Releases: bigcommerce/omniauth-bigcommerce
Releases · bigcommerce/omniauth-bigcommerce
Release list
0.6.0
What's Changed
- Upgrade
oauth2gem to>= 2.0.22, < 3to address GHSA-pp92-crg2-gfv9 — fixes protocol-relative redirect leaking bearer tokens - Explicitly set
auth_scheme: :request_bodyto preserve client-credential behavior across the oauth2 2.x default change tobasic_auth - Drop support for Ruby < 3.3; supported versions are now Ruby 3.3, 3.4, and 4.0
Full Changelog: https://github.com/bigcommerce/omniauth-bigcommerce/blob/master/CHANGELOG.md
v0.5.0
0.4.0
0.3.3
- Add Standard BigCommerce OSS Documentation
- Upgrade oauth2 gem to 1.4.4 or above
0.3.2
- Updates the gemspec to allow for greater versions of oauth2 gem usage to facilitate greater versions of faraday
0.3.1
- Upgrades gem dependencies to allow Faraday 0.11 to be used (as opposed to 0.10), which is required for various other libraries
- Update license to explicitly illustrate using MIT license for this gem
- Remove 1.9 hashrocket syntax and use 2.0 syntax
0.3.0
Fixes
- Restore callback_url behavior prior to omniauth-oauth2 1.4.0 breaking change. See omniauth/omniauth-oauth2#70 for details
- Address CVE-2012-6134 by requiring omniauth-oauth2 >= 1.1.1
- Properly pass scope and context to authorize and token exchange endpoints