Camunda Platform 8.0.12

Zeebe

Enhancements

Misc

• Docker: Allow running zeebe with a read-only root filesystem (#11876)
• Docker: Running the zeebe process with an unprivileged user by default (#11784)

Bug Fixes

Misc

• Zeebe java client didn't get the region from the configuration (#11846)
• ZeebeCallCredentials#applyRequestMetadata should not block a thread (#11816)
• Two raft nodes caught in an election loop (#11665)

Merged Pull Requests

• feat(docker): read only root filesystem support (#11877)
• added region property to client properties (#11870)
• Add warning for even replication factor (#11831)
• fix(clients/java): make a ZeebeCallCredentials#applyRequestMetadatacall non-blocking (#11817)
• fix(docker): data and logs mount for unprivileged user (#11800)
• [Backport stable/8.0] chore(release): use new 8 core runner (#11793)
• chore(docker): update eclipse-temurin docker tag (stable/8.0) (#11754)
• Candidate steps down if election timesout with out success or failure (#11743)
• deps(maven): bump byte-buddy from 1.12.8 to 1.12.23 (#11727)
• deps(maven): bump dmn-engine from 1.7.2 to 1.7.4 (#11725)
• chore(ci): resolve non camunda artifacts via central (#11656)
• fix(ci): backport action from main to stable branch (#11653)
• fix(ci): use input branches to run qa/e2e tests (#11651)

Operate

No changes

Tasklist

No changes

Identity

💊 Bugfixes

• security upgrade styled-components from 5.3.5 to 5.3.7 (#1652)
• set content security policy header (#1620) (#1644)
• define max size for string properties (#1594) (#1629)
• set secure attribute for cookies (#1596) (#1627)
• set HSTS header with recommended params (#1605) (#1628)
• management-api/pom.xml to reduce vulnerabilities (#1615)
• security - upgrade alpine base image to fix CVEs (#1598)
• upgrade action versions to remove deprecation warnings (#1580) (#1591)

🧹 Chore

• identity team GHA workflow to use the CI Nexus instead of connecting to Artifactory directly (#1552) (#1583)