8.8.0

Features

• Added the WS_NO_BUFFER_UTIL and WS_NO_UTF_8_VALIDATE environment
  variables (becf237).

8.7.0

Features

• Added the ability to inspect the invalid handshake requests and respond to
  them with a custom HTTP response. (6e5a5ce).

Bug fixes

• The handshake is now aborted if the Upgrade header field value in the HTTP
  response is not a case-insensitive match for the value "websocket" (0fdcc0a).
• The Authorization and Cookie headers are no longer sent when following an
  insecure redirect (wss: to ws:) to the same host (d68ba9e).

7.5.8

Bug fixes

• Backported 0fdcc0a to the 7.x release line (2758ed3).
• Backported d68ba9e to the 7.x release line (dc1781b).

8.6.0

Features

• Added the ability to remove confidential headers on a per-redirect basis (#2030).

8.5.0

Features

• Added the ability to use a custom WebSocket class on the server (#2007).

Bug fixes

• When following redirects, the Authorization and Cookie headers are no
  longer sent if the redirect host is different from the original host (#2013).

7.5.7

Bug fixes

• Backported 6946f5f to the 7.x release line (1f72e2e).

8.4.2

Bug fixes

• Fixed a data framing issue introduced in version 8.4.1 (#2004).

8.4.1

Notable changes

• To improve performance, strings sent via websocket.ping(),
  websocket.pong(), and websocket.send() are no longer converted to
  Buffers if the data does not need to be masked (#2000).

8.4.0

Features

• Added ability to generate custom masking keys (#1990).

8.3.0

Features

• Added ability to pause and resume a WebSocket (0a8c7a9).

Bug fixes

• Fixed a bug that could prevent the connection from being closed cleanly when
  using the stream API (ed2b803).
• When following redirects, an error is now emitted and not thrown if the
  redirect URL is invalid (#1980).