v2.0.6

• bump xmldom to 0.5.x since all lower versions have security issue (#551) (3d98c75)

v2.0.5

• Ignore test folder when building npm package (#526) (6996cb8)

v2.0.4

• chore: Follow our Github release name convention. (5a6ca44)
• Merge pull request #518 from node-saml/changelog (dac23a1)
• Use Prettier on files modified (8eaf95c)
• Set config values for gren to be project-specific (d03bc6d)
• Use correct function argument list (a74b1db)
• correct commandline options for gren (30ee467)
• regenerate changelog using ISO date format (e801935)
• Add code to use a ISO date. Set CHANGELOG generating script. (e3d9b86)
• add more tags to PRs, remove tags without releases (9323c09)
• use PRs as a source for changelog (0c2206c)
• correct changelog (650d61e)
• Generating changelog using gren (d0b71fd)
• Revert "Generating changelog using gren" (c02cfc6)
• Generating changelog using gren (9bc09b9)

v2.0.3

• [closed] normalize signature line endings before loading signature block to xml-crypto #512
• [closed] Reexport SamlConfig type to solve a regression in consumer packages #516
• [closed] dev: add @types/xml-encryption #517
• [closed] fix: derive SamlConfig from SAMLOptions #515
• [closed] fix(typing): Export Multi SAML types #505
• [closed] docs(scoping): fix for example #504
• [closed] upgrade deps to latest versions #514
• [closed] add ts-ignore to generated type definitions for multisaml strategy #508
• [dependencies] Bump ini from 1.3.5 to 1.3.8 #513
• [closed] minor - fix typo in README #506
• [semver-patch] fix(typing): multi saml stratey export #503
• [closed] Prettier + ESLint + onchange = Happiness #493
• [semver-patch] support windows line breaks in keys #500

v2.0.2

Bug Fixes

• normalize line endings before signature validation (02c6c5a)

v2.0.1

Bug Fixes

• deprecation notice bug fix privateKey (#492). This was bug was introduced in unrelease
  v2.0.0.

v2.0.0

(Not published to NPM)

Our test suite passes un-modified with 2.0, but some cases that could possibly
be breaking changes for some users are disclamed here. Some changes made over the
the last week are also repeated here since most people would not have upgraded to those.

Possibly Breaking Changes

• Dropped Support for Node 8 (since v1.4.0)

• Upgraded xml-crypto to 2.0.0 to address vulnerability in that module. This
  should be backwards compatible unless you were going
  out of your way to enable HMAC-SHA1.

• Rewritten in TypeScript. All existing tests pass, but a Babel user ran into a compatibility
  issue in #475, so this is noted in case there's another case like that.

• We now follow the best practice of throwing Error objects instead of strings. If your code
  explicitly expected strings to be thrown, it will need to be updated. (#412)

• We were using "q" promises internally and now use native promises. There has not been a
  documented a public promise interface, so this should not be a compatibility issue unless you
  were accessing the internals. (since 1.5.0)

New Features

• Better safety due to switching source code to TypeScript.

• IdP part of SAML spec is now implemented. See (#428)

• The less confusing privateKey config key name is now preferred over privateCert.
  privateCert still works, but will likely be deprecated. (#488)

• validateSignature: Support XML docs that contain multiple signed nodes (#455)

Bug Fixes

• update version of xml2js to 0.4.23, fixes #479, broken for some users since v1.4.0.

v1.5.0

New Features

• validateSignature: Support XML docs that contain multiple signed nodes (#455)

Internals

• outdated Q library was removed

v1.4.2

Internals

• saml.ts switched to typescript
• primary files use typescript

v1.4.1

Bug Fixes

• compatibility with @types/passport-saml, fixes #475

Internals

• chore: Allow mocha globals in tests.