Skip to content

Commit

Permalink
Minor: remove line breaks from CHANGELOG markdown
Browse files Browse the repository at this point in the history
  • Loading branch information
@EvanHahn
EvanHahn committed May 5, 2019
1 parent 87f8d15 commit 6ac5e84
Showing 1 changed file with 0 additions and 59 deletions.
59 changes: 0 additions & 59 deletions CHANGELOG.md
View file
@@ -1,15 +1,13 @@
# Changelog

## 3.17.0 - 2019-05-03

### Added
- `referrerPolicy` now supports multiple values

### Changed
- Updated `referrerPolicy` to v1.2.0

## 3.16.0 - 2019-03-10

### Added
- Add email to `bugs` field in `package.json`

Expand All @@ -25,47 +23,38 @@
* The `includeSubdomains` option (with a lowercase `d`) has been deprecated and will be removed in `hsts@3`. Use the uppercase-D `includeSubDomains` option instead. See [helmetjs/hsts#21](https://github.com/helmetjs/hsts/issues/21) for more

## 3.15.1 - 2019-02-10

### Deprecated
- The `hpkp` middleware has been deprecated. If you still need to use this module, install the standalone `hpkp` module from npm. See [#180](https://github.com/helmetjs/helmet/issues/180) for more.

## 3.15.0 - 2018-11-07

### Added
- `helmet.featurePolicy` now supports four new features

## 3.14.0 - 2018-10-09

### Added
- `helmet.featurePolicy` middleware

## 3.13.0 - 2018-07-22

### Added
- `helmet.permittedCrossDomainPolicies` middleware

## 3.12.2 - 2018-07-20

### Fixed
- Removed `lodash.reduce` dependency from `csp`

## 3.12.1 - 2018-05-16

### Fixed
- `expectCt` should use comma instead of semicolon as delimiter

## 3.12.0 - 2018-03-02

### Added
- `xssFilter` now supports `reportUri` option

## 3.11.0 - 2018-02-09

### Added
- Main Helmet middleware is now named to help with debugging

## 3.10.0 - 2018-01-23

### Added
- `csp` now supports `prefix-src` directive

Expand All @@ -74,7 +63,6 @@
- `false` should be able to disable a CSP directive

## 3.9.0 - 2017-10-13

### Added
- `csp` now supports `strict-dynamic` value
- `csp` now supports `require-sri-for` directive
Expand All @@ -83,22 +71,18 @@
- Removed `connect` dependency

## 3.8.2 - 2017-09-27

### Changed
- Updated `connect` dependency to latest

## 3.8.1 - 2017-07-28

### Fixed
- `csp` does not automatically set `report-to` when setting `report-uri`

## 3.8.0 - 2017-07-21

### Changed
- `hsts` no longer cares whether it's HTTPS and always sets the header

## 3.7.0 - 2017-07-21

### Added
- `csp` now supports `report-to` directive

Expand All @@ -107,50 +91,41 @@
- Add a few documentation files to `npmignore`

## 3.6.1 - 2017-05-21

### Changed
- Bump `connect` version

## 3.6.0 - 2017-05-04

### Added
- `expectCt` middleware for setting the `Expect-CT` header

## 3.5.0 - 2017-03-06

### Added
- `csp` now supports the `worker-src` directive

## 3.4.1 - 2017-02-24

### Changed
- Bump `connect` version

## 3.4.0 - 2017-01-13

### Added
- `csp` now supports more `sandbox` directives

## 3.3.0 - 2016-12-31

### Added
- `referrerPolicy` allows `strict-origin` and `strict-origin-when-cross-origin` directives

### Changed
- Bump `connect` version

## 3.2.0 - 2016-12-22

### Added
- `csp` now allows `manifest-src` directive

## 3.1.0 - 2016-11-03

### Added
- `csp` now allows `frame-src` directive

## 3.0.0 - 2016-10-28

### Changed
- `csp` will check your directives for common mistakes and throw errors if it finds them. This can be disabled with `loose: true`.
- Empty arrays are no longer allowed in `csp`. For source lists (like `script-src` or `object-src`), use the standard `scriptSrc: ["'none'"]`. The `sandbox` directive can be `sandbox: true` to block everything.
Expand All @@ -166,33 +141,28 @@
- iOS Chrome `connect-src` workaround in CSP module

## 2.3.0 - 2016-09-30

### Added
- `hpkp` middleware now supports the `includeSubDomains` property with a capital D

### Fixed
- `hpkp` was setting `includeSubdomains` instead of `includeSubDomains`

## 2.2.0 - 2016-09-16

### Added
- `referrerPolicy` middleware

## 2.1.3 - 2016-09-07

### Changed
- Top-level aliases (like `helmet.xssFilter`) are no longer dynamically required

## 2.1.2 - 2016-07-27

### Deprecated
- `nocache`'s `noEtag` option is now deprecated

### Fixed
- `csp` now better handles Firefox on mobile

## 2.1.1 - 2016-06-10

### Changed
- Remove several dependencies from `helmet-csp`

Expand All @@ -201,12 +171,10 @@
- `frameguard` docs in main Helmet readme said `frameguard`, not `helmet.frameguard`

## 2.1.0 - 2016-05-18

### Added
- `csp` lets you dynamically set `reportOnly`

## 2.0.0 - 2016-04-29

### Added
- Pass configuration to enable/disable default middlewares

Expand All @@ -223,12 +191,10 @@
- Update `frameguard` header name in readme

## 1.3.0 - 2016-03-01

### Added
- `hpkp` has a `setIf` option to conditionally set the header

## 1.2.0 - 2016-02-29

### Added
- `csp` now has a `browserSniff` option to disable all user-agent sniffing

Expand All @@ -237,7 +203,6 @@
- Add `npmignore` file to speed up installs slightly

## 1.1.0 - 2016-01-12

### Added
- Code of conduct
- `dnsPrefetchControl` middleware
Expand All @@ -246,19 +211,16 @@
- `csp` readme had syntax errors

## 1.0.2 - 2016-01-08

### Fixed
- `csp` wouldn't recognize `IE Mobile` browsers
- `csp` had some errors in its readme
- Main readme had a syntax error

## 1.0.1 - 2015-12-19

### Fixed
- `csp` with no User Agent would cause errors

## 1.0.0 - 2015-12-18

### Added
- `csp` module supports dynamically-generated values

Expand All @@ -278,20 +240,17 @@
- Dynamic `csp` policies is no longer recursive

## 0.15.0 - 2015-11-26

### Changed
- `hpkp` allows a `report-uri` without the `Report-Only` header

## 0.14.0 - 2015-11-01

### Added
- `nocache` now sends the `Surrogate-Control` header

### Changed
- `nocache` no longer contains the `private` directive in the `Cache-Control` header

## 0.13.0 - 2015-10-23

### Added
- `xssFilter` now has a function name
- Added new CSP docs to readme
Expand All @@ -300,7 +259,6 @@
- HSTS option renamed from `includeSubdomains` to `includeSubDomains`

## 0.11.0 - 2015-09-18

### Added
- `csp` now supports Microsoft Edge
- CSP Level 2 support
Expand All @@ -314,7 +272,6 @@
- Empty `csp` directives now support every directive, not just `sandbox`

## 0.10.0 - 2015-07-08

### Added
- Add "Handling CSP violations" to `csp` readme
- Add license to `package.json`
Expand All @@ -327,13 +284,11 @@
- `hpkp` might have miscalculated `maxAge` slightly wrong

## 0.9.0 - 2015-04-24

### Changed
- `nocache` adds `private` to its `Cache-Control` directive
- Added a description to `package.json`

## 0.8.0 - 2015-04-21

### Changed
- Removed hefty Lodash dependency from HSTS and CSP
- Updated string detection module in Frameguard
Expand All @@ -346,13 +301,11 @@
- `crossdomain` is no longer a default middleware

## 0.7.1 - 2015-03-23

### Changed
- Updated all outdated dependencies (insofar as possible)
- HSTS now uses Lodash like all the rest of the libraries

## 0.7.0 - 2015-03-05

### Added
- `hpkp` middleware

Expand All @@ -361,13 +314,11 @@
- Minor code cleanup

## 0.6.2 - 2015-03-01

### Changed
- Improved `xssFilter` performance
- Updated Lodash versions

## 0.6.1 - 2015-02-13

### Added
- "Other recommended modules" in README

Expand All @@ -378,44 +329,38 @@
- `frameguard` middleware exported a function called `xframe`

## 0.6.0 - 2015-01-21

### Added
- You can disable `csp` for Android

### Fixed
- `csp` on Chrome Mobile on Android and iOS

## 0.5.4 - 2014-12-21

### Changed
- `nocache` should force revalidation

## 0.5.3 - 2014-12-08

### Changed
- `platform` version in CSP and X-XSS-Protection

### Fixed
- Updated bad wording in frameguard docs

## 0.5.2 - 2014-11-16

### Changed
- Updated Connect version

### Fixed
- Fixed minor `csp` bugfixes

## 0.5.1 - 2014-11-09

### Changed
- Updated URLs in `package.json` for new URL

### Fixed
- CSP would set all headers forever after receiving an unknown user agent

## 0.5.0 - 2014-10-28

### Added
- Most middlewares have some aliases now

Expand All @@ -436,18 +381,15 @@
- Readme link was broken

## 0.4.2 - 2014-10-16

### Added
- Support preload in HSTS header

## 0.4.1 - 2014-08-24

### Added
- Use [helmet-crossdomain](https://github.com/helmetjs/crossdomain) to test the waters
- 2 spaces instead of 4 throughout the code

## 0.4.0 - 2014-07-17

### Added
- `nocache` now sets the Expires and Pragma headers
- `nocache` now allows you to crush ETags
Expand All @@ -460,7 +402,6 @@
- Allow HSTS to have a max-age of 0

## 0.3.2 - 2014-06-30

### Added
- All middleware functions are named
- Throw error with non-positive HSTS max-age
Expand Down

0 comments on commit 6ac5e84

Please sign in to comment.