Prepare release 4.2.0

pitbulk · pitbulk · commit d3b5172f137d · 2024-05-30T17:10:40.000+02:00
diff --git a/CHANGELOG b/CHANGELOG
@@ -1,8 +1,54 @@
 CHANGELOG
 =========
+
+
+v4.2.0
+* [#586](https://github.com/SAML-Toolkits/php-saml/pull/586) IdPMetadataParser::parseRemoteXML - Add argument for setting whether to validate peer SSL certificate
+* [#585](https://github.com/SAML-Toolkits/php-saml/pull/585) Declare conditional return types
+* [#577](https://github.com/SAML-Toolkits/php-saml/pull/577) Allow empty NameID value when no strict or wantNameId is false
+* [#570](https://github.com/SAML-Toolkits/php-saml/pull/570) Support X509 cert comments
+* [#569](https://github.com/SAML-Toolkits/php-saml/pull/569) Add parameter to exclude validUntil on SP Metadata XML
+* [#551](https://github.com/SAML-Toolkits/php-saml/pull/551) Fix compatibility with proxies that extends HTTP_X_FORWARDED_HOST
+* LogoutRequest and the LogoutResponse object to separate functions
+* Make Saml2\Auth can accept a param $spValidationOnly
+* Fix typos on readme.
+* [#480](https://github.com/SAML-Toolkits/php-saml/pull/480) Fix typo on SPNameQualifier mismatch error message
+* Remove unbound version constraints on xmlseclibs
+* Update dependencies
+* Fix test payloads
+* Remove references to OneLogin.
+
+v4.1.0
+* Add pipe through for the $spValidationOnly setting in the Auth class.
+
+v4.0.1
+* Add compatibility with PHP 8.1
+* [#487](https://github.com/SAML-Toolkits/php-saml/issues/487) Enable strict check on in_array method
+* Add warning about Open Redirect and Reply attacks
+* Add warning about the use of IdpMetadataParser class. If Metadata URLs
+  are provided by 3rd parties, the URL inputs MUST be validated to avoid issues like SSRF
+
 v4.0.0
+* [#467](https://github.com/onelogin/php-saml/issues/467) Fix bug on getSelfRoutedURLNoQuery method
 * Supports PHP 8.X
 
+v3.7.0
+* [#586](https://github.com/SAML-Toolkits/php-saml/pull/586) IdPMetadataParser::parseRemoteXML - Add argument for setting whether to validate peer SSL certificate
+* [#585](https://github.com/SAML-Toolkits/php-saml/pull/585) Declare conditional return types
+* Make Saml2\Auth can accept a param $spValidationOnly
+* [#577](https://github.com/SAML-Toolkits/php-saml/pull/577) Allow empty NameID value when no strict or wantNameId is false
+* [#570](https://github.com/SAML-Toolkits/php-saml/pull/570) Support X509 cert comments
+* [#569](https://github.com/SAML-Toolkits/php-saml/pull/569) Add parameter to exclude validUntil on SP Metadata XML
+* [#551](https://github.com/SAML-Toolkits/php-saml/pull/551) Fix compatibility with proxies that extends HTTP_X_FORWARDED_HOST
+* [#487](https://github.com/SAML-Toolkits/php-saml/issues/487) Enable strict check on in_array method
+* Make Saml2\Auth can accept a param $spValidationOnly
+* Fix typos on readme.
+* Add warning about Open Redirect and Reply attacks
+* Add warning about the use of IdpMetadataParser class. If Metadata URLs
+  are provided by 3rd parties, the URL inputs MUST be validated to avoid issues like SSRF
+* Fix test payloads
+* Remove references to OneLogin.
+
 v3.6.1
 * [#467](https://github.com/onelogin/php-saml/issues/467) Fix bug on getSelfRoutedURLNoQuery method
 
@@ -61,12 +107,46 @@ v.3.1.1
 
 v.3.1.0
 * Security improvement suggested by Nils Engelbertz to prevent DDOS by expansion of internally defined entities (XEE)
-* Fix setting_example.php servicename parameter 
+* Fix setting_example.php servicename parameter
 
 v.3.0.0
 * Remove mcrypt dependency. Compatible with PHP 7.2
 * xmlseclibs now is not part of the toolkit and need to be installed from original source
 
+v.2.20.0
+* [#586](https://github.com/SAML-Toolkits/php-saml/pull/586) IdPMetadataParser::parseRemoteXML - Add argument for setting whether to validate peer SSL certificate
+* [#585](https://github.com/SAML-Toolkits/php-saml/pull/585) Declare conditional return types
+* Make Saml2\Auth can accept a param $spValidationOnly
+* [#577](https://github.com/SAML-Toolkits/php-saml/pull/577) Allow empty NameID value when no strict or wantNameId is false
+* [#570](https://github.com/SAML-Toolkits/php-saml/pull/570) Support X509 cert comments
+* [#569](https://github.com/SAML-Toolkits/php-saml/pull/569) Add parameter to exclude validUntil on SP Metadata XML
+* [#551](https://github.com/SAML-Toolkits/php-saml/pull/551) Fix compatibility with proxies that extends HTTP_X_FORWARDED_HOST
+* [#487](https://github.com/SAML-Toolkits/php-saml/issues/487) Enable strict check on in_array method
+* Fix typos on readme.
+* [#480](https://github.com/SAML-Toolkits/php-saml/pull/480) Fix typo on SPNameQualifier mismatch
+* Add $spValidationOnly param to Auth
+* Update xmlseclibs (3.1.2 without AES-GCM and OAEP support)
+* Add warning about Open Redirect and Reply attacks
+* Add warning about the use of IdpMetadataParser class. If Metadata URLs
+  are provided by 3rd parties, the URL inputs MUST be validated to avoid issues like SSRF
+* Update dependencies
+* Fix test payloads
+* Remove references to OneLogin.
+
+v.2.19.1
+* [#467](https://github.com/onelogin/php-saml/issues/467) Fix bug on getSelfRoutedURLNoQuery method
+
+v.2.19.0
+* [#412](https://github.com/onelogin/php-saml/pull/412) Empty instead of unset the $_SESSION variable
+* [#433](https://github.com/onelogin/php-saml/issues/443) Fix Incorrect Destination in LogoutResponse when using responseUrl #443
+* Add support for SMARTCARD_PKI and RSA_TOKEN Auth Contexts
+* Support Statements with Attribute elements with the same name enabling the allowRepeatAttributeName setting
+* Get lib path dinamically
+* Check for x509Cert of the IdP when loading settings, even if the security index was not provided
+
+v.2.18.1
+* Add setSchemasPath to Auth class and fix backward compatibility
+
 v.2.18.0
 * Support rejecting unsolicited SAMLResponses.
 * Support stric destination matching.
@@ -229,7 +309,7 @@ v.2.7.0
 * Fix PHP 7 error (used continue outside a loop/switch).
 * Fix bug on organization element of the SP metadata builder.
 * Fix typos on documentation. Fix ALOWED Misspell.
-* Be able to extract RequestID. Add RequestID validation on demo1. 
+* Be able to extract RequestID. Add RequestID validation on demo1.
 * Add $stay parameter to login, logout and processSLO method.
 
 v.2.6.1
diff --git a/src/Saml2/version.json b/src/Saml2/version.json
@@ -1,7 +1,6 @@
 {
     "php-saml": {
-        "version": "4.1.0",
-        "released": "07/15/2022"
+        "version": "4.2.0",
+        "released": "30/05/2024"
     }
 }
-

Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"php-saml": {`
`3`		`- "version": "4.1.0",`
`4`		`- "released": "07/15/2022"`
	`3`	`+ "version": "4.2.0",`
	`4`	`+ "released": "30/05/2024"`
`5`	`5`	`}`
`6`	`6`	`}`
`7`		`-`