1.0.0¶ ↑
-
71: Ruby >= 3.1 support and Ruby < 3 deprecation, supports Sinatra >= 3 and drops support for Sinatra 1 and 2.¶ ↑
0.9.0¶ ↑
-
68: Loosen
omniauth-heroku
constraint, allowing>= 0.1, < 2
,¶ ↑enabling support of OmniAuth 2. This also adds the new {
:login_path
option}[README#prompt-to-login]. @stevenharman -
66: Loosen Faraday constraints, allowing
>= 0.8", < 2
. @stevenharman¶ ↑
0.8.0¶ ↑
-
55: Ruby >= 2.4 support and Ruby <2.2 deprecation. Thanks @maxbeizer!¶ ↑
-
52: Rack 2 / Rails 5 support. Thanks @jkutner!¶ ↑
0.7.1¶ ↑
0.7.0¶ ↑
0.6.0¶ ↑
-
42: add
allow_if_user
which takes the user object, instead of just¶ ↑an email. Thanks @jacobian!
-
43: allow bouncer to be installed at sub-paths of the app by using¶ ↑
request.path_info
. Thanks @dpiddy!
0.5.2¶ ↑
-
40: fixes redirects to non-standard ports (other than 80/443). Thanks¶ ↑
@damthieu!
-
Fixed warnings when gem is built due to open-ended dependencies.
0.5.1¶ ↑
Fixed a bug where I forgot to check to see if a deprecated option was used before emitting a warning (#36).
0.5.0¶ ↑
Adds allow_if
option, and deprecates herokai_only
(#35). Thanks @stillinbeta!
0.4.3¶ ↑
This release addresses options hash re-use (#34). Thanks @gregburek for reporting!
0.4.2¶ ↑
This release limits the size of the URL stored in the session, which could result in a cookie overflow condition
0.4.1¶ ↑
This release addresses an open redirect security vulernability addressed in #31. Thanks @raul!
0.4.0¶ ↑
This is nearly 1.0 ready, but I would like to see some additional changes in the following areas:
-
Option refactoring. We have a huge number of options now.
-
Extensibility. It should be easier to extend/inherit from
Heroku::Bouncer
to tweak its behavior. This was possible under 0.3.x but is no longer true in 0.4.0. -
Remove backwards compatibility support (i.e. ENV vars)
To those upgrading, please note that a great deal has changed. Backwards compatibility with warnings has been maintained in this version, but not throughly tested. Extensibility has not - you’ll need to do some new tricks if you have extended Heroku::Bouncer
in your app.
0.4.0.pre*¶ ↑
Pre-releases changes were not documented. See 0.4.0 for details.
0.3.4¶ ↑
Fix a redirect loop (#16).
0.3.3¶ ↑
Fix bug with herokai_only
writing to session even if the user is not Herokai.
0.3.2¶ ↑
Fix bug with creating an anonymous Module object for the Heroku
constant.
0.3.1¶ ↑
Fix a bug with session destruction.
0.3.0¶ ↑
Switch to using the encrypted cookie gem for session storage.
0.2.1¶ ↑
Don’t store data in the session until after checking email address.
0.2.0¶ ↑
-
Prefer
HEROKU_OAUTH_ID
andHEROKU_OAUTH_SECRET
environment variables. -
Check these variables for values, and disable middleware if they are not present.
0.1.0¶ ↑
First “production” release.