11.0.1

Release Notes

For: uc-cdis/fence

Notes since tag: 11.0.0

Notes to tag/commit: 11.0.1

Generated: 2025-01-27

Bug Fixes

• Fix timeout when user with large passport logs in by skipping
  grant_from_storage. (#1219)

11.0.0

For: uc-cdis/fence

Notes since tag: 10.4.1

Notes to tag/commit: 11.0.0

Generated: 2025-01-23

New Features

• new endpoint to soft-delete users in Fence. (#1189)
• adds a unit test to check if s3 bucket regex validation is behaving as
  expected (#1196)
• feat: new config option to allow only existing OR active users to login
  (#1184)

Breaking Changes

• remove role field from /admin/user POST endpoint (#1202)
• set User.is_admin to DEPRECATED (#1202)
• deprecation notices for future breaking changes where we'll remove a number
  of legacy endpoints (#1201)
• some of the admin endpoints and methods now expect username instead of
  name. (#1189)

Bug Fixes

• Exchange Area projects no longer cause exceptions when applied from a
  passport (#1216)
• Google group sync no longer runs on login when a passport is issued.
  (#1216)
• Update documentation link in setup.md (#1194)

Improvements

• consolidate on use of username instead of a mix of name and username
  in the /admin/user endpoints. (#1189)
• The /admin endpoints in Fence are protected by a check agains Arborist
  permissions instead of checking for user.is_admin in DB (#1190)
• feat: add extra (optional) fields to "create user" /admin/user POST
  endpoint (#1185)
• to make user creation more uniform, reflecting what is also done elsewhere
  (#1185)
• in fence/sync/sync_users.py
  _upsert_userinfo()
  for example (#1185)

Dependency Updates

• Bumps werkzeug from 3.0.4 to 3.0.6.
  (#1192)

Deployment Changes

• activation of the feature depends on a new configuration setting:
  ALLOW_NEW_USER_ON_LOGIN (#1184)

10.4.1

Release Notes

For: uc-cdis/fence

Notes since tag: 10.4.0

Notes to tag/commit: 10.4.1

Generated: 2024-10-28

Bug Fixes

• Fixed a bug cause Fence to unable to generate presigned URL for S3 buckets
  in fence config that has wildcard characters in their names (#1193)

Deployment Changes

• any env that has S3 buckets in fence config that has wildcard characters
  should consider adpoting this release (#1193)

10.4.0

Release Notes

For: uc-cdis/fence

Notes since tag: 10.3.1

Notes to tag/commit: 10.4.0

Generated: 2024-09-11

Bug Fixes

• Fixes issue where google group updates for passport sync would clear
  existing membership from Google Bucket Access Groups. (#1177)

10.3.1

Release Notes

For: uc-cdis/fence

Notes since tag: 10.3.0

Notes to tag/commit: 10.3.1

Generated: 2024-08-29

Bug Fixes

• Use auto addressing style for presigned url generation (attempts to use
  virtual, but falls back to path if necessary) (#1179)
• Pass endpoint_url from Fence config to boto3 client for presigned url
  creation (#1179)

10.3.0

Release Notes

For: uc-cdis/fence

Notes since tag: 10.2.0

Notes to tag/commit: 10.3.0

Generated: 2024-08-27

New Features

• Add support for generating presigned urls for requester pay enabled AWS S3
  buckets (#1173)

Improvements

• Use boto3 for AWS S3 presigned url generation (#1173)
• Move AWS S3 presigned url generation related functionality into
  gen3cirrus (#1173)

Deployment Changes

• New configuration has been added into Fence config for requester pay
  enabled AWS S3 buckets, please refer to /fence/config-default.yaml for
  details (#1173)

Dependency Updates

• gen3cirrus to 3.1.0 (#1173)
• boto3 to 1.35.6 (#1173)

10.2.0

Release Notes

For: uc-cdis/fence

Notes since tag: 10.1.0

Notes to tag/commit: e1a568d

Generated: 2024-08-12

New Features

• Adds support for deleting files from non-AWS S3-compatible endpoints (e.g.
  MinIO, Wasabi, Ceph). (#1171)

Bug Fixes

• Create new migration to remove foreign key constraint if it exists on
  google_service_account table (#1172)
• Fixes the "The AWS Access Key Id you provided does not exist" error when
  attempting to delete a file from a non-AWS bucket. (#1171)

Improvements

• Allows for Gen3 administrators to have greater flexibility in choosing
  their preferred data storage, while keeping the AWS S3 endpoint as the
  "default" storage option. (#1171)
• /upload endpoint accepts optional guid in request body. If the guid
  exists in indexd, it does not create a new record, else it creates a blank
  record with the provided guid. (#1147)
• /multipart/init endpoint accepts optional guid in request body. If the
  guid exists in indexd, it does not create a new record, else it creates a
  blank record with the provided guid. (#1147)

Deployment Changes

• Requires database migration (#1172)

Initial prometheus support

Release Notes

For: uc-cdis/fence
Notes since tag: 10.0.0
Notes to tag/commit: 58f8164
Generated: 2024-08-01

New Features

• Prometheus metrics support for logins and presigned URLs (#1156)

Bug Fixes

• Fix so local csvs file are processed in consistent order, regardless of os
  (#1165)
• Updates user_info overwrite logic to preserve data when processing CSVs
  without some attributes (#1165)

Improvements

• Reorganized docs to make finding what you need a bit easier (#1164)

Dependency Updates

• Bumps idna from 2.10 to 3.7. (#1150)

10.0.0

What's Changed

Rewrite Fence project to work with Authlib 1.2.1

Breaking Changes

New Alembic Database Migration added and is required.
Update Authlib Version by Major Version to post-1.0 release: 1.2.1

New Contributors

• @tianj7 made their first contribution in #1114

9.3.6

Release Notes

For: uc-cdis/fence

Notes since tag: 9.3.5

Notes to tag/commit: 9.3.6

Generated: 2024-06-17

Improvements

• Add debug log when the authorization header cannot be parsed (#1151)
• Print stack trace when usersync cannot downloaded files from an ftp/sftp
  server (#1151)
• Removes travis CI, replace with GH Actions (#1116)

Dependency Updates

• many dep updates, including security update for werkzeug (#1146)