v0.6.6

Release Notes

• Set poolMaxLifetime in SQLite in-memory mode to infinite, in order to prevent DB deletion when the JDBC connection expires: #350
• Update Logback to 1.3.13 in order to address CVE-2023-6378: #351

v0.6.5

What's Changed

• SQL-215 ClamAV Antivirus Scanning by @milt in #347
• Add PostgreSQL v16 CI by @kelvinqian00 in #349
• Update Pedestal to v0.6.2 to address CVEs by @kelvinqian00 in #348

Full Changelog: v0.6.4...v0.6.5

v0.6.4

What's Changed

• Jetty CVE patches by @cliffcaseyyet and @kelvinqian00
• Actor delete for GDPR by @invaliduser in #330
• Support for proxied path manipulation by @cliffcaseyyet in #343

Full Changelog: v0.6.3...v0.6.4

v0.6.3

What's Changed

• Modern JRE (17+) support and crypto switched to Bouncycastle by @cliffcaseyyet in #317
• Bench Utility insert timings by @milt in #319
• Proxied JWT Bypass for trusted proxied envs by @cliffcaseyyet in #324
• Custom security https headers by @cliffcaseyyet in #329

Full Changelog: v0.6.2...v0.6.3

v0.6.2

Release Notes

• SQL-191 Added JSONB alternative storage option to config (Postgres-only) for indexing and faster read speeds.

v0.6.1

Release Notes

• Update buddy libraries to their latest versions and exclude outdated BouncyCastle dep
• Update Pedestal dependencies to 0.6.0

v0.6.0

Release Notes

• Removed H2DB support due to lack of features and bug remediation, and low adoption. Replaced with SQLite in-memory mode for any ephemeral use-cases. Contact Yet team if you were using H2 and this upgrade will cause a production issue as we can suggest migration strategies. (#297)
• Added normalized Zulu timestamps and stored time to xapi_statement table in all DBMS’ for use in analytics/BI suites. Includes automatic migration/upgrade process for existing DBs. (#298)
• Migrated other existing timestamp fields to be normalized with Zulu statement timestamp. (#300)
• Addressed CVE-2023-32697, a remote code execution vulnerability on SQLite. (#301)

v0.5.7

What's Changed

• update jetty to clear CVE-2023-26048 by @milt in #296

Full Changelog: v0.5.6...v0.5.7

v0.5.6

What's Changed

• CVE-2022-45688 add suppression for false positive on jackson by @milt in #287
• SQL-177 Test against all supported versions of PostgreSQL by @milt in #288
• Add H2 CVE suppression by @kelvinqian00 in #290
• SQL-179 Use rds-db-init for db init function in CF template by @milt in #289
• SQL-182 Set NoEcho on DefaultAdminPass to hide it by @milt in #292
• SQL-181 RDS template updates by @milt in #291
• SQL-183 GitHub Dependency Graph by @milt in #293
• SQL-186 Prevent deletion of sole admin account by @milt in #294
• SQL-187 Feature: Update Local Admin Password by @milt in #295

Full Changelog: v0.5.5...v0.5.6

v0.5.5

What's Changed

• SQL-176 add AS to postgresql timeline query so it doesn't error on 12+ by @milt in #286

Full Changelog: v0.5.4...v0.5.5