Releases: fastify/session
Releases · fastify/session
v11.0.1
What's Changed
- chore: migrate from tap to node:test and c8 by @dancastillo in #267
- chore: update fastify to ^5.0.0 by @Fdawgs in #268
New Contributors
- @dancastillo made their first contribution in #267
Full Changelog: v11.0.0...v11.0.1
Contributors
dancastillo and Fdawgs
Assets 2
v11.0.0
What's Changed
- Merge
nextintomasterby @jsumners in #256 - build(deps): bump fastify/workflows from 4.1.0 to 4.2.1 by @dependabot in #258
- improve type test readability by @zetaraku in #259
- Added the ability to configure cookie options within a route by @ogheo in #260
- build(deps-dev): bump @types/node from 20.14.13 to 22.0.0 by @dependabot in #263
- build(deps): bump fastify/workflows from 4.2.1 to 5.0.0 by @dependabot in #265
- chore: update min fastify version by @Fdawgs in #264
New Contributors
Full Changelog: v10.9.0...v11.0.0
Contributors
jsumners, ogheo, and 3 other contributors
Assets 2
v10.9.0
⚠️ Security Release ⚠️
This release fixes GHSA-pj27-2xvp-4qxg with CVE CVE-2024-35220. It's severity is classified as HIGH.
When restoring the cookie from the session store, the expires field is overriden if the maxAge field was set.
This means a cookie is never correctly detected as expired and thus expired sessions are not destroyed.
Full Changelog: v10.8.0...v10.9.0
v10.8.0
Contributors
mcollina and zetaraku
Assets 2
v10.7.2
What's Changed
- enhance checkOptions to reject invalid signer objects by @autopulated in #241
Full Changelog: v10.7.1...v10.7.2
Contributors
autopulated
Assets 2
v10.7.1
What's Changed
- build(deps-dev): bump tsd from 0.29.0 to 0.30.1 by @dependabot in #231
- docs(readme): replace
fastify.iolinks withfastify.devby @Fdawgs in #232 - chore(license): Update licensing year by @codershiba in #233
- chore(.gitignore): add .tap/ dir by @Fdawgs in #235
- build(deps-dev): bump cronometro from 1.2.0 to 3.0.1 by @dependabot in #236
- fix: use request.protocol to check for HTTPS by @mohd-akram in #238
- build(deps-dev): bump tsd from 0.30.7 to 0.31.0 by @dependabot in #239
- fix race condition in cookie.maxAge test by @autopulated in #242
- Ensure maxAge type has milliseconds as the unit by @chuanqisun in #245
New Contributors
- @codershiba made their first contribution in #233
- @mohd-akram made their first contribution in #238
- @autopulated made their first contribution in #242
- @chuanqisun made their first contribution in #245
Full Changelog: v10.7.0...v10.7.1
Contributors
mohd-akram, chuanqisun, and 3 other contributors
Assets 2
v10.7.0
v10.6.1
What's Changed
- export the correct cookie options interface by @gurgunday in #223
Full Changelog: v10.6.0...v10.6.1
Contributors
gurgunday
Assets 2
v10.6.0
What's Changed
- perf: use
node:prefix to bypass require.cache call for builtins by @Fdawgs in #210 - chore: add
.gitattributesfile by @Fdawgs in #212 - perf(lib/fastifysession): optimize split param by @Fdawgs in #214
- chore(package): explicitly declare js module type by @Fdawgs in #217
- Added documentation for import of modules w/ declaration merging by @VIEWVIEWVIEW in #220
- Updated import as per redis-connect docs by @maxt41 in #219
- export cookie types by @gurgunday in #221
New Contributors
- @VIEWVIEWVIEW made their first contribution in #220
- @maxt41 made their first contribution in #219
- @gurgunday made their first contribution in #221
Full Changelog: v10.5.0...v10.6.0
Contributors
VIEWVIEWVIEW, maxt41, and 2 other contributors
Assets 2
v10.5.0
What's Changed
- build(deps-dev): bump @fastify/cookie from 8.3.0 to 9.0.4 by @dependabot in #205
- chore: update redis example by @zanechua in #207
- build(deps-dev): bump tsd from 0.28.1 to 0.29.0 by @dependabot in #208
- fix: remove cookie.expires from shouldSaveSession evaluation logic by @tomoakiichige in #209
New Contributors
- @zanechua made their first contribution in #207
- @tomoakiichige made their first contribution in #209
Full Changelog: v10.4.0...v10.5.0
Contributors
zanechua, dependabot, and tomoakiichige