Skip to content

Commit

Permalink
Prepare release 4.2.0
Browse files Browse the repository at this point in the history
  • Loading branch information
pitbulk committed May 30, 2024
1 parent e15e32e commit d3b5172
Show file tree
Hide file tree
Showing 2 changed files with 84 additions and 5 deletions.
84 changes: 82 additions & 2 deletions CHANGELOG
Original file line number Diff line number Diff line change
@@ -1,8 +1,54 @@
CHANGELOG
=========


v4.2.0
* [#586](https://github.com/SAML-Toolkits/php-saml/pull/586) IdPMetadataParser::parseRemoteXML - Add argument for setting whether to validate peer SSL certificate
* [#585](https://github.com/SAML-Toolkits/php-saml/pull/585) Declare conditional return types
* [#577](https://github.com/SAML-Toolkits/php-saml/pull/577) Allow empty NameID value when no strict or wantNameId is false
* [#570](https://github.com/SAML-Toolkits/php-saml/pull/570) Support X509 cert comments
* [#569](https://github.com/SAML-Toolkits/php-saml/pull/569) Add parameter to exclude validUntil on SP Metadata XML
* [#551](https://github.com/SAML-Toolkits/php-saml/pull/551) Fix compatibility with proxies that extends HTTP_X_FORWARDED_HOST
* LogoutRequest and the LogoutResponse object to separate functions
* Make Saml2\Auth can accept a param $spValidationOnly
* Fix typos on readme.
* [#480](https://github.com/SAML-Toolkits/php-saml/pull/480) Fix typo on SPNameQualifier mismatch error message
* Remove unbound version constraints on xmlseclibs
* Update dependencies
* Fix test payloads
* Remove references to OneLogin.

v4.1.0
* Add pipe through for the $spValidationOnly setting in the Auth class.

v4.0.1
* Add compatibility with PHP 8.1
* [#487](https://github.com/SAML-Toolkits/php-saml/issues/487) Enable strict check on in_array method
* Add warning about Open Redirect and Reply attacks
* Add warning about the use of IdpMetadataParser class. If Metadata URLs
are provided by 3rd parties, the URL inputs MUST be validated to avoid issues like SSRF

v4.0.0
* [#467](https://github.com/onelogin/php-saml/issues/467) Fix bug on getSelfRoutedURLNoQuery method
* Supports PHP 8.X

v3.7.0
* [#586](https://github.com/SAML-Toolkits/php-saml/pull/586) IdPMetadataParser::parseRemoteXML - Add argument for setting whether to validate peer SSL certificate
* [#585](https://github.com/SAML-Toolkits/php-saml/pull/585) Declare conditional return types
* Make Saml2\Auth can accept a param $spValidationOnly
* [#577](https://github.com/SAML-Toolkits/php-saml/pull/577) Allow empty NameID value when no strict or wantNameId is false
* [#570](https://github.com/SAML-Toolkits/php-saml/pull/570) Support X509 cert comments
* [#569](https://github.com/SAML-Toolkits/php-saml/pull/569) Add parameter to exclude validUntil on SP Metadata XML
* [#551](https://github.com/SAML-Toolkits/php-saml/pull/551) Fix compatibility with proxies that extends HTTP_X_FORWARDED_HOST
* [#487](https://github.com/SAML-Toolkits/php-saml/issues/487) Enable strict check on in_array method
* Make Saml2\Auth can accept a param $spValidationOnly
* Fix typos on readme.
* Add warning about Open Redirect and Reply attacks
* Add warning about the use of IdpMetadataParser class. If Metadata URLs
are provided by 3rd parties, the URL inputs MUST be validated to avoid issues like SSRF
* Fix test payloads
* Remove references to OneLogin.

v3.6.1
* [#467](https://github.com/onelogin/php-saml/issues/467) Fix bug on getSelfRoutedURLNoQuery method

Expand Down Expand Up @@ -61,12 +107,46 @@ v.3.1.1

v.3.1.0
* Security improvement suggested by Nils Engelbertz to prevent DDOS by expansion of internally defined entities (XEE)
* Fix setting_example.php servicename parameter
* Fix setting_example.php servicename parameter

v.3.0.0
* Remove mcrypt dependency. Compatible with PHP 7.2
* xmlseclibs now is not part of the toolkit and need to be installed from original source

v.2.20.0
* [#586](https://github.com/SAML-Toolkits/php-saml/pull/586) IdPMetadataParser::parseRemoteXML - Add argument for setting whether to validate peer SSL certificate
* [#585](https://github.com/SAML-Toolkits/php-saml/pull/585) Declare conditional return types
* Make Saml2\Auth can accept a param $spValidationOnly
* [#577](https://github.com/SAML-Toolkits/php-saml/pull/577) Allow empty NameID value when no strict or wantNameId is false
* [#570](https://github.com/SAML-Toolkits/php-saml/pull/570) Support X509 cert comments
* [#569](https://github.com/SAML-Toolkits/php-saml/pull/569) Add parameter to exclude validUntil on SP Metadata XML
* [#551](https://github.com/SAML-Toolkits/php-saml/pull/551) Fix compatibility with proxies that extends HTTP_X_FORWARDED_HOST
* [#487](https://github.com/SAML-Toolkits/php-saml/issues/487) Enable strict check on in_array method
* Fix typos on readme.
* [#480](https://github.com/SAML-Toolkits/php-saml/pull/480) Fix typo on SPNameQualifier mismatch
* Add $spValidationOnly param to Auth
* Update xmlseclibs (3.1.2 without AES-GCM and OAEP support)
* Add warning about Open Redirect and Reply attacks
* Add warning about the use of IdpMetadataParser class. If Metadata URLs
are provided by 3rd parties, the URL inputs MUST be validated to avoid issues like SSRF
* Update dependencies
* Fix test payloads
* Remove references to OneLogin.

v.2.19.1
* [#467](https://github.com/onelogin/php-saml/issues/467) Fix bug on getSelfRoutedURLNoQuery method

v.2.19.0
* [#412](https://github.com/onelogin/php-saml/pull/412) Empty instead of unset the $_SESSION variable
* [#433](https://github.com/onelogin/php-saml/issues/443) Fix Incorrect Destination in LogoutResponse when using responseUrl #443
* Add support for SMARTCARD_PKI and RSA_TOKEN Auth Contexts
* Support Statements with Attribute elements with the same name enabling the allowRepeatAttributeName setting
* Get lib path dinamically
* Check for x509Cert of the IdP when loading settings, even if the security index was not provided

v.2.18.1
* Add setSchemasPath to Auth class and fix backward compatibility

v.2.18.0
* Support rejecting unsolicited SAMLResponses.
* Support stric destination matching.
Expand Down Expand Up @@ -229,7 +309,7 @@ v.2.7.0
* Fix PHP 7 error (used continue outside a loop/switch).
* Fix bug on organization element of the SP metadata builder.
* Fix typos on documentation. Fix ALOWED Misspell.
* Be able to extract RequestID. Add RequestID validation on demo1.
* Be able to extract RequestID. Add RequestID validation on demo1.
* Add $stay parameter to login, logout and processSLO method.

v.2.6.1
Expand Down
5 changes: 2 additions & 3 deletions src/Saml2/version.json
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
{
"php-saml": {
"version": "4.1.0",
"released": "07/15/2022"
"version": "4.2.0",
"released": "30/05/2024"
}
}

0 comments on commit d3b5172

Please # to comment.