0.6.3

A change has been made to the path-params-decoder to address the breaking change in 0.6.0; by making the decoder idempotent, it is no longer a breaking change.

0.6.2

This release simply updates Jetty dependencies to address recently discovered CVEs.

0.6.1

Upgrade dependencies to fix CVEs:

• aws-java-sdk-xray
• jetty (various)
• tomcat-embed-jasper & tomcat-embed-core

0.6.0

Full release notes in the CHANGELOG; this covers some minor breaking changes.

The emphasis for this release was primarily about addressing CVEs in dependencies; internally, we also shifted the build from Leiningen to Clojure CLI (aka deps.edn). Finally, documentation and examples were updated and refreshed.

What's Changed

• The leading slash results in 404 Not Found by @umair-symplr in #705
• #696: Remove sync io from go blocks by @aredington in #706
• Improve log overriding by @aredington in #715
• replace some uses of deprecated defroutes, fix sample 'chain-providers' by @tbcs in #531
• improve csrf interceptor by @lucywang000 in #648
• URL Decode path parameters by default by @hlship in #733
• Fix reflection warnings in io.pedestal.http.route by @hlship in #731
• Mark io.pedestal.interceptor.helpers as deprecated by @hlship in #742
• #610: Regression: url-for for routes with an url-param as the first path part by @bonkydog in #746

New Contributors

• @phmeier-nubank made their first contribution in #707
• @umair-symplr made their first contribution in #705
• @stonedz made their first contribution in #690
• @lucywang000 made their first contribution in #648
• @hlship made their first contribution in #723
• @mtsbarbosa made their first contribution in #716
• @claj made their first contribution in #691
• @NazarDunets made their first contribution in #747

Full Changelog: 0.5.10...0.6.0

Maintenance Release

This release addresses the following issues:

• #695 Address critical dependency vulnerabilities (i.e., Jetty) and update to the latest core.async version.
• #693 BREAKING CHANGE: Update Pedestal's OpenTracing-related protocol implementations by removing the extension of TraceSpan, TraceSpanLog, TraceSpanLogMap and TraceSpanBaggage to Scope. This aligns Pedestal's OpenTracing support with OpenTracing version 0.33. Affected implementations should be changed to interact with spans directly, as per the Pedestal Tracing sample, as opposed to going through the Scope instance.
• PR #686 Adds a missing arity to TraceOrigin/-span for nils.
• PR #684 Updates the SSLContextFactory used for configuring Jetty. This context factory supports more complicated SSL setups.

Maintenance release

This release addresses the following issues:

• #497 Websocket handlers should handle flow control/backpressure asynchronously
• #662 Override logger should be optional when using io.pedestal.log/log
• #672 Critical Vulnerability in Eclipse Jetty 9.4.18.v20190429 (CVE-2020-27216)
• #678 print-method generates an invalid edn when printing interceptors without name
• #683 Incorrect arity 5 for io.pedestal.http.route.definition.table/syntax-error

Configurable Jetty thread pool and various bug fixes.

• The fast-resource interceptor now passes on context correctly. Resolves #658
• Pedestal now supports overriding the Jetty thread pool. #655.
• Fix FileChannel/open usage in fast-resource. Resolves #651.
• Clearer error messaging when the AWS XRay tracer is not registered. #617.
• Fix error suppression bug. See PR #645.
• Use openjdk Docker image in service template. Resolves #642.
• The test ServletHttpRequest now returns a StringBuffer on getRequestURL.
• Fix override-logger usage in log function. Resolves #638.
• Fix setting initial tags in X-Ray segment/subsegment. Resolves #626.
• Add test support for HttpServletResponse SendError.
• Fix tracing examples and updates some samples.

Fix service-template

• Fixes the Template resource 'leiningen/new/pedestal_service/.gitignore' not found. error
  encountered when running lein pedestal-service [app-name] with the Pedestal 0.5.6 release.

For a full list of changes, please see this comparison of 0.5.6...0.5.7

Fixes, enhancements and dependencies bump

• Resolves Pedestal dependencies have CVEs of high/critical severity #619
• It is now possible to override the service configuration's HttpConfiguration (jetty only) #615.
• The url-for :strict-path-params? option is now more strict. nil values are not allowed. Addresses #602.
• Bumped dependencies (see PR #620 for details)

For a full list of changes, please see this comparison of 0.5.5...0.5.6

Minor release, bugfixes.

Thanks to everyone who helped on all changes that went into 0.5.5.

Samples

• Added a json-api sample.

Bugfixes

• Pedestal.log now adheres to recent ns spec changes allowing its use with Clojure 1.10. Addresses issue #603.
• Fix for pedestal.log's distributed tracing support when passing a map to log/log-span.
• Fix async termination. Addresses issue #581.
• Fix recursive loop error in API Gateway async utilities.

For a full list of changes, please see this comparison of 0.5.4...0.5.5