v2.5.3

What's Changed

• [FEAT] relax protocol names to allow for ws/wss for account resolver operations by @aricart in #209
• [BUMP] bump nkeys by @aricart in #212

Full Changelog: v2.5.2...v2.5.3

v2.5.2

What's Changed

• [FEAT] added convenience API GetTags() to Account/Operator/UserClaims by @aricart in #208

Full Changelog: v2.5.1...v2.5.2

v2.5.1

What's Changed

• Sort Signing Keys on Marshal by @sethjback in #203
• Add issue forms by @bruth in #204
• Fix issue config discussions link by @bruth in #205

New Contributors

• @sethjback made their first contribution in #203
• @bruth made their first contribution in #204

Full Changelog: v2.5.0...v2.5.1

v2.5.0

What's Changed

• [CHANGE] removed wildcard restriction from mappings by @haisum in #202
• [DOC] better example for project homepage by @aricart in #198

New Contributors

• @haisum made their first contribution in #202

Full Changelog: v2.4.1...v2.5.0

v2.4.1

What's Changed

• [FEAT] allow callout service configuration to allow generation of users for any account by @aricart in #197

Full Changelog: v2.4.0...v2.4.1

v2.4.0

What's Changed

• [FEAT] added support for external authorization for accounts. by @derekcollison in #179, #180, #185, #186,
• [FIX] added validation requiring auth user when auth accounts are listed by @aricart in #181
• [UPDATE] Some Updates by @derekcollison in #183
• [FEAT] Xkeys support by @derekcollison in #182
• [CHORE] migrate ci to gha by @aricart in #191
• [FIX] added additional scrutiny to DidSign in the case of signing keys by @aricart in #190
• [FIX] overhaul jwt v2 and v1 inter-tangling by @philpennock in #195
• [FIX] Simplify AuthorizationResponse by @aricart in #189
• [BUMP] version for imminent release: 2.4.0 by @philpennock in #196

Full Changelog: v2.3.0...v2.4.0

Release v2.3.0

Changelog

The repository master branch has been renamed to main. If you have a fork or a local copy of the repository, you would have to perform the following git operations:

git checkout master
git branch -m master main
git fetch origin
git remote set-head origin -a

Added

• IssueUserJWT() takes an account scoped signing key, account id, and use public key (and optionally a user's name, an expiration duration and tags) and returns a valid signed JWT. See the following ADR for more information (#163)
• JetStreamLimits.MaxBytesRequired: a boolean to indicate that max_bytes is required for all streams created under an account (#164)
• AccountClaims.Limits.JetStreamTieredLimits: which is a map of JetStreamLimits where the key is the tier, for example "R1", "R3", etc.. (#169)
• JetStreamLimits.MemoryMaxstreamBytes and JetStreamLimits.DiskMaxstreamBytes: to limit the maximum value for max bytes for memory and disk (#172)
• JetStreamLimits.MaxAckPending: to limit the number of MaxAckPending on a consumer (#174)
• AccountLimits.DisallowBearer: to reject connections from user JWTs that have the bearer token boolean set to true (#177)

Fixed

• Activation's validation error text: was reporting invalid export type instead of invalid import type (#176)

Complete Changes

v2.2.0...v2.3.0

Release v2.2.0

Changelog

Added

• Two new connection types, LEAFNODE_WS and MQTT_WS (not yet supported in the NATS Server, but will be in the near future). If the administrator wants to restrict a configured user to a leaf node connection (websocket or not) but not as a standard user (a client application), the previous existing connection types would not allow it. Having only LEAFNODE would not deny LeafNode connection over websocket, and adding WEBSOCKET would then allow client applications to connect to the client websocket port (#161)

Fixed

• Decoding of signing keys would return a nil map instead of the actual signing keys (#160)

Complete Changes

v2.1.0...v2.2.0

Release v2.1.0

Changelog

Changed

• Separate test dependencies from v2 module

Complete Changes

v2.0.3...v2.1.0

Release v2.0.3

Changelog

Fixed

• Wildcard counting issue on import validation (#154)

Complete Changes

v2.0.2...v2.0.3