Skip to content

1.5.10

Choose a tag to compare

View all tags
@cd-rite cd-rite released this 14 Jul 21:05
· 138 commits to main since this release
1.5.10
0b88069
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

What's Changed

  • (UI) feature: New OIDC SharedWorker implementation for better token management across browser tabs allows STIG Manager to be used in more than one browser tab at once.
  • (UI) feature: New options for Client reauthentication: popup window (new default), tab, iframe, or traditional redirect (the old behavior). When configured to use any of the first three options, when a session expires, users will be prompted to reauthenticate without losing the current state of their workspace. Control with new envvar: STIGMAN_CLIENT_REAUTH_ACTION.
  • (UI) feature: Added support for opaque refresh tokens to improve compatibility with various OIDC providers
  • (UI) enhancement: Better error handling during app startup
  • (UI) performance: "Other Assets" data now loads only when that tab is opened, improving load times
  • (API) enhancement: Easier handling of disabled Assets and Collections with database views
  • (API) fix: Better handling of reviews posted for disabled Assets and Collections
  • (API) fix: Allow "unavailable" user properties to be set if the request also changes their status to "available"
  • (UI) enhancement: Updated to stigman-client-modules v1.5.5 for improved duplicate asset name detection and handling
  • (API) Dependencies: Various security updates

Note 1: This release includes a database migration to support new features.

Note 2: Some OIDC providers do not properly advertise their support of the Authorization Code Flow with PKCE in their configuration metadata. If you experience issues with OIDC authentication, you may need to set this environment variable:

STIGMAN_CLIENT_STRICT_PKCE=false

to disable the strict PKCE check by the STIG Manager client. STIG Manager Client will still use PKCE for the OIDC flow, but will not require the OIDC provider to advertise its support for PKCE in its metadata.

Note 3: With this release, we have stopped publishing images to Docker Hub using Iron Bank NodeJs base images. Users who need Iron Bank images should pull directly from Iron Bank (registry1.dso.mil/ironbank/opensource/stig-manager/stig-manager). Pulling directly from Iron Bank ensures you have images based on the latest Iron Bank hardened images that can be tied directly to their scans and artifacts.

Full Changelog: 1.5.9...1.5.10

Assets 6
Loading