Skip to content

Tyk Gateway v5.2.3 and Tyk Dashboard v5.2.3
Compare
Choose a tag to compare
@ilijabojanovic ilijabojanovic released this 20 Nov 22:32
· 516 commits to master since this release
v5.2.3
9416376
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Tyk Gateway v5.2.3

Caveat

  • This version contains an unintended side-effect for users of DocumentDB introduced in v5.2.2 such that APIs are blocked from deletion APIs within the persistent storage. This has been fixed in v5.0.12 and v5.3.1

Fixed

  • Improved the behaviour when using JWTs if the MDCB (Multi Data Centre Bridge) link is down: the Gateway will no longer be blocked attempting to fetch OAuth client info. We’ve also enhanced the error messages to specify which type of resource (API key, certificate, OAuth client) the data plane Gateway failed to retrieve due to a lost connection with the control plane.
  • Fixed an issue where the session object generated when creating a Custom Key in a Go Plugin did not inherit parameters correctly from the Security Policy.
  • Fixed a minor issue with Go Plugin virtual endpoints where a runtime log error was produced from a request, even if the response was successful. Thanks to @uddmorningsun for spotting this and proposing a fix.
  • Fixed a bug where a customer could accidentally provide a Public Key instead of a Certificate to an mTLS request. This would bring down all the Gateways it’s published on, making them unresponsive to any attempt to communicate over HTTPS. Now Tyk will not announce the Public Key during the mTLS handshake.
  • Fixed a bug where Tyk would not automatically detect the installed Python version if that had multiple digits in the minor version (e.g. Python 3.11).
  • Bumped golang.org/x/net to 0.17.0, updating the direct dependency to partially resolve CVE-2023-44487. As Go embeds this in the standard library, we only partially resolve the CVE due to an older Go version in use. To mitigate the vulnerability, users are advised to disable HTTP/2 at this time by setting enable_http2 to false.

Added

  • Implemented a tyk version command that provides more details about the Tyk Gateway build. This prints the release version, git commit, Go version used, architecture and other build details.
  • Implemented a backoff limit for GQL subscription connection retry. Previously the Gateway was attempting to reconnect endlessly, with this limit the reconnection attempts will happen in the following intervals: 2s, 4s, 8s, 16s and 32s and after that the Websocket connection will be closed.
  • Added a new option for Tyk to use the default version of an API if the requested version does not exist. This is referred to as falling back to default and is enabled using a configuration flag in the API defintion; for Tyk OAS APIs the flag is fallbackToDefault, for Tyk Classic APIs it is fallback_to_default.

Tyk Dashboard v5.2.3

Fixed

  • Fixed a bug in the Tyk Dashboard API where passing a non-integer value as the pagination query parameter p to the /api/logs endpoint could lead to an out-of-memory scenario as the Dashboard would attempt to retrieve all logs in the system. Tyk will now return an HTTP 400 Bad Request response if a non-integer value is provided. This fix mitigates the risk of accidentally or deliberately causing Tyk Dashboard to stop responding.
  • Fixed a bug in the API Designer that prevented dragging to re-size the OPA editor.
  • Fixed a bug where searching for a User in the Tyk Dashboard didn't match partial user names.
  • Fixed a bug where Tyk Dashboard was unable to retrieve certificates from a Tyk Gateway if the Gateway version was <4.1 and Dashboard version was >=4.1. This was due to a change made in the 4.1 versions to the way certificate details are retrieved in dashboard; in the newer versions, we can view more detail of the certificates. Now you can use Tyk Dashboard with any version of the Tyk Gateway and still retrieve and view certificate details.
  • Fixed a bug in the Tyk Classic API Designer where if you changed the protocol for an API (for example from HTTP to HTTPS) then the authentication mechanism would be automatically set to Authentication Token.
  • Fixed a bug in the Tyk Classic API Designer where it was not possible to configure External OAuth authentication for an API using the Raw API Definition screen. The Dashboard would always set use_standard_auth to true, which actually enables Auth Token authentication.
  • Fixed a bug with failed GQL subscriptions between the upstream and the Dashboard UI. When an upstream subscription was disconnected and later reconnected, the UI did not update to reflect the reconnection, preventing the seamless consumption of messages. Now the Dashboard UI can continue consuming messages after upstream reconnects.

Contributors

uddmorningsun
Assets 2
Loading