wa 2.1.0-beta1

Git tag 2.1.0-beta1

What's new since 2.0.0-rc7

This release upgrades the underlying WebAuthn cryptography library from the
5.2 series to 5.3.

wa 2.0.0-rc7

Git tag 2.0.0-rc7
Bug fixes
New features

New feature:

  • A switch to turn off OTP email.

Behaviour changed:

  • External redirects after logging are blocked.
    Note: Redirects to external URLs (e.g., https://example.com) are rejected to prevent open redirect attacks. This is a deliberate security measure. If an external redirect by other module (this module won't redirect the user) is detected, the user is redirected to their profile page instead, and a warning is logged.

wa 2.0.0-rc6

Git tag 2.0.0-rc6

Dependency update: Minimum version of web-auth/webauthn-lib bumped from ^5.2 to ^5.2.4.
This addresses GHSA-f7pm-6hr8-7ggm — an origin validation bypass in the upstream WebAuthn library.

wa 2.0.0-rc5

Git tag 2.0.0-rc5

Security hardening.

wa 2.0.0-rc4

Git tag 2.0.0-rc4

Change since RC3:

  • Credential ID Standardization

Note:
There is a database update with this release, which means you need to run the database update after updating to this version from previous version. If you install this module for the first time on your site, then you can ignore this note.

wa 2.0.0-rc3

Git tag 2.0.0-rc3

Release Candidate 3.

wa 2.0.0-rc2

Git tag 2.0.0-rc2
Bug fixes

Fix a bug where the ticket ID is missing in the error message.

wa 2.0.0-rc1

Git tag 2.0.0-rc1
Bug fixes

Stable release candidate 1.

wa 2.0.0-beta3

Git tag 2.0.0-beta3

Final beta version before release candidate.

wa 2.0.0-beta2

Git tag 2.0.0-beta2
Bug fixes

Beta 2 for real-world tests.

wa 2.0.0-beta1

Git tag 2.0.0-beta1

Beta 1 for real-world tests.

wa 2.0.0-alpha3

Git tag 2.0.0-alpha3

Change since Alpha 2:

  • Challenge Expiration/TTL

wa 1.0.0-beta9

Git tag 1.0.0-beta9
Unsupported

Change since beta 8:

  • Avoid PHP 8.4 requirement.

wa 2.0.0-alpha2

Git tag 2.0.0-alpha2

Change since Alpha 1:

  • Avoid PHP 8.4 requirement.

wa 2.0.0-alpha1

Git tag 2.0.0-alpha1
New features

2.0.0 Alpha 1 release for testing.

wa 2.0.x-dev

Git branch 2.0.x

2.0.x dev branch release for testing.

wa 1.0.0-beta8

Git tag 1.0.0-beta8
New features
Unsupported

New feature:

  • Login form display setting.

wa 1.0.0-beta7

Git tag 1.0.0-beta7
Bug fixes
New features
Unsupported

New configuration for Resident Key Requirement.

wa 1.0.0-beta6

Git tag 1.0.0-beta6
New features
Unsupported

New feature:

  • Notification email to user for a new passkey added.

wa 1.0.0-beta5

Git tag 1.0.0-beta5
Bug fixes
Unsupported

Beta 5 is ready for tests in a staging environment.

wa 1.0.0-beta4

Git tag 1.0.0-beta4
Bug fixes
Unsupported

Changes since Beta3:

wa 1.0.0-beta3

Git tag 1.0.0-beta3
Bug fixes
New features
Unsupported

Changes since beta2:

wa 1.0.0-beta2

Git tag 1.0.0-beta2
New features
Unsupported

wa 1.0.0-beta1

Git tag 1.0.0-beta1
Unsupported

Beta release for real world test.

wa 1.0.0-alpha2

Git tag 1.0.0-alpha2
New features
Unsupported

Last Alpha release before feature frozen.

wa 1.0.0-alpha1

Git tag 1.0.0-alpha1
Unsupported

Ready for Alpha 1 test.

wa 1.0.x-dev

Git branch 1.0.x

1.0 develop branch release for testing.

Subscribe with RSS Subscribe to Releases for WebAuthn (Passkey)