From fdd3affdf07d8077c19433ef299e1d0fa777818e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C5=82=20Krassowski?=
 <5832902+krassowski@users.noreply.github.com>
Date: Thu, 18 Jan 2024 11:36:15 +0000
Subject: [PATCH] Update `CHANGELOG.md` with additional info on jupyter-lsp
 release (#1039)

* Update `CHANGELOG.md` with additional info on jupyter-lsp release

* Clarity and grammar
---
 CHANGELOG.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index d71b4341f..64e7cdd75 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -10,6 +10,9 @@
 - bug fixes:
   - address warning about renamed `extension_points` (#1035)
   - fix compatibility with jupyter server 1.x
+  - fix an authentication-related security vulnerability (see [the advisory](https://github.com/jupyter-lsp/jupyterlab-lsp/security/advisories/GHSA-4qhp-652w-c22x) for details)
+- enhancements:
+  - add authorization support (`lsp` resource, jupyter-server v2+ only) - this allows server operators for fine grained access control, e.g. in case if specific users (such as guest or read-only users) should not be allowed to access LSP; this is in addition to authentication fixes
 
 ### `@jupyter-lsp/jupyterlab-lsp 5.0.1`