Releases: malach-it/boruta-server
Releases · malach-it/boruta-server
[0.8.0] - 2025-07-12
Added
- [auth] agent credentials / code flows
- [wallet] key selection
- [ssi] verify public client id oauth client option
Changed
- [auth] max authorization code ttl to 600 seconds
- [ssi] remove authentication on siopv2 flow
Fixed
- [admin] file upload text editor update
- [ssi] expose public credential configuration for authenticated users
- [wallet] fix presentation duplicates
Security
- [auth] experimental request rate limiting
- [auth] remove dynamic client registration
[0.7.2] - 2025-04-13
Fixed
- [auth] fix boruta core migration
[0.7.1] - 2025-04-05
Fixed
- [ssi] do not use ES256 alg to verify EdDSA JWTs
- [identity] expose default templates static assets
[0.7.0] - 2025-03-26
Added
- [admin] signatures adapter
- [wallet] display an error when no credential match presentation
- [identity] add reload button in credentials temapltes
- [wallet] close qr code scanner on click
Security
- [wallet] fix npm vulnerabilities
- [admin] fix npm vulnerabilities
[0.6.1] - 2025-03-15
Security
- [admin] update verifiable presentations default template
[0.6.0] - 2025-03-15
Added
- [identity] passwordless user creation (WIP)
- [identity] destroy user
- [ssi] transaction code in OID4VCI preauthorized code flow
- [ssi] vct configuration in verifiable credentials
- [admin] feedback form
- [wallet] web identity wallet bootstrap (PWA)
- [identity] scope user emails per backend
- [admin] decentralized identity example flows
- [ssi] verifiable credentials nested claims
Changed
- [identity] remove user metadata value constraints
- [admin] verifiable credentials claim format
Fixed
- [admin] defered configuration
- [admin] example credential issuance link
- [ssi] oauth clients did persistence
- [admin] verifiable presentation definition text edition
Security
- [admin] remove cdnjs dependency
- [identity] remove picsum dependency
[0.5.1] - 2024-11-21
Added
- [admin] user csv import metadata
- [infra] organization creation in static configuration
- [admin] client key pair configuration + support for EC keys
Fixed
- [ssi] several verifiable credentials issuance and presentation fixes
- [auth] configurable status display in id_token claims
- [admin] user with empty metadata save
- [admin] federated users deletion
[0.5.0] - 2024-10-17
Added
- [ssi] OpenID for Verifiable Credentials Presentation implementation
[0.4.2] - 2024-09-20
Fixed
- [auth] fix authorize entrypoint
[0.4.1] - 2024-09-18
Fixed
- [admin] ipv6 log display
Security
- [infra] remove .env.example.sig as suspicious file
[0.4.0] 2024-09-01
Added
- [ssi] Configurable verifiable credentials issuance with oid4vci implementation
- [ssi] Siopv2 same device implementation
- [auth] Demonstration proof of possession implementation
- [auth] Pushed Authorization Request implementation
- [infra] Server ip address bindings configuration via environment variables
- [infra]Infrastructure as Code with static file configuration
- [admin] Admin ui improvements
- [auth] Better identity federation
- [identity] Webauthn integration
- [infra] Remote IP logging
Security
- [admin] instance authenticated admins are sub or organization restricted
Fixed
- [infra] Fix organization and sub admin access restriction