Remarks regarding v6.0.0 release notes

Uzlopak commented 2 years ago

Prerequisites

[X] I have written a descriptive issue title
[X] I have searched existing issues to ensure the issue has not already been raised

Issue

I think that after merging #115 we are set to go and can publish next major version.

In the release notes we should note that we updated the used version of @fastify/csrf and that the csrf tokens will be by default sha256 hashed. And if they want to still use sha1 algorithm they will have to add algorithm: 'sha1' to csrfOpts.

I assume that some devs of massively used implementations maybe want to avoid csrf errors in production or have some concerns regarding user experience. So we should inform then to avoid surprises.

@eomm @mcollina

Uzlopak commented 2 years ago

I think it is ready for publishing the next major :)

@eomm @mcollina

Eomm commented 2 years ago

done https://github.com/fastify/csrf-protection/releases/tag/v6.0.0

fastify / csrf-protection

Remarks regarding v6.0.0 release notes #116

Prerequisites

Issue