-
Notifications
You must be signed in to change notification settings - Fork 116
/
Copy pathchangelog-2.adoc-include
454 lines (256 loc) · 22.3 KB
/
changelog-2.adoc-include
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
////
Note: this file (changelog-2.adoc-include) is generated automatically.
Do not make manual changes in this file, as they will be lost.
If you want to add changelog entries, create a new file in changelog/src/changelog/entries/... and run creation of the changelog with
mvn -pl changelog install
////
[[v3.0.6]]
== 3.0.6 (26.03.2025)
[[v3.0.5]]
== 3.0.5 (13.03.2025)
icon:plus[] Documentation: References to the MariaDB official documentation have been added.
[[v3.0.4]]
== 3.0.4 (26.02.2025)
icon:check[] Auth: The JWT auth cookie will now have the `HTTPOnly` flag set.
[[v3.0.3]]
== 3.0.3 (12.02.2025)
icon:check[] GraphQL: A case of using a GraphQL native filter for a string field against a UUID value, resulting in an exception, has been fixed.
icon:check[] Image Manipulation: A periodic cleanup for files in the image cache has been added, which can be
configured with the new configuration options `image.imageCacheCleanInterval` (for the interval for running the cleanup)
and `image.imageCacheMaxIdle` (for the maximum allowed file age). Both values must be set in ISO 8601 duration format.
By default, `image.imageCacheCleanInterval` is set to `PT0S` (0 seconds), which deactivates the periodic cleanup.
[[v3.0.2]]
== 3.0.2 (29.01.2025)
icon:check[] Core: The processing of binaries has been refactored, targeting possible binary data leftovers being eliminated after the binary content is updated or deleted. Also, two new async consistency check have been added, for the detection of binary data with no corresponding database records (repairable) and binary database records with no corresponding binary data (for the automated testing purposes, not repairable).
[[v3.0.1]]
== 3.0.1 (16.01.2025)
icon:check[] Core: The node deletion rules has been strictened, to avoid internal deletion API misusage.
icon:check[] GraphQL: Data fetchers have been speed up on native filtering of the nodes with node fields, by fixing the proper context detection, so complex multi-inclusion queries (navigation) run up to 10x faster.
icon:check[] Cache: The Image Cache refactoring, which was done in a previous hotfix release introduced an error which caused creation of empty folders in the old structure as well. This has been fixed.
Also the migration process has been fixed to really remove all folders of the old structure, even if they are empty or contain cache files of binaries that were deleted before.
icon:check[] Auth: A crash on retrieving principal user's referenced node has been fixed.
icon:check[] Clustering: Autodiscovery of cluster member nodes in a kubernetes environment did not work (Mesh instances failed to start) due to an incorrect dependency, which has been removed now.
icon:check[] GraphQL: A natively filtered paginated data set contains incorrect values for current page and total page number. This has been fixed.
icon:check[] Core: The paged data sets contain different data, when being produced by native and legacy filtering, and/or sorting, under some circumstances. This has been fixed.
[[v3.0.0]]
== 3.0.0 (09.12.2024)
icon:bullhorn[] Core: The storage layer has been replaced from the included OrientDB to the Hibernate ORM based solution, allowing the usage of 3rd party SQL RDBMS as a structured data storage. The supported database for Mesh OSS is MariaDB 10.7+. Additionally, an in-memory mode HSQLDB is supported for the testing purposes.
icon:plus[] Some library dependencies have been updated to the latest hotfix versions.
icon:plus[] SQL: The Liquibase library, responsible for the fluent update of the low level relational database structure, has been updated to the version @4.29.2@.
icon:plus[] Core: An Apache Tika file parsing dependency has been updated to the version `2.9.2`.
icon:plus[] Search: Adds compliance mode ES_8 for Elasticsearch 8.x.
icon:plus[] Clustering: The Hazelcast library, responsible for the cluster instances orchestration, has been updated to the version @5.5.0@.
[[v2.1.17]]
== 2.1.17 (25.03.2025)
icon:check[] Indexing: At some circumstances an indexing engine crash is possible, when the changes, triggering the (re)indexing on updated or deleted data, come too quickly. This has been fixed.
icon:check[] OAuth: If a new set of groups/roles has been attached to the Mesh user during the OAuth login session, these groups/roles are not used in the filtering during the same session. This has been fixed.
icon:check[] Core: When an empty payload is sent to the binary field update function, a new version of a content, being updated, is produced, containing no changes. This has been now fixed, and the content stays old in this case.
icon:check[] S3: When a S3 image is transformed, the transformation result can be never returned to the client at some cases, because of a false cache path provided by the transformation service. This has been fixed.
[[v2.1.16]]
== 2.1.16 (12.03.2025)
icon:check[] The dependency on nashorn-core has been updated to 15.6.
This fixes startup errors in plugins (like the comment plugin) which uses precompilation of handlebars templates to javascript.
icon:check[] Logging: Some sensitive configuration entries were eliminated from the logging.
[[v2.1.15]]
== 2.1.15 (25.02.2025)
icon:check[] Auth: The JWT auth cookie will now have the `HTTPOnly` flag set.
[[v2.1.14]]
== 2.1.14 (11.02.2025)
icon:check[] Image Manipulation: A periodic cleanup for files in the image cache has been added, which can be
configured with the new configuration options `image.imageCacheCleanInterval` (for the interval for running the cleanup)
and `image.imageCacheMaxIdle` (for the maximum allowed file age). Both values must be set in ISO 8601 duration format.
By default, `image.imageCacheCleanInterval` is set to `PT0S` (0 seconds), which deactivates the periodic cleanup.
[[v2.1.13]]
== 2.1.13 (28.01.2025)
icon:check[] Core: The processing of binaries has been refactored, targeting possible binary data leftovers being eliminated after the binary content is updated or deleted. Also, two new async consistency check have been added, for the detection of binary data with no corresponding database records (repairable) and binary database records with no corresponding binary data (for the automated testing purposes, not repairable).
[[v2.1.12]]
== 2.1.12 (16.01.2025)
icon:check[] Cache: The Image Cache refactoring, which was done in a previous hotfix release introduced an error which caused creation of empty folders in the old structure as well. This has been fixed.
Also the migration process has been fixed to really remove all folders of the old structure, even if they are empty or contain cache files of binaries that were deleted before.
icon:check[] GraphQL: A natively filtered paginated data set contains incorrect values for current page and total page number. This has been fixed.
[[v2.1.11]]
== 2.1.11 (09.12.2024)
icon:check[] Core: The node deletion rules has been strictened, to avoid internal deletion API misusage.
icon:check[] GraphQL: Data fetchers have been speed up on native filtering of the nodes with node fields, by fixing the proper context detection, so complex multi-inclusion queries (navigation) run up to 10x faster.
icon:check[] Auth: A crash on retrieving principal user's referenced node has been fixed.
[[v2.1.10]]
== 2.1.10 (06.11.2024)
icon:plus[] Core: Now it is possible to sort over binary metadata, node reference and micronode non-list fields.
[[v2.1.9]]
== 2.1.9 (23.10.2024)
icon:check[] Cache: Image cache has been refactored, utilizing now simpler structure with less folder depth.
icon:check[] Core: A potential data loss on an edge case of node migration over several schema versions, including field name/type change, has been fixed.
icon:check[] Documentation: A missing query parameters documentation for the `/search` and `/{{project}}/search` has been added.
[[v2.1.8]]
== 2.1.8 (09.10.2024)
icon:check[] Image Manipulation: The validation of resize width and height have been fixed to also properly handle values set to "auto" in the request.
icon:check[] GraphQL: The library for handling GraphQL Filters in Java has been updated to fix inconsistent behaviour when filtering nodes with fields of type "date" or "number",
which had the field set to null.
Before the fix, such nodes were never returned regardless of the used filter. Now the behaviour is identical to filters on fields of other types (such as "string" or "boolean") so that
null values will not natch when compared to non-null values, but the negation with "not" will match.
[[v2.1.7]]
== 2.1.7 (01.10.2024)
icon:check[] Core: A crash, caused by duplicated nodes in a GraphQL resulting set, has been fixed.
[[v2.1.6]]
== 2.1.6 (13.09.2024)
icon:check[] Core: The Vert.x Handlebars engine dependency has been patched, to replace the vulnerable Apache `commons-text` dependency, targeting `CVE-2022-42889`.
[[v2.1.5]]
== 2.1.5 (28.08.2024)
icon:check[] Core: A crash has been fixed on an attempt of (micro)node migration over non-adjacent (micro)schema versions.
[[v2.1.4]]
== 2.1.4 (07.08.2024)
icon:check[] Documentation: The check/repair API calls are better documented in regards of an async processing. The logging documentation is extended with format examples.
[[v2.1.3]]
== 2.1.3 (26.06.2024)
icon:check[] Elasticsearch: An Elasticsearch Java Client has been updated to the version `1.1.2`, containing the corrections to the connection failure processing mechanism. The Elasticsearch activity idle checking has been improved to be more proof of the unstable connections.
[[v2.1.2]]
== 2.1.2 (14.05.2024)
icon:check[] GraphQL: A combination of similar queries with different names and filter parameters, running over native filtering, that produces incorrect results, has been fixed.
[[v2.1.1]]
== 2.1.1 (02.05.2024)
icon:check[] The library used to process webp images has been changed due to JVM errors when running in an `alpine` based image.
[[v2.1.0]]
== 2.1.0 (26.04.2024)
icon:plus[] Some dependencies have been updated:
* VertX: 4.5.7
* GraphQL: 21.5
* GraphQL Dataloader: 3.2.2
* PF4j: 3.11.0
* Hazelcast: 3.12.13
* Jackson: 2.17.0
* SnakeYAML: 2.2
* Log4j: 2.23.1
* SLF4j: 2.0.13
* Logback: 1.5.5
* Commons IO: 2.16.1
* RAML Parser: 0.8.40
* JSON Path: 2.9.0
* JSoup: 1.17.2
* Jettison: 1.5.4
* Netty: 4.1.108.Final
* Image IO: 3.10.1
icon:plus[] Plugins: An option for connection over HTTP/2 for the Mesh plugins have been added.
icon:plus[] The endpoint `GET /auth/login` now also supports login via the Authentication Bearer request header (using an API token).
icon:plus[] Image manipulation: Adds support for WebP images.
icon:plus[] Core: Usage of application level protocol negotiation (aka ALPN) can be now configured via Mesh Options.
icon:plus[] Java Rest client: REST client can now choose the HTTP protocol version to use for the Mesh connection. Possible values: DEFAULT (current default support of the carrier HTTP client library, default value), HTTP_1_1, HTTP_2.
icon:plus[] Now it's possible to use generated Mesh API key for the login request, with `apikey` string body parameter.
icon:plus[] REST: A new 'languages' endpoint has been added, providing the list of the installed languages, as well as the lookup over UUID or 2-character language tag.
icon:plus[] Core: The on-demand image manipulation feature has been refactored for DDoS protection. The new image manipulator option, `mode`, has been added with the following values:
`ON_DEMAND` keeps already existing behaviour with creating/reusing the image variant automatically on each request,
`MANUAL` requires an extra step of calling the image variant creation REST API prior to the variant serve, `OFF` disables the feature completely. A set of REST API calls has been added for the image variants manipulation.
The GraphQL `nodes` call has been extended to filter/serve over the image variants of a selected binary field, if applicable.
icon:plus[] Search: Several enhancements have been applied to the content, sent to the search engine for the indexing. Each (micro)schema is presented a `noIndex` flag, marking the content of the (micro)schema as excluded from the indexing. Each (micro)schema field is presented a similar `noIndex` flag.
By default no flag is set, meaning the content to be indexable. This feature serves security purposes, preventing the sensible information from leaking through the search engine.
icon:plus[] REST: A new HttpServer option, `minifyJson`, has been added to control over the REST API payloads being pretty printed for readability, or minified for resource save. An analogous setting has been added to the Java `MeshRestClient`.
Default value is `true`, so the payload minification is turned on, which is a @breaking@S change, if one expects the pretty-formatted output.
[[v2.0.20]]
== 2.0.20 (17.04.2024)
[[v2.0.19]]
== 2.0.19 (20.03.2024)
icon:check[] GraphQL: A regression of missing common `and`, `or`, `not` top level filters has been fixed.
[[v2.0.18]]
== 2.0.18 (06.03.2024)
icon:check[] REST client: The configuration now allows adding default parameter provider for query parameters, that should be added to every request (unless overwritten).
Tests: The tests API has been extended to allow tests which do not reset the database between test cases.
[[v2.0.17]]
== 2.0.17 (28.02.2024)
icon:check[] GraphQL: In cases of long running GraphQL requests, some other GraphQL requests were queued and executed after the long running request, even if enough workers were still
available. The behaviour has been changed, so that GraphQL requests will only be queued, if all workers are currently busy.
icon:check[] Cache: The permission cache has been fixed to always return copies of the actually cached entries.
[[v2.0.16]]
== 2.0.16 (22.02.2024)
icon:check[] Core: Creating a translation for the root node of a project always failed with a "Bad Request" error, which has been fixed.
icon:check[] Elasticsearch: A full access to the data backed by ES has been given to the admin users.
icon:check[] Cache: A mechanism of reattaching the cached entity to the persistence context has been introduced, allowing implementations of smarter cache policies.
Cache: Because of a flawed cache invalidation strategy, the project stayed on an old 'latest' branch, even if a new one has been assigned, until the caches are invalidated, or a restart is triggered. This has been fixed.
icon:check[] Because of a flawed cache invalidation strategy, the project stayed on an old 'latest' branch, even if a new one has been assigned, until the caches are invalidated, or a restart is triggered. This has been fixed.
icon:check[] A regression regarding OAuth user filtering has been fixed.
Minor improvements in authentication-related utilities Java API, allowing more control over authentication URL management.
icon:check[] REST: When requesting sorted data, the permission limitations are violated. This has been fixed.
[[v2.0.15]]
== 2.0.15 (08.02.2024)
icon:check[] GraphQL: When an inexisting language has been requested for a node, the schema info was not loaded as well. This has been fixed.
icon:check[] Elasticsearch: A possibility of DDoSing the ES with a bulk request of too many items has been eliminated.
icon:check[] Auth: Synchronization of users, groups and roles from AuthServicePlugin implementations (like the keycloak plugin) has been improved for performance and stability.
icon:check[] REST client: Improves error handling for WebSocket errors.
icon:check[] REST: The endpoints for invoking a consistency check/repair now have a new query parameter `async` which allows to perform the action as a background job instead of synchronously.
Core: Updating and publishing a node in a single request has been optimized to only create a single new version of the content.
[[v2.0.14]]
== 2.0.14 (24.01.2024)
icon:check[] GraphQL: Fetching of micronode fields has been improved to allow batch loading.
[[v2.0.13]]
== 2.0.13 (10.01.2024)
icon:check[] GraphQL. Some of (micro)schema fields related queries rely on the target (micro)schema having at least one field, crashing in HTTP 500 otherwise. This has now been fixed.
icon:check[] REST: The documentation of the generic parameter `fields` has been fixed. Now `fields` works over the Language entities as well, the values are `uuid`,`name`,`languageTag`,`nativeName`.
[[v2.0.12]]
== 2.0.12 (20.12.2023)
icon:check[] Core: Unnecessary uniqueness checks for segment fields will now be avoided, when updating nodes.
icon:check[] GraphQL: More test cases for sorting have been added.
icon:check[] Auth: The unnecessary logging of outdated/mismatched auth token has been removed.
icon:check[] GraphQL: The overall performance of GraphQL requests has been improved by caching the GraphQL schemas.
icon:check[] Core: Now it is not allowed to set a new password to an empty or invalid (e.g. spaces) string.
[[v2.0.11]]
== 2.0.11 (06.12.2023)
icon:check[] Core: A regression of creation of the named entities has been fixed.
icon:check[] Core: Improve the internal Java API of the list field creation, targeting better batch performance.
icon:check[] Core: Improve the internal Java API for granting and revoking permissions.
[[v2.0.10]]
== 2.0.10 (19.11.2023)
icon:check[] Core: The cache internal Java API has been presented a new constructor, allowing using the weight instead of entity number for the cache size calculations, as well as some new statistics getters.
icon:check[] Tests: Added set of tests of uniqueness of the named entities on a database level.
icon:check[] GraphQL: `referencedBy` field fetcher has been refactored for more optimal batch loading.
icon:check[] Core: Now caches treat NULL as a valid value, instead of a constant miss.
[[v2.0.9]]
== 2.0.9 (03.11.2023)
icon:check[] GraphQL: Performance optimizations of the Elasticsearch-based requests.
icon:check[] Core: The new configuration option `vertxOptions.orderedBlockingHandlers` allows to change the behaviour of concurrent handling of "long running" requests
(requests that modify data or GraphQL requests). If the option is set to `true` (default value) such requests will be run in order (per http verticle) and never concurrently.
As a consequence, it may happen that e.g. GraphQL requests are queued for some time if some other requests are currently handled.
If the option is set to `false`, blocking requests will only be queued, if all threads of the worker pool are currently busy.
icon:check[] GraphQL: Some more multithreading issues with initialization of GraphQL have been fixed.
icon:check[] Core: Requests to branches failed with an internal error, if monitoring was disabled. This has been fixed.
[[v2.0.8]]
== 2.0.8 (18.10.2023)
icon:check[] GraphQL: Parent loading has been speeded up by using a batch data loading.
icon:check[] Search: Minor logging changes in the search engine, making it less annoying.
icon:check[] GraphQL: When the very first GraphQL Queries (after starting the Mesh instance) were executed in parallel, it could happen that
GraphQL execution failed with some internal errors. This has been fixed.
[[v2.0.7]]
== 2.0.7 (04.10.2023)
icon:check[] Core: More NPE occurrences during the massive concurrent publishing process have been fixes.
[[v2.0.6]]
== 2.0.6 (20.09.2023)
icon:check[] Core: When running in the massive concurrent publishing process, it is possible to run into a race condition when some field containers are already processed while being referenced by the edge,
throwing an NPE. This has now been fixed.
[[v2.0.5]]
== 2.0.5 (05.09.2023)
icon:check[] GraphQL: Link resolving in graphql queries ignored the language tags in the links. This has been fixed.
icon:check[] Java Rest Client: After logging in with the `login()` method, the login token was never refreshed, which caused it to expire after the configured token expiration time (per default 1 hour),
even if the client was used to do requests. This has been changed now, so that the login token in the client will be refreshed on every request to mesh.
icon:check[] Clustering: Calling cluster specific REST Endpoints on non-clustered instances could cause internal server errors. The behaviour has been changed so that
a "Bad Request" error is returned containing a proper error message.
icon:check[] Mesh Rest Client: An error has been fixed, which prevented sorting parameters from being passed to the endpoint.
icon:check[] GraphQL: The metadata request does not crash anymore on the empty (micro)schemas. The new related filter, `isEmpty`, has been added as well.
[[v2.0.4]]
== 2.0.4 (23.08.2023)
[[v2.0.3]]
== 2.0.3 (11.08.2023)
icon:check[] Plugins: Logging fixed upon false triggering of a warning of inexisting role/group connection.
icon:check[] Core: All named instances have been presented an own cache.
icon:check[] Java filter for Node reference content field has been fixed. Native filtering pagination has been improved. Some other minor stability fixed applied.
[[v2.0.2]]
== 2.0.2 (26.07.2023)
icon:check[] Core: An internal API for efficient loading of list field values has been added.
icon:check[] Core: Uniqueness checks for webroot url field values will now only be done, if those values actually change. This will improve performance of e.g. schema migrations, where the webroot url field values are likely to not change.
[[v2.0.1]]
== 2.0.1 (13.07.2023)
icon:check[] Clustering: Due to an incorrect check, it was possible that migration jobs could complete without actually migrating anything, when run in a clustered environment with disabled coordination mode.
[[v2.0.0]]
== 2.0.0 (29.06.2023)
icon:plus[] Core: Support of database level filtering/sorting has been added to the low level Java API.
icon:plus[] GraphQL: Added new filters for field types: list, micronode, (s3)binary. Added a new experimental filter for referencedBy nodes.
icon:plus[] GraphQL: A simplified, native filtering friendly version of `regex` string operation, `like`, has been added, accepting wildcards `%` as a zeroable set of characters, e.g. `like: "hello%world"` requests filtering in the strings, that start with `hello`, end with `world` and have zero-to-unlimited number of any characters in between.
icon:plus[] GraphQL: Support of database level filtering/sorting has been added. New `sort` parameter in added for structured sorting, forcing the usage of DB filtering. New GraphQL parameter `nativeFilter`
is added to the selected entity lookup methods, with options `NEVER` (old filtering is forced), `ALWAYS` (DB filtering is forced), `IF_POSSIBLE` (if the requested filter is supported by a DB, DB filtering is used, otherwise filtering is fallen back to the old filter mechanism).
Please note that not all the currently existing filters are supported by the DB.