diff --git a/.swift-version b/.swift-version
index 5186d070..bf77d549 100644
--- a/.swift-version
+++ b/.swift-version
@@ -1 +1 @@
-4.0
+4.2
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8c68f5fd..27154b27 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,71 @@ Changelog
 Version numbering represents the Swift version, plus a running number representing updates, fixes and new features at the same time.
 You can also refer to commit logs to get details on what was implemented, fixed and improved.
 
+### Master
+
+- Swift 4.2 support.  
+  [djbe](https://github.com/djbe)
+  [#273](https://github.com/p2/OAuth2/pull/273)
+- Fix crash due to memory ownership.  
+  [foldericon](https://github.com/foldericon)
+  [#271](https://github.com/p2/OAuth2/pull/271)
+- Added an Auth2 implicit grant variation for requests that return parameters in the query instead of the fragment.  
+  [tschmitz](https://github.com/tschmitz)
+  [#262](https://github.com/p2/OAuth2/pull/262)
+- Fix some Swift 4 warnings.  
+  [everlof](https://github.com/everlof)
+  [#251](https://github.com/p2/OAuth2/pull/251)
+- Pass back a strongly typed `OAuth2Error` when possible (along with `error_description`). Also added an `invalidGrant` error.  
+  [sebskuse](https://github.com/sebskuse)
+  [#248](https://github.com/p2/OAuth2/pull/248)
+- You can now implement your own custom loggers.  
+  [p2](https://github.com/p2)
+  [#236](https://github.com/p2/OAuth2/pull/236)
+- Fixed parsing errors with empty descriptions.  
+  [p2](https://github.com/p2)
+  [#247](https://github.com/p2/OAuth2/pull/247)
+- Fix the appearance and location of the `Cancel` button on macOS.  
+  [kengruven](https://github.com/kengruven)
+  [#246](https://github.com/p2/OAuth2/pull/246)
+
+### 4.0.1
+
+- Correct the ACL for `updateFromKeychainItems` to `open`.  
+  [JohnTheBastard](https://github.com/JohnTheBastard)
+  [#239](https://github.com/p2/OAuth2/pull/239)
+- Fixed unauthorized error when refreshing a token.  
+  [amaurydavid](https://github.com/amaurydavid)
+  [#237](https://github.com/p2/OAuth2/pull/237)
+- Fixed an exception due to the web policy completion handler being called twice.  
+  [Kashkovsky](https://github.com/Kashkovsky)
+  [#235](https://github.com/p2/OAuth2/pull/235)
+- Bubble errors up from a token fetch to the client.  
+  [dhardiman](https://github.com/dhardiman)
+  [#232](https://github.com/p2/OAuth2/pull/232)
+  [#234](https://github.com/p2/OAuth2/pull/234)
+
+### 4.0.0
+
+- Update to Swift 4.  
+  [paulw11](https://github.com/paulw11)
+  [#228](https://github.com/p2/OAuth2/pull/228)
+- Fix an assertion error in Xcode 9.  
+  [markmarkswell](https://github.com/markmarkswell)
+  [#227](https://github.com/p2/OAuth2/pull/227)
+- Remove the dependency on the system `sharedApplication` property to support use in extensions.  
+  [robertbarclay](https://github.com/robertbarclay)
+  [#212](https://github.com/p2/OAuth2/pull/212)
+- Changed the ACL of `customAuthorizer` from `internal` to `open`.  
+  [amaurydavid](https://github.com/amaurydavid)
+  [#203](https://github.com/p2/OAuth2/pull/203)
+- Corrected some typos in the codebase and documentation.  
+  [Lutzifer](https://github.com/Lutzifer)
+  [#199](https://github.com/p2/OAuth2/pull/199)
+- Fixed some warnings with String interpolation.  
+  [paulw11](https://github.com/paulw11)
+  [jakepetroules](https://github.com/jakepetroules)
+  [#195](https://github.com/p2/OAuth2/pull/195)
+  [#204](https://github.com/p2/OAuth2/pull/204)
 
 ### 3.0.3
 
diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md
index bd2634e3..5e9012ef 100644
--- a/CONTRIBUTORS.md
+++ b/CONTRIBUTORS.md
@@ -3,6 +3,7 @@ Contributors
 
 Contributors to the codebase, in reverse chronological order:
 
+- David Jennes, @davidjennes
 - Tim Schmitz, @tschmitz
 - Seb Skuse, @sebskuse
 - David Hardiman, @dhardiman
diff --git a/OAuth2.xcodeproj/project.pbxproj b/OAuth2.xcodeproj/project.pbxproj
index 8f1d7423..36f54c31 100644
--- a/OAuth2.xcodeproj/project.pbxproj
+++ b/OAuth2.xcodeproj/project.pbxproj
@@ -830,7 +830,7 @@
 				PRODUCT_NAME = OAuth2;
 				SDKROOT = appletvos;
 				SKIP_INSTALL = YES;
-				SWIFT_VERSION = 3.0;
+				SWIFT_VERSION = 4.2;
 				TARGETED_DEVICE_FAMILY = 3;
 				TVOS_DEPLOYMENT_TARGET = 9.0;
 			};
@@ -858,7 +858,7 @@
 				SDKROOT = appletvos;
 				SKIP_INSTALL = YES;
 				SWIFT_OPTIMIZATION_LEVEL = "-Owholemodule";
-				SWIFT_VERSION = 3.0;
+				SWIFT_VERSION = 4.2;
 				TARGETED_DEVICE_FAMILY = 3;
 				TVOS_DEPLOYMENT_TARGET = 9.0;
 			};
@@ -990,7 +990,7 @@
 				PRODUCT_NAME = OAuth2;
 				SKIP_INSTALL = YES;
 				SWIFT_OPTIMIZATION_LEVEL = "-Onone";
-				SWIFT_VERSION = 4.0;
+				SWIFT_VERSION = 4.2;
 			};
 			name = Debug;
 		};
@@ -1012,7 +1012,7 @@
 				PRODUCT_NAME = OAuth2;
 				SKIP_INSTALL = YES;
 				SWIFT_OPTIMIZATION_LEVEL = "-Owholemodule";
-				SWIFT_VERSION = 4.0;
+				SWIFT_VERSION = 4.2;
 			};
 			name = Release;
 		};
@@ -1034,7 +1034,7 @@
 				PRODUCT_NAME = OAuth2;
 				SDKROOT = macosx;
 				SKIP_INSTALL = YES;
-				SWIFT_VERSION = 4.0;
+				SWIFT_VERSION = 4.2;
 			};
 			name = Debug;
 		};
@@ -1058,7 +1058,7 @@
 				SDKROOT = macosx;
 				SKIP_INSTALL = YES;
 				SWIFT_OPTIMIZATION_LEVEL = "-Owholemodule";
-				SWIFT_VERSION = 4.0;
+				SWIFT_VERSION = 4.2;
 			};
 			name = Release;
 		};
@@ -1077,7 +1077,7 @@
 				PRODUCT_BUNDLE_IDENTIFIER = "com.github.p2.${PRODUCT_NAME:rfc1034identifier}";
 				PRODUCT_NAME = "$(TARGET_NAME)";
 				SDKROOT = macosx;
-				SWIFT_VERSION = 3.0;
+				SWIFT_VERSION = 4.2;
 			};
 			name = Debug;
 		};
@@ -1098,7 +1098,7 @@
 				PRODUCT_NAME = "$(TARGET_NAME)";
 				SDKROOT = macosx;
 				SWIFT_OPTIMIZATION_LEVEL = "-Owholemodule";
-				SWIFT_VERSION = 3.0;
+				SWIFT_VERSION = 4.2;
 			};
 			name = Release;
 		};
diff --git a/OAuth2.xcworkspace/xcshareddata/IDEWorkspaceChecks.plist b/OAuth2.xcworkspace/xcshareddata/IDEWorkspaceChecks.plist
new file mode 100644
index 00000000..18d98100
--- /dev/null
+++ b/OAuth2.xcworkspace/xcshareddata/IDEWorkspaceChecks.plist
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>IDEDidComputeMac32BitWarning</key>
+	<true/>
+</dict>
+</plist>
diff --git a/README.md b/README.md
index 677085ad..57bfa060 100644
--- a/README.md
+++ b/README.md
@@ -4,7 +4,7 @@ OAuth2
 [![Build Status](https://travis-ci.org/p2/OAuth2.svg?branch=master)](https://travis-ci.org/p2/OAuth2)
 [![License](https://img.shields.io/:license-apache-blue.svg)](LICENSE.txt)
 
-OAuth2 frameworks for **macOS**, **iOS** and **tvOS** written in Swift 3.0.
+OAuth2 frameworks for **macOS**, **iOS** and **tvOS** written in Swift 4.2.
 
 - [⤵️ Installation](#installation)
 - [🛠 Usage](#usage)
diff --git a/Sources/Base/OAuth2AuthRequest.swift b/Sources/Base/OAuth2AuthRequest.swift
index c74c2ecd..5193d5f2 100644
--- a/Sources/Base/OAuth2AuthRequest.swift
+++ b/Sources/Base/OAuth2AuthRequest.swift
@@ -69,10 +69,10 @@ Class representing an OAuth2 authorization request that can be used to create NS
 open class OAuth2AuthRequest {
 	
 	/// The url of the receiver. Queries may by added by parameters specified on `params`.
-	open let url: URL
+	public let url: URL
 	
 	/// The HTTP method.
-	open let method: OAuth2HTTPMethod
+	public let method: OAuth2HTTPMethod
 	
 	/// The content type that will be specified. Defaults to `wwwForm`.
 	open var contentType = OAuth2HTTPContentType.wwwForm
diff --git a/Sources/Base/OAuth2Base.swift b/Sources/Base/OAuth2Base.swift
index 70db5ea9..54308523 100644
--- a/Sources/Base/OAuth2Base.swift
+++ b/Sources/Base/OAuth2Base.swift
@@ -37,7 +37,7 @@ open class OAuth2Base: OAuth2Securable {
 	}
 	
 	/// Settings related to the client-server relationship.
-	open let clientConfig: OAuth2ClientConfig
+	public let clientConfig: OAuth2ClientConfig
 	
 	/// Client-side authorization options.
 	open var authConfig = OAuth2AuthConfig()
diff --git a/Sources/iOS/OAuth2WebViewController.swift b/Sources/iOS/OAuth2WebViewController.swift
index e45e1c3a..0867c04c 100644
--- a/Sources/iOS/OAuth2WebViewController.swift
+++ b/Sources/iOS/OAuth2WebViewController.swift
@@ -115,7 +115,7 @@ open class OAuth2WebViewController: UIViewController, WKNavigationDelegate {
 		// create a web view
 		let web = WKWebView()
 		web.translatesAutoresizingMaskIntoConstraints = false
-		web.scrollView.decelerationRate = UIScrollViewDecelerationRateNormal
+		web.scrollView.decelerationRate = UIScrollView.DecelerationRate.normal
 		web.navigationDelegate = self
 		
 		view.addSubview(web)
@@ -251,4 +251,13 @@ open class OAuth2WebViewController: UIViewController, WKNavigationDelegate {
 	}
 }
 
+/// Swift < 4.2 support
+#if !(swift(>=4.2))
+private extension UIScrollView {
+	enum DecelerationRate {
+		static let normal = UIScrollViewDecelerationRateNormal
+	}
+}
+#endif
+
 #endif
diff --git a/Sources/macOS/OAuth2CustomAuthorizer+macOS.swift b/Sources/macOS/OAuth2CustomAuthorizer+macOS.swift
index 5bd90d6a..aa6c5850 100644
--- a/Sources/macOS/OAuth2CustomAuthorizer+macOS.swift
+++ b/Sources/macOS/OAuth2CustomAuthorizer+macOS.swift
@@ -59,7 +59,7 @@ public class OAuth2CustomAuthorizer: OAuth2CustomAuthorizerUI {
 													 expectedType: String(describing: NSViewController.self))
 		}
 		
-		parentController.presentViewControllerAsSheet(controller)
+		parentController.presentAsSheet(controller)
 		presentedController = controller
 	}
 	
@@ -79,4 +79,14 @@ public class OAuth2CustomAuthorizer: OAuth2CustomAuthorizerUI {
 	}
 }
 
+/// Swift < 4.2 support
+#if !(swift(>=4.2))
+private extension NSViewController {
+	@available(OSXApplicationExtension 10.10, *)
+	func presentAsSheet(_ viewController: NSViewController) {
+		presentViewControllerAsSheet(viewController)
+	}
+}
+#endif
+
 #endif
diff --git a/Tests/BaseTests/OAuth2AuthRequestTests.swift b/Tests/BaseTests/OAuth2AuthRequestTests.swift
index 07d6d767..0fcfd48c 100644
--- a/Tests/BaseTests/OAuth2AuthRequestTests.swift
+++ b/Tests/BaseTests/OAuth2AuthRequestTests.swift
@@ -79,7 +79,9 @@ class OAuth2AuthRequestTests: XCTestCase {
 		req.params.removeValue(forKey: "b")
 		XCTAssertTrue(2 == req.params.count)
 		let str = req.params.percentEncodedQueryString()
-		XCTAssertEqual("a=AA&c=A+complicated%2Fsurprising+name+%26+character%3Dfun", str)
+
+		let parts = Set(str.split(separator: "&"))
+		XCTAssertEqual(parts, Set(["a=AA", "c=A+complicated%2Fsurprising+name+%26+character%3Dfun"]))
 	}
 	
 	func testURLComponents() {
diff --git a/Tests/FlowTests/OAuth2ClientCredentialsTests.swift b/Tests/FlowTests/OAuth2ClientCredentialsTests.swift
index 539dddea..5e115873 100644
--- a/Tests/FlowTests/OAuth2ClientCredentialsTests.swift
+++ b/Tests/FlowTests/OAuth2ClientCredentialsTests.swift
@@ -72,7 +72,8 @@ class OAuth2ClientCredentialsTests: XCTestCase {
 		
 		let body = String(data: request.httpBody!, encoding: String.Encoding.utf8)
 		XCTAssertNotNil(body, "Body data must be present")
-		XCTAssertEqual(body!, "grant_type=client_credentials&scope=login+and+more", "Must create correct request body")
+		let parts = Set((body ?? "").split(separator: "&"))
+		XCTAssertEqual(parts, Set(["grant_type=client_credentials", "scope=login+and+more"]), "Must create correct request body")
 	}
 	
 	func testFailedTokenRequest() {