All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog and this project adheres to Semantic Versioning.
- Update tr1d1um config for docker so themis can be used for jwt auth.
- Disable arm64 builds (temporary)
- First release under the new release infrastructure
- Patch Device level 403 errors are not properly propagated to HTTP response codes
- Updated sallust to v0.2.2 to support custom log file permissions
- Update dependencies
- Bug: Event related metrics fail to update #361
- Tr1d1um Panic: device status code used as the response status code can cause an unrecoverable panic #354
- Updated tracing configuration documentation in tr1d1um.yaml to reflect changes in Candlelight #346
- #340
- v2 & v3 endpoints are not enforcing capabilities xmidt-org/tr1d1um#342
- v3 endpoint is not validating webhooks #341
- 8090 support has been removed #343
- Remove Deprecated webpa-common #304
/api/v2/device/
500 EOF Error #328- Remove nonstandard charset for media type JSON encodings #336
- Create TransactionUUID if not provided #334
- Remove several unused build files and update the docker images to work. #325
- Add support for an alternate server #297
- Uber fx integration
- #288
- #291
- hub.com//issues/246
- Major changes to server config, sections changed
primary
=>servers.primary
alternate
=>servers.alternate
health
=>servers.health
pprof
=>servers.pprof
alternate
=>servers.alternate
- Sections
log
andzap
were replaced withlogging
- Section
touchstone
was replaced withprometheus
- Dependency update
- guardrails says github.com/gorilla/websocket v1.5.0 has a high vulnerability but no vulnerabilities have been filed
- github.com/gorilla/sessions v1.2.1 cwe-613 no patch available
- JWT Migration #289
- update to use clortho
Resolver
&Refresher
- update to use clortho
metrics
&logging
- update to use clortho
- Update ancla client initialization
- Update Config
- Use uber/zap for clortho logging
- Use xmidt-org/sallust for the zap config unmarshalling
- Update auth config for clortho
- Update ancla config
- Updated v2 hook endpoint to only enforce loopback validation (when configured). #277
- Bumped ancla to v0.3.9 to fix Duration bug in webhook registration - Duration should be an int in seconds. It will also accept strings such as "5m". #270
- Updated v2 webhook registration to allow for no Duration or Until set. #270
- Fixed v2 endpoint to allow for invalid duration or until fields. When they are invalid, the duration of the webhook is set to the configured maximum. #266
- Renamed common folder and reallocated util.go functions. #235
- Separated main.go into main.go and primaryHandler.go. #239
- Updated spec file and rpkg version macro to be able to choose when the 'v' is included in the version. #242
- Added configurable support for v2 endpoints with current v3 ones from the same application. #249
- Added configurable support for v2 endpoints with current v3 ones from the same application. #249
- Bumped argus to v0.6.0, bumped ancla to v0.3.5, and changed errorEncoder to pull logger from context.#233
- Updated api version in url to v3 to indicate breaking changes in response codes when an invalid auth is sent. This change was made in an earlier release (v0.5.10). #234
- Updated target URL to not have an api base hard coded onto it. Instead, the base should be provided as a part of the configuration value. #234
- Bumped ancla to v0.3.4:
- Bumped ancla to fix http bug. #228
- Fixed the webhook endpoint to return 400 instead of 500 for webhook validation. #225
- Integrated webhook validator and added documentation and configuration for it. #224
- Bump bascule version which includes a security vulnerability fix. #223
- Keep setter and getter unexported. #219
- Prevent Authorization header from getting logged. #218
- Bumped ancla, webpa-common versions. #222
- Add support for acquiring Themis tokens through Ancla. #215
- Use official ancla release and include bascule updates. #213
- Fix bug where OTEL trace context was not propagated from server to outgoing client requests #211
- Make OpenTelemetry tracing an optional feature. #207
- Initial OpenTelemetry integration. #197 thanks to @Sachin4403
- OpenTelemetry integration in webhook endpoints which was skipped in earlier PR. #201 thanks to @Sachin4403
- Migrate to github actions, normalize analysis tools, Dockerfiles and Makefiles. #186
- Bump webpa-common version with xwebhook item ID format update. #192
- Update webhook logic library to xmidt-org/ancla. #194
- Fix bug in which Tr1d1um was not capturing partnerIDs correctly due to casting error. #182
- Update buildtime format in Makefile to match RPM spec file. #185
- Bug in which only mTLS was allowed as valid config for a webpa server. #181
- Update Argus integration. #175
- Switched SNS to argus. #168
- Update references to the main branch. #144
- Bumped bascule, webpa-common, and wrp-go versions. #173
- Specify allowed methods for webhook endpoints. #163
- Revert to default http mux routeNotFound handler for consistency. #163
- Json content type header should only be specified in 200 OK responses for stat endpoint. #166
- Add special field in spruce config yml. #159
- Add docker entrypoint. 154
- Register for specific OS signals. #162
- Add optional config for tr1d1um to use its own authentication tokens (basic and jwt supported). #148
- Remove mention of XPC team in error message. #150
- Bump golang version. #152
- Use scratch as docker base image instead of alpine. #152
- Add docker automation. #152
- Fix a bug in which tr1d1um was returning 500 for user error requests. #146
- Added endpoint regex configuration for capabilityCheck metric. #147
- Moving partnerIDs to tr1d1um.
- Added fix to correctly parse URL for capability checking. #142
- Bumped bascule, webpa-common, and wrp-go.
- Removed temporary
/iot
endpoint. - Updated release pipeline to use travis. #135
- Added configurable way to check capabilities and put results into metrics, without rejecting requests. #137
- Migrated from glide to go modules.
- Bumped bascule version and removed any dependencies on webpa-common secure package.
- Add logging of WDMP parameters.
- Switching to new build process.
0.1.1 - 2018-04-06
- Initial creation.