Releases: eclipse/kapua
1.5.0
Enhancements
[accounts] Expose AccountService.findChildrenRecursive on REST API (#3265)
[backend] Added additionals exception based on the Device ResponseMessage.responseCode (#3306)
[backend] Added indexes on jBatch tables to improve performances (#3191)
[backend] Added KapuaQuery.defaultSortCriteria (#3287)
[backend] Cache exception handling improvement (#3183)
[backend] Introduced usage of ConfigurationPrinter in some classes (#3223)
[backend] Translator readBodyAsJson improvement (#3259)
[build] GitHub Actions CI (#3182)
[build] Remove TravisCI.org integration (#3237)
[build] Set modules version to 1.5.0-SNAPSHOT (#3186)
[console] Added isValid check before enabling Submit button on ActionDialog (#3220)
[credentials] Improved AuthenticationServiceShiro validation of credentials (#3242)
[credentials] Issuer name added in MFA QR code image (#3300)
[credentials] MFA: the 'Kapua' name should be added in the respective authenticator app entry (#3256)
[datastore] Bump Elasticsearch to 7.8.1 (#3330)
[datastore] Elasticsearch Transport Client Removal (#3302)
[datastore] Improve Upsert Failed Error Message in Elasticsearch REST Client (#3297)
[dependencies] Bump Apache HTTP Client to 4.5.13 (#3243)
[dependencies] Bump log4j-api version from 2.8.2 to 2.14.0 (#3199)
[dependencies] Bump slf4j-api dependency version from 1.7.26 to 1.7.30 (#3198)
[dependencies] Bumped version of commons-codec from 1.9 to 1.15 - CWE-200 (#3277)
[dependencies] Bumped version of guava from 27.1-jre to 30.1-jre - CVE-2020-8908 - CWE-200 (#3276)
[dependencies] Bumped version of Netty4 to 4.1.60.Final - CVE-2021-21290 - CWE-378 (#3283)
[dependencies] Bumped version of Snake Yaml from 1.15 to 1.28 - CVE-2017-18640 - CWE-189 (#3275)
[dependencies] Remove dependencies from ActiveMQ tar.gz (#3344)
[dependencies] Upgrade org.reflections:reflections to 0.9.12 (#3337)
[dependencies] Upgraded Jackson dependencies version from 2.10.1 to 2.12.2 - CVE-2020-25649 - CWE-611 (#3274)
[dependencies] Upgraded Shiro version from 1.3.2 to 1.5.3 - CVE-2019-12422 - CVE-2020-1957 - CVE-2020-11989 (#3203)
[dependencies] Upgradend Quartz Scheduler Version to from 2.2.3 to 2.3.2 - CVE-2019-13990 - CWE-611 (#3204)
[device-jobs] Forbid modifying JobSteps if Job has started at least once (#3241)
[device-jobs] Job Step Properties limits and basic validation (#3318)
[device-jobs] Job Step Properties required attribute (#3339)
[device-jobs] Jobs REST API Step edit, Trigger edit, multiple Is Running (#3295)
[device-jobs] Schedule Trigger update feature (#3240)
[device-jobs] Standalone Job Engine (#3238)
[device-management] [Feature] Device Birth Extended Properties (#3273)
[device-management] [Feature] Device Management INVENTORY-V1 (#3264)
[device-management] Added Certificate.serialHex property
[device-management] Device management response stacktrace show option (#3210)
[device-management] Feature Device Management INVENTORY-V1 bundle start and stop (#3343)
[device-management] Feature Device Management SUBMIT and CANCEL verbs (#3340)
[device-management] Feature KEYS-V1 support (#3315)
[device-management] Fixed Keystore CertificateInfo list retrieval
[documentation] Added 'Device.extendedProperties' to OpenAPI definition file (#3307)
[documentation] Export OpenAPI Entities on Root OpenAPI file (#3314)
[documentation] Update Copyright Year to 2021 (#3189)
[endpoints] Update Endpoint REST API to support CORS endpoints (#3326)
[rest-api] Dynamic CORS Filter (#3278)
[rest-api] Add sortDir and sortParam to REST APIs - Round 1 (#3349)
[rest-api] Return 409 Conflict in REST API for ENITY_UNIQUENESS exceptions
[sso] Improved logged parameters in SsoCallbackServlet request (#3244)
[sso] SSO - OIDC environment variables renaming (#3298)
[sso] SSO: OIDC env variables names should be improved (#3261)
[users] Prevent username change at backend
Bugfixes
[backend] Fixed device-management-inventory-internal module package names (#3288)
[backend] Fixed KapuaErrorHandlerServlet missing template mapping (#3211)
[backend] Fixed Liquibase properties which where not compatible with MySQL (#3271)
[build] external/pom.xml not found (#3196)
[build] Fixed declaration of showStacktrace in Console assembly run file (#3267)
[console] Fixed Console Http Session Fixation security issue (#3197)
[credentials] MFA: the encrypted mfaSecretKey should be removed when returned with a GET REST API (#3279)
[device-jobs] Exporting batch jobs does not create a file with no entries anymore (#3310)
[device-jobs] Fixed definition of schdl_trigger_fired with ON DELETE CASCADE (#3285)
[device-jobs] Fixed JobEngineService error messages bundle configuration (#3239)
[device-jobs] Fixed logic that checks for job executions before editing JobStep (#3284)
[device-management] Fixed GenericRequestPayload translation (#3282)
[documentation] Fixed typos "adress" and "loged" (#3334)
[documentation] Removed kapua-external module references from documentation (#3214)
[endpoints] Add Endpoint service dependency after new CORS filter (#3293)
[rest-api] CORS error when calling REST API with expired access token (#3308)
[rest-api] Don't check for specific CORS Origin if session is not yet created (#3292)
[rest-api] Fix CORS error for non-CORS requests (#3329)
[rest-api] Fixed CORS filtering fail causing print of stacktrace in HTTP Response (#3294)
[rest-api] Invert CORS-non CORS logic in CORS Filter (#3331)
[sso] Fix openIDidToken variable on AuthenticationServiceShiroImpl (#3245)
[sso] SSO: ID Token should be used in place of the Access Token in the OIDC authentication step (#3257)
[test] Fixed test ElasticSearchClientProvider value (#3332)
[test] Jobs and Trigger Tests fail due to an hardcoded date (#3311)
[test] Jobs and TriggerService tests failing on GitHub Actions (#3224)
[test] KapuaLifeCycleConverterTest JUnit test failing in latest PRs (#3270)
1.4.4
1.4.3
1.4.2
Bugfixes
[device-management] Fixed GenericRequestPayload translation (#3282)
Enhancements
[dependencies] Bumped version of Snake Yaml from 1.15 to 1.28 - CVE-2017-18640 - CWE-189 (#3275)
[dependencies] Upgraded Jackson dependencies version from 2.10.1 to 2.12.2 - CVE-2020-25649 - CWE-611 (#3274)
1.4.1
Bugfixes
[backend] Fixed JobEngineService error messages bundle configuration (#3239)
[backend] Fixed Liquibase properties which where not compatible with MySQL (#3271)
[build] external/pom.xml not found (#3196)
[console] Fixed Console Http Session Fixation security issue (#3197)
[console] Fixed KapuaErrorHandlerServlet missing template mapping (#3211)
[deployment] Fixed declaration of showStacktrace in Console assembly run file (#3267)
[sso] Fix openIDidToken variable on AuthenticationServiceShiroImpl (#3245)
[sso] SSO: ID Token should be used in place of the Access Token in the OIDC authentication step (#3257)
[test] Jobs and TriggerService tests failing on GitHub Actions (#3224)
Enhancements
[authentication] Introduced usage of ConfigurationPrinter in some classes (#3223)
[backend] Added indexes on jBatch tables to improve performances (#3191)
[backend] Cache exception handling improvement (#3183)
[build] GitHub Actions CI (#3182)
[build] Remove TravisCI.org integration (#3237)
[console] Added isValid check before enabling Submit button on ActionDialog (#3220)
[dependencies] Bump Apache HTTP Client to 4.5.13 (#3243)
[dependencies] Bump log4j-api version from 2.8.2 to 2.14.0 (#3199)
[dependencies] Bump slf4j-api dependency version from 1.7.26 to 1.7.30 (#3198)
[dependencies] Bumped version of commons-codec from 1.9 to 1.15 - CWE-200 (#3277)
[dependencies] Bumped version of guava from 27.1-jre to 30.1-jre - CVE-2020-8908 - CWE-200 (#3276)
[dependencies] Upgraded Shiro version from 1.3.2 to 1.5.3 - CVE-2019-12422 - CVE-2020-1957 - CVE-2020-11989 (#3203)
[dependencies] Upgradend Quartz Scheduler Version to from 2.2.3 to 2.3.2 - CVE-2019-13990 - CWE-611 (#3204)
[device-management] Device management response stacktrace show option (#3210)
[documentation] Removed kapua-external module references from documentation (#3214)
[documentation] Update Copyright Year to 2021 (#3189)
[jobs] Forbid modifying JobSteps if Job has started at least once (#3241)
[sso] Improved AuthenticationServiceShiro validation of credentials (#3242)
[sso] Improved logged parameters in SsoCallbackServlet request (#3244)
1.4.0
Kapua 1.4.0 upgrades the Elasticsearch version to 6.8.7. When upgrading from a previous version, users should run the Elasticsearch Migration Tool in order to convert existing data to the new index format. More details here
Enhancements
[account-settings] Extend accountSelfEdit support in Configurations (#3152)
[account-settings] JobExecutionService should not be configurable (#3156)
[account-settings] More services should not be configurable (#3169)
[backend] Added index on DeviceConnection table (#3178)
[backend] SslVerify property is not used and should be removed (#3139)
[credentials] Configurable MFA machine trust key duration (#3167)
[credentials] MFA QRCodeServlet removal (#3147)
[datastore] Elasticsearch 6.8 (#3133)
[dependencies] Forced Netty3 version to 3.10.6.Final (#3184)
[documentation] Add Credentials documentation to Gitbook summary (#3154)
[documentation] Credentials documentation (#3141)
[documentation] Multi Factor Authentication user manual (#3132)
[license] Upgrade license to EPL 2.0 (#2987)
[rest-api] MFA authentication and CRUD operations via REST API (#3166)
[sso] Change SSO module position and naming convention. (#2763)
[sso] Conditional statements for OpenID Connect provider selection should be improved (#3145)
Bugfixes
[build] Missing zxing dependencies added to broker assembly (#3151)
[credentials] Fixes for Multi Factor Authentication (#3137)
[datastore] Fix ES6 Migration Tool data index mapping name and Refresh before Reindex (#3157)
[rest-api] Fix OutOfBound exception in ApiKey authentication Rest API (#3177)
[test] QA trigger end date changed to avoid TriggerNeverFiresException (#3175)
1.3.2
Enhancements
[account-settings] JobExecutionService should not be configurable (#3156)
[account-settings] More services should not be configurable (#3169)
[backend] Added index on DeviceConnection table (#3178)
[documentation] Add Credentials documentation to Gitbook summary (#3154)
Bugfixes
[rest-api] Fix OutOfBound exception in ApiKey authentication Rest API (#3177)
[test] QA trigger end date changed to avoid TriggerNeverFiresException (#3175)
1.3.1
Bugfixes
[authentication] Fixes for Multi Factor Authentication (#3137)
[deployment] Missing zxing dependencies added to broker assembly (#3151)
Enhancements
[authentication] MFA QRCodeServlet removal (#3147)
[deployment] SslVerify property is not used and should be removed (#3139)
[documentation] Multi Factor Authentication user manual (#3132)
[documentation] Credentials documentation (#3141)
1.3.0
Bugfixes
[backend] AbstractKapuaConfigurableResourceLimitedService throws npe if maxNumberChildEntities is not present (#3020)
[build] Fixed Travis CI Maven installation (#3079)
[child-accounts] "Modified By" column in Child Accounts shows incorrect data (#3089)
[console] Account list not properly shown (#3049)
[console] User Gets Logged Out After 20 Seconds (#2931)
[device-configurations] Configuration validation limits string fields to 256 characters (#3002)
[device-configurations] Increased length limit for Device Configuration Tab TextField and TextArea (#3010)
[rest-api] Fix Permission import on REST JaxbContext (#3028)
[rest-api] Restore Path annotation in DeviceManagementOperations REST APIs (#3040)
[rest-api] Unable to refresh expired Access Token with a valid Refresh Token (#3055)
[service-configurations] Account Configuration view refreshes view on error (#3108)
[service-events] liquibase.exception.DatabaseException: Invalid default value for 'created_on' [Failed SQL: ALTER TABLE meeting.sys_event_store MODIFY created_on timestamp(3) DEFAULT current_timestamp() (#2991)
[sso] SSO provider session not invalidated at Kapua session invalidation (#2971)
[sso] The OpenID idToken should never be 'null' (#3041)
Enhancements
[authentication] Configurable Minimum Password Length (#3121)
[authentication] Security plugin should allow authentication logic to be pluggable (#3119)
[authentication] Use index to search for AccessTokens (#3022)
[backend] Add Scope ID to isServiceEnabled() and isPropertyEnabled() (#3000)
[backend] Adjustable logging level (#3085)
[backend] Cache manager review the cache instantiation process (#3011)
[backend] Eclipselink 2.7.7 (#3030)
[backend] Fix sonar cloud 2020 03 06 (#2897)
[backend] Force EclipseLink JaxbContextFactory (#3019)
[backend] Redundant DeviceMenagementException and DeviceManagementException (#3074)
[build] Added options to keep staging repository in case of error (#2998)
[build] Bump netty4 version from 4.1.34.Final to 4.1.50.Final - CVE-2019-16869 - CWE-113 (#3006)
[build] Proposal for patching SonarQube rule 3032 (#3027)
[build] Removed unnecessary dependencies of netty-all (#3009)
[datastore] Disable datastore for REST API (#3004)
[datastore] Elasticsearch Kapua Client Refactoring (#3068)
[datastore] Re-add support for ElasticSearch multiple nodes (#3111)
[datastore] Storable API Refactoring (#3073)
[deployment] MFA env variables in console entrypoint (#3129)
[deployment] Redundant OpenID variables for the generic OpenID (SSO) provider in run-console script (#3127)
[device-events] Retrieval of DeviceEvent performance degradation (#2851)
[device-events] Retrieve device events with time interval filter (#3057)
[device-packages] "Log" Button Not Active in Devices -> Packages (#2868)
[devices] New sorting on Device View Tabs (#3078)
[documentation] Added new lables, syntax error fixes in README.md (#3065)
[documentation] Fix getting started on Eclipe Kapua website (#2968)
[documentation] Fix ide-page grammatical errors (#3042)
[documentation] Fix kura-kapua docs grammatical errors (#3050)
[documentation] Fix permissions doc grammatical errors (#3058)
[documentation] Fix running-page grammatical errors (#3043)
[documentation] Fix simulator doc grammatical errors (#3059)
[documentation] Fix sso doc grammatical errors (#3045)
[documentation] Minor fixes in README docs concerning sso (#2985)
[documentation] Update Copyright Years (#3063)
[messaging] MQTT Internal Connector (#3067)
[rest-api] Add askTotalCount parameter to user endpoint (#3062)
[rest-api] Initial support for MatchPredicates in Device REST API (#2875)
[rest-api] Refactor CORS Filter as Servlet Filter and disable WADL (#3069)
[rest-api] Remove REST Error Pages and /test resource reference (#3026)
[rest-api] Sort order parameter for data messages request (#2981)
[rest-api] Users Match Predicate (#3051)
[security] Broker Security Plugin enhancements (#3066)
[security] complete the KapuaSecurityContext improvements (#3105)
[sso] Add logging on the SSO (#3081)
[sso] Enabling property to disable the OpenID Connect logout (#2996)
[sso] Use the 'well-known' configuration document to configure the SSO OpenID providers (#3044)
[test] Added Junit Tests (#3008)
[test] Added Junit Tests for LocalCache Class (#3014)
[users] Allow enable/disable of kapua-sys user (#3091)