Releases · psr7-sessions/storageless · GitHub

29 Oct 07:37

9.2.0 Latest

Latest

Release Notes for 9.2.0

Feature release (minor)

9.2.0

Total issues resolved: 0
Total pull requests resolved: 7
Total contributors: 2

enhancement

593: Use readonly class annotation where possible thanks to @Slamdunk
590: Local build: require docker compose only thanks to @Slamdunk
587: Add PHP 8.4 support, drop PHP < 8.3 thanks to @Slamdunk

dependencies,enhancement

592: Drop vimeo/psalm, add phpstan/phpstan thanks to @Slamdunk
561: Update to PHPUnit 10 thanks to @Slamdunk

github_actions

588: [CI] Drop laminas-continuous-integration-action, add jobs static Config thanks to @Slamdunk

renovate

586: Update dependency phpunit/phpunit to v11 thanks to @renovate[bot]

Contributors

Slamdunk and renovate

Assets 2

20 Nov 14:53

9.1.0

Release Notes for 9.1.0

Feature release (minor)

9.1.0

Total issues resolved: 0
Total pull requests resolved: 1
Total contributors: 1

enhancement

584: Add PHP 8.3 support, drop PHP < 8.2 thanks to @Slamdunk

Contributors

Slamdunk

Assets 2

26 Jul 07:56

9.0.1

Release Notes for 9.0.1

9.0.x bugfix release (patch)

9.0.1

Total issues resolved: 0
Total pull requests resolved: 1
Total contributors: 1

bug

580: Configuration: lets clone third-party config objects thanks to @Slamdunk

Contributors

Slamdunk

Assets 2

25 Jul 13:36

9.0.0

Release Notes for 9.0.0

This release moves the \PSR7Sessions\Storageless\Http\SessionMiddleware constructor parameters into a more robust and easy-to-use \PSR7Sessions\Storageless\Http\Configuration object with the following API:

use Dflydev\FigCookies\SetCookie;
use Lcobucci\Clock\Clock;
use Lcobucci\JWT\Configuration as JwtConfig;
use PSR7Sessions\Storageless\Http\ClientFingerprint\Configuration as FingerprintConfig;

/** @immutable */
final class \PSR7Sessions\Storageless\Http\Configuration
{
    public function __construct(JwtConfig $jwtConfiguration);

    public function withJwtConfiguration(JwtConfig $jwtConfiguration): self;
    public function withClock(Clock $clock): self;
    public function withCookie(SetCookie $cookie): self;
    /** @param positive-int $idleTimeout */
    public function withIdleTimeout(int $idleTimeout): self;
    /** @param positive-int $refreshTime */
    public function withRefreshTime(int $refreshTime): self;
    /** @param literal-string $sessionAttribute */
    public function withSessionAttribute(string $sessionAttribute): self;
    public function withClientFingerprintConfiguration(FingerprintConfig $clientFingerprintConfiguration): self;
}

Active sessions issued with v8 are compatible with the new v9: the changes are at the API level only.

A new configuration has been added to mitigate session hijacking attacks, see the documentation at https://github.com/psr7-sessions/storageless/tree/9.0.x#session-hijacking-mitigation

This is a major release and breaks backwards compatibility.

Specifically, following changes are relevant:

[BC] REMOVED: Constant PSR7Sessions\Storageless\Http\SessionMiddleware::DEFAULT_COOKIE was removed
[BC] REMOVED: Constant PSR7Sessions\Storageless\Http\SessionMiddleware::DEFAULT_REFRESH_TIME was removed
[BC] REMOVED: Method PSR7Sessions\Storageless\Http\SessionMiddleware::fromSymmetricKeyDefaults() was removed
[BC] REMOVED: Method PSR7Sessions\Storageless\Http\SessionMiddleware::fromRsaAsymmetricKeyDefaults() was removed
[BC] REMOVED: Method PSR7Sessions\Storageless\Http\SessionMiddleware::buildDefaultCookie() was removed
[BC] CHANGED: The parameter $configuration of PSR7Sessions\Storageless\Http\SessionMiddleware#__construct() changed from Lcobucci\JWT\Configuration to a non-contravariant PSR7Sessions\Storageless\Http\Configuration

9.0.0

Total issues resolved: 0
Total pull requests resolved: 6
Total contributors: 1

bug

579: Configuration: mutable dependencies shouldn't be cloned thanks to @Slamdunk

enhancement

578: Client Fingerprint: extract infos from headers where possible thanks to @Slamdunk
577: Fingerprint hash: encode the raw binary to save space thanks to @Slamdunk
564: Add session hijacking mitigation configuration thanks to @Slamdunk

documentation

576: Update documentation to reflect the new Configuration object thanks to @Slamdunk

BC break,enhancement

570: Add Config object, drop factory methods thanks to @Slamdunk

Contributors

Slamdunk

Assets 2

24 Jul 09:33

8.17.0

Release Notes for 8.17.0

Feature release (minor)

8.17.0

Total issues resolved: 0
Total pull requests resolved: 7
Total contributors: 3

documentation

574: Fix markdownlint errors thanks to @Slamdunk
565: Fix PHPDoc variable type hint thanks to @drupol

renovate

571: Update dependency laminas/laminas-diactoros to v3 thanks to @renovate[bot]
569: Update dependency doctrine/coding-standard to v12 thanks to @renovate[bot]
567: Update dependency psr/http-message to v2 thanks to @renovate[bot]
562: Update all non-major dependencies thanks to @renovate[bot]

enhancement

568: tests: remove duplicated test code thanks to @drupol

Contributors

Slamdunk, drupol, and renovate

Assets 2

28 Mar 13:59

8.16.0

Release Notes for 8.16.0

Feature release (minor)

8.16.0

Total issues resolved: 0
Total pull requests resolved: 1
Total contributors: 1

enhancement

563: Allow custom session attribute names thanks to @Slamdunk

Contributors

Slamdunk

Assets 2

26 Feb 13:22

8.15.0

Release Notes for 8.15.0

Feature release (minor)

8.15.0

Total issues resolved: 0
Total pull requests resolved: 2
Total contributors: 2

dependencies,enhancement

560: Add support for lcobucci/jwt:v5 thanks to @Slamdunk

duplicate,renovate

559: Update dependency lcobucci/jwt to v5 thanks to @renovate[bot]

Contributors

Slamdunk and renovate

Assets 2

05 Jan 09:54

8.14.0

Release Notes for 8.14.0

Feature release (minor)

8.14.0

Total issues resolved: 0
Total pull requests resolved: 3
Total contributors: 2

dependencies,enhancement

557: Update lcobucci/jwt to ^4.3.0 and lcobucci/clock to v3 thanks to @Slamdunk

dependencies,duplicate,renovate

555: Update dependency lcobucci/jwt to ^4.3.0 thanks to @renovate[bot]
552: Update dependency lcobucci/clock to v3 thanks to @renovate[bot]

Contributors

Slamdunk and renovate

Assets 2

23 Dec 12:20

8.13.0

Release Notes for 8.13.0

Feature release (minor)

8.13.0

Total issues resolved: 1
Total pull requests resolved: 3
Total contributors: 2

documentation,enhancement

enhancement,renovate

551: Update dependency vimeo/psalm to ^5.3.0 thanks to @renovate[bot]

renovate

550: Update dependency doctrine/coding-standard to v11 thanks to @renovate[bot]

Contributors

Slamdunk and renovate

Assets 2

09 Dec 09:43

8.12.0

Release Notes for 8.12.0

Feature release (minor)

8.12.0

Total issues resolved: 0
Total pull requests resolved: 2
Total contributors: 1

dependencies,enhancement,renovate

548: Drop PHP 8.0 support, update all non-major dependencies thanks to @renovate[bot]

dependencies,renovate

547: Update dependency vimeo/psalm to v5 thanks to @renovate[bot]

Contributors

renovate

Assets 2