Skip to content

Releases: SoftInstigate/restheart

7.5.0

20 Sep 17:30
1763c11
Compare
Choose a tag to compare

Release 7.5.0

Major improvements

More details on this milestone at https://github.com/SoftInstigate/restheart/milestone/49?closed=1

Deprecation notice

Starting from this release, we no longer run our integration tests against MongoDB 3.6.

List of supported MongoDB versions:

  • 4.2
  • 4.4
  • 5.0
  • 6.0
  • 7.0

Also this release deprecates the MongoService monitoring that will be removed in v8.0.

Full Changelog: 7.4.6...7.5.0

7.4.6

10 Aug 09:43
28e4c5a
Compare
Choose a tag to compare

Release 7.4.6

Minor security patches.

New commits

  • 28e4c5a - (tag: 7.4.6) Release version 7.4.6
  • cd01e11 - Fix catchingInterruptedExceptionWithoutInterrupt
  • c65dc73 - Ignore the master branch when there are tags [skip ci]
  • 41e3da3 - pull all required images before building
  • dc97c53 - Upgrade actions to docker/build-push-action@v4
  • a617583 - Upgrade dependencies to patch possibile security vulnerabilities
  • f4dc45a - Update README.md [skip ci]

Full Changelog: 7.4.5...7.4.6

7.4.5

08 Aug 09:50
23cbe52
Compare
Choose a tag to compare

Release 7.4.5

Improve handling of GraphQL json bad requests. An example follows:
request

POST /graphql/foo
Content-Type: application/json
{
  “query”:  { this { is { invalid { json } } } }
}

response

{
	“http status code”: 400,
	“http status description”: “Bad Request”,
	“message”: “query field must be a string”
}

Before 7.4.5 this was returning the generic 500 error status code.

Full Changelog: 7.4.3...7.4.5

7.4.3

04 Aug 16:14
22fe9b1
Compare
Choose a tag to compare

Release 7.4.3

Minor security patch release.

Updated dependencies for known vulnerabilities:

  • graalvm.version to 22.3.3
  • guava to 32.1.2-jre
  • undertow-core to 2.3.7.Final

Full Changelog: 7.4.2...7.4.3

7.4.2

29 May 14:14
4b5ee5e
Compare
Choose a tag to compare

Release 7.4.2

d9907c4 🔧 audience claim configuration for JwtAuthenticationMechanism is optional
b60a12d 🐛 Fix boolean type not supported in interpolation of acl permission
912925d Set log level to warning when a Replica Set is not present

Full Changelog: 7.4.1...7.4.2

7.4.1

18 May 14:28
f8b34cb
Compare
Choose a tag to compare

Release 7.4.1

Upgrade undertow-core to 2.3.6.Final

fix: pom.xml to reduce vulnerabilities (#460)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-3358786

Full Changelog: 7.4.0...7.4.1

7.4.0

02 May 15:07
51f4e6a
Compare
Choose a tag to compare

Release 7.4.0

This release adds the following new features:

  • MongoService supports application/x-www-form-urlencoded and multipart/form-data content types for write requests
  • jwtTokenManager can be configured to add properties from account document to the JWT

It also updates all dependencies to latest versions.

Notable commits since the previous release

9f0f5fe 🥅 Improve response error for GraphQL app with missing db or collection in mapping
23ae157 ✨ jwtTokenManager can be configured to add properties from account document to the JWT
d859462 Upgrade all tests to JUnit 5
bb0c919 ✅ Add test for MongoService support of application/x-www-form-urlencoded and multipart/form-data content types
3d1bbe7 ♻️ Improve MongoService handling of multipart/form requests
27037c1 ✨ MongoService handles multipart/form write requests to collections building BSONdocument from parts/fields
fdaa6a4 🥅 Avoid closing request channel in AuthenticationCallHandler when Transfer-Encoding=chunked
321cea4 ✨ MongoService accepts Content-Type application/x-www-form-urlencoded or multipart/form-data for write requests

Full Changelog: https://github.com/SoftInstigate/restheart/compare/7.3.5..7.4.0

7.3.5

12 Apr 12:00
a0b4d5e
Compare
Choose a tag to compare

Release 7.3.5

This release fixes the following bugs and upgrades org.everit.json.schema to v1.14.2:

  • request content is not initialized if request.isInError() is true
  • avoid $merge/$out-suffixed aggregations to return data

New commits since the previous release

4eb66d2 🐛 Fix request content is not initialized if request.isInError() is true
8b3f449 ♻️ Replace String.trim() with String.strip()
77c19af 🐛 Avoid $merge/$out-suffixed aggregations to return data
59b90e4 ⬆️ Upgrade org.everit.json.schema to v1.14.2

Full Changelog: https://github.com/SoftInstigate/restheart/compare/7.3.34..7.3.5

7.3.4

04 Apr 14:19
a0b0910
Compare
Choose a tag to compare

Release 7.3.4

This release upgrades all major dependencies to latest version including Undertow, MongoDB driver and json-path.

It fixes a security issue that might cause unauthorized requests from utilizing system resources.

It also fixes some minor bugs and introduces performance improvements.

New commits since the previous release

74fafc6 🔧 Update reflect-config to fix MongoService ?cache with native images
0a96be6 🔧 Update reflect configuration for native image builds after dependencies upgrade
fa9c3ab 🥅 Avoid closing request channel in AuthenticationCallHandler when Transfer-Encoding=chunked
e9363f6 ♻️ Refactoring MongoService file content type detection moving logic from MongoRequestContentInjector to new interceptor FileMediaTypeDetector
e8feba1 ⬆️ Upgrade MongoDB driver to v4.9.0
e6f4296 ⚡ Avoid MongoService read operation after document insert with POST and PUT
4072bbd ⚡ Close the request channel before endExchange in AuthenticationCallHandler to prevent delays when handling requests with large data payloads
7c91adc ⬆️ Upgrade json-path to v2.8.0
21a3637 ⬆️ Upgrade undertow to v2.3.5.Final and graphql-java to v20.1
e1e967e 🔒 Request content is lazily read when Request.getContent() is first invoked. This prevents unauthorized requests from utilizing system resources
afb7858 ⚡ Small performance improvement when tracing headers are not used
0413ca1 ♻️ Refactor code to generate the Location response header in PostCollectionHandler
65ac8e5 🐛 Fix #452

Full Changelog: 7.3.3...7.3.4

7.3.3

23 Mar 15:50
Compare
Choose a tag to compare

Release 7.3.3

Fix minor issues.

New commits since the previous release

  • 021d4fb - (tag: 7.3.3) Release version 7.3.3
  • d54521d - 🔧 Update native image build resource-config.json to avoid warning SLF4J: Class path contains multiple SLF4J bindings
  • 745d595 - 🔊 Add logs to monitor scanning of jars for plugins
  • d01014d - ✨ Add plugins-packages and plugins-scanning-verbose configuration parameters. Also use the number of threads equal to availableProcessors() for plugins scanning
  • 0dea144 - 🥅 Handle MongoDB error 51108 (invalid flag in regex options) to return 400 Bad Request
  • 06d8bca - Update README [skip ci]
  • a84a357 - ✨ MongoService handles DELETE /_sessions/sid to kill a session
  • dda8ab1 - Fix typos in const name [skip ci]
  • d0b8497 - Merge branch 'master' into 7.3.x
    |\
    | * 8e8e579 - Replace deprecated method [skip ci]
    | * ab7b3d1 - Replace deprecated method
  • | 93f35df - 7.3.3-SNAPSHOT [skip ci]

Full Changelog: 7.3.2...7.3.3