v1.0.1

• Update to 'cookie' package v1.

v1.0.0

• Finally! Curveball v1. Only took 6 years.
• CommonJS support has been dropped. The previous version of this library supported both CommonJS and ESM. The effort of this no longer feels worth it. ESM is the future, so we're dropping CommonJS.
• Now requires Node 18.
• Upgraded to Typescript 5.3.

v0.10.0

• The getCsrf function is no longer an async function, and returns the token immediately.
• A warning is now emitted if getCsrf is called after the session has already been stored.

v0.9.0

• This package now supports ESM and CommonJS modules.
• No longer supports Node 14. Please use Node 16 or higher.

v0.8.1

• Session data was not stored if a later middleware threw an uncaught exception. This middleware now uses finally to ensure that session data always gets stored, and the Set-Cookie header always gets sent.

v0.8.0

• Upgraded from @curveball/core to @curveball/kernel.

v0.7.0

• Removed expires option, and added maxAge instead. expires never made sense, because it represents a fixed point in time. Which means that if expires was set to 1 hour in the future, the middleware would no longer generate valid sessions after the first hour the server is up. (@defrex)
• Dropped Node 12 support. Node 14 is now the minimum version.

v0.6.3

• Added 'close' method to Memory session store, so users may cleanup active
  timeouts and the server can cleanly exit. (@defrex)
• Updated everything to latest curveball standards.

v0.6.2

• Export SessionStore.

v0.6.1

• Session data should be typed as Record<string, any> not
  Record<string, string>.