Changelog 4.10.0

[aldas]

This version will deprecate JWT middleware and introduces new repository for it. This addresses many-many tickets like that #2323 and #2122 (comment)

Add JWT middleware dependency with go modules

go get github.com/labstack/echo-jwt/v4

Docs and example can be found here https://github.com/labstack/echo-jwt

---

Security

• We are deprecating JWT middleware in this repository. Please use https://github.com/labstack/echo-jwt instead.

  JWT middleware is moved to separate repository to allow us to bump/upgrade version of JWT implementation (github.com/golang-jwt/jwt) we are using which we can not do in Echo core because this would break backwards compatibility guarantees we try to maintain.

• This minor version bumps minimum Go version to 1.17 (from 1.16) due golang.org/x/ packages we depend on. There are several vulnerabilities fixed in these libraries.

  Echo still tries to support last 4 Go versions but there are occasions we can not guarantee this promise.

Enhancements

• Bump x/text to 0.3.8 #2305
• Bump dependencies and add notes about Go releases we support #2336
• Add helper interface for ProxyBalancer interface #2316
• Expose middleware.CreateExtractors function so we can use it from echo-contrib repository #2338
• Refactor func(Context) error to HandlerFunc #2315
• Improve function comments #2329
• Add new method HTTPError.WithInternal #2340
• Replace io/ioutil package usages #2342
• Add staticcheck to CI flow #2343
• Replace relative path determination from proprietary to std #2345
• Remove square brackets from ipv6 addresses in XFF (X-Forwarded-For header) #2182
• Add testcases for some BodyLimit middleware configuration options #2350
• Additional configuration options for RequestLogger and Logger middleware #2341
• Add route to request log #2162
• GitHub Workflows security hardening #2358
• Add govulncheck to CI and bump dependencies #2362
• Fix rate limiter docs #2366
• Refactor how e.Routes() work and introduce e.OnAddRouteHandler callback #2337