chore: bump version and update CHANGELOG.md

CHANGELOG.md

@@ -4,6 +4,45 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+
+## [0.5.0-rc.3] - 2020-05-14
+### Added
+* Various additions to `irmaclient` for the [new IRMA app](https://github.com/privacybydesign/irmamobile), among others:
+  * Several new fields in `irma.CredentialType` for specifying e.g. help messages and card colors
+  * Added developer mode enabling non-HTTPS connections to IRMA servers for local testing (see below)
+
+### Fixed
+* Problems with `--privkeys` option to IRMA server
+
+### Security
+* `irma` command, IRMA server and `irmaclient` will now enforce HTTPS for outgoing connections whenever possible
+* Update supported TLS ciphers and curves for IRMA server
+* Fixed potential bug allowing MitM attacker to arbitrarily change installed schemes
+* Fixed potential DoS attack in IRMA server endpoints (sending it large amounts of data or keeping connections open indefinitely)
+
+
+## [0.5.0-rc.2] - 2020-04-21
+
+### Added
+* Revocation of previously issued credentials (see [documentation](https://irma.app/docs/revocation/))
+* Support HTTP/2 in IRMA server and app
+* Option `--skip-permission-keys-check` to IRMA server disabling checking that all required private keys are present in the server configuration 
+
+### Changed
+* Use go modules instead of `dep` for tracking and locking dependencies
+
+### Fixed
+* `irmaserver` HTTP handler returns 404 an 405 as JSON error messages as expected
+* Consistently use a docopt/git/aptitude like format for usage sections in help of `irma` subcommands
+* Incorrect default value of `--url` flag to `irma session` subcommand
+* IRMA server no longer allows nonsensical wildcard usage in [requestor permissions](https://irma.app/docs/irma-server/#permissions)
+
+### Security
+* `irma issuer keygen` now has default keylength 2048
+* Added various sanity checks to files and file paths
+* Fixed potential scheme downgrade attack when installing/updating schemes in MitM scenarios
+
+
 ## [0.5.0-rc.1] - 2020-03-03
 ### Added
 - Include `clientReturnURL` in session request
@@ -21,6 +60,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - `irma server` no longer crashes at startup if no network interfaces are available
 - Various bugs in `irma server` configuration
 
+
 ## [0.4.1] - 2019-10-15
 ### Changed
 - Renamed `irma session` flag `--authmethod` to `--auth-method` for consistency with server `Configuration` struct
@@ -41,6 +81,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Combined issuance-disclosure requests with two schemes one of which has a keyshare server now work as expected
 - Various other bugfixes
 
+[0.5.0-rc.3]: https://github.com/privacybydesign/irmago/compare/v0.5.0-rc.2...v0.5.0-rc.3
+[0.5.0-rc.2]: https://github.com/privacybydesign/irmago/compare/v0.5.0-rc.1...v0.5.0-rc.2
 [0.5.0-rc.1]: https://github.com/privacybydesign/irmago/compare/v0.4.1...v0.5.0-rc.1
 [0.4.1]: https://github.com/privacybydesign/irmago/compare/v0.4.0...v0.4.1
 [0.4.0]: https://github.com/privacybydesign/irmago/tree/v0.4.0

version.go

@@ -5,4 +5,4 @@
 package irma
 
 // Version of the IRMA command line and libraries
-const Version = "0.5.0-rc.2"
+const Version = "0.5.0-rc.3"