Bump fastify/github-action-merge-dependabot from 2.7.0 to 2.7.1 by @dependabot in #75
- Bump @types/node from 16.11.14 to 17.0.0 by @dependabot in #77
- automatic PR by @Eomm in #78
- Bump http-errors from 1.8.1 to 2.0.0 by @dependabot in #79
- build: reduce dependabot update frequency by @Fdawgs in #81
- Bump sinon from 12.0.1 to 13.0.0 by @dependabot in #82
- Bump actions/setup-node from 2 to 3 by @dependabot in #83
- Bump tap from 15.2.3 to 16.0.0 by @dependabot in #84
- Bump actions/checkout from 2 to 3 by @dependabot in #85
- Bump tsd from 0.19.1 to 0.20.0 by @dependabot in #86
- Bump standard from 16.0.4 to 17.0.0 by @dependabot in #87
- Updated to Fastify v4 by @mcollina in #89
New Contributors
Full Changelog: v3.1.0...v4.0.0
Contributors
mcollina, Eomm, and 2 other contributors
Assets 2
v3.1.0
📚 PR:
- Update README.md (#33)
- Clarify the security implication of using this module in the README (#34)
- Fix typo (#35)
- ci(dependabot): update github actions (#37)
- Bump fastify/github-action-merge-dependabot from v1 to v2.0.0 (#39)
- Bump tap from 14.11.0 to 15.0.0 (#42)
- Bump sinon from 9.2.4 to 10.0.0 (#38)
- Bump @types/node from 14.14.42 to 15.0.0 (#46)
- Bump tsd from 0.14.0 to 0.15.0 (#48)
- Bump actions/setup-node from 1 to 2.1.5 (#50)
- Bump actions/checkout from 2 to 2.3.4 (#49)
- ci: add nodejs v16 to test matrix (#47)
- docs(readme): minor grammar changes (#44)
- chore(gitignore): use latest github ignore template (#36)
- chore: ci updates and style change (#43)
- Support userInfo (#51)
v3.0.1
v3.0.0
📚 PR:
- chore: create dependabot config
- Update node.js.yml
- Merge pull request #22 from salmanm/dependabot-automerge
- Bump standard from 14.3.4 to 16.0.3
- Merge pull request #23 from fastify/dependabot/npm_and_yarn/standard-16.0.3
- Bump fastify-plugin from 2.3.4 to 3.0.0
- Merge pull request #24 from fastify/dependabot/npm_and_yarn/fastify-plugin-3.0.0
- Bump tsd from 0.13.1 to 0.14.0
- Merge pull request #25 from fastify/dependabot/npm_and_yarn/tsd-0.14.0
- feat: safe defaults (#26)
This release fixes CVE: CVE-2020-28482.
Credits for the vulnerability findings go to Xhelal Likaj (email address: xhelallikaj20@gmail.com).