Skip to content

Releases: paragonie/sapient

v1.1.2

26 Jun 17:00
@paragonie-security paragonie-security
v1.1.2
This tag was signed with the committer’s verified signature.
paragonie-security P.I.E. Security Team
GPG key ID: 6B97A1C2826404DA
Learn about vigilant mode.
8da9e77
Compare
Choose a tag to compare
v1.1.2 Latest
Latest

Fixes #17 via #19 (thanks @carnage!)

This supersedes the bad release v1.1.1 which has been deleted because the syntax of cloning created misbehavior.

- $body = (string) clone $response->getBody();
+ $body = (string) (clone $response)->getBody();
Assets 2

Version 1.1.0

17 Apr 09:08
@paragonie-security paragonie-security
v1.1.0
This tag was signed with the committer’s verified signature.
paragonie-security P.I.E. Security Team
GPG key ID: 6B97A1C2826404DA
Learn about vigilant mode.
bae5f15
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Version 1.1.0
  • Supports PHP 8
  • Migrated to Github Actions
Assets 2

Version 1.0.2

06 Nov 19:26
@paragonie-scott paragonie-scott
v1.0.2
This tag was signed with the committer’s verified signature.
paragonie-security P.I.E. Security Team
GPG key ID: 6B97A1C2826404DA
Learn about vigilant mode.
0f10cb2
Compare
Choose a tag to compare
Version 1.0.2
  • Merged #15 which fixes the header selection for Symmetric Authentication
  • Now unit tested against PHP 7.3, 7.4snapshot, and nightly.
  • Boyscouted the test suite.
Assets 2

Version 1.0.1

02 May 18:00
@paragonie-scott paragonie-scott
v1.0.1
This tag was signed with the committer’s verified signature.
paragonie-security P.I.E. Security Team
GPG key ID: 6B97A1C2826404DA
Learn about vigilant mode.
8d1f560
Compare
Choose a tag to compare
Version 1.0.1
  • Updated some unit tests.
  • Sapient now passes Psalm's inspections in totallyTyped mode.
  • Added PHP 7.2 to the Travis CI configuration.
Assets 2

Version 1.0.0

25 Jun 23:28
@paragonie-scott paragonie-scott
v1.0.0
This tag was signed with the committer’s verified signature.
paragonie-security P.I.E. Security Team
GPG key ID: 6B97A1C2826404DA
Learn about vigilant mode.
ceaf282
Compare
Choose a tag to compare
Version 1.0.0

Sapient is now stable. The only changes since v0.5.0 have been documentation related, including a specification.

Any crypto details not covered in the specification document should be deferred to "whatever libsodium does".

Assets 2

Version 0.5.0

25 Jun 20:14
@paragonie-scott paragonie-scott
v0.5.0
This tag was signed with the committer’s verified signature.
paragonie-security P.I.E. Security Team
GPG key ID: 6B97A1C2826404DA
Learn about vigilant mode.
40cd58b
Compare
Choose a tag to compare
Version 0.5.0 Pre-release
Pre-release

This may be the final pre-1.0 release. Some changes:

  • Added some documentation.
  • Reorganized some of the code in a non-BC-breaking way.
  • Renamed a few methods that weren't documented, to make our public API more consistent.
  • Improved the README.

I'll probably do a little more documentation work then tag v1.0 shortly.

Assets 2

Version 0.4.0

23 Jun 22:54
@paragonie-scott paragonie-scott
v0.4.0
This tag was signed with the committer’s verified signature.
paragonie-security P.I.E. Security Team
GPG key ID: 6B97A1C2826404DA
Learn about vigilant mode.
5c9532d
Compare
Choose a tag to compare
Version 0.4.0 Pre-release
Pre-release
  • We've introduced a generic adapter, and separated the convenience methods (create*()) into their own interface.
  • You no longer need an adapter if you're only passing PSR-7 compliant objects that implement RequestInterface or ResponseInterface to the appropriate methods; it defaults to the generic adapter.
Assets 2

Version 0.3.0 (contains BC breaks)

22 Jun 20:53
@paragonie-scott paragonie-scott
v0.3.0
This tag was signed with the committer’s verified signature.
paragonie-security P.I.E. Security Team
GPG key ID: 6B97A1C2826404DA
Learn about vigilant mode.
3ec61d4
Compare
Choose a tag to compare
Version 0.3.0 (contains BC breaks) Pre-release
Pre-release
  • (#6) Sapient is no longer a subclass of the Guzzle HTTP client. BC Break
    • Instead, it expects an instance of a new AdapterInterface passed to the constructor, which allows multiple HTTP implementations to be used.
    • Future scope: Make this argument optional, default to a generic adapter (which does not yet exist).
  • (#2) Public key encryption is now based on XChaCha20 instead of XSalsa20. BC Break
    • Our key and nonce derivation now use a similar construction to libsodium's crypto_kx
      • Difference: BLAKE2b output size is 56 bytes instead of 32
      • The first 32 are the key, the last 24 are the nonce
      • This maps a 32 byte shared secret and two 32 byte public keys, passed through a secure hash function, to a 56-byte pseudorandom output; this should prove to be secure so long as X25519 is secure
Assets 2

Version 0.2.0

21 Jun 17:56
@paragonie-scott paragonie-scott
v0.2.0
This tag was signed with the committer’s verified signature.
paragonie-security P.I.E. Security Team
GPG key ID: 6B97A1C2826404DA
Learn about vigilant mode.
2f03bf5
Compare
Choose a tag to compare
Version 0.2.0 Pre-release
Pre-release

This release mostly addresses some minor oversights in the API design. I also added docblocks and fleshed out the README a little more.

Assets 2

Version 0.1.0 (First Alpha Release)

21 Jun 03:56
@paragonie-scott paragonie-scott
v0.1.0
This tag was signed with the committer’s verified signature.
paragonie-security P.I.E. Security Team
GPG key ID: 6B97A1C2826404DA
Learn about vigilant mode.
eb34f49
Compare
Choose a tag to compare
Version 0.1.0 (First Alpha Release) Pre-release
Pre-release

This exists. Hopefully it's not horrendously broken.

Documentation and usability enhancements are very welcome.

Assets 2