Releases: personium/personium-core
Releases · personium/personium-core
Release v1.8.3
Warning
This release contains breaking changes.
IMPROVEMENTS:
- Change the hash algorithm of signing XML signature from SHA-1 to SHA-256. (#687)
- From this version on, tokens issued by the Unit are not compatible with Unit in prior version. For details, refer to personium-lib-common#117.
MISC:
- Implement unit tests of TokenIntrospectEndpointResource. (#686)
Release v1.8.2
Warning
This release contains breaking changes.
IMPROVEMENTS:
- Unify scattered log settings into personium-unit-config. (#677)
- If you upgrade personium-core from v1.8.1 or under, replace
/personium_nfs/personium-core/eventlog/${eventlog_path}with${eventlog_path}in logback configuration file.- If you use Ansible to deploy Personium the logback.xml can found in this location:
/opt/logback/logback.xmlin AP server. - Otherwise, you can find in locations specified in classpath.
- If you use Ansible to deploy Personium the logback.xml can found in this location:
- If you upgrade personium-core from v1.8.1 or under, replace
BUG FIXES:
MISC:
- Update release workflow (#681)
Release v1.8.1
Release v1.8.0
IMPROVEMENTS:
- Supporting Java 17.(personium/personium-core#647, personium/personium-core#654)
SECURITY FIX:
- Using HTTPS in internal communications via messaging API.(personium/personium-core#45)
- Implement checks for disabling use of control characters in resource name.(personium/personium-core#655)
MISC:
- Fix tests.(personium/personium-core#649)
Release v1.7.25
NEW FEATURES:
- Add
signAPI, which is function to generate JWS (Json Web Signature) with Cell private key.
(personium/personium-core#625)
IMPROVEMENTS:
- Improve stricity about WebDAV ACL with validating XML namespace.
(personium/personium-core#629)- This improvement may contain some incompatibility. Before version
1.7.25, you could specify personium specific privileges with any namespace. From this release, you must specify Personium namespace (urn:x-personium:xmlns) when you use personium specific WebDAV privileges.
- This improvement may contain some incompatibility. Before version
MISC:
- Refactoring codes of test utilities. (personium/personium-core#626)
- Update copyright year to 2022. (personium/personium-core#635)
Release v1.7.24
SECURITY UPDATES:
- Update elasticsearch version to 6.8.22 to address log4j2 vulnerability - CVE-2021-44228, CVE-2021-45046, CVE-2021-45105
IMPROVEMENTS:
- Enhance the official OpenID Connect plugin to reload Jwks from OpenID provider Jwks endpoint
(personium/personium-plugins#21)
Release v1.7.23
NEW FEATURES:
- Create AuthPluginLoader interface to load multiple authentication plugins (personium-plugin-base#23)
- Enhance the official OpenID Connect plugin, which is loaded by default (#614 ,personium-plugins#15)
- Support for all generic OpenID Providers, not just Google, which was already supported
- AuthPluginLoader support allows multiple OpenID Providers to be configured
IMPROVEMENTS:
- Update dependent software versions
Release v1.7.22
IMPROVEMENTS:
- Implement for relaying request of dynamic path service execution (#593)
- Use java 7+ nio file APIs for more flexible and precise File handling (#579)
- Should respond error when accessed via domain name different from the one configured in Unit Certificate (#535)
- Update elasticsearch version 6.8.15 (#602)
BUG FIXES:
- WebDAV MOVE fails on subdomain-based mode (#553)
- Box metadata falsely returns "ready" at the initial instant of bar installation (#574)
- Unit test case ObjectIoTest.marshal_Acl failed when PathBasedCellUrl is enabled. (#581)
- Modifying error message for unsupported grant type (#595)
MISC:
- Implementing multi-stage Dockerfile (#594)
- Update checkstyle version and check rules
- Updating forkflow scripts for Releasing (#599)
- move properties from pom to src/test/resources (#601)
NOTES:
- Use personium-engine 1.5.28 for this version of personium-core
Release v1.7.21
BREAKING CHANGES:
-
Exported bar file now does not use a "personium-localunit:" URL (#512)
- Base Url in 00_meta/90_rootprops.xml
- 1.7.17 and before
https://{cellName}.{domain}/__role/{boxName} - 1.7.18-20:
personium-localunit:{cellName}:/__role/{boxName} - 1.7.21 and later:
https://{cellName}.{domain}/__role/__/
- 1.7.17 and before
- Bar file export / import compatibility
- Bar file exported from 1.7.18-20
Not importable to any version - Bar file exporeted from 1.7.17 and earlier
Importable to any versions (after 1.6.10) - Bar file exporeted from 1.7.21 and later
Importable to any versions (after 1.6.10)
- Bar file exported from 1.7.18-20
- Base Url in 00_meta/90_rootprops.xml
-
Role Url in TranceCellAccessToken/VisitorRefreshToken are now Role Class URL (See)
-
personium-core.log (Java Web Application log) format changed
-
Default request key (Unique identifier of each request in log files) format changed
BUG FIXES:
- When Unit FQDN is less than 14 letters long, token parsing may possibly fail. (#518)
- Refreshed visitor access token does not have Roles directly assigned from ExtCell. (#516)
IMPROVEMENTS:
- Upgraded personium-lib-common to 1.5.3
- Now Personium unit can also be configured with OS environment variables and system properties.
- Configuration priority
- Java system properties
- OS environment variables
- Unit config file (personium-unit-config.properties in class path or any file whose location specified with java system propety "io.personium.configurationFile")
- Default configuration (personium-unit-config-default.properties bundled in personium-core.war file)
- Configuration priority
NOTES:
- Use personium-engine 1.5.27 for this version of personium-core
Release v1.7.20
BUG FIXES:
- When grant code is used at token end point to issue an access token, the token subject does not have the association with the roles that should be allocated to it. (#501)
- Presenting grant code with confidentialClient app auth token at token endpoint fails for schema mismatch. (#506)
- Some OData keys in URLs including
__idfor OData service collection entity sets is not escaped in response payload items such as__metadata.uri. (#486)