See also http://pvp.haskell.org/faq
- Bugfix for GHC 9.0.1 memory corruption bug (#46)
- Thanks to Fraser Tweedale and Andrew Lelechenko for logging and helping with this fix.
- Package update: support for
bytestring >=0.11
-
Security fix: reject non-canonical base64 encoded values - (#38) fixing issue #24.
-
Security fix: reject bytestrings with improper padding that can be "completed" by the unpadded-Base64url workflow, and homogenize error messages (#33)
-
Test coverage expanded to 98% of the library. All critical paths covered.
joinWithhas been removed (#32)- Bugfix:
decodeformerly allowed for padding chars to be interspersed in a valid base64-encoded string. This is now not the case, and it is fully spec-compliant as of #31 - The default behavior for Base64url
decodeis now to support arbitrary padding. If you need strict padded or unpadded decode semantics, usedecodePaddedordecodeUnpadded. - Added strict unpadded and padded decode functions for Base64url (#30)
- Added unpadded encode for Base64url (#26).
- Made performance more robust (#27).
- Improved documentation (#23).
- Improved the performance of decodeLenient a bit (#21).
- Fixed a write past allocated memory in joinWith (potential security issue).
- Changelog not recorded for these versions.
- Fixed: wrong encoding table on big-endian systems.
- Fixed: too big indices in encoding table construction.
- Changelog not recorded up to this version.