Skip to content

Tyk Gateway 5.0.11 and Tyk Dashboard 5.0.11
Compare
Choose a tag to compare
@ilijabojanovic ilijabojanovic released this 09 Apr 18:17
· 717 commits to master since this release
v5.0.11
894ca3f
This commit was created on github.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Tyk Gateway 5.0.11

Caveat

  • This version contains an unintended side-effect for users of DocumentDB introduced in v5.0.7 such that APIs are blocked from deletion APIs within the persistent storage. This has been fixed in v5.0.12 and v5.3.1

Fixed

  • Addressed a memory leak issue in Tyk Gateway linked to a logger mutex change introduced in v5.2.4. Reverting these changes has improved connection management and enhanced system performance.
  • Fixed an issue where reloading a bundle containing JS plugins could cause the Gateway to panic.
  • An issue was identified where the encoding from the GQL upstream cache was causing readability problems in the response body. Specifically, the upstream GQL cache was utilizing brotli compression and not respecting the Accept-Encoding header. Consequently, larger response bodies became increasingly unreadable for the GQL engine due to compression, leading to usability issues for users accessing affected content. The issue has now been fixed by adding the brotli encoder to the GQL engine.
  • We have optimised the allocation behaviour of our sliding window log rate limiter implementation (Redis Rate Limiter). Previously the complete request log would be retrieved from Redis. With this enhancement only the count of the requests in the window is retrieved, optimising the interaction with Redis and decreasing the Gateway memory usage.
  • Fixed a performance issue when certain claims are present in the JWT. Tyk uses specific claims (clientId, cid and client_id) to identify certain external IDPs and, if the provided claim matches one of these "reserved" values then Tyk will attempt to contact that IDP. We have introduced a new flag that can be configured in the API Definition to skip this mapping: idp_client_id_mapping_disabled (Tyk Classic API Definition) / idpClientIdMappingDisabled (Tyk OAS API Definition).
  • We fixed a bug in the Tyk OAS Validate Request middleware where we were not correctly validating date-time format schema, which could lead to invalid date-time values reaching the upstream services.
  • In this release, we fixed automated token trimming in Redis, ensuring efficient management of OAuth tokens by implementing a new hourly job within the Gateway and providing a manual trigger endpoint.
  • Update Tyk OAS API definition json schema to validate the domain name in upstream certificates and public key pinning

Tyk Dashboard 5.0.11

Fixed

  • Removed strict validation over description field in mock response when using Tyk OAS, for the response status codes and headers
  • Moved all HTML inline scripts to their own script files, to accommodate the Content security policies that have been enabled, to increase security.
  • Fixed an issue where applying security policies to large numbers of APIs took a long time. We’ve implemented bulk processing in the validation step at the api/portal/policies/POLICY_ID endpoint, resulting in an 80% reduction in the time taken to apply a policy to 2000 APIs.
  • Improved the documentation to explain the usage of PUT /admin/organisations/{ORG_ID}
Assets 2
Loading