Releases: manimovassagh/rampart
v4.1.0 — Security Hardening Release
Changes
44f353f fix: resolve CI pipeline failures
d1af87e security: bind refresh tokens to original authorized scope
401e07d security: atomic refresh token rotation, webhook secrets, encryption enforcement
f5a7886 security: fix core Go issues — JSON errors, body limits, validation
d812c47 security: fix adapter security issues batch 2
911eded security: harden CI/CD permissions, Docker config, tool pinning
d5133ef security: prevent TOTP replay, add social cookie expiry, fix tests
8bf9111 security: fix cross-tenant access in SCIM, admin console, and roles
499132f security: verify client_secret for confidential OAuth clients
769d0dc security: fix 12 medium and high issues across core, adapters, docs
ed5f852 security: fix Go adapter vulns, add DB SSL warning
4e1ba4a security: fix adapter vulnerabilities across Spring, .NET, Python
dc0bfb1 security: harden CI/CD pipelines
63f7344 security: fix 10 critical, high, and medium vulnerabilities
Checksums
See .sha256 files for each binary.
What's Changed
- security: fix 10 critical, high, and medium vulnerabilities by @manimovassagh in #336
- security: harden CI/CD pipelines by @manimovassagh in #337
- security: fix adapter vulnerabilities across Spring, .NET, Python by @manimovassagh in #338
- security: fix Go adapter vulns, add DB SSL warning by @manimovassagh in #339
- security: fix 12 medium and high issues across core, adapters, docs by @manimovassagh in #340
- security: verify client_secret for confidential OAuth clients by @manimovassagh in #341
- security: fix cross-tenant access in SCIM, admin console, and roles by @manimovassagh in #342
- security: prevent TOTP replay, add social cookie expiry by @manimovassagh in #343
- security: harden CI/CD permissions, Docker config, tool pinning by @manimovassagh in #345
- security: fix adapter security issues batch 2 by @manimovassagh in #346
- security: fix core Go issues — JSON errors, body limits, validation by @manimovassagh in #347
- security: atomic refresh token rotation, webhook secrets, encryption enforcement by @manimovassagh in #348
- security: bind refresh tokens to original authorized scope by @manimovassagh in #349
- fix: resolve CI pipeline failures (gosec + docs-site) by @manimovassagh in #350
Full Changelog: v4.0.0...v4.1.0
Contributors
Assets 13
- 335 KB
2026-03-15T23:31:44Z - 19.6 MB
2026-03-15T23:31:44Z - 87 Bytes
2026-03-15T23:31:44Z - 18.4 MB
2026-03-15T23:31:45Z - 87 Bytes
2026-03-15T23:31:44Z - 19.1 MB
2026-03-15T23:31:44Z - 86 Bytes
2026-03-15T23:31:44Z - 17.8 MB
2026-03-15T23:31:44Z - 86 Bytes
2026-03-15T23:31:44Z - 19.6 MB
2026-03-15T23:31:44Z -
2026-03-15T23:28:17Z -
2026-03-15T23:28:17Z - Loading
v4.0.0 — MIT License, 15 Adapters, Production Ready
Changes
e600655 license: change from AGPL-3.0 to MIT for maximum adoption
7404f61 docs: update all READMEs and docs for 15 adapters v1.0.0
Checksums
See .sha256 files for each binary.
Full Changelog: v3.4.0...v4.0.0
v3.4.0 — 15 SDK Adapters
Changes
bbc5f5c chore: add Cargo.lock to gitignore (library crate)
3a723ab fix: remove Swift .build/ artifacts from git
3571679 feat: add Swift/iOS adapter (SwiftUI, Keychain, ASWebAuthenticationSession)
aaf2655 docs: update homepage to 15 SDK adapters with all new platforms
9bc5a63 feat: add Kotlin/Android adapter (Jetpack Compose, EncryptedSharedPreferences)
0cabe7b fix: remove Rust target/ build artifacts from git, add to gitignore
842f5a1 feat: add Rust adapter (Actix-web + Axum) with feature flags
0eedfe9 feat: add React Native adapter (@rampart-auth/react-native)
24b9c81 feat: add Ruby, PHP, and Flutter adapters
85afb73 docs: fix broken social login link in quickstart (points to configuration page)
1971307 docs: center comparison table on homepage
526f036 docs: use official Go logo instead of emoji on docs homepage
6ef2595 docs: fix Go icon from hamster to blue heart (Go brand color)
Checksums
See .sha256 files for each binary.
Full Changelog: v3.3.0...v3.4.0
v3.3.0 — Comprehensive Docs Overhaul
Changes
b7029cc docs: fix architecture docs (package structure, argon2id, data model)
e884fe3 docs: add .NET and Web SDK doc pages, update overview and sidebar
197f106 docs: fix configuration, contributing, intro, and Docker pages
aa6b78e docs: fix quickstart field names, API paths, and defaults
040d1b1 docs: fix npm scope @rampart/ → @rampart-auth/ in all SDK pages
d6f7788 docs: fix 12 inaccuracies on docs site homepage
Checksums
See .sha256 files for each binary.
Full Changelog: v3.2.0...v3.3.0
v3.2.0 — Tailwind Build Pipeline + Social Login UX
Changes
0e4b67a build: set up Tailwind CSS build pipeline for admin console
6b57ed3 docs: update login screenshot with registration link + all 3 social providers
8d94a3a ui: reorder social login buttons (Google, Apple, GitHub) + update README screenshot
098698a docs: update login screenshot with all 3 social providers (Apple, GitHub, Google)
40b3547 docs: update social providers screenshot, add docs recheck rule to CLAUDE.md
df172aa ui: add provider dropdown + copy button, fix Google icon colors
eda8040 ui: add copy button to social providers redirect URI banner
e98dcf2 ui: redesign social providers page with compact inline layout
ab8aa7d docs: add CSS and full power rules to CLAUDE.md
6237f43 ui: improve social providers admin page UX
c826aec docs: update React dashboard screenshot with sanitized Google social login user
c7a39c7 docs: update login screenshot showing Google social login button
f44209e docs: update social providers screenshot with Google enabled
3e3d6cd docs: replace consent screenshot with social providers (Google, GitHub, Apple)
Checksums
See .sha256 files for each binary.
Full Changelog: v3.1.1...v3.2.0
v3.1.1 — 71.2% Handler Coverage
Changes
50416d9 test: raise handler coverage to 71.2% with compliance, SCIM, org tests
Checksums
See .sha256 files for each binary.
What's Changed
- test: handler coverage 71.2% (target achieved) by @manimovassagh in #262
Full Changelog: v3.1.0...v3.1.1
Contributors
Assets 13
v3.1.0 — Test Coverage + AI-Ready Docs
Changes
2dc48ce test+docs: raise handler coverage to 62.5%, improve all adapter docs
f24cea2 chore: remove CLAUDE.md from tracking, clean stale branches
14752e7 docs: update NuGet badge to live package (published to nuget.org)
d70547f fix: use npm install instead of npm ci in adapters CI
Checksums
See .sha256 files for each binary.
What's Changed
- fix: adapters CI npm install instead of npm ci by @manimovassagh in #259
- test+docs: handler coverage 62.5%, adapter docs overhaul, AI-Ready by @manimovassagh in #261
Full Changelog: v3.0.3...v3.1.0
Contributors
Assets 13
v3.0.3 — CSP Hardening + Maven Central
Changes
2cc79ea security: remove CSP unsafe-inline by moving inline styles to CSS
915aa96 docs: add product screenshots to README
5eccc30 chore: publish Spring Boot starter to Maven Central
Checksums
See .sha256 files for each binary.
What's Changed
- docs: add product screenshots to README by @manimovassagh in #257
- security: remove CSP unsafe-inline, fix README badges by @manimovassagh in #258
- chore: publish Spring Boot starter to Maven Central by @manimovassagh in #239
Full Changelog: v3.0.2...v3.0.3
Contributors
Assets 13
v3.0.2 — Security Hardening + Docs
Changes
d773259 security: fix pentest findings + comprehensive docs improvement
Checksums
See .sha256 files for each binary.
What's Changed
- security: fix 4 pentest findings + comprehensive docs improvement by @manimovassagh in #256
Full Changelog: v3.0.1...v3.0.2
Contributors
Assets 13
v3.0.1 — Security Patch
Changes
41e1071 security: fix cross-tenant IDOR and directory listing, add adapter CI
Checksums
See .sha256 files for each binary.
What's Changed
- security: fix cross-tenant IDOR, directory listing, add adapter CI by @manimovassagh in #250
Full Changelog: v3.0.0...v3.0.1