@GUI GUI released this Jul 15, 2017 · 345 commits to master since this release

Assets 2

0.14.4 (2017-07-15)

This update contains one important fix for v0.14.3. Upgrading is recommended if you are currently running v0.14.3.

Upgrade Instructions

If you're upgrading a previous API Umbrella version, you may upgrade the api-umbrella package using your package manager.

Fixed

  • Rollback rsyslog to fix memory leak: The version of rsyslog included in API Umbrella v0.14.3 (rsyslog v8.28.0) has a memory leak with the way API Umbrella configures it. This leads to rsyslog's memory use growing indefinitely. To fix this, the included version of rsyslog has been downgraded to v8.27.0 (and a bug report has been filed with rsyslog). (api.data.gov#395)

@GUI GUI released this Jul 13, 2017 · 348 commits to master since this release

Assets 2

This update contains a few bug fixes and some potential security fixes. Upgrading is recommended.

Upgrade Instructions

If you're upgrading a previous API Umbrella version, you may upgrade the api-umbrella package using your package manager.

Changed

  • Make web-app timeouts configurable: Timeouts in the Rails web application are now configurable. (bfe3f06)
  • On admin sign in with Google, prompt for specific account: When the admin tool is configured to use Google for logins, always prompt for which Google account to use. (c11ea16)
  • Search behavior in admin APIs: The free-form text search functionality provided by most of the admin APIs has been tweaked slightly. Now searching for an ID requires a full match instead of a partial match, and the "admins" API endpoint no longer searches the authentication token field. (e936932, aac482e)
  • Upgrade bundled software dependencies:
    • MongoDB 3.2.13 -> 3.2.15
    • OpenResty 1.11.2.3 -> 1.11.2.4 (security update: CVE-2017-7529)
    • Rsyslog 8.27.0 -> 8.28.0

Fixed

  • Fix logrotation inside Docker container: Log files could grow unbounded in size inside the API Umbrella Docker container. (#365)
  • Fix the default "contact us" form: A regression in v0.14.0 broke the default contact form's ability to send e-mails. (api.data.gov#390)
  • Fix logging data to authenticated Elasticsearch: If using a custom Elasticsearch instance that uses HTTP basic authentication, this should work now. (eae9553)
  • Fix an internal analytics endpoint: A regression in v0.14.0 broke a non-public API endpoint for summary analytics. (api.data.gov#387)

Security

  • Fix admin password hashes exposure:
    • If you use the local authentication mechanism for logging into the admin (new in v0.14.0 and the default), then upgrading to API Umbrella v0.14.3 is highly recommended.
    • If you rely only on external login providers (Google, GitHub, etc), then this issue should not affect your installation.
    • This issue could lead to the password hashes for admins being exposed to other admin users. Similarly, hashed password reset tokens or account unlock tokens could also be exposed to other admin users.
    • No plain text passwords or tokens would have been exposed, and these hashes would have only been exposed to other API Umbrella admin users. So the likelihood of this information being exploitable is hopefully very low (the hashes are considered strong and not easy to brute force), but upgrading is recommended to remedy this. You'll also want to weigh the risks for your installation, but it would be prudent to instruct your admins to resets their password.
    • Hash details: The exposed password hashes would have been hashed using bcrypt (with a cost factor of 11), and the exposed reset/unlock tokens would have been hashed using HMAC-256 (with the key being a random 128 character string, or the web.rails_secret_token value if you manually set that in your config). (82dfe06)
  • Updated bundled dependencies:

@GUI GUI released this May 26, 2017 · 377 commits to master since this release

Assets 2

This update contains a few bug fixes. Upgrading is recommended.

Upgrade Instructions

If you're upgrading a previous API Umbrella version, you may upgrade the api-umbrella package using your package manager.

Changed

  • Upgrade bundled software dependencies:
    • Elasticsearch 2.4.4 -> 2.4.5
    • MongoDB 3.2.12 -> 3.2.13
    • Rsyslog 8.26.0 -> 8.27.0

Fixed

  • Fix removing last item from array fields in admin: A regression in v0.14.0 prevented admins from removing the last items in certain array fields in the admin (for example, removing all roles from a user or API). (#367)
  • Fix SSL validation against external Elasticsearch databse: Allow for explicit configuration of SSL settings when connecting to an external Elasticsearch database that is using HTTPS. Thanks to @martinzuern. (#364)
  • Increase default memory storge for configuration data: Increase the default memory allocated for storing the live API backend configuration data from 600KB to 3MB to prevent potential issues when publishing lots of API backends. (api.data.gov#385)

@GUI GUI released this Apr 24, 2017 · 394 commits to master since this release

Assets 2

This update contains a few bug fixes and one potential security fix. Upgrading is recommended.

Upgrade Instructions

If you're upgrading a previous API Umbrella version, you may upgrade the api-umbrella package using your package manager.

Changed

  • Upgrade bundled software dependencies:
    • OpenResty 1.11.2.2 -> 1.11.2.3
    • Ruby 2.3.3 -> 2.3.4
    • Rsyslog 8.24.0 -> 8.26.0

Fixed

  • Missing validations on API backends: It was possible to create API backends that omitted fields that should have been required in the Sub-URL Request Settings and Advanced Requests Rewriting sections. This could cause errors in loading the API configuration. (#360)
  • Creating new admin groups: Creating new admin groups in the admin was broken in v0.14.0. (#347)
  • Outgoing example URL in admin: In the API backend form of the admin, the example outgoing URL was incorrect in v0.14.0. (b4ce3e28)
  • Ember.js deprecation warnings: Fix some deprecation warnings in the admin tool. (3e019140, 27bf988d)

Security

  • Don't pass admin session cookie to API backends: The session cookie the API Umbrella admin uses is now stripped from requests to API backends. (89371149)

@GUI GUI released this Feb 23, 2017 · 421 commits to master since this release

Assets 2

This update focuses on upgrading various internal components of API Umbrella. It also offers new features and various bug fixes. A few potential security issues are also addressed. Upgrading is recommended, but there are some potential compatibility issues to note. See the Upgrade Instructions section below.

Many thanks to everyone that contributed with pull requests and bug reports!

Upgrade Instructions

If you're upgrading a previous API Umbrella version, you may upgrade the api-umbrella package using your package manager.

This version has a few potential compatibility issues, depending on your setup, so be sure to read the following upgrade notes:

  • Database network binds: For security reasons, Elasticsearch and MongoDB only listen for local connections now. If you have a multi-server setup, you'll need to adjust the bind addresses. If you cannot upgrade to API Umbrella v0.14.0 immediately, you should check your current bind addresses to ensure they're secure.
  • Elasticsearch and MongoDB upgrades:
    • The default version of Elasticsearch bundled with API Umbrella has been updated from 1.7 to 2.3.
    • The default version of MongoDB bundled with API Umbrella has been updated from 3.0 to 3.2.
    • If you're running a single server, all that should be required is a full restart (sudo /etc/init.d/api-umbrella restart).
    • If you're running a cluster of multiple database servers, then you may need to be more careful about the sequence of upgrades. See Elasticsearch's upgrade notes and MongoDB's upgrade notes for more details.
    • The data API Umbrella stores in Elasticsearch should be compatible with the upgrade without further steps. However, if you store non-API Umbrella data in the same Elasticsearch server, you may want to check for data compatibility issues with the elasticsearch-migration plugin.
  • Admin login changes: API Umbrella now defaults to using local login accounts for the accessing the admin (instead of using external login providers like Google, or GitHub). If you'd still like to use external login providers, they will need to be explicitly enabled.

Added

  • Local admin accounts: There is now (#332, #314, #207, #247, #124, #45)
  • Default Elasticsearch query timeout: For admin analytics queries, there's now a default timeout for the queries to try and prevent complex queries from running indefinitely. (6b1187d3)
  • Log API backend IDs: Add logging of the matched API backend ID to the analytics database. #252
  • Add GitLab login provider: GitLab as been added as an external login provider. (#311)
  • Add security-related HTTP headers: Default X-XSS-Protection, X-Frame-Options, and X-Content-Type-Options headers have been added to website backend and web-app responses. (f15ac873)
  • Log rsyslog statistics: Log additional statistics on rsyslog's queue size and processing information. (c3afad9f)
  • Redirect to admin URLs after login: Deep links to areas in the admin are now retained throughout the login process. (#257)
  • Allow overriding the public HTTP/HTTPS ports: When placing a load balancer in front of API Umbrella, allow for additional configuration to override the public ports. (#329, #296)
  • MongoDB WiredTiger storage support: API Umbrella is now compatible with the newer MongoDB WiredTiger storage engine. (#260, #312)
  • MongoDB SCRAM-SHA-1 authentication support: API Umbrella is now compatible with the default authentication mechanism in MongoDB 3.0+. (#260, #312)

Changed

  • Rails 4.2: The internal web-app component (that provides the admin APIs) has been upgraded from Rails 3.2 to Rails 4.2. (#259)
  • Ember 2.8: The internal admin-ui component (that provides the admin user interface) has been upgraded from Ember 1.7 to Ember 2.8. It has also been separate from the Rails codebase to be a standalone Ember app. (#257)
  • Bootstrap 3: The admin user interface has been upgraded from using Bootstrap 2 to Bootstrap 3. (#258)
  • Elasticsearch 2.3: The bundled version of Elasticsearch has been upgraded from Elasticsearch 1.7 to Elasticsearch 2.3. (#315, #261)
  • MongoDB 3.2: The bundled version of MongoDB has been upgraded from MongoDB 3.0 to MongoDB 3.2. (#260)
  • ECharts for admin charts: The admin interface has switched to use ECharts for its charts and maps. (#333, #124)
  • More debugging details in nginx logs #334
  • Unified test suite: API Umbrella's internal test suite has been cleaned up, unified, and made more stable. (#305)
  • Disable X-Fowarded-Host parsing: When determining which API backend to match, don't parse the X-Forwarded-Host header by default. (api.data.gov#355)
  • Quiet duplicative nginx error logging: Don't log duplicate nginx errors to nginx's error log. (3f90e158)
  • Disable elasticsearch heapdumps: If Elasticsearch runs out of memory, don't perform a heapdump by default. (api.data.gov#351)
  • Relative dates for admin analytics URLs: Links to analytics URLs in the admin for the "last 30 days" will always reflect the last 30 days from the current date (rather than when the link was generated). api.data.gov#73
  • Quicker process stops: Allow API Umbrella to stop more quickly by changing how delayed-job terminates. (837ca8f1)
  • Upgrade bundled software dependencies:
    • Elasticsearch 1.7.5 -> 2.4.4
    • MongoDB 3.0.12 -> 3.2.12
    • OpenResty 1.9.15.1 -> 1.11.2.2
    • OpenSSL 1.0.2h -> 1.0.2k
    • Ruby 2.2.5 -> 2.3.3
    • Rsyslog 8.14.0 -> 8.24.0

Removed

  • Don't log website backend requests to analytics: Requests to the website backend routes are no longer logged in the analytics database. #334
  • Don't log unused fields to analytics database: Several fields were being logged to the analytics database that API Umbrella was not using. These fields are no longer being logged to simplify things and reduce space. The fields no longer being stored are: backend_response_time, internal_gatekeeper_time, proxy_overhead, request_ip_location, and request_query. (#334)
  • Removed Mozilla Persona login option: The Mozilla Persona service was shutdown, so it's no longer a valid long option for the admin. (#313, #323)
  • Removed non-functional HTTPS redirect options: In the API Backends administration there were some "redirect" options for the "HTTPS Requirements" setting. These redirect options stopped working in API Umbrella v0.9.0. (8d986169)
  • Removed code for upgrading from API Umbrella v0.8: Code for directly upgrading from API Umbrella v0.8 packages has been removed. (101ac1e3)

Fixed

  • Missing analytics in Docker: If running API Umbrella from the default Docker container, analytics information was missing. (#284, #327, #328)
  • LDAP authentication: The LDAP login provider for the admin was broken. (#316, #278)
  • Startup race condition: There was a race condition on API Umbrella's first startup that could lead to the database not being properly seeded. (#300, f8495f11)
  • Corrupt rsyslog/request.log.gz file: Rsyslog's request.log.gz log file could become correct (although this file isn't currently used). (#324)
  • Running Docker container from directory with spaces: If you were running the API Umbrella Docker container from a directory containing spaces, it would error. (#322)
  • Improve MongoDB replicaset failover: If using a MongoDB replicaset, improve the resiliency during a replicaset primary change. (89903486)
  • Mixed up admin locale data: In the admin, there was a possibility of locale data being mixed up across different users. (2a98714a)
  • Missing analytics logs in certain cases: Certain URLs with duplicate URL query parameters could fail to be logged in the analytics database in certain cases. api.data.gov#358
  • Temp files in Docker container: Fix generation of many geoip-auto-updater files in Docker container. (#290)
  • Missing package dependencies: Add missing dependencies for the packages on minimal containers. (#290, #292, #328, 4a269133 )
  • Prevent double analytics requests in admin: Sometimes 2 analytics requests would be made in the admin when loading an analytics page. (#257)
  • Proxying to SNI API backends: Fix proxying to API backends that require SNI SSL support. (api.data.gov#357)
  • Overriding null values in api-umbrella.yml: Fix overriding null values in the api-umbrella.yml config file. (d8c5f743, #278)
  • Intermittent test suite failures: The reliability of the test suite has been improved. (#303)
  • Improve rsyslog queueing: Fix the queue size settings for rsyslog. (c3afad9f)
  • Admin analytics timezones: Fix timezone handling for dates in the admin date pickers. (90ed2b62)
  • localhost DNS failures: Fix startup issues if "localhost" possibly fails to resolve. (#212)
  • Log rotation issues: The perpd log files weren't being rotated properly, and other log files could have rotation problems if API Umbrella was running as a non-default user. (4d28e1e3)
  • Email verification with GitHub and Facebook: If using GitHub or Facebook login providers for the admin, fix some issues with how verified emails are identified. (d4e6fc5f)
  • Ensure clean Ruby environment: Ensure system-wide Ruby or Bundler installations don't conflict with API Umbrella's embedded version of Ruby. (7d9208ca)

Security

  • Database network binds: For security reasons, Elasticsearch and MongoDB only listen for local connections now. If you have a multi-server setup, you'll need to adjust the bind addresses. If you cannot upgrade to API Umbrella v0.14.0 immediately, you should check your current bind addresses to ensure they're secure. (#287)
  • XSS in signup form: Fix possible cross-site-scripting issue in the default signup form. (api-umbrella-static-site#486950b1)
  • Admin group permissions: If a limited admin knew the random UUID for another admin group, they could add admins to that group, despite not necessarily having permissions. (c5ca3c1f)

@GUI GUI released this Jul 31, 2016 · 855 commits to master since this release

Assets 2

This update fixes one security issue and one small bug fix. Upgrading is recommended.

Upgrade Instructions

If you're upgrading a previous API Umbrella version, you may upgrade the api-umbrella package using your package manager.

Security

  • Removed the configuration import/export tool from the admin: This import/export tool could have presented a security issue if admin accounts with limited privilege scopes existed. These less-privileged admins could have viewed all API backend configuration, including API backends outside of their scoped permissions (however, they would not have been able to change the API backend configuration). Since the import/export tool has not been maintained and has other bugs, it has been removed entirely. If you still have a need for this tool, please let us know. (#272)

Fixed

  • Don't show the "Beta Analytics" checkbox by default: In the admin analytics interface, a "Beta Analytics" checkbox appeared in v0.12, but this should only be shown if the experimental Hadoop/Kylin-based analytics is actually enabled. (c606261)

@GUI GUI released this Jun 30, 2016 · 869 commits to master since this release

Assets 2

This update brings a variety of fixes and new features. A few potential security issues are also addressed. Upgrading is recommended.

Special thanks to @ThibautGery and @shaliko for their contributions to this release, and to anyone else reporting issues!

Upgrade Instructions

If you're upgrading a previous API Umbrella version, you may upgrade the api-umbrella package using your package manager.

Compatibility Notes: There are two small changes in how the raw analytics data is stored in v0.12.0. This should only be relevant if you were querying the Elasticsearch analytics database directly (not via the admin UI or APIs) and interacting with the request_at or request_query fields. See the "Changed" section below for more details. Otherwise, v0.12.0 should be fully backwards compatible.

Added

  • E-mail notification to admins on new API key signups: You may optionally notify specified e-mail addresses whenever users signup for an API key. (#246, @ThibautGery)
  • Elasticsearch 2 compatibility: API Umbrella continues to bundle Elasticsearch 1.7 as the default version, but it now offers compatibility with external Elasticsearch 2 instances. (#253, @ThibautGery)
  • Allow limited admins to create new groups or sub-scopes: Non-superuser admins now may create more groups or other API scopes underneath their current permissions. (#238, api.data.gov#135, api.data.gov#339)
  • Improve navigation of admin accounts in the admin interface: When viewing or editing Admin Groups, the members of each admin group are displayed. (api.data.gov#256)
  • Ubuntu 16.04 Packages: Binary packages are now available for Ubuntu 16.04. (09f8f3c)
  • Run web-app tests in Docker: The test suite for the web-app component may be run with Docker. (#243, @ThibautGery)
  • Experimental support of Hadoop/Kylin-based analytics: Initial support has been added to optionally store the analytics data in Hadoop and query from Kylin. This offers an alternative to Elasticsearch for analytics that can scale to larger capacities in a more efficient manner. (#227, api.data.gov#235)

Changed

  • Analytics timestamps now reflect the ending time of the request: The request_at timestamp logged in the analytics database now reports the time the request ended, rather than when the request began. (#251)
  • Analytics fields no longer contain dots: To prepare for Elasticsearch 2 upgrades, the request_query field in Elasticsearch may no longer contain dots/periods. (#253)
  • Better SSL defaults and more configurable settings: If using API Umbrella for SSL, the default SSL settings are now better. The defaults can also now be customized via the API Umbrella configuration file. (#240, @shaliko)
  • Switch internal log collecting process: The internal process used for buffering and transmitting log data for analytics storage has been switched from Heka to rsyslog. (#227)
  • Switch to CMake based builds: For better maintainability of the build process, CMake is now used. (#226)
  • Linting changes for shell scripts: Shell scripts used throughout the project now have a more consistent style, and any issues around variable quoting should be fixed. (#237)
  • Upgrade bundled software dependencies:
    • Elasticsearch 1.7.4 -> 1.7.5
    • MongoDB 3.0.8 -> 3.0.12
    • OpenResty 1.9.7.4 -> 1.9.15.1 (Security updates: CVE-2016-4450)
    • Ruby 2.2.4 -> 2.2.5

Fixed

  • Fix admin searches involving special characters: If using the search tools in the admin, searching for special characters did not behave as expected. (api.data.gov#334)
  • Fix "unexpected error" message when publishing with empty selection: If you tried to publish API Backend changes without selecting any changes to publish, you received an "unexpected error" message. (api.data.gov#307)
  • Fix listing of website backends being visible to all admins: Non-superuser admin accounts could view the complete listing of Website Backends in the database, even if they did not have permission to edit the website backend. (api.data.gov#261)
  • Fix running feature tests on non-English computers: Some browser integration tests in the web-app component would fail if running the tests from a non-English computer (#242)
  • Fix potential load conflicts if system has other Lua libraries install: If the system running API Umbrella also has other Lua libraries installed into system-wide locations, potential conflicts could occur when API Umbrella tried to load its own dependencies. (#250)
  • Fix potential for negative TTLs when distributing rate limit info: If API Umbrella is operating in a cluster, unexpected negative TTLs could be calculated when distributing rate limit information among the servers in the cluster. (api.data.gov#335)
  • Fix the GeoIP data updater downloading too frequently on restarts: If API Umbrella was manually restarted, the GeoIP data could be re-downloaded with more frequency than needed (38d4654)
  • Fix running tests in NodeJS v0.10.42+: Some UTF-8 integration tests would fail if running the integration test suite in NodeJS v0.10.42 or higher. (2a329ad)

Security

  • Fix potential security issue if limited admins had knowledge of internal record UUIDs: If non-superuser admins knew the random UUIDs for records they did not have permissions to, they could potentially overwrite the records. (#238)
  • Fix possibility of admins abusing regex searches: Admins could search for regular expressions, allowing for regular expression denial of service. (api.data.gov#334)
  • Fix listing of website backends being visible to all admins: Non-superuser admin accounts could view the complete listing of Website Backends in the database, even if they did not have permission to edit the website backend. (api.data.gov#261)
  • Updated bundled dependencies:

@GUI GUI released this Apr 15, 2016 · 1196 commits to master since this release

Assets 2

This is a small update that fixes a couple bugs (one important one if you use the HTTP cache), makes a couple small tweaks, and updates some dependencies for security purposes. Upgrading is recommended.

Download 0.11.1 Packages

Upgrade Instructions

If you're upgrading a previous API Umbrella version, you may upgrade the api-umbrella package using your package manager.

Changed

  • Upgrade bundled software dependencies:
    • OpenResty 1.9.7.1 -> 1.9.7.4 (Security updates: CVE-2016-0742, CVE-2016-0746, and CVE-2016-0747)
    • Rails 3.2.22 -> 3.2.22.2 (Security updates: CVE-2015-7576, CVE-2016-0751, CVE-2015-7577, CVE-2016-0752, CVE-2016-0753, CVE-2015-7581, CVE-2016-2097, and CVE-2016-2098)
    • Rebuild Mora and Heka with Go 1.5.4 (Security update: CVE-2016-3959)
  • Remove empty "Dashboard" link from the admin: The "Dashboard" link has never had any content, so we've removed it from the admin navigation. (api.data.gov#323)
  • Make the optional public metrics API more configurable: If enabled, the public metrics API's filters are now more easily configurable. (api.data.gov#313)

Fixed

  • Resolve possible HTTP cache conflicts: If API Umbrella is configured with multiple API backends that utilize the same frontend host and same backend URL path prefix, then if either API backend returned cacheable responses, then it's possible the responses would get mixed up. Upgrading is highly recommended if you utilize the HTTP cache and have multiple API backends utilizing the same URL path prefix. (api.data.gov#322)
  • Don't require API key roles for accessing admin APIs if admin token is used: If accessing the administrative APIs using an admin authentication token, then the API key no longer needs any special roles assigned. This was a regression that ocurred in API Umbrella v0.9.0. (#217)
  • Fix potential mail security issue: OSVDB-131677.

@GUI GUI released this Jan 21, 2016 · 1213 commits to master since this release

Assets 2

This is a small update that fixes a few bugs, adds a couple small new features, and updates some dependencies for security purposes. Upgrading is recommended.

Download 0.11.0 Packages

Upgrade Instructions

If you're upgrading a previous API Umbrella version, you may upgrade the api-umbrella package using your package manager.

Added

  • Search user role names in admin user search: In the admin search interface for users, role names assigned to users are now searched too. (api.data.gov#302)
  • Allow for nginx's server_names_hash_bucket_size option to be set: If you've explicitly defined hosts in the API Umbrella config with longer hostnames, you can now adjust the nginx.server_names_hash_bucket_size setting in /etc/api-umbrella/api-umbrella.yml to accommodate longer hostnames. (#208)
  • Documentation on MongoDB authentication: Add documentation on configuring API Umbrella to use a MongoDB server with authentication. (#206)

Changed

  • Upgrade bundled software dependencies:
    • Elasticsearch 1.7.3 -> 1.7.4
    • MongoDB 3.0.7 -> 3.0.8
    • OpenResty 1.9.3.2 -> 1.9.7.1
    • Ruby 2.2.3 -> 2.2.4

Fixed

  • Fix editing users with custom rate limits: There were a few bugs related to editing custom rate limits on users that broke in the v0.9 release. (api.data.gov#303, api.data.gov#304, api.data.gov#306)
  • Fix MongoDB connections when additional options are given: If the mongodb.url setting contained additional query string options, it could cause connection failures. (#206)
  • Fix logging requests containing multiple User-Agent headers: If a request contained multiple User-Agent HTTP headers, the request would fail to be logged to the analytics database. (api.data.gov#309)
  • Raise default resource limits when starting processes: Restore functionality that went missing in the v0.9 release that raised the nofile and noproc resource limits to a configurable number.

Security

We've updated several dependencies with reported security issues. We're not aware of these security issues impacting API Umbrella in any significant way, but upgrading is still recommended.

@GUI GUI released this Dec 16, 2015 · 1239 commits to master since this release

Assets 2

This is a small update that fixes a few bugs and adds a couple small new features.

Download 0.10.0 Packages

Upgrade Instructions

If you're upgrading a previous API Umbrella version, you may upgrade the api-umbrella using your package manager.

Added

  • Make additional fields visible in the admin analytics: The HTTP referer, Origin header, user agent family, and user agent type fields are now visible in analytics views for individual requests. (#201)
  • Show version number in admin: In the admin footer, the current API Umbrella version number is now displayed. (#169)

Fixed

  • Fixes to packages: Various fixes and improvements to the .rpm and .deb packages to allow for easier package upgrades. (#200)
  • Fix CSV downloads of admin analytics reports: The CSV downloads of the Filter Logs results in the analytics admin was broken in the v0.9 release (api.data.gov#298)
  • Fix admin issues with admin groups and roles: Admin groups management and role auto-completion were both broken in the v0.9 release (api.data.gov#299)
  • Better service start/stop error handling: Better error messages if the trying to start the service when already started or stop the service when already stopped. (#203)