--- JSON-XS/Changes	2016/02/21 16:18:19	1.168
+++ JSON-XS/Changes	2018/11/15 22:35:35	1.184
@@ -3,11 +3,49 @@
 TODO: maybe detetc and croak on more invalid inputs (e.g. +-inf/nan)
 TODO: maybe avoid the reblessing and better support readonly objects.
 TODO: http://stevehanov.ca/blog/index.php?id=104 compression
-
 TODO: how to cope with tagged values and standard json decoders
-TODO: work around <=5.16 bugs (Reini Urban)
-TODO: decide what to do with RFC7158 incompatibilities.
 TODO: investigate magic (Eric Brine)
+TODO: rfc7464
+TODO: Victor Efimov
+TODO: move json_xs to types::serialiser?
+
+TODO: [PATCH] Types::Serialiser: Inline true(), false() and error() functions
+
+TODO: document & testcase ->boolean_values (aristoteles).
+4.0
+	- SECURITY IMPLICATION: this release enables allow_nonref by default
+          for compatibnility with RFC 7159 and newer. See "old" vs. "new"
+          JSON under SECURITY CONSIDERATIONS.
+        - reworked the "old" vs. "new" JSON section.
+        - add ->boolean_values to provide the values to which booleans
+          decode.
+        - decode would wrongly accept ASCII NUL characters instead of
+          reporting them as trailing garbage.
+        - work around what smells like a perl bug w.r.t. exceptions
+          thrown in callbacks.
+        - incremental parser now more or less respects allow_nonref.
+	- json_xs json-pretty now enables canonical mode.
+        - add documentation section about I-JSON.
+        - minor documentation fixes/updates.
+
+3.04 Thu Aug 17 04:30:47 CEST 2017
+	- change exponential realloc algorithm on encoding and string decoding to be
+          really exponential (this helps slow/debugging allocators such as libumem)
+          (reported by Matthew Horsfall).
+        - string encoding would needlessly overallocate output space
+          (testcase by Matthew Horsfall).
+        - be very paranoid about extending buffer lengths and croak if buffers get too large,
+          which might (or might not) improve security.
+	- add cbor-packed type to json_xs.
+        - switch from YAML to YAML::XS in json_xs, as YAML is way too buggy and outdated.
+
+3.03 Wed Nov 16 20:20:59 CET 2016
+	- fix a bug introduced by a perl bug workaround that would cause
+          incremental parsing to fail with a sv_chop panic.
+	- json_xs: toformat failure error message fixed.
+        - json_xs: allow cyclic data structures in CBOR.
+
+3.02 Fri Feb 26 22:45:20 CET 2016
 	- allow_nonref now affects booleans (\1, $Types::Serialiser::Boolean)
           as well (reported by Alex Efros).
 	- allow literal tabs in strings in relaxed mode (patch by
@@ -15,6 +53,9 @@
 	- support "cbor" format in json_xs tool.
 	- support (and fix) calling encode and decode in list context
           (reported by Вадим Власов).
+        - work around a bug in older perls crashing when presented
+          with shared hash keys (Reini Urban).
+        - use stability canary.
 
 3.01 Tue Oct 29 16:55:15 CET 2013
 	- backport to perls < 5.18 (reported by Paul Howarth).