1.2.1

• Removed an exception that would be thrown when trying to send a pin failure report while the device had no disk space left.
• Fixed various issues affecting the stability of the project's test suite.

1.2.0

• Complete re-write of the hooking strategy to automatically add SSL pinning to the App's connections. TrustKit now swizzles NSURLSession and NSURLConnection delegates to add pinning validation to the delegate's authentication handler methods; for developers who want to call into TrustKit manually, this behavior can be disabled using the TSKSwizzleNetworkDelegates setting. This change was made due to the previous hooking strategy (targeting SecureTransport) not working on iOS 9.
• The pinning policy format has slightly changed, in order to add new global settings: TSKSwizzleNetworkDelegates, TSKIgnorePinningForUserDefinedTrustAnchors, TSKPinnedDomains. If you have an existing pinning policy for TrustKit 1.1.3, all you need to do is put it under the TSKPinnedDomains key.
• Greatly simplified the TSKPinningValidator API to make it easy to write authentication handlers that enforce the App's SSL pinning policy. Sample code describing how to do it is available in the documentation.
• Updated Xcode project settings: stricter warnings, enabled bitcode, separate iOS and OS X build schemes.
• Pinning failure reports now also send the IDFV in order to simplify the troubleshooting of errors, by being able to detect a single, malfunctioning device.

1.1.3

• Updated fishhook.
• Fixed Xcode scheme for statically linking TrustKit, which was missing one file.

1.1.2

• Internal refactoring for integrating with Travis CI.
• Added support for building TrustKit with the OS X 10.9 SDK.

1.1.1

• A pinning policy can no longer pin a domain suffix (such as org, net or less obvious suffixes like appspot.com) with TSKIncludeSubdomains enabled.
• Fixed a typo preventing builds in Release mode.

1.1.0

• New TSKIgnorePinningForUserDefinedTrustAnchors configuration setting to skip pinning validation if the server's certificate chain terminates at a user-defined trust anchor. This is useful for allowing SSL connections through corporate proxies or firewalls. Only available on OS X.
• The pinning policy can now be configured through the App's Info.plist even on iOS 7 and OS X 10.9.
• Pin failure reports now also contain the result for the server's certificate chain evaluation in the validation-result field, in order to help troubleshoot pin validation failures.
• A pinning policy is now required to provide two SSL pins minimum per domain, as specified in RFC 7469.
• Renamed TSKPinVerifier to TSKPinningValidator. Also, the class will now send reports when pin validation failures occur.
• If kTSKEnforcePinning is set to NO, no SSL connections will be blocked at all. In previous versions, SSL connections where the evaluation of the certificate chain failed (ie. "standard" certificate validation) would be blocked regardless of kTSKEnforcePinning.
• Uploads of pin failure reports are now rate-limited to one per day, per domain and per type of failure. This will significantly reduce the amount of identical reports that get sent.

1.0.1

• Fixed a bug when using kTSKIncludeSubdomains, where two unrelated domains would be interpreted as subdomains of each other.

1.0.0

Initial release.