diff --git a/CHANGELOG.md b/CHANGELOG.md
index 1e5f462..2ef0b21 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,20 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+## [3.0.7](https://github.com/Psifi-Solutions/csrf-csrf/compare/v3.0.6...v3.0.7) (2024-09-21)
+
+* Marked >= 3.0.7 as security supported version
+
+### Features
+
+* support optional stateless association of token with session ([710d2f6](https://github.com/Psifi-Solutions/csrf-csrf/commit/710d2f6082f1ac8ab884b10913b1b86195f86bd2))
+
+Added the `getSessionIdentifier` parameter to the `csrf-csrf` configuration. By providing the `getSessionIdentifier` callback, generated tokens will only be valid for the original session identifier they were generated for.
+
+For example: (req) => req.session.id
+
+The token will now be signed with the session id included, this means a generated CSRF token will only be valid for the session it was generated for. This also means that if you rotate your sessions (which you should) you will also need to generate a new CSRF token for the session after rotating it.
+
 ### [3.0.6](https://github.com/Psifi-Solutions/csrf-csrf/compare/v3.0.5...v3.0.6) (2024-05-17)
 
 * No changes, just a bump to fix broken release
diff --git a/package-lock.json b/package-lock.json
index 4113fad..f22b270 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "csrf-csrf",
-  "version": "3.0.6",
+  "version": "3.0.7",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {
     "": {
       "name": "csrf-csrf",
-      "version": "3.0.6",
+      "version": "3.0.7",
       "license": "ISC",
       "dependencies": {
         "http-errors": "^2.0.0"
diff --git a/package.json b/package.json
index 2ad3b9c..ad7fa60 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "csrf-csrf",
-  "version": "3.0.6",
+  "version": "3.0.7",
   "description": "A utility package to help implement stateless CSRF protection using the Double Submit Cookie Pattern in express.",
   "type": "module",
   "main": "./lib/cjs/index.cjs",