zmartzone
diff --git a/‎.github/issue_template.md
+1-1 b/‎.github/issue_template.md
+1-1
diff --git a/‎AUTHORS
+5 b/‎AUTHORS
+5
diff --git a/‎ChangeLog
+15 b/‎ChangeLog
+15
diff --git a/‎README.md
+3-1 b/‎README.md
+3-1
@@ -7,7 +7,7 @@ A new issue about a bug should be verified with a minimized example.
 
 ###### Environment
 
-- lua-resty-openidc version (e.g. 1.7.6)
+- lua-resty-openidc version (e.g. 1.8.0)
 - OpenID Connect provider (e.g. Keycloak, Azure AD)
 
 ###### Expected behaviour
 
@@ -2,6 +2,7 @@ The primary authors of lua-resty-openidc are:
 
 	Hans Zandbelt <https://github.com/zandbelt>
 	Stefan Bodewig <https://github.com/bodewig>
+	Oldřich Jedlička <https://github.com/oldium>
 
 Thanks to the following people for contributing to lua-resty-openidc by
 reporting bugs, providing fixes, suggesting useful features or other:
@@ -37,4 +38,8 @@ reporting bugs, providing fixes, suggesting useful features or other:
 	Thorsten Fleischmann <https://github.com/thorstenfleischmann>
 	Tilmann Hars <https://github.com/usysrc>
 	Junlong Li <https://github.com/zhuizhuhaomeng>
+	Nate <https://github.com/realnate>
+	Balaji Vijayakumar <https://github.com/balajiv113>
+	
+	
 
@@ -1,3 +1,18 @@
+09/13/204
+- cross-tenant requests are fixed with lua-resty session 4.0.x; closes #526
+- release 1.8.0
+
+09/09/2024
+- merge support for lua-resty-session 4.x; see #489; closes #464 #480 #503; thanks @oldium @balajiv113
+- add @oldium to the primary AUTHORS
+
+08/25/2024
+- don't return a zero-pixel image in logout for Firefox 128 and later
+  see #521
+
+03/11/2024
+- handle the userinfo response as JWT; closes ##345; thanks @NatePlumm
+
 03/10/2023
 - when looking for a bearer token an exception occured if the
   Authorization header didn't contain any space character;
 
@@ -206,7 +206,9 @@ h2JHukolz9xf6qN61QMLSd83+kwoBr2drp6xg3eGDLIkQCQLrkY=
              -- }
              --
              -- where `handle_created`, `handle_authenticated`, `handle_regenerated` and `handle_logout` are callables
-             -- accepting a single argument `session`
+             -- accepting argument `session`. `handle_created` accepts also second argument `params` which is a table
+             -- containing the query parameters of the authorization request used to redirect the user to the OpenID
+             -- Connect provider endpoint.
              --
              --  -- `on_created` hook is invoked *after* a session has been created in
              --     `openidc_authorize` immediately prior to saving the session