@@ -82,11 +82,6 @@ <h3 id="removed">Removed</h3>
8282
8383< h3 id ="fixed "> Fixed</ h3 >
8484
85- < ul >
86- < li > Constrained the Ruby 2.4 appraisal away from < code > cgi</ code > 0.1.1, which calls< br >
87- < code > String#delete_prefix</ code > before oauth’s test backports are loaded.</ li >
88- </ ul >
89-
9085< h3 id ="security "> Security</ h3 >
9186
9287< h2 id ="118---2026-06-18 ">
@@ -110,6 +105,14 @@ <h3 id="changed-1">Changed</h3>
110105 < li > Raised the < code > oauth-tty</ code > runtime dependency floor to < code > >= 1.0.11</ code > .</ li >
111106</ ul >
112107
108+ < h3 id ="fixed-1 "> Fixed</ h3 >
109+
110+ < ul >
111+ < li > Updated the auth-sanitizer subprocess isolation spec to load the standard< br >
112+ test bootstrap, including Ruby 2.4 backports.</ li >
113+ < li > Made the Ruby 2.4 appraisal’s legacy < code > cgi</ code > dependency explicit.</ li >
114+ </ ul >
115+
113116< h2 id ="117---2026-06-15 ">
114117< a href ="https://github.com/ruby-oauth/oauth/compare/v1.1.6...v1.1.7 "> 1.1.7</ a > - 2026-06-15</ h2 >
115118
@@ -139,7 +142,7 @@ <h3 id="changed-2">Changed</h3>
139142the transitive external < code > cgi</ code > runtime dependency for Ruby 2.4 consumers.</ li >
140143</ ul >
141144
142- < h3 id ="fixed-1 "> Fixed</ h3 >
145+ < h3 id ="fixed-2 "> Fixed</ h3 >
143146
144147< ul >
145148 < li >
@@ -210,7 +213,7 @@ <h3 id="changed-4">Changed</h3>
210213 < li > auth-sanitizer v0.1.3</ li >
211214</ ul >
212215
213- < h3 id ="fixed-2 "> Fixed</ h3 >
216+ < h3 id ="fixed-3 "> Fixed</ h3 >
214217
215218< ul >
216219 < li > Load < code > auth-sanitizer</ code > through an internal isolated loader so requiring < code > oauth</ code > does not add top-level < code > Auth</ code > or < code > AuthSanitizer</ code > constants that may collide with downstream applications.</ li >
@@ -257,7 +260,7 @@ <h3 id="added-2">Added</h3>
257260 < li > base64 dependency, fixes Ruby 3.4 and 3.5 HEAD compatibility</ li >
258261</ ul >
259262
260- < h3 id ="fixed-3 "> Fixed</ h3 >
263+ < h3 id ="fixed-4 "> Fixed</ h3 >
261264
262265< ul >
263266 < li > Fix ActionController request proxy NoMethodError when building signatures
@@ -484,7 +487,7 @@ <h2 id="0514-2022-08-29">
484487
485488< p > The “hopeful last 0.5.x” Release</ p >
486489
487- < h3 id ="fixed-4 "> Fixed</ h3 >
490+ < h3 id ="fixed-5 "> Fixed</ h3 >
488491
489492< ul >
490493 < li > More typos fixed</ li >
@@ -500,7 +503,7 @@ <h2 id="0513-2022-08-23">
500503
501504< p > The “I think I caught ‘em all!” Release</ p >
502505
503- < h3 id ="fixed-5 "> Fixed</ h3 >
506+ < h3 id ="fixed-6 "> Fixed</ h3 >
504507
505508< ul >
506509 < li > Typo oauth2 => oauth as gem name in one more place.</ li >
@@ -516,7 +519,7 @@ <h2 id="0512-2022-08-23">
516519
517520< p > The “Typoes are just the worst!” Release</ p >
518521
519- < h3 id ="fixed-6 "> Fixed</ h3 >
522+ < h3 id ="fixed-7 "> Fixed</ h3 >
520523
521524< ul >
522525 < li > Typo oauth2 => oauth as gem name in a couple places.</ li >
@@ -607,7 +610,7 @@ <h3 id="added-11">Added</h3>
607610 < li > Added more documentation files to packaged gem, e.g. SECURITY.md, CODE_OF_CONDUCT.md</ li >
608611</ ul >
609612
610- < h3 id ="fixed-7 "> Fixed</ h3 >
613+ < h3 id ="fixed-8 "> Fixed</ h3 >
611614
612615< ul >
613616 < li > Removed reference to RUBY_VERSION from gemspec, as it depends on rake release, which is problematic on some ruby engines. (by @pboling)</ li >
@@ -644,7 +647,7 @@ <h3 id="changed-14">Changed</h3>
644647 < li > Require plaintext signature method by default (#135 by @confiks & @pboling)</ li >
645648</ ul >
646649
647- < h3 id ="fixed-8 "> Fixed</ h3 >
650+ < h3 id ="fixed-9 "> Fixed</ h3 >
648651
649652< ul >
650653 < li > Fixed Infinite Redirect in v0.5.5, v0.5.6 (#186, #210 by @pboling)</ li >
@@ -704,7 +707,7 @@ <h3 id="changed-16">Changed</h3>
704707 < li > Various cleanups</ li >
705708</ ul >
706709
707- < h3 id ="fixed-9 "> Fixed</ h3 >
710+ < h3 id ="fixed-10 "> Fixed</ h3 >
708711
709712< ul >
710713 < li > Fixes ssl-noverify</ li >
@@ -725,7 +728,7 @@ <h3 id="changed-17">Changed</h3>
725728 < li > Various cleanups (charliesome)</ li >
726729</ ul >
727730
728- < h3 id ="fixed-10 "> Fixed</ h3 >
731+ < h3 id ="fixed-11 "> Fixed</ h3 >
729732
730733< ul >
731734 < li > Fixes UnknownRequestType on Rails 5.1 for ActionDispatch::Request (xprazak2)</ li >
@@ -739,7 +742,7 @@ <h2 id="053-2017-05-24">
739742</ li >
740743</ ul >
741744
742- < h3 id ="fixed-11 "> Fixed</ h3 >
745+ < h3 id ="fixed-12 "> Fixed</ h3 >
743746
744747< ul >
745748 < li > Fix #145 - broken CLI required loading active_support (James Pinto)</ li >
@@ -787,7 +790,7 @@ <h3 id="changed-19">Changed</h3>
787790 < li > Reimplementing #82 - Debug Output Option (James Pinto)</ li >
788791</ ul >
789792
790- < h3 id ="fixed-12 "> Fixed</ h3 >
793+ < h3 id ="fixed-13 "> Fixed</ h3 >
791794
792795< ul >
793796 < li > Fix #113 adding paths when a full URL has been specified (James Pinto)</ li >
@@ -810,7 +813,7 @@ <h3 id="added-16">Added</h3>
810813 < li > Add license info to the gemspec (Robert Reiz)</ li >
811814</ ul >
812815
813- < h3 id ="fixed-13 "> Fixed</ h3 >
816+ < h3 id ="fixed-14 "> Fixed</ h3 >
814817
815818< ul >
816819 < li > Proper handling for empty query string in RequestToken#build_authorize_url (midchildan,< br >
@@ -859,7 +862,7 @@ <h3 id="changed-21">Changed</h3>
859862 < li > Change token requests to exclude < code > oauth_body_hash</ code > . Update doc links in comments. (John Remmen)</ li >
860863</ ul >
861864
862- < h3 id ="fixed-14 "> Fixed</ h3 >
865+ < h3 id ="fixed-15 "> Fixed</ h3 >
863866
864867< ul >
865868 < li > Fix ability to pass in an authorize url with a query string (Roger Smith)</ li >
@@ -890,7 +893,7 @@ <h3 id="added-18">Added</h3>
890893 < li > Set a configurable timeout for all requests (Rick Olson)</ li >
891894</ ul >
892895
893- < h3 id ="fixed-15 "> Fixed</ h3 >
896+ < h3 id ="fixed-16 "> Fixed</ h3 >
894897
895898< ul >
896899 < li > Fix merging paths if the path is not empty</ li >
@@ -911,7 +914,7 @@ <h3 id="changed-22">Changed</h3>
911914 < li > Make use the path component of the :site parameter (Jonathon M. Abbott)</ li >
912915</ ul >
913916
914- < h3 id ="fixed-16 "> Fixed</ h3 >
917+ < h3 id ="fixed-17 "> Fixed</ h3 >
915918
916919< ul >
917920 < li > Fixed nested attributes in #normalize (Shaliko Usubov)</ li >
@@ -942,7 +945,7 @@ <h3 id="changed-23">Changed</h3>
942945 < li > Use Net::HTTPGenericRequest (Jakub Kuźma)</ li >
943946</ ul >
944947
945- < h3 id ="fixed-17 "> Fixed</ h3 >
948+ < h3 id ="fixed-18 "> Fixed</ h3 >
946949
947950< ul >
948951 < li > Fix POST Requests with Typhoeus proxy (niedhui)</ li >
@@ -963,7 +966,7 @@ <h3 id="added-20">Added</h3>
963966 < li > Added support for Rails 3 in client/action_controller_request (Pelle)</ li >
964967</ ul >
965968
966- < h3 id ="fixed-18 "> Fixed</ h3 >
969+ < h3 id ="fixed-19 "> Fixed</ h3 >
967970
968971< ul >
969972 < li > Fix LoadError rescue in tests: return can’t be used in this context (Hans de Graaff)</ li >
@@ -980,7 +983,7 @@ <h2 id="043-2010-09-01">
980983</ li >
981984</ ul >
982985
983- < h3 id ="fixed-19 "> Fixed</ h3 >
986+ < h3 id ="fixed-20 "> Fixed</ h3 >
984987
985988< ul >
986989 < li > Fix for em-http proxy (ichverstehe)</ li >
@@ -1000,7 +1003,7 @@ <h3 id="added-21">Added</h3>
10001003 < li > Added Bundler (rc) Gemfile for easier dev/testing</ li >
10011004</ ul >
10021005
1003- < h3 id ="fixed-20 "> Fixed</ h3 >
1006+ < h3 id ="fixed-21 "> Fixed</ h3 >
10041007
10051008< ul >
10061009 < li > Fixed compatibility with Ruby 1.9.2 (ecavazos)</ li >
@@ -1022,7 +1025,7 @@ <h3 id="added-22">Added</h3>
10221025 < li > Added support for using OAuth with proxies (Marsh Gardiner)</ li >
10231026</ ul >
10241027
1025- < h3 id ="fixed-21 "> Fixed</ h3 >
1028+ < h3 id ="fixed-22 "> Fixed</ h3 >
10261029
10271030< ul >
10281031 < li > Rails 3 Compatibility fixes (Pelle Braendgaard)</ li >
@@ -1058,7 +1061,7 @@ <h3 id="changed-24">Changed</h3>
10581061 < li > Replaced hoe with Jeweler (Aaron Quint)</ li >
10591062</ ul >
10601063
1061- < h3 id ="fixed-22 "> Fixed</ h3 >
1064+ < h3 id ="fixed-23 "> Fixed</ h3 >
10621065
10631066< ul >
10641067 < li > Strip extraneous spaces and line breaks from access_token responses (observed in the wild with Yahoo!’s OAuth+OpenID hybrid) (Eric Hartmann)</ li >
@@ -1089,7 +1092,7 @@ <h3 id="changed-25">Changed</h3>
10891092 < li > Test clean-up (Xavier Shay, Hannes Tydén)</ li >
10901093</ ul >
10911094
1092- < h3 id ="fixed-23 "> Fixed</ h3 >
1095+ < h3 id ="fixed-24 "> Fixed</ h3 >
10931096
10941097< ul >
10951098 < li > Respect < code > --method</ code > in < code > authorize</ code > CLI command (Seth)</ li >
@@ -1130,7 +1133,7 @@ <h3 id="changed-26">Changed</h3>
11301133 < li > OAuth::Client::Helper uses OAuth::Version::VERSION (chadisfaction)</ li >
11311134</ ul >
11321135
1133- < h3 id ="fixed-24 "> Fixed</ h3 >
1136+ < h3 id ="fixed-25 "> Fixed</ h3 >
11341137
11351138< ul >
11361139 < li > Fix OAuth::RequestProxy::ActionControllerRequest’s handling of params (Tristan Groléat)</ li >
@@ -1158,7 +1161,7 @@ <h3 id="changed-27">Changed</h3>
11581161 < li > Handle input from aggressive form encoding libraries (Matt Wood)</ li >
11591162</ ul >
11601163
1161- < h3 id ="fixed-25 "> Fixed</ h3 >
1164+ < h3 id ="fixed-26 "> Fixed</ h3 >
11621165
11631166< ul >
11641167 < li > Corrected OAuth XMPP namespace (Seth)</ li >
@@ -1185,7 +1188,7 @@ <h3 id="added-27">Added</h3>
11851188 < li > Added help to the ‘oauth’ CLI (Seth)</ li >
11861189</ ul >
11871190
1188- < h3 id ="fixed-26 "> Fixed</ h3 >
1191+ < h3 id ="fixed-27 "> Fixed</ h3 >
11891192
11901193< ul >
11911194 < li > 2xx statuses should be treated as success (Anders Conbere)</ li >
@@ -1202,7 +1205,7 @@ <h2 id="031-2009-01-26">
12021205</ li >
12031206</ ul >
12041207
1205- < h3 id ="fixed-27 "> Fixed</ h3 >
1208+ < h3 id ="fixed-28 "> Fixed</ h3 >
12061209
12071210< ul >
12081211 < li > Fixed a problem with relative and absolute token request paths. (Michael Wood)</ li >
@@ -1231,7 +1234,7 @@ <h3 id="changed-28">Changed</h3>
12311234 < li > Improved test-cases and compatibility for encoding issues. (Pelle)</ li >
12321235</ ul >
12331236
1234- < h3 id ="fixed-28 "> Fixed</ h3 >
1237+ < h3 id ="fixed-29 "> Fixed</ h3 >
12351238
12361239< ul >
12371240 < li > Correctly handle multi-valued parameters (Seth)</ li >
@@ -1242,7 +1245,7 @@ <h2 id="027-2008-09-10">0.2.7 2008-09-10</h2>
12421245
12431246< p > The lets fix the last release release</ p >
12441247
1245- < h3 id ="fixed-29 "> Fixed</ h3 >
1248+ < h3 id ="fixed-30 "> Fixed</ h3 >
12461249
12471250< ul >
12481251 < li > Fixed plain text signatures (Andrew Arrow)</ li >
@@ -1267,7 +1270,7 @@ <h3 id="changed-29">Changed</h3>
12671270 < li > Omit token when signing with RSA</ li >
12681271</ ul >
12691272
1270- < h3 id ="fixed-30 "> Fixed</ h3 >
1273+ < h3 id ="fixed-31 "> Fixed</ h3 >
12711274
12721275< ul >
12731276 < li > Fixed RSA verification to support RSA providers now using Ruby and RSA</ li >
@@ -1279,7 +1282,7 @@ <h2 id="022-2008-02-22">0.2.2 2008-02-22</h2>
12791282
12801283< p > Lets actually support SSL release</ p >
12811284
1282- < h3 id ="fixed-31 "> Fixed</ h3 >
1285+ < h3 id ="fixed-32 "> Fixed</ h3 >
12831286
12841287< ul >
12851288 < li > Use HTTPS when required.</ li >
@@ -1299,7 +1302,7 @@ <h3 id="changed-30">Changed</h3>
12991302
13001303< h2 id ="012-2007-12-1 "> 0.1.2 2007-12-1</ h2 >
13011304
1302- < h3 id ="fixed-32 "> Fixed</ h3 >
1305+ < h3 id ="fixed-33 "> Fixed</ h3 >
13031306
13041307< ul >
13051308 < li > Fixed checks for missing OAuth params to improve performance</ li >
@@ -1319,7 +1322,7 @@ <h3 id="added-30">Added</h3>
13191322</ div > </ div >
13201323
13211324 < div id ="footer ">
1322- Generated on Thu Jun 18 18:11:00 2026 by
1325+ Generated on Thu Jun 18 18:36:23 2026 by
13231326 < a href ="https://yardoc.org " title ="Yay! A Ruby Documentation Tool " target ="_parent "> yard</ a >
13241327 0.9.44 (ruby-4.0.5).
13251328</ div >
0 commit comments