Skip to content

Commit 9c5f518

Browse files
psibeanpsibean
committed
chore(release): 4.0.3
1 parent 113287d commit 9c5f518

File tree

3 files changed

+25
-5
lines changed

3 files changed

+25
-5
lines changed

CHANGELOG.md

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,16 @@
22

33
All notable changes to this project will be documented in this file. See [commit-and-tag-version](https://github.com/absolute-version/commit-and-tag-version) for commit guidelines.
44

5+
## [4.0.3](https://github.com/Psifi-Solutions/csrf-csrf/compare/v4.0.2...v4.0.3) (2025-05-27)
6+
7+
`generateCsrfToken` will now **always** check if the existing token is valid before returning it. This validation is only derived from the request cookie, this way `GET` requests are not expected to include the CSRF token to ensure token reuse, this was a bug and not the intended/expected behavior.
8+
9+
If the CSRF token container in the request is somehow invalid when `generateCsrfToken` is called, this will be silently ignored and a new valid CSRF token will be generated and returned. If `validateOnReuse` is set to true, an error will be thrown instead.
10+
11+
### Bug Fixes
12+
13+
* validateOnReuse incorrectly throws ([26b3dd6](https://github.com/Psifi-Solutions/csrf-csrf/commit/26b3dd61307ad7588fdc6f20118dfc64fc039f0b))
14+
515
## [4.0.2](https://github.com/Psifi-Solutions/csrf-csrf/compare/v4.0.0...v4.0.2) (2025-05-09)
616

717

package-lock.json

Lines changed: 2 additions & 2 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 13 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"name": "csrf-csrf",
3-
"version": "4.0.2",
3+
"version": "4.0.3",
44
"description": "A utility package to help implement stateless CSRF protection using the Double Submit Cookie Pattern in express.",
55
"type": "module",
66
"main": "./dist/index.cjs",
@@ -17,7 +17,12 @@
1717
}
1818
},
1919
"types": "./dist/index.d.ts",
20-
"files": ["dist/index.js", "dist/index.cjs", "dist/index.d.ts", "dist/index.d.cts"],
20+
"files": [
21+
"dist/index.js",
22+
"dist/index.cjs",
23+
"dist/index.d.ts",
24+
"dist/index.d.cts"
25+
],
2126
"scripts": {
2227
"build": "tsup",
2328
"build:clean": "npm run clean && npm run build",
@@ -34,7 +39,12 @@
3439
"license": "ISC",
3540
"homepage": "https://github.com/Psifi-Solutions/csrf-csrf",
3641
"repository": "https://github.com/Psifi-Solutions/csrf-csrf",
37-
"keywords": ["csrf", "middleware", "express", "tokens"],
42+
"keywords": [
43+
"csrf",
44+
"middleware",
45+
"express",
46+
"tokens"
47+
],
3848
"devDependencies": {
3949
"@biomejs/biome": "1.9.4",
4050
"@types/cookie-parser": "^1.4.8",

0 commit comments

Comments
 (0)