Releases: matthewhartstonge/argon2
Releases · matthewhartstonge/argon2
v1.1.1
v1.1.0
v1.0.3
1.0.3 (2024-12-12)
Fixes
- fix: bumps golang.org/x/crypto from 0.30.0 to 0.31.0 to resolve CVE-2024-45337
Miscellaneous Chores
- release 1.0.3 (601f492)
v1.0.2
v1.0.1
v1.0.0
1.0.0 (2023-12-03)
Versioning Strategy
The API is stable and has been running in production for many years now, therefore won't be changing.
This library has a single dependency on golang.org/x/crypto. This means that as the version of Go is updated there, this library will roll up it's version to a new minor.
Any CVEs/security patches that come through via dependabot, without a resulting Go version update, will become a patch release.
For example:
- If a version of
/x/cryptonow requiresgo@1.28,argon2will go fromv1.0.0->v1.1.0. - If
x/cryptoreleases a version that resolves CVEs with no requirement to upgrade Go, thenargon2will go fromv1.0.0->v1.0.1.
⚠ BREAKING CHANGES
- deps: bump golang.org/x/crypto from 0.13.0 to 0.16.0 now requires
go@v1.18as a minimum.
Features
- deps: bump golang.org/x/crypto from 0.13.0 to 0.16.0 (8dbc527)
v0.3.4
v0.3.3
v0.3.2
6284bf5
This commit was signed with the committer’s verified signature.
matthewhartstonge
Matthew Hartstonge
v0.3.2 - 2022-11-18
Changed
- deps: updates to
golang.org/x/crypto@v0.3.0. - .github: adjusts dependabot to file version updates against development.
Full Changelog: v0.3.1...v0.3.2
v0.3.1
3242f91
This commit was signed with the committer’s verified signature.
matthewhartstonge
Matthew Hartstonge
v0.3.1 - 2022-11-10
Changed
- deps: updates to
golang.org/x/crypto@v0.2.0.
Full Changelog: v0.3.0...v0.3.1