@@ -5,13 +5,71 @@ All notable changes to this project will be documented in this file.
55The format is based on [ Keep a Changelog] ( https://keepachangelog.com/en/1.0.0/ ) ,
66and this project adheres to [ Semantic Versioning] ( https://semver.org/spec/v2.0.0.html ) .
77
8- ## [ Unreleased]
8+ ## [ 4.0.0-beta.1] ( https://github.com/calliostro/php-discogs-api/releases/tag/v4.0.0-beta.1 ) – 2025-09-10
9+
10+ ### Added
11+
12+ - ** RFC 5849 compliant OAuth 1.0a** implementation with PLAINTEXT signatures
13+ - ** Integration tests** for authentication validation
14+ - ** Static header authentication** replacing complex middleware
15+ - ** Complete OAuth 1.0a Support** with dedicated ` OAuthHelper ` class
16+ - ** Consistent Method Naming** following ` get*() ` , ` list*() ` , ` create*() ` , ` update*() ` , ` delete*() ` patterns
17+ - ** Performance optimizations** with config caching and reduced file I/O
18+ - ** Enhanced Security** with cryptographically secure nonce generation and ReDoS protection
19+ - ** CI/CD Integration** with automatic rate limiting and retry logic for integration tests
20+
21+ ### Changed
22+
23+ - ** BREAKING** : Authentication completely rewritten – now secure and RFC-compliant
24+ - ** BREAKING** : All method names changed for consistency (see UPGRADE.md)
25+ - ** Enhanced** : User headers preserved but authentication headers protected from override
26+ - ** Enhanced** : HTTP exceptions now pass through unchanged for better error transparency
27+ - ** Enhanced** : Improved input validation with ReDoS attack prevention
28+
29+ ### Removed
30+
31+ - ** BREAKING** : No backward compatibility with v3.x method names
32+
33+ ### Migration
34+
35+ - See [ UPGRADE.md] ( UPGRADE.md ) for a complete migration guide with method mapping tables
36+ - ** Parameters, Authentication, Return Values** : All unchanged
37+
38+ ---
39+
40+ ## [ 3.1.0] ( https://github.com/calliostro/php-discogs-api/releases/tag/v3.1.0 ) – 2025-09-09
41+
42+ ### Added
43+
44+ - ** OAuth 1.0a Helper Methods** – Complete OAuth flow support with a separate OAuthHelper class
45+ - ` getRequestToken() ` – Get temporary request token for authorization flow
46+ - ` getAuthorizationUrl() ` – Generate user authorization URL
47+ - ` getAccessToken() ` – Exchange request token for permanent access token
48+ - ** Clean Authentication API** – Dedicated methods for different authentication types
49+ - ` createWithPersonalAccessToken() ` – Clean 3-parameter method for Personal Access Tokens
50+ - ` createWithOAuth() ` – Refined 4-parameter method for OAuth 1.0a tokens only
51+ - ** Enhanced OAuth Documentation** – Comprehensive OAuth workflow examples and security best practices
52+ - ** OAuth Unit Tests** – Full test coverage for new OAuth helper methods and authentication methods
53+
54+ ### Changed
55+
56+ - ** BREAKING** : ClientFactory methods now accept array|GuzzleClient parameters (following LastFm pattern)
57+ - ** Authentication API Redesign** – Cleaner separation between Personal Access Token and OAuth 1.0a authentication
58+ - Updated all default User-Agent strings to version ` 3.1.0 `
59+ - Enhanced OAuth client creation with a proper PLAINTEXT signature method
60+ - Documentation restructured for better usability
61+
62+ ### Fixed
63+
64+ - OAuth request token method now uses a proper HTTP method (GET instead of POST)
65+ - OAuth signature generation follows Discogs API requirements exactly
66+ - PHPStan Level 8 compatibility with proper type annotations for OAuth responses
967
1068## [ 3.0.1] ( https://github.com/calliostro/php-discogs-api/releases/tag/v3.0.1 ) – 2025-09-09
1169
1270### Added
1371
14- - Complete PHPDoc coverage for all 62 Discogs API endpoints
72+ - Complete PHPDoc coverage for all 60 Discogs API endpoints
1573- Missing @method annotations for 22 additional API methods
1674- Full IDE autocomplete support for inventory, collection, and marketplace operations
1775
@@ -34,7 +92,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
3492
3593- Ultra-lightweight 2-class architecture: ` ClientFactory ` and ` DiscogsApiClient `
3694- Magic method API calls: ` $client->artistGet(['id' => '108713']) `
37- - Complete API coverage: 65+ endpoints across all Discogs areas
95+ - Complete API coverage: 60 endpoints across all Discogs areas
3896- Multiple authentication methods: OAuth, Personal Token, or anonymous
3997- Modern PHP 8.1–8.5 support with strict typing
4098- 100% test coverage with 43 comprehensive tests
0 commit comments