v2.1.4

Addressed Issues

• Update versions for apigee-remote-service-envoy (v2.1.4) and apigee-remote-service-golib (v2.1.3) versions.

Changelog

• fbd2dac Merge pull request #260 from apigee/bump-versions
• 2fba74e Bump envoy (v2.1.3 -> v2.1.4) and golib (v2.1.2 -> v2.1.3) versions

v2.1.3

Addressed Issues

• Fixes issue where quota buckets were deleted while in use, causing a brief period between refreshes where quota was prematurely reset.

Changelog

• 647d526 Add condition to validate bucket is not in-use before deleting

This change only affects the Envoy Adapter runtime (binary / docker image), there is no need to re-provision Apigee.

v2.1.2

Notes

• This release only affects the Apigee proxy on Google-hosted instances
• If upgrading from a prior version, please provision using --force-proxy-install to upgrade your Apigee proxy.

Changelog

• 1b352db more robust parsing of dpcolor to a semver (#254)

v2.1.1

Addressed Issues

• panic can occur during quota sync

Changelog

• 367fc3e v2.1.1

This change only affects the Envoy Adapter runtime (binary / docker image), there is no need to re-provision Apigee.

v2.1.0

Changelog

• dfffe84 v2.1.0
• b21bce7 Add the 'application_id' claim to the '/verifyApiKey' response
• 44c9c1e remove test call to prod server

v2.0.7

If upgrading from a prior version, please provision using --force-proxy-install to upgrade your Apigee proxy.

New Features

• JWTs can now add a claim named "customattributes" that will pass the value on to the target in a header called "x-apigee-customattributes" (if "append_metadata_headers" is configured to be true).

Addressed Issues

• Addresses an issue where an invalid api key could create spurious log entries and analytics records
• Removes a deprecated version check in a proxy that can cause issues in newer versions of Apigee

Changelog

• 7154a5f update libs to v2.0.7
• 4e92128 allstar should ignore apigee callouts (#250)
• 26e7a40 update envoy dep
• 13b7829 remove legacy products callout (#248)

v2.0.6

Addresses a Denial of Service (DoS) vulnerability in a dependency library. See the following notice for more details:

https://www.cve.org/CVERecord?id=CVE-2022-28948

Note: This change affects the Envoy Adapter runtime (binary / docker image) and CLI. Apigee proxies are unaffected, thus there is no need to re-provision Apigee.

Changelog

• 0556dc4 update deps (#247)

v2.0.5

Security release to address a Denial of Service (DoS) risk in the promethus library. See the following notice for more details:

https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMPROMETHEUSCLIENTGOLANGPROMETHEUSPROMHTTP-2401819

Note: This change only affects the Envoy Adapter runtime (binary / docker image), there is no change to the CLI or Apigee proxies, thus there is no need to re-provision Apigee.

Changelog

• 415ca3e update deps for v2.0.5 (#243)

v2.0.4

• Add Envoy 1.18, 1.19 and 1.20, Istio 1.10, 1.11 and 1.12 to the supported template list in samples command.

Note: There is no change to the provision command and no need to re-provision to Apigee.

Changelog

• 2706222 update deps (#237)
• 2e91691 expand supported versions of envoy and istio (#235)

v2.0.3

Envoy Adapter v2.0.3 is a patch release that fixes an analytics logging issue with direct responses under certain circumstances.

CLI is unchanged. There is no need to re-provision to Apigee.

Changelog

1ed9016 update internal deps (#224)