v5.0.0

• Bump release-it from 16.3.0 to 17.0.5 (#348) (37ee11e)
• Bump eslint-plugin-prettier from 4.2.1 to 5.1.3 (#346) (0ca8d55)
• Bump eslint-config-prettier from 8.10.0 to 9.1.0 (#345) (a03f9e8)
• Bump eslint-plugin-deprecation from 1.5.0 to 2.0.0 (#347) (98948f4)
• Bump sinon and @types/sinon (#349) (13de547)
• Bump actions/checkout from 3 to 4 (#330) (184c560)
• Update minor dependencies and Node to 18 (#344) (02b6434)
• Added X509 certificate to KeyInfo X509Data, if passed through options (#36) (60b497d)
• Rename cert to idpCert and signingCert to publicCert (#343) (66e237a)
• Export generateServiceProviderMetadata (#337) (c5a2cc9)
• Fix metadata order (#334) (31185e0)
• Update to current Node versions (#342) (de17540)
• Upgrade to latest version of xml-crypto (#341) (69c354d)
• Fixes node-saml not checking all Audiences in an AudienceRestriction (#340) (cb13ea6)
• Add test coverage for initialize() of saml.ts (#327) (e691ccf)
• Enforce valid setting for validateInResponseTo (#314) (cbe102a)
• Merge pull request from GHSA-vx8m-6fhw-pccw (045e3b9)
• Bump prettier from 2.8.8 to 3.0.0 (#300) (58495fe)
• Bump prettier-plugin-packagejson from 2.4.3 to 2.4.5 (#307) (95deffc)
• Bump eslint from 8.42.0 to 8.45.0 (#306) (f7e8eeb)
• Bump release-it from 15.11.0 to 16.1.3 (#305) (1db11a0)
• Bump @cjbarth/github-release-notes from 4.0.0 to 4.1.0 (#304) (00f530f)
• Bump @types/node from 14.18.50 to 14.18.53 (#303) (158f1d8)
• Bump @typescript-eslint/eslint-plugin from 5.59.9 to 5.62.0 (#302) (6c51953)
• Bump @xmldom/xmldom from 0.8.8 to 0.8.10 (#301) (6b90d42)
• Bump @typescript-eslint/parser from 5.59.9 to 5.62.0 (#299) (e4ba107)
• Bump word-wrap from 1.2.3 to 1.2.4 (#298) (ac3640c)
• Bump sinon from 14.0.2 to 15.2.0 (#294) (0f9e5f1)
• Bump typescript from 4.8.4 to 5.1.6 (#293) (5b6422c)
• Bump @typescript-eslint/parser from 5.59.9 to 5.60.1 (#292) (4d5e1b7)
• Bump concurrently from 7.6.0 to 8.2.0 (#290) (38963c6)
• Add tests for XML parsing with comments (#285) (fbc1835)
• Remove dependency on Passport types (#296) (a32c441)
• Separate linting out from testing (#288) (9657c66)
• Add test coverage (#287) (ee1aa4f)
• Prefer Chai expect to Node assert (#286) (57336bb)
• Remove express dependency (#284) (86a1654)
• Fix spelling and normalize naming (#278) (8fe5b4b)
• Roll-up changelog entries for beta releases (#282) (1960be9)
• Update minor dependencies (#283) (5d6099b)
• Bump codecov/codecov-action from 3.1.1 to 3.1.4 (#279) (1cd8af0)
• Bump @typescript-eslint/parser from 5.58.0 to 5.59.8 (#281) (d1555ff)
• Bump prettier from 2.8.7 to 2.8.8 (#274) (74220de)
• Bump json5 from 2.2.1 to 2.2.3 (#244) (aff183a)
• Bump vm2 from 3.9.16 to 3.9.19 (#277) (8f7cea6)
• Export types required for SamlOptions (#224) (2b4d8e1)
• Remove types specific to Passport (#226) (0a854cc)
• Add public key support (#225) (8920013)
• Make callbackUrl manditory (#214) (96ac785)
• feat: support additionalParams on HTTP-POST binding (#263) (40b4620)
• Acknowledge that XML can be parsed to any (#271) (acf68ea)
• feat: add public getAuthorizeMessage method (#235) (cb89ced)
• Improve audience mismatch error message (#257) (44fc789)
• Update minor dependencies (#269) (7450241)

v4.0.5

• Test fix vulnerability with linting (#319) (f35191d)
• Merge pull request from GHSA-vx8m-6fhw-pccw (0546d48)
• Lint (#317) (823f940)
• Merge pull request from GHSA-vx8m-6fhw-pccw (fb7fb9f)

v4.0.4

• Bump xml2js from 0.4.23 to 0.5.0 (#268) (b912708)
• Bump xml-encryption from 3.0.1 to 3.0.2 (#236) (f86252b)

v4.0.3

• Bump eslint from 8.26.0 to 8.29.0 (#234) (ccff188)
• Bump eslint-plugin-deprecation from 1.3.2 to 1.3.3 (#232) (c6fc32c)
• Bump @typescript-eslint/eslint-plugin from 5.43.0 to 5.45.0 (#231) (67b33c6)
• Bump concurrently from 7.5.0 to 7.6.0 (#230) (6e9a7e4)
• Bump prettier from 2.7.1 to 2.8.0 (#229) (452ab3d)

v4.0.2

• fix: correct handling of XML entities in signature attributes (#221) (b1263c7)
• Remove pre-release comments from README (#223) (7c0f0da)
• Expose ValidateInResponseTo as it is required in options (#220) (51e3876)

v4.0.1

• Bump @typescript-eslint/eslint-plugin from 5.41.0 to 5.43.0 (#216) (49680ab)
• Bump @typescript-eslint/parser from 5.41.0 to 5.43.0 (#217) (50ec13a)
• Lock to TypeScript <4.9.0 due to a regression in 4.9.3 (#219) (f883350)
• Bump @types/node from 14.18.32 to 14.18.33 (#201) (ea11fba)
• Fixes #208, updated readme by updating package names. (#210) (18abb83)
• Remove check now covered by dependency (#215) (38b8cc0)
• Bump xml-crypto from 3.0.0 to 3.0.1 (#205) (d777940)
• Update @xmldom/xmldom (#213) (9c047c0)

v4.0.0

• Update types (#199) (dffab30)
• Update dependencies, including locked ones (#198) (6b7774c)
• Throw if multiple XML roots detected (#195) (60e944c)
• feat: expose getLogoutResponseUrlAsync publicly (#194) (cc75f48)
• Update Dependencies (#197) (27acce1)
• Bump @xmldom/xmldom from 0.7.5 to 0.7.6 (#196) (d539543)
• Bump @xmldom/xmldom from 0.8.2 to 0.8.3 (#188) (6602dc9)
• Update documentation to remove ADFS references; rename passport-saml (#190) (b850552)

v4.0.0-beta.6

• Update changelog build tools (#189) (c13d170)

v4.0.0-beta.5

• Merge pull request from GHSA-5p8w-2mvw-38pv (c1f275c)
• Bump node-fetch and release-it (#187) (8298943)
• Bump parse-url and release-it (#176) (e19d21a)
• Bump @typescript-eslint/parser from 5.36.2 to 5.40.0 (#186) (540dcac)
• Bump prettier-plugin-packagejson from 2.2.18 to 2.3.0 (#185) (fe1a9e2)
• Bump @types/passport from 1.0.9 to 1.0.11 (#182) (1110461)
• Bump @typescript-eslint/eslint-plugin from 5.36.2 to 5.38.1 (#183) (fc3b326)
• Bump typescript from 4.8.3 to 4.8.4 (#181) (3173d1a)
• Bump codecov/codecov-action from 3.1.0 to 3.1.1 (#180) (f577f61)
• Bump vm2 from 3.9.10 to 3.9.11 (#179) (ca7d423)
• Require all assertions be signed; add option to disable (#177) (3fdaa74)
• Clean up signature tests (#178) (4ca80ae)
• Require document signature; add option disable (#83) (187f8ae)
• Remove some usage of any type (#175) (2f2f11d)
• Add prerelease script (#174) (5d22723)

v4.0.0-beta.4

• Update changelog (#173) (f61c8ab)
• Bump @typescript-eslint/eslint-plugin from 5.30.7 to 5.36.2 (#171) (af004c6)
• Bump @types/chai from 4.3.1 to 4.3.3 (#172) (a8bb9e7)
• Bump @typescript-eslint/parser from 5.30.7 to 5.36.2 (#170) (86d23f2)
• Bump eslint from 8.19.0 to 8.23.0 (#163) (bfec84f)
• Bump typescript from 4.7.4 to 4.8.3 (#169) (c41bf06)
• Bump concurrently from 7.2.2 to 7.3.0 (#136) (e7c192f)
• Bump @types/sinon from 10.0.12 to 10.0.13 (#134) (974b3b6)
• Fix generate unique metadata ID (#158) (ddd409a)
• deps: move express to devDependencies because it is only used in a test (#161) (3ceeaa1)
• Update changelog (#162) (082090d)
• Remove insecure clockSkew recommendation (#151) (3378c91)
• Reduce frequency of dependabot updates (#152) (0b66718)
• Include AuthnRequestsSigned attribute in all metadata (#143) (d03d9ae)
• Consolidate all SAML class code to single file (#147) (cf9d3bc)
• Add support for metadata ContactPerson and Organization (#140) (e7767f1)
• fix: change url.parse && add eslint deprecation (#141) (718508e)
• Refactor process routines out of saml.ts (#130) (fec480d)
• Refactor generate functions to a separate file (#129) (20ceb86)
• Assert booleans when constructing options object (#85) (4355f8f)
• Refactor code for better functional grouping (#128) (b9b6ef9)
• Bump @typescript-eslint/parser from 5.30.5 to 5.30.7 (#125) (07222bc)
• Bump @types/node from 14.18.16 to 14.18.22 (#124) (d923eba)
• Bump @typescript-eslint/eslint-plugin from 5.30.6 to 5.30.7 (#123) (c71d2e6)
• Bump release-it from 15.1.1 to 15.1.2 (#122) (72a47f6)
• Bump ts-node from 10.8.2 to 10.9.1 (#126) (56c8268)
• Bump release-it from 15.0.0 to 15.1.1 (#117) (9713297)
• Bump xml-crypto from 2.1.3 to 2.1.4 (#118) (1a8b67d)
• Bump ts-node from 10.7.0 to 10.8.2 (#119) (26fa870)
• Bump @typescript-eslint/eslint-plugin from 5.30.5 to 5.30.6 (#120) (3f91978)
• Bump @typescript-eslint/eslint-plugin from 5.30.3 to 5.30.5 (#114) (873dabb)
• Bump parse-url from 6.0.0 to 6.0.2 (#115) (4ada80d)
• Bump @typescript-eslint/parser from 5.22.0 to 5.30.5 (#113) (cdabb85)
• Bump @types/passport from 1.0.7 to 1.0.9 (#112) (a31b9db)
• Bump eslint from 8.14.0 to 8.19.0 (#111) (109226a)
• Bump eslint-plugin-prettier from 4.0.0 to 4.2.1 (#104) (99c3f3e)
• Bump prettier from 2.6.2 to 2.7.1 (#107) (8cbc709)
• Bump @types/sinon from 10.0.11 to 10.0.12 (#106) (cf0f01a)
• Bump typescript from 4.6.4 to 4.7.4 (#105) (56e52d0)
• Have dependabot update package.json too (#109) (35cd78f)
• Bump sinon from 13.0.2 to 14.0.0 (#102) (e704b7f)
• Bump concurrently from 7.1.0 to 7.2.2 (#100) (86dc29c)
• Bump prettier-plugin-packagejson from 2.2.17 to 2.2.18 (#103) (f732e5c)
• Bump @typescript-eslint/eslint-plugin from 5.22.0 to 5.30.3 (#99) (6576a2c)
• Bump actions/checkout from 2 to 3 (#97) (d502c09)
• Update CodeQL to v2 (#95) (46aed1b)
• Add dependabot config file (#96) (7e32f06)
• Update badges for scoped package (#93) (75aa798)