Release 1.0.4

CHANGELOG.md

@@ -9,10 +9,12 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
+
+## [v1.0.4]
 - Move to use internal base64 decoding with stricter processing rules
-- Major refactor to use a specified length and not '\0' terminated strings.
-- Due to some of the major changes, it's worth making a few other API impacting
-  changes and bumping to a 2.0.0 release.
+- Major refactor to use a specified length and not '\0' terminated strings internally.
+- A number of failures that may not have been detected now have tests and are covered.
+- Bridge the new implementation to use the existing API.
 
 ## [v1.0.3]
 - Move to use Github Actions for building

CMakeLists.txt

@@ -5,7 +5,7 @@ cmake_minimum_required(VERSION 3.13)
 
 set(CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake;${CMAKE_MODULE_PATH}")
 
-project(cjwt VERSION 1.0.3)
+project(cjwt VERSION 1.0.4)
 
 include(BitwiseVersion)
 include(CTest)

README.md

@@ -14,23 +14,47 @@ A C JWT Implementation
 [![Apache V2 License](http://img.shields.io/badge/license-Apache%20V2-blue.svg)](https://github.com/xmidt-org/cjwt/blob/main/LICENSES/Apache-2.0.txt)
 [![GitHub release](https://img.shields.io/github/release/xmidt-org/cjwt.svg)](CHANGELOG.md)
 
+`cjwt` is a small JWT handler designed to allow consumers of JWTs of the JWS variant
+the ability to securely and easily get claims and data from a JWT.  This particular
+JWT implementation uses [cJSON](https://github.com/DaveGamble/cJSON) and is designed to support multiple different
+crypto libraries in the future.
+
+**If you haven't adopted `cjwt` yet, it's recommended to wait a bit to use the new 1.1.x API.**
+
+### API
+
+The API is meant to be fairly small & leverage what cJSON already provides nicely.
+
+[Here are the details](https://github.com/xmidt-org/cjwt/blob/main/src/cjwt.h)
+
+Basically there is a `cjwt_decode()` function that decodes successfully or fails
+with a broad error code (in the 1.0.x releases) or with a more detailed reason
+in the newer 1.1.x releases.
+
+The other function is a `cjwt_destroy()` function.
+
+Otherwise you get a simple to work with C struct.
+
+### Dependencies
+
+- [cJSON](https://github.com/DaveGamble/cJSON)
+- [openssl](https://github.com/openssl/openssl)
+- [trower-base64](https://github.com/xmidt-org/trower-base64)
+
+
+## Opinionated Default Secure
+
+To help adopters not make costly security mistakes, cjwt tries to default to
+secure wherever possible.  If you **must** use an insecure feature there are
+option flags that let you do so, but use them sparingly and with care.
+
 
 # Building and Testing Instructions
 
 ```
 mkdir build
 cd build
 cmake ..
-make
-make test
-make coverage
+make all test coverage
 firefox index.html
 ```
-
-# Coding Formatter Settings
-
-Please format pull requests using the following command to keep the style consistent.
-
-```
-astyle -A10 -S -f -U -p -D -c -xC90 -xL
-```