README.md in xeroizer-2.19.0 vs README.md in xeroizer-2.20.0

@@ -1,15 +1,15 @@
 Xeroizer API Library ![Project status](http://stillmaintained.com/waynerobinson/xeroizer.png) [![Build Status](https://travis-ci.org/waynerobinson/xeroizer.svg)](https://travis-ci.org/waynerobinson/xeroizer)
 ====================
 
-**Homepage**: 		[http://waynerobinson.github.com/xeroizer](http://waynerobinson.github.com/xeroizer)		
-**Git**: 					[git://github.com/waynerobinson/xeroizer.git](git://github.com/waynerobinson/xeroizer.git)		
-**Github**: 			[https://github.com/waynerobinson/xeroizer](https://github.com/waynerobinson/xeroizer)		
-**Author**: 			Wayne Robinson [http://www.wayne-robinson.com](http://www.wayne-robinson.com)		
+**Homepage**: 		[http://waynerobinson.github.com/xeroizer](http://waynerobinson.github.com/xeroizer)
+**Git**: 					[git://github.com/waynerobinson/xeroizer.git](git://github.com/waynerobinson/xeroizer.git)
+**Github**: 			[https://github.com/waynerobinson/xeroizer](https://github.com/waynerobinson/xeroizer)
+**Author**: 			Wayne Robinson [http://www.wayne-robinson.com](http://www.wayne-robinson.com)
 **Contributors**: See Contributors section below
 **Copyright**:    2007-2013
-**License**:      MIT License		
+**License**:      MIT License
 
 Introduction
 ------------
 
 This library is designed to help ruby/rails based applications communicate with the publicly available API for Xero.
@@ -67,11 +67,11 @@
 #    Note: The callback URL's domain must match that listed for your application in http://api.xero.com
 #          otherwise the user will not be redirected and only be shown the authentication code.
 request_token = client.request_token(:oauth_callback => 'http://yourapp.com/oauth/callback')
 
 # 2. Redirect the user to the URL specified by the RequestToken.
-#    
+#
 #    Note: example uses redirect_to method defined in Rails controllers.
 redirect_to request_token.authorize_url
 
 # 3. Exchange RequestToken for AccessToken.
 #    This access token will be used for all subsequent requests but it is stored within the client
@@ -172,10 +172,20 @@
 ```ruby
 client = Xeroizer::PrivateApplication.new(YOUR_OAUTH_CONSUMER_KEY, YOUR_OAUTH_CONSUMER_SECRET, "/path/to/privatekey.pem")
 contacts = client.Contact.all
 ```
 
+To provide a private key directly, set the path to nil and pass in a `private_key` option instead. For example:
+
+```ruby
+# Using environment variables (e.g. Heroku):
+client = Xeroizer::PrivateApplication.new(key, secret, nil, private_key: ENV["XERO_PRIVATE_KEY"])
+
+# Using Rails Credentials (Rails 5.2+):
+client = Xeroizer::PrivateApplication.new(key, secret, nil, private_key: Rails.application.credentials.xero_private_key)
+```
+
 ### Partner Applications
 
 Partner applications use a combination of 3-legged authorisation and private key message signing.
 
 Visit the [https://developer.xero.com/partner/app-partner](Becoming an app partner) page to get permission to create a partner application.
@@ -198,11 +208,11 @@
 #    Note: The callback URL's domain must match that listed for your application in http://api.xero.com
 #          otherwise the user will not be redirected and only be shown the authentication code.
 request_token = client.request_token(:oauth_callback => 'http://yourapp.com/oauth/callback')
 
 # 2. Redirect the user to the URL specified by the RequestToken.
-#    
+#
 #    Note: example uses redirect_to method defined in Rails controllers.
 redirect_to request_token.authorize_url
 
 # 3. Exchange RequestToken for AccessToken.
 #    This access token will be used for all subsequent requests but it is stored within the client
@@ -222,12 +232,12 @@
 access_secret = client.access_token.secret
 ```
 
 Two other interesting attributes of the PartnerApplication client are:
 
-> **`#expires_at`**:								Time this AccessToken will expire (usually 30 minutes into the future).		
-> **`#authorization_expires_at`**:	How long this organisation has authorised you to access their data (usually 10 years into the future).		
+> **`#expires_at`**:								Time this AccessToken will expire (usually 30 minutes into the future).
+> **`#authorization_expires_at`**:	How long this organisation has authorised you to access their data (usually 10 years into the future).
 
 #### AccessToken Renewal
 
 Renewal of an access token requires knowledge of the previous access token generated for this organisation. To renew:
 
@@ -584,10 +594,12 @@
 Reports are accessed like the following example:
 
 ```ruby
 trial_balance = xero.TrialBalance.get(:date => DateTime.new(2011,3,21))
 
+profit_and_loss = xero.ProfitAndLoss.get(fromDate: Date.new(2019,4,1), toDate: Date.new(2019,5,1))
+
 # Array containing report headings.
 trial_balance.header.cells.map { | cell | cell.value }
 
 # Report rows by section
 trial_balance.sections.each do | section |
@@ -651,10 +663,10 @@
 
 If required, the library can handle these exceptions internally by sleeping 1 second and then repeating the last request.
 You can set this option when initializing an application:
 
 ```ruby
-# Sleep for 2 seconds every time the rate limit is exceeded.
+# Sleep for 1 second and retry up to 3 times when Xero claims the nonce was used.
 client = Xeroizer::PublicApplication.new(YOUR_OAUTH_CONSUMER_KEY,
                                          YOUR_OAUTH_CONSUMER_SECRET,
                                          :nonce_used_max_attempts => 3)
 ```