Skip to content

Releases: bigcommerce/omniauth-bigcommerce

0.6.0

Choose a tag to compare

@chanchn chanchn released this 12 Jun 19:14
70ed59d

What's Changed

  • Upgrade oauth2 gem to >= 2.0.22, < 3 to address GHSA-pp92-crg2-gfv9 — fixes protocol-relative redirect leaking bearer tokens
  • Explicitly set auth_scheme: :request_body to preserve client-credential behavior across the oauth2 2.x default change to basic_auth
  • Drop support for Ruby < 3.3; supported versions are now Ruby 3.3, 3.4, and 4.0

Full Changelog: https://github.com/bigcommerce/omniauth-bigcommerce/blob/master/CHANGELOG.md

v0.5.0

Choose a tag to compare

@j05h j05h released this 05 Oct 19:38
98c3b63

What's Changed

  • Circleci project setup by @j05h in #31
  • Ensure oauth2 gem is < 2.0 by @j05h in #32

Full Changelog: v0.4.0...v0.5.0

0.4.0

Choose a tag to compare

@splittingred splittingred released this 21 Apr 23:20
  • Adds account_uuid to response payload

0.3.3

Choose a tag to compare

@splittingred splittingred released this 20 May 22:48
4462ffb
  • Add Standard BigCommerce OSS Documentation
  • Upgrade oauth2 gem to 1.4.4 or above

0.3.2

Choose a tag to compare

@splittingred splittingred released this 27 Mar 22:08
  • Updates the gemspec to allow for greater versions of oauth2 gem usage to facilitate greater versions of faraday

0.3.1

Choose a tag to compare

@splittingred splittingred released this 20 Dec 20:28
27eb71f
  • Upgrades gem dependencies to allow Faraday 0.11 to be used (as opposed to 0.10), which is required for various other libraries
  • Update license to explicitly illustrate using MIT license for this gem
  • Remove 1.9 hashrocket syntax and use 2.0 syntax

0.3.0

Choose a tag to compare

@mattolson mattolson released this 05 May 19:55

Fixes

  • Restore callback_url behavior prior to omniauth-oauth2 1.4.0 breaking change. See omniauth/omniauth-oauth2#70 for details
  • Address CVE-2012-6134 by requiring omniauth-oauth2 >= 1.1.1
  • Properly pass scope and context to authorize and token exchange endpoints