Releases: KorAP/Kustvakt
Kustvakt version 0.66
** Warning **
This release includes database change on OAuth2 access and refresh token tables, and Krill changes on index fingerprints, that may break previous installations. Existing cache built by client apps e.g. R-KorAP-Client should be removed and rebuilt.
New features
- a new admin API to remove invalid (expired and revoked) OAuth2 tokens
Updates
- Re-implemented admin filter
- Added foreign keys to the DB tables of access and refresh token scopes.
Library updates
- Bump nimbus-jose-jwt from 9.20 to 9.21 in /full by @dependabot in #338
- Bump maven-compiler-plugin from 3.10.0 to 3.10.1 in /full by @dependabot in #339
- Bump maven-compiler-plugin from 3.10.0 to 3.10.1 in /lite by @dependabot in #340
- Bump maven-compiler-plugin from 3.10.0 to 3.10.1 in /core by @dependabot in #341
- Bump flyway-core from 8.5.0 to 8.5.3 in /core by @dependabot in #342
- Bump unboundid-ldapsdk from 6.0.3 to 6.0.4 in /full by @dependabot in #346
- Bump flyway-core from 8.5.3 to 8.5.4 in /core by @dependabot in #345
- Bump mockserver-netty from 5.12.0 to 5.13.0 in /lite by @dependabot in #347
- Bump hibernate.version from 5.6.5.Final to 5.6.7.Final in /full by @dependabot in #348
- Bump mockserver-netty from 5.12.0 to 5.13.0 in /full by @dependabot in #349
- Bump spring.version from 5.3.16 to 5.3.17 in /core by @dependabot in #350
- Bump hibernate.version from 5.6.5.Final to 5.6.7.Final in /core by @dependabot in #351
- Bump joda-time from 2.10.13 to 2.10.14 in /core by @dependabot in #352
- Bump maven-shade-plugin from 3.2.4 to 3.3.0 in /lite by @dependabot in #354
- Bump maven-shade-plugin from 3.2.4 to 3.3.0 in /full by @dependabot in #355
Full Changelog: v0.65.1-release...v0.66-release
Kustvakt version 0.65.1
Introducing a new query parameter: show-tokens in the search API and a new web-service for retrieving field values of a virtual corpus.
New Features
- "show-tokens" option in the search API
- new web-service for retrieving field values, for instance text sigles of a virtual corpus (admin-only)
Library Updates
- Bump hibernate.version from 5.6.1.Final to 5.6.3.Final in /full by @dependabot in #297
- Bump hibernate.version from 5.6.1.Final to 5.6.3.Final in /core by @dependabot in #298
- Bump flyway-core from 8.0.5 to 8.3.0 in /core by @dependabot in #301
- Bump hibernate.version from 5.6.3.Final to 5.6.5.Final in /core by @dependabot in #317
- Bump slf4j-api from 1.7.33 to 1.7.35 in /core by @dependabot in #318
- Bump hibernate.version from 5.6.4.Final to 5.6.5.Final in /full by @dependabot in #319
- Bump nimbus-jose-jwt from 9.16-preview.1 to 9.18 in /full by @dependabot in #321
- Bump flyway-core from 8.4.2 to 8.4.4 in /core by @dependabot in #323
- Bump jetty.version from 9.4.44.v20210927 to 9.4.45.v20220203 in /core by @dependabot in #325
- Bump slf4j-api from 1.7.35 to 1.7.36 in /core by @dependabot in #326
- Bump maven-compiler-plugin from 3.9.0 to 3.10.0 in /lite by @dependabot in #327
- Bump maven-compiler-plugin from 3.9.0 to 3.10.0 in /core by @dependabot in #328
- Bump mockserver-netty from 5.11.2 to 5.12.0 in /full by @dependabot in #329
- Bump mockserver-netty from 5.11.2 to 5.12.0 in /lite by @dependabot in #330
- Bump json-smart from 2.4.7 to 2.4.8 in /core by @dependabot in #331
- Bump maven-compiler-plugin from 3.9.0 to 3.10.0 in /full by @dependabot in #332
- Bump flyway-core from 8.4.4 to 8.5.0 in /core by @dependabot in #333
- Bump spring.version from 5.3.15 to 5.3.16 in /core by @dependabot in #334
- Bump nimbus-jose-jwt from 9.18 to 9.20 in /full by @dependabot in #335
Full Changelog: v0.65-release...v0.65.1-release
v0.65-release
Kustvakt version 0.65
!!! SECURITY UPDATES
Please update all Kustvakt libraries, Krill to version 0.60.2 and Koral to version 0.38.1
Introducing a new cache mechanism.
New features:
- new cache mechanism replacing Ehcache
- retrieve KoralQuery of a virtual corpus
- list system virtual corpora
Changes to previous API
- removal of koralQuery from VC list
- removal of statistics from VC list
Library updates
- Bump flyway-core from 7.11.4 to 7.12.0 in /core by @dependabot in #229
- Bump nimbus-jose-jwt from 9.11.2 to 9.11.3 in /full by @dependabot in #230
- Bump nimbus-jose-jwt from 9.11.3 to 9.12 in /full by @dependabot in #233
- Bump flyway-core from 7.12.0 to 7.13.0 in /core by @dependabot in #234
- Bump flyway-core from 7.14.1 to 7.15.0 in /core by @dependabot in #248
- Bump spring.version from 5.3.9 to 5.3.10 in /core by @dependabot in #250
- Bump nimbus-jose-jwt from 9.13 to 9.14 in /full by @dependabot in #251
- Bump joda-time from 2.10.10 to 2.10.11 in /core by @dependabot in #252
- Bump nimbus-jose-jwt from 9.15 to 9.15.2 in /full by @dependabot in #255
- Bump joda-time from 2.10.11 to 2.10.12 in /core by @dependabot in #256
- Bump jetty.version from 9.4.43.v20210629 to 9.4.44.v20210927 in /core by @dependabot in #257
- Bump joda-time from 2.10.12 to 2.10.13 in /core by @dependabot in #278
- Bump hibernate.version from 5.5.7.Final to 5.6.1.Final in /core by @dependabot in #279
- Bump hibernate.version from 5.6.0.Final to 5.6.1.Final in /full by @dependabot in #280
- Bump flyway-core from 8.0.2 to 8.0.3 in /core by @dependabot in #281
- Bump flyway-core from 8.0.3 to 8.0.4 in /core by @dependabot in #282
- Bump spring.version from 5.3.12 to 5.3.13 in /core by @dependabot in #283
Full Changelog: v0.64-release...v0.65-release
Kustvakt version 0.64
Introducing a database migration of annotation tables, a more flexible cache configuration for named virtual corpora, OAuth2 client naming restrictions and some parameter changes.
Updates:
- Annotation data such as information on annotation layers, keys and values, are included in the database migration.
- Maximum cache heap and disk sizes can be setup in the kusvakt.conf file.
- OAuth2client names are restricted from using ambiguous characters.
- Ambiguous API parameter names e.g pertaining to super client properties, have been updated.
- Bugs fixes
Caveats:
This update is likely to break the database migration. Database should be backed up prior to the deployment. Some tables such as oauth2_client, oauth2_access_token, oauth2_access_token_scope may need to be dumped and restored to a new database.
Kustvakt version 0.63.1
Updates:
- Virtual corpus methods are generalized for query reference.
- "token type" and "client_id" have been added to the OAuth2 token list API response.
- Parameters referring to super client id and secrets have been updated for clarity.
- "client_type" has been added to the OAuth2 client list API response.
- Parameter "client_secret" has been removed from the OAuth2 client list API request.
- Parameter "redirectURI" has been altered to "redirect_uri" in OAuth2Client JSON definition.
- OAuth2 API responses and parameters in the error responses have been updated for coherence.
- Parameters "description" and "url" have been updated to "client_description" and "client_url" in the OAuth2 Client DTO for coherence.
- Bug fixes.
Kustvakt version 0.63
New features since 0.61.3:
- Introducing index version header
- Introducing docker
- Introducing query reference
- Added a new web-service for refreshing index and VC cache
- Added a web-service to obtain API info
- Added public metadata request in the search API
- Added pipe extension in search API
- Added support for multiple cq (corpusquery) parameters in search API
- Added OAuth2 token management via super client
- Added user setting management
Updates:
-
Sample index has been updated
-
Various updates in OAuth2 API including
- removed URL requirement in client registration
- removed client authentication from the client deregistration and client-secret reset APIs
- added an admin API for clearing access token cache
- added a web-service to list clients registered by a user
- added a web-service to list active refresh tokens of a user
-
Various updates in the user group API including
- added user-group name pattern
- replaced groupId with groupName and updated user group service paths
- removed UserGroupJson
-
Various updates in the virtual corpus API
- added additional statistic figures to virtual corpus info API response
- added users to hidden group when searching in a published VC
-
KoralQuery in JSON responses is now unescaped
-
cq is prefered to corpusQuery parameter in the statistic API
For more detailed information on changes, please look up the change log files.
Kustvakt version 0.61.3
New features:
- OAuth2 token revocation
- OAuth2 client secret reset
- OAuth2 super client
- Virtual corpus reference and rewrite
- REST API versioning
- Kustvakt server shutdown via HTTP Post request
Updates:
- Added field parameter to search controller
- Added highlight parameter to matchInfo controller
See detailed changes in the change log files.
Kustvakt full version 0.60.5
OAuth2 and OpenId authentication supports
New Features
- OAuth2 client registration
- OAuth2 authorization request
- OAuth2 request token with authorization code grant
- OAuth2 request token with password grant
- OAuth2 request token with client credentials grant
- OAuth2 authorization with OpenID Authentication
- Support for authorization scopes: search and match_info
Changes from previous release
- alterations of service API endpoints / URLs
- improved test settings for faster test suite runtime
- various bug fixes
Kustvakt full version 0.60.1
New features
- virtual corpus and user-group management for system admins
- user-group member role management
Changes
- added admin-related SQL codes
- updated AdminDao
- added optional username query parameter to group list controller
- added delete group member triggers
- added list user-group by username and status for system admin
- added user-group status in user-group DTO
- added check for hidden groups in user-group tests
- added database trigger test on deleting members when deleting group
- renamed VC type PREDEFINED to SYSTEM
- added VC list controller for system admin
- added VC controller tests with for system admin
- added hidden access removal when deleting published VC
- added check for hidden groups in VC controller tests
- added search user-group controller
- removed createdBy from VirtualCorpusJson
- moved member role setting from the invitation phase to the after-subscription phase
- added member role removal after deleting members
- added add and delete member role controllers
Bug fixes
- fixed non hierarchical URI causing kustvakt.conf is not found.