Release 4.1.5

What's Changed

• fix(*): timeout remember cookies instead of deleting by @bungle in #203
• feat(redis): support cloud Redis AuthN by @Water-Melon in #205

New Contributors

• @Water-Melon made their first contribution in #205

Full Changelog: v4.1.4...v4.1.5

Release 4.1.4

Fixed

• fix(redis-cluster): correctly pass username and password in #202

Full Changelog: v4.1.3...v4.1.4

Release 4.1.3

Fixed

• fix(utils): disable the SP800-132 compliance checks (on FIPS mode, but doesn't violate FIPS) by @ms2008 in #200

New Contributors

• @ms2008 made their first contribution in #200

Full Changelog: v4.1.2...v4.1.3

Release 4.1.2

Fixed

• fix(sesssion): revert caching hmac instance (fix #194, #196)

Full Changelog: v4.1.1...v4.1.2

Release 4.1.1

Fixed

• fix(deps): bump minimum resty.openssl to 1.5.0 (fix #190)
• fix(session): fix a backward incompatible change in 4.1.0 where storage was given as false
  (the false is again a synonym to "cookie")

Full Changelog: v4.1.0...v4.1.1

Release 4.1.0

Fixed

• fix(session): take absolute timeout in account when calculating storage ttl
• fix(session): remember function didn't store flags as expected

Added

• feat(session): allow binding session to external data

Changed

• chore(utils): safer utils.is_fips_mode (fix #176)
• chore(session): a bit more relaxed assertions (fix #175)
• chore(utils): better caching of crypto primitives and move to non-deprecated crypto

Full Changelog: v4.0.5...v4.1.0

Release 4.0.5

Fixed

• fix(dshm/memcached): add a missing return parameter as otherwise pool parameters are not respected, fix #171

Release 4.0.4

• chore(utils): remove dependency for lua_pack, fix #158

Release 4.0.3

Fixed

• fix(*): redis authorization

Release 4.0.2

Fixed

• fix(*): hkdf is not approved by FIPS, use PBKDF2 instead on FIPS-mode