1 files changed, 46 insertions, 0 deletions

diff --git a/deps/npm/node_modules/http-signature/CHANGES.md b/deps/npm/node_modules/http-signature/CHANGES.md
new file mode 100644
index 0000000000..3e4b13881e
--- /dev/null
+++ b/deps/npm/node_modules/http-signature/CHANGES.md
@@ -0,0 +1,46 @@
+# node-http-signature changelog
+
+## 1.1.1
+
+- Version of dependency `assert-plus` updated: old version was missing
+  some license information
+- Corrected examples in `http_signing.md`, added auto-tests to
+  automatically validate these examples
+
+## 1.1.0
+
+- Bump version of `sshpk` dependency, remove peerDependency on it since
+  it now supports exchanging objects between multiple versions of itself
+  where possible
+
+## 1.0.2
+
+- Bump min version of `jsprim` dependency, to include fixes for using
+  http-signature with `browserify`
+
+## 1.0.1
+
+- Bump minimum version of `sshpk` dependency, to include fixes for
+  whitespace tolerance in key parsing.
+
+## 1.0.0
+
+- First semver release.
+- #36: Ensure verifySignature does not leak useful timing information
+- #42: Bring the library up to the latest version of the spec (including the
+       request-target changes)
+- Support for ECDSA keys and signatures.
+- Now uses `sshpk` for key parsing, validation and conversion.
+- Fixes for #21, #47, #39 and compatibility with node 0.8
+
+## 0.11.0
+
+- Split up HMAC and Signature verification to avoid vulnerabilities where a
+  key intended for use with one can be validated against the other method
+  instead.
+
+## 0.10.2
+
+- Updated versions of most dependencies.
+- Utility functions exported for PEM => SSH-RSA conversion.
+- Improvements to tests and examples.