v1.4.1

What's Changed

• PATH_MAX is not portable -- do not use by @ellert in #204
• Check if libatomic is needed by @ellert in #201
• Add path matching and normalization in Enforcer by @djw8605 in #208

Full Changelog: v1.4.0...v1.4.1

v1.4.0

What's Changed

• Improve keycache error messages and add in-memory SQLite fallback for unwritable cache by @Copilot in #203

Full Changelog: v1.3.0...v1.4.0

v1.3.0

What's Changed

• Revert "Fix memory leak in rs256_from_coords" by @djw8605 in #162
• Add scitokens-generate-jwks CLI for key generation by @Copilot in #186
• Add devcontainer configuration for GitHub Codespaces by @Copilot in #188
• Add CTest-based integration test with JWKS server and TLS infrastructure by @Copilot in #184
• Add monitoring API for per-issuer validation statistics by @Copilot in #182
• Add environment variable configuration loading on library initialization by @Copilot in #190
• Add optional background thread for JWKS refresh by @Copilot in #192
• Add per-issuer lock to prevent thundering herd on new issuers by @Copilot in #180
• Add negative cache for failed issuer lookups by @Copilot in #178
• Add keycache load, metadata, and delete APIs by @Copilot in #194
• Fix EL8 workflow test path and remove incorrect command-line tool tests by @Copilot in #198
• Add EL8 OpenSSL 1.x test workflow and update OpenSSL handling by @djw8605 in #197
• Add comprehensive ReadTheDocs documentation with Sphinx and C++ API integration plus GitHub workflow testing by @Copilot in #174

Full Changelog: v1.2.0...v1.3.0

v.1.3.0-rc0

Summary

v1.3.0 contains major API and infrastructure additions for the library. You can now manipulate the keycache and cause the library to launch a background thread for keeping issuer information updated (potentially useful for servers where you want to avoid queries from hanging for an on-demand load). There's a new monitoring API providing insight into what verification and issuer interactions have been performed, allowing integrators to detect failures quickly.

The library now has a new integration test framework and far more test coverage than before, including concurrency tests.

What's Changed for End-Users

• Add scitokens-generate-jwks CLI for key generation in #186
• Add environment variable configuration loading on library initialization in #190

What's Changed for Library Integrators

• Add per-issuer lock to prevent multiple concurrent queries against issuers without a known key in #180
• Add negative cache for failed issuer lookups (preventing frequent re-queries) in #178
• Add monitoring API for per-issuer validation statistics in #182
• Add optional background thread for JWKS refresh in #192
• Add keycache load, metadata, and delete APIs in #194
• Revert "Fix memory leak in rs256_from_coords" by @djw8605 in #162

For developers

• Add CTest-based integration test with JWKS server and TLS infrastructure in #184
• Add devcontainer configuration for GitHub Codespaces in #188

Full Changelog: v1.2.0...v.1.3.0-rc0

v1.2.0

What's Changed

• Bump jwt-cpp to version 0.7.1, by @GregThain in #149
• Fix memory leaks in rs256_from_coords by @GregThain in #150
• Fix memory leaks in the unit tests by @GregThain in #153
• Add cmake option SCITOKENS_WITH_ASAN which enables memory checking by @djw8605 in #154
• Turn off building unit tests by default. by @djw8605 in #156
• Set CURLOPT_NOSIGNAL option in SimpleCurlGet to prevent signal interruptions by @djw8605 in #157
• Read token for scitokens-verify from stdin by @djw8605 in #159
• Update usage on verify command to make the TOKENFILE explicit by @djw8605 in #161
• Improve JWTVerificationException message to include the invalid issuer by @djw8605 in #167
• Fix security vulnerability in JWT issuer error message handling by @Copilot in #168
• Fix float time claims handling and improve error messages in scitoken_get_expiration by @Copilot in #171
• Send usage warning to stdout instead of stderr by @DrDaveD in #163
• Fix segfault if the JSON parser cannot parse the JWKS by @jthiltges in #176

Full Changelog: v1.1.3...v1.2.0

v1.1.3

What's Changed

• Include the cstdint in jwt-cpp for newer compilers by @djw8605 in #143

Full Changelog: v1.1.2...v1.1.3

v1.1.2

What's Changed

• Add mutex around key refresh with get_public_keys_from_web() by @jthiltges in #137
• Disable CMake unity builds by @GregThain in #138
• Fix include_directories for libcurl by @duncanmmacleod in #141

New Contributors

• @jthiltges made their first contribution in #137

Full Changelog: v1.1.1...v1.1.2

v1.1.1

What's Changed

• Update Debian changelog so I can build by @timtheisen in #134
• Test failures and compiler warnings by @ellert in #126
• Improve error handling around the sqlite3 library by @bbockelm in #136

Full Changelog: v1.1.0...v1.1.1

v1.1.0

What's Changed

• asynch API fixes by @Todd-L-Miller in #129
• Allow the scitokens library user to setup a custom CA file by @bbockelm in #132

New Contributors

• @Todd-L-Miller made their first contribution in #129

Full Changelog: v1.0.2...v1.1.0

v1.0.2

What's Changed

• Update build files for 1.0.0 by @timtheisen in #116
• Fix timeout on generating ACLs by @djw8605 in #115
• Fix a return of a unique pointer by @djw8605 in #117
• Cache location config by @jhiemstrawisc in #120
• Fix formating issue that causes build warning on Debian/Ubuntu by @timtheisen in #121
• Pr 113 metadata err msg by @jhiemstrawisc in #123
• Improve error messages when metadata fetch/parse fails by @bbockelm in #113
• scitokens_internal: catch matching exception type after jwt-cpp update by @olifre in #125
• Fix enforcer_acl_free logic by @jhiemstrawisc in #124

Full Changelog: v1.0.1...v1.0.2