Skip to content

Releases: codemonster-ru/security

Release v1.1.0

02 Jan 09:21
@github-actions github-actions
v1.1.0
5d2b0cb

Choose a tag to compare

View all tags
Release v1.1.0 Latest
Latest

Added

  • Trusted proxy support for rate limiting and IPv6 CIDR matching.
  • Database and Redis throttle storages with atomic increments.
  • AtomicThrottleStorageInterface and atomic RateLimiter::attempt() flow.
  • Throttle presets with login (IP + account) support and RateLimit-* headers.
  • Migration for throttle table and optional E2E tests for MySQL/Redis.

Changed

  • Rate limiting key now uses request path (without query) by default.
  • csrf_field() respects configured input key; csrf_token() tries DI container when available.

Removed

  • LoginThrottleRequests middleware (use ThrottleRequests with login preset).

Upgrade notes

  • If you used LoginThrottleRequests, switch to ThrottleRequests with the login preset.
  • For multi-node deployments, configure storage as database or redis.
  • If you set a custom table name, ensure the migration uses security.throttle.table.
Assets 2
Loading

Release v1.0.0

17 Dec 16:42
@github-actions github-actions
v1.0.0
704e0e8

Choose a tag to compare

View all tags
Release v1.0.0

Added

  • CSRF: Codemonster\Security\Csrf\VerifyCsrfToken, token manager Codemonster\Security\Csrf\CsrfTokenManager, helpers csrf_token() and csrf_field().
  • Rate limiting: Codemonster\Security\RateLimiting\ThrottleRequests, Codemonster\Security\RateLimiting\RateLimiter, storage contracts and SessionThrottleStorage.
  • Integration with Annabel: Codemonster\Security\Providers\SecurityServiceProvider.
  • Tests for CSRF and rate limiter.
Loading