From cd56394fba1ebf2d60fa5594b13f1c0943c98a9a Mon Sep 17 00:00:00 2001
From: Neil Matatall <oreoshake@github.com>
Date: Mon, 28 Mar 2016 13:07:21 -1000
Subject: [PATCH] bump to 3.1.1

---
 CHANGELOG.md           | 10 ++++++++++
 secure_headers.gemspec |  2 +-
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 809b4ea9..1c8d7af0 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,13 @@
+## 3.1.1 Bug fix for regression
+
+See https://github.com/twitter/secureheaders/pull/235
+
+`idempotent_additions?` would return false when comparing `OPT_OUT` with `OPT_OUT`, causing `header_hash_for` to return a header cache with `{ nil => nil }` which cause the middleware to blow up when `{ nil => nil }` was merged into the rack header hash.
+
+This is a regression in 3.1.0 only.
+
+Now it returns true. I've added a test case to ensure that `header_hash_for` will never return such an element.
+
 ## 3.1.0 Adding secure cookie support
 
 New feature: marking all cookies as secure. Added by @jmera in https://github.com/twitter/secureheaders/pull/231. In the future, we'll probably add the ability to whitelist individual cookies that should not be marked secure. PRs welcome.
diff --git a/secure_headers.gemspec b/secure_headers.gemspec
index 6a50c6a5..0f054d65 100644
--- a/secure_headers.gemspec
+++ b/secure_headers.gemspec
@@ -1,7 +1,7 @@
 # -*- encoding: utf-8 -*-
 Gem::Specification.new do |gem|
   gem.name          = "secure_headers"
-  gem.version       = "3.1.0"
+  gem.version       = "3.1.1"
   gem.authors       = ["Neil Matatall"]
   gem.email         = ["neil.matatall@gmail.com"]
   gem.description   = 'Security related headers all in one gem.'