All Versions
Latest Version
Avg Release Cycle
139 days
Latest Release
1261 days ago

Changelog History

  • v3.0.0-rc.1 Changes

    September 08, 2020
    • ๐Ÿ›  Fixed regression where in Safari cookie values containing non-ASCII characters were no longer written correctly - #623
  • v3.0.0-rc.0

    March 11, 2020
  • v3.0.0-beta.4 Changes

    March 05, 2020
    • Revisited encoding/decoding implementation: we start to only encode characters in the cookie name and value that are strictly necessary (";" and "=" in the cookie name, and ";" in the cookie value; using percent-encoding). The stricter implementation so far was based on the requirements for server implementations in the RFC 6265 spec (section 4), but for user agents more liberal rules apply (section 5.2) - #595, #590
  • v3.0.0-beta.3 Changes

    December 20, 2019
    • ๐Ÿ›  Fixed importing ES module when not using a bundler - #583
    • Made attributes + converter properties on api instance immutable again
  • v3.0.0-beta.2 Changes

    December 12, 2019
    • ๐Ÿ›  Fixed noConflict() no longer being present; as a result the api instance is no longer immutable again - #580
  • v3.0.0-beta.1 Changes

    December 11, 2019
    • โœ‚ Removed defaults in favor of a builder: now to supply an api instance with particular predefined (cookie) attributes there's Cookies.withAttributes(), e.g.:

      const api = Cookies.withAttributes({ path: '/', secure: true})api.set('key', 'value') // writes cookie with path: '/' and secure: true...

    • ๐Ÿ”ง The attributes that an api instance is configured with are exposed as attributes property; it's an immutable object and unlike defaults cannot be changed to configure the api.

    • ๐Ÿšš The mechanism to fall back to the standard, internal converter by returning a falsy value in a custom read converter has been removed. Instead the default converters are now exposed as Cookies.converter, which allows for implementing self-contained custom converters providing the same behavior:

      const customReadConverter = (value, name) => { if (name === 'special') { return unescape(value) } return }

    • withConverter() no longer accepts a function as argument to be turned into a read converter. It is now required to always pass an object with the explicit type(s) of converter(s):

      const api = Cookies.withConverter({ read: (value, name) => unescape(value) })

    • ๐Ÿ”ง The converter(s) that an api instance is configured with are exposed as converter property; it's an immutable object and cannot be changed to configure the api.

    • The entire api instance is now immutable.

  • v3.0.0-beta.0 Changes

    October 05, 2019
    • ๐Ÿ“ฆ Started providing library as ES module, in addition to UMD module. The module field in package.json points to an ES module variant of the library.
    • ๐Ÿ“ฆ Started using browser field instead of main in package.json (for the UMD variant of the library).
    • โฌ‡๏ธ Dropped support for IE < 10.
    • โœ‚ Removed getJSON(): use Cookies.set('foo', JSON.stringify({ ... })) and JSON.parse(Cookies.get('foo')) instead.
    • โœ‚ Removed support for Bower.
    • โž• Added minified versions to package - #501
    • ๐Ÿ‘Œ Improved support for url encoded cookie values (support case insensitive encoding) - #466, #530
    • ๐Ÿ”ฆ Expose default path via API - #541
    • ๐Ÿ– Handle falsy arguments passed to getters - #399
    • ๐Ÿ— No longer support Node 6 when building (LTS versions only).
    • From < 900 bytes gzipped to < 800 bytes gzipped.
  • v2.2.1 Changes

    August 06, 2019
    • #400: Prevent XSS in the cookie attributes
    • ๐Ÿ“ฆ #350: Document npm package manager usage
  • v2.2.0 Changes

    October 28, 2017
    • ๐Ÿ— #221: Only include files in src/ when building the npm package.
    • #293: Allow undocumented attributes to be passed when creating a cookie
    • ๐Ÿ‘ #276 (comment): Support for SameSite cookie (Strict vs Lax)
    • โšก๏ธ #371: Add jsDelivr CDN to the README (Update is supported by jsDelivr and the community)
    • #363: getJSON() does not work on cookie with escaped quotes
  • v2.1.4 Changes

    April 03, 2017
    • ๐Ÿ”’ #321: Create a security disclosure e-mail
    • #291: Fix the "converters" header link in the README
    • ๐Ÿšš #273: Add more information about #remove method