Releases: datatheorem/TrustKit
Releases · datatheorem/TrustKit
1.6.3
1.6.2
1.6.1
1.6.0
- Dropped support for iOS 8 and iOS 9.
- Fixed build errors on iOS 12 (#172) and when using Objective-C++ (#160)
- Added support for SSL reporting from app extensions (#168)
- The
TSKPublicKeyAlgorithmsconfiguration key is now deprecated; the algorithm of the public key to pin no longer needs to be provided in the TrustKit configuration. - The
TSKAdditionalTrustAnchorsconfiguration key is now deprecated because its intended functionality no longer works on iOS (#154). - Fixed the expiration date logic to always use the UTC time zone (#166)
1.5.3
1.5.2
1.5.1
- Fixed umbrella header and project targets for linking without CocoaPods.
- Fixed a bug when using
kTSKIncludeSubdomainswith domains that have a TLD with the same length. - Fixed a crash when using a pinning validation callback to read the server's trust.
- Fixed a crash when enabling
kTSKSwizzleNetworkDelegatesfor connection delegates swizzling.
1.5.0
- Implemented major changes to support the usage of multiple instances of TrustKit, instead of being forced to use a singleton.
- This is useful for larger Apps that have split some of their functionality into multiple frameworks/SDKs. Each framework can initialize its own instance of TrustKit and use it for pinning validation independently of the App's other components. See the
-initWithConfig:method for more information. - The singleton approach should still be used by most Apps as it is simpler. A few minor code changes are required for Apps migrating from previous versions, detailed at the end of this page.
- This is useful for larger Apps that have split some of their functionality into multiple frameworks/SDKs. Each framework can initialize its own instance of TrustKit and use it for pinning validation independently of the App's other components. See the
- Pinning validation notifications have been removed and replaced by a callback that can be set in order to receive information about any pinning validation performed by TrustKit. See the
pinningValidatorCallbackproperty of theTrustKitclass for more information. - The default value for the
kTSKSwizzleNetworkDelegatessetting has been changed toNO. - Support for iOS 7 and macOS 10.9 has been dropped.
Migrating from 1.4.2
For initializing TrustKit, switch from:
[TrustKit initializeWithConfiguration:trustKitConfig];
to:
[TrustKit initSharedInstanceWithConfiguration:trustKitConfig];
For any code using the TSKPinningValidator class, switch from:
[TSKPinningValidator handleChallenge:challenge completionHandler:completionHandler];
to:
[TrustKit.sharedInstance.pinningValidator handleChallenge:challenge completionHandler:completionHandler];
1.4.2
- New
TSKExcludeSubdomainFromParentPolicydomain configuration key. If set toYES, TrustKit will not pin this specific domain ifTSKIncludeSubdomainswas set for this domain’s parent domain. This allows excluding specific subdomains from a pinning policy that was applied to a parent domain. - Switched from the build number (
CFBundleVersion) to the release version number (CFBundleShortVersionString) for theapp-versionfield within reports. - Various bug fixes:
- Switch from the deprecated
OSSpinLocktoos_unfair_lockwhen running on an iOS 10+ / macOS 10.12+ device. - Fixed serialization warning during initialization.
- Added support for newer gTLDs (such as .team).
- Switch from the deprecated
1.4.1
- Added support for secp384r1 certificates (
kTSKAlgorithmEcDsaSecp384r1). - Added the ability to specify an expiration date for a domain's pinning policy (
kTSKExpirationDate). This will help prevent connectivity issues in Apps which do not get updates to their pins, such as when the user disables App updates. - A backup pin is no longer required when pinning validation is not enforced (ie. when
kTSKEnforcePinningis set toNO). - Fixed a bug causing random unicode characters to be displayed in the
date-timefield of pinning failure reports sent by devices with non-standard time settings. - Improved the documentation and switched to jazzy for generating it.