Skip to content

@github-actions github-actions released this Sep 13, 2021

Release 6.1.0

RESTHeart 6.1.0 introduces major memory optimizations in the case of large JSON payloads and adds transactions support to aggregations.

New commits since 6.0

  • 494f3f1 - (tag: 6.1.0) Release 6.1.0
  • 54507e6 - Fix missing comma
  • 2eb256b - Push 6.x docker tags [skip ci]
  • 8c72940 - 6.1.0-SNAPSHOT
  • 3b69315 - 💚 Fix CI build for 6.0.x branch
  • 9fc06eb - ⬆️ Upgrade default MongoDB version for executing integration tests to 5.0
  • 15da543 - Merge branch 'master' into 6.0.x
    |
    | * ba870cb - (master) ⬆️ Upgrade Undertow to v2.2.10.Final
    | * 1fd0c05 - ♻️ Refactored CollectionDAO
    | * b440052 - ♻️ Removed unused imports
    | * d720ef6 - Avoid String.trim() in Minify().minify() to optimize memory usage
    | * 219f9ac - Avoid double call of heavy response.readContent() in ResponseSender
    | * 575d0a5 - 🔧 Removes obsolete buffers-per-region key from configuration file
    | * 6792f15 - Revert "Create codeql-analysis.yml" [skip ci]
    | * 248cabe - Create codeql-analysis.yml
    | * 03d2ca6 - Replace mongo:4.4 image with mongo:5.0 [skip ci]
    | * 9842563 - Replace 5.0.1 tag with 5.0
    | * 1643e0d - Simplified services [skip ci]
    | * 7b7f29d - Format file [skip ci]
    | * 9420d9b - Refactoring [skip ci]
    | * 404429b - Indent file
    | * e18bdcd - Use simplified syntax [skip ci]
    | * fb2d16e - ♻️ Minor refactoring on TxnsUtils.removeWithTxnNumber()
    | * 3da3d6f - 🐛 Fix retrieving transaction number with MongoDB 5
    | * d65df53 - 👷 Update build pipeline to test with MongoDB 5.0.1 as well also on branch and pullrequests
    | * cb5c083 - 👷 Update build pipeline to test with MongoDB 5.0.1 as well
    | * cfc66d0 - Add transactions support to aggregations
    | * 81c67df - Add tag softinstigate/restheart:latest-graalvm [skip ci]
    | * f989ab9 - 🔧 Update docker-compose-graalvm.yml and docker-compose-native.yml to use latest-graalvm and latest-native images tags [skip ci]
    | * fe1722e - 📝 Update GRAALVM instructions about publishing native docker image with [version]-native and latest-native [skip ci]
    | * 375bdae - 📝 Minor update on GRAALV.md [skip ci]
    | * 77260ba - Check for empty websocket connection header values
    | * 14677c4 - Fix websocket handshake request headers check
    | * 6825836 - Comment out unused steps [skip ci]
    | * 38afa53 - Build all branches [skip ci]
    | * f416064 - Build PR for all branches [skip ci]
    | * 9bfc983 - Edit comment [skip ci]
    | * 2873f88 - Rename file [skip ci]
    | * 1c6bfb3 - Fix tags action
    | * 6556264 - Build and Push GraalVM Docker image
    | * d581c56 - 🐛 Fix js interceptor not deployed at startup time
    | * 5bd63c6 - Update README [skip ci]
    | * 81b2d27 - Fix subtitle, add image, edit sentences [skip ci]
    | * 78193da - Update titles [skip ci]
    | * 322c5c6 - Merge branch 'master' of github.com:SoftInstigate/restheart
    | |
    | | * 123088a - Fix typos [skip ci]
    | | * 6e2c79b - Add gif image
    | | * de12d31 - Update README [skip ci]
    | | * b9d7b68 - Update README [skip ci]
    | * | 5b39a57 - Don't fail the build if maven deploy fails [skip ci]
    | |/
    | * dc20ded - Update README [skip ci]
    | * 42e8a5e - Add build matrix for PR [skip ci]
    | * 4b6227a - Use the build matrix [skip ci]
    | * eee43e2 - Remove empty parameters [skip ci]
    | * 6a775f9 - Add karate-options to test with mongodb 3.6
    | * 1aca0fb - Add if: ${{ matrix.deploy }} condition
    | * 0f423fc - Create a build matrix
    | * 5b62355 - Change the docker-maven-plugin wait condition
    | * bd2d51d - Edit comment
    | * 6e26ab7 - 📝 Update docker compose to 6.0.3 [skip ci]
    | * db03d78 - 🔧 Add reflect configuration for filterOperatorsBlacklist for native image
    | * afed9c9 - 🚑 Fix Multi threaded access error on JavaScript services and interceptors execution
    | * 9492cd3 - JS plugin tests (#411)
    | * 5a37074 - Remove sonar plugin
    | * 44e3bba - 🔖 Bump to v6.1.0-SNAPSHOT [skip ci]
    | * 50692ee - Add multi-arch Docker support for stable builds [skip ci]
    | * 9cad18c - Fix wrong parameter
    | * 5bda839 - Build and Push multi-arch Docker images
    | * 56ec816 - Add MAVEN_OPTS to actions
    | * 424d513 - 🔖 Bump to v6.0.3-SNAPSHOT [skip ci]
  • | 40cb059 - Add tag softinstigate/restheart:latest-graalvm [skip ci]
Assets 5

@github-actions github-actions released this Sep 13, 2021

Release 5.4.2

RESTHeart 6.1.0 introduces major memory optimizations in the case of large JSON payloads.

New commits since 5.4.1

  • cb69416 - (tag: 5.4.2) Release 5.4.2
  • 8f735f5 - Add JDK distribution
  • d86de7b - Merge branch '5.4.x' of github.com:SoftInstigate/restheart into 5.4.x
    |
    | * 62519db - ⬆️ Upgrade Undertow to v2.2.10.Final
    | * 7e07395 - Avoid String.trim() in Minify().minify() to optimize memory usage
    | * 41bc1f4 - Avoid double call of heavy response.readContent() in ResponseSender
  • | bcc9916 - runs-on: ubuntu-20.04
    |/
  • 9cada74 - Rename file [skip ci]
  • f09c67c - Fix actions
  • 1fc1c08 - Remove sonar plugin
  • 7195a2e - Fix broken link [skip ci]
  • 75946d9 - Remove badges [skip ci]
  • 0d70242 - ♻️ Bump to v5.4.2-SNAPSHOT
Assets 5

@github-actions github-actions released this Jun 30, 2021

Release 6.0.5

This release solves a couple of minor bugs with WebSockets.

Quick download links:

Run with Docker

You can run RESTHeart and MongoDB with Docker, go to Run with Docker for instructions.

Notable Commits

  • 6f552b2 - Check for empty websocket connection header values
  • 16ae1e1 - Fix websocket handshake request headers check
  • 15fe187 - Build and Push GraalVM Docker image [skip ci]
  • ab8216d - Build and Push multi-arch Docker images for GraalVM
Assets 5

@github-actions github-actions released this Jun 29, 2021

Release 6.0.4

This release fix a bug that prevented a JavaScript interceptor to get deployed at startup time.

Quick download links:

Run with Docker

You can run RESTHeart and MongoDB with Docker, go to Run with Docker for instructions.

Notable Commits

  • ef6c40f - 🐛 Fix js interceptor not deployed at startup time
Assets 5

@github-actions github-actions released this Jun 25, 2021

Release 6.0.3

This release fixes an annoying bug in the new JavaScript services and interceptors execution.

Quick download links:

Run with Docker

You can run RESTHeart and MongoDB with Docker, go to Run with Docker for instructions.

Notable Commits

  • 998137f - 🔧 Add reflect configuration for filterOperatorsBlacklist for native image
  • f280fc6 - 🚑 Fix Multi threaded access error on JavaScript services and interceptors execution
Assets 5

@ujibang ujibang released this Jun 9, 2021

Quick download links:

Run with Docker

You can run RESTHeart and MongoDB with Docker, go to Run with Docker for instructions.

Multi-CPU architecture support for Docker images

Docker images can support multiple architectures, which means that a single image may contain variants for different architectures, and sometimes for different operating systems.

When running an image with multi-architecture support, docker automatically selects the image variant that matches your OS and architecture.

The Docker build process now creates images for the following platforms:

  • linux/amd64
  • linux/arm64
  • linux/ppc64le
  • linux/s390x
  • linux/arm/v7

Ref: https://docs.docker.com/desktop/multi-arch/

Docker Hub repository: https://hub.docker.com/r/softinstigate/restheart

Release notes

This release

  • fixes an error log message on OPTIONS /graphql/<app> request
  • improves the error message on invalid GraphQLPOST /graphql/<app> request

Notable Commits

  • 💡 Add comments to acl.json and acl.yml clarifying the name of the username property in acl permission depending on used authenticator (8d9ee44)
  • ♻️ Improve error message on invalid graphql request (fca2cf2)
  • 🐛 Fix error on OPTIONS /graphql/app (9285d93)
  • ping service handles OPTIONS verb (ad8c4ea)
Assets 5

@github-actions github-actions released this Jun 7, 2021

Release 6.0.1

note: this should have been a 6.1 release, as we introduced some breaking changes... 😩

The most important fix was a performance problem with the tokenBasicAuthMechanism which led to very high CPU utilization in some circumstances.

  • f433acf - (tag: 6.0.1) Release 6.0.1
  • 0fdf3a3 - set version 6.0.1-SNAPSHOT
  • ca36bf2 - Don't push latest tag
  • 1548aae - Bump to 6.0.1-SNAPSHOT
  • cd85132 - 🐛 tokenBasicAuthMechanism has maximum priority to avoid other mechanisms to attempt authentication when using auth tokens
  • 401a7e2 - ♻️ Remove some log messages
  • 028328f - 🐛 close ProxyRequest and ProxyResponse old buffers on setBuffer()
  • 2c53773 - ♻️ Better indent code
  • aa3d140 - 🐛 Fix memory leack with proxy requests
  • 78199cf - ♻️ Refactor MetricsHandler.writeTo() to use ServiceResponse.setCustomerSender()
  • ac9d866 - Update README.md
  • 6d11dd9 - Update README [skip ci]
  • 9c87046 - 🔧 Add comment to ACL files about root-role of mongoAclAuthorizer [skip ci]
  • 1ff433f - 🔧 Update description of Authorizer configuration option [skip ci]
  • 790f6ba - Update README.md
  • 1087dce - Update README.md
  • a2abcaa - 🔧 Update native image reflect configuration for org.restheart.db classes of module commons
  • bef5d80 - ♻️ Move GenerateGraalvmReflectConfig.java to package org.restheart.graal
  • 0cb59ea - ♻️ Refactor imports due to move OperationResult and BulkOperationResult to package org.restheart.mongodb.db of commons module
  • 09d28fd - ♻️ Move OperationResult and BulkOperationResult to package org.restheart.mongodb.db of commons module
  • df91c3f - 🔧 filterOperatorsBlacklist is not enabled by default
  • 420637f - ♻️ Refactor filterOperatorsBlacklist for 6 global predicate inverse check logic
  • 431aa3c - Add filterOperatorsBlacklist, a global blacklist for mongodb operators in filter query parameter
  • 7d391e0 - ✏️ Fix volume exampe in docker-compose-graalvm.yml [skip ci]
  • cca56ea - Add GraalVM docker compose [skip ci]
  • b2c99b5 - Fix mongoGetDocInteceptor test js interceptor [skip ci]
  • 039aeb1 - 🔖 Bump to version 6.0.0-SNAPSHOT [skip ci]
  • 2c710e1 - Add test js interceptor
  • 77c60d9 - 🔧 Add reflect config for package org.restheart.security to allow classes host access from JavaScript
Assets 5

@github-actions github-actions released this Jun 7, 2021

Release notes

Fix a memory leak affecting proxying and monitoring requests

Notable Commits

  • 🐛 Fix memory leak with proxy requests (5f15a7e)
  • ✏️ Fix typo in method LambdaUtils.throwsSneakyException() (b1e6592)
  • ♻️ Refactor MetricsHandler.writeTo() to use ServiceResponse.setCustomerSender() (2fda08f)
Assets 5

@github-actions github-actions released this May 27, 2021

Release notes

Adds the new plugin filterOperatorsBlacklist that allows blacklisting MongoDB operators in the filter query parameter

Notable Commits

  • f09e209 - Add filterOperatorsBlacklist, a global blacklist for mongodb operators in filter query parameter
Assets 5

@ujibang ujibang released this May 18, 2021

Quick download links:

Run with Docker

You can run RESTHeart and MongoDB with Docker, go to Run with Docker for instructions.

Release notes

RESTHeart 6.0

  • GraphQL API for MongoDB
  • JavaScript Framework to develop Services and Interceptors on GraalVM
  • Buildable as native image with GraalVM
  • Extended (and simplified) Security
  • Dynamic Change Streams
  • Variables in aggregations and permissions
  • Performance Optimizations
  • Upgrade to Java 16 and GraalVM 21.1.0

See more on RESTHeart v6 on official documentation

Notable Commits

  • Add Experimental Node.js services when running on GraalVM's node (8f22b93)
  • Allow to use @filter var in aggregation (8a694d3)
  • 💥 Upgrade to Java 16 (9eca78e)
  • ⬆️ Upgrade karate to v1.0.1 (f80813c)
  • ⬆️ Update GraalVM to v21.1.0 (e58a034)
  • 🐛 Fix file created in wrong file bucket if bucket name contains . (01efa4f)
  • JS services implemented exporting the function handle(request, response) (912a91a)
  • JS plugins load their require dependencies form plugins//node_modules (15ad000)
  • Add OriginVetoer that protects from CSRF attacks by forbidding requests whose Origin header is not whitelisted (3a9cedc)
  • An Authorizer can be an ALLOWER or a VETOER: a secured request is allowed when no VETOER denies it and at least one ALLOWER allows it (8246116)
  • ⬆️ Upgrade dependencies (8db65a4)
  • 🚸 Simplify using @user in aggregation stages (7f4d849)
  • 🚸 Interpolate @mongoPermissions vars in aggregation stages (2d4f689)
  • 🚸 Simplify using MongoPermissions in aggreation stages (de8cdb5)
  • Add data fetching optimization with DataLoader (b9e6769)
  • 🐛 Fix Response.setInError() not setting error flag (but for MongoResponse implementation) (131d24d)
  • 🔒 Fix SnakeYAML unsafe deserialization (5f72a32)
  • 💥 conf-file option for FileAclAuthorizer and FileAclAuthorizer is now relative to the restheart main configuration file (29d2b3c)
  • New variables available in aggregation stages (3aee747)
  • Add attribute 'secure' to @RegisterPlugin (ef7e695)
  • Extend acl predicate language for simplified security definition (b238d15)
  • ⬆️ Update java-jwt to 3.14.0 (47e55a9)
  • 💥 new default writeMode (2555ce8)
  • RndTokenManager caches handle MongoRealmAccount and FileRealAccount on account update (a3db35d)
  • GraphQL service uses default collection for app definitions when configuration is missing (6a2f837)
  • Refactor BaseAclPermission to use functional Predicate and allow to programmatically extend the permission with additional predicates with permission.setPredicate(getPredicate().and(additionalPredicate)) (0c891e1)
  • Allow all MongoPermissions to MongoAclAuthorizer's root role (1ffcb78)
  • Refactor MongoPermissions (23938a2)
  • Set NONE as default value for 'eager' qparam. This disables the MongoDb cursors preallocation by default. (9aa67ca)
  • Some performance and memory optimizations (fd52830)
  • Remove lock on file deletion (d0618d2)
  • Use faster Caffeine library for Cache implementation (ec6543c)
  • BaseAclPermission embeds the permission raw data (7685a0a)
  • Renamed commons package org.restheart.idm to org.restheart.security (e797aff)
  • GraphQL app definitions are validated at document creation and update (f05741c)
  • Check GraphQL app definitions (62ec37b)
  • Add back instance-base-url into configuration file, commented out by default (a3559cb)
  • Treat empty db and collection names as reserved resources (1692404)
  • JavaScript Interceptor Deployer honor the pluginClass option. This allows intercepting services of any type (45831af)
  • Update classgraph to v4.8.102 (8d52e7a)
  • Update reflect-config for native-image build (4f1d75f)
  • Memory usage optimization, let huge scanResult object from classgraph to be garbage collected (cecd694)
  • Replace use of deprecated JsonUtils with BsonUtils (e2c7e70)
  • Renamed JsonUtils to BsonUtils (94cfb97)
  • Handle error returning 409 when creating a db when already exists with differet case (9300002)
  • On collection 'stream' metadata update or collection/db deletion all related websocket connections are closed and change streams are conseguently updated (6d02cf9)
  • Add operationResult to response on collection metadata writes (4f580f2)
  • Fix NPE on change stream when aggregation removes fullDocument, documentKey, updateDescription or operationType (8023ea4)
  • Allow to use @user.var in ACL predicates (d2445d0)
  • Allow to use the variables '@request' and '@mongoPermissions' in readFilter, writeFilter and mongo.overriddenProps ACL permissions (21e4977)
  • Performance improvement by caching the computation of the interceptors that are applicable for each request (f29adb8)
  • Add native-image conf for graphql + ignore graphql tests (bfb897a)
  • Disable Xnio ThreadExecutor on native image, this avoids the need to downgrade xnio due to https://github.com/SoftInstigate/graalvm-undertow-issue (812b8cb)
  • Update org.everit.json.schema to 1.12.2 (1ef7f83)
  • Handle error returning 409 when creating a db when already exists with differet case (0c57f15)
  • Refactor how PipelineInfo is obtained from request (066fff2)
  • Fix operationResult not availabe in PATCH document response (f3c15fa)
  • 💥 Interceptors can be implemented in JavaScript on GraalVM (bf8c10e)
  • MongoPermissionsProtectedProps handles dot notation on update operators (fe18729)
  • Log 'Connecting to MongoDB...' before starting connection attempt (652a14d)
  • Bump to 6.0.0-SNAPSHOT (497777b)
  • PingService honors the header Accept=text/html (51afcdf)
  • 💥 Script to generate keystore now creates a Certificate Authority to issue the certificate, this allows the certificate to be imported and used by modern browsers (d15dad9)
  • 💥 Add script generate-self-signed-keystore.sh (69bebb2)
  • 💥 MongoDB bulk delete, bulk patch and db management operations are forbidden unless the applied ACL permission explicitly whitelists them. Write mode is forced to have POST only inserting, PUT and PATCH only updating unless the applied ACL permission explicitly allows using the ?wm query parameter (b98abc7)
  • 💥 fileAclAuthorizer supports same extended permission options than mongoAclAuthorizer (9cf60ce)
  • 💥 Add script to generate the java keystore from letsencrypt certificate archive (71f8a9d)
  • Add GraphAppDefinitionChecker (5950ecb)
  • 💥 Improve performance of NodeService by caching javascript code evaluation (11060e6)
  • Set Content-Type for PingService (30f74a9)
  • 💥 Allow node plugins to return Promise + handle timeout (b966e2c)
  • 💥 Allow RESTHeart to be run on GraalVM with node --jvm and add NodeService to deploy node plugins (2c13085)
  • PolyglotDeployer only activates when running on GraalVM (ed0f3eb)
  • JavaScript services can be bound to any uri and secured via options (c792412)
  • 💥 Services can be plugged programmatically with PluginsRegistry.plugService() (d74c603)
  • 💥 JavaScript plugins have access to the MongoClient if initialized by MongoService (881abfb)
  • PolyglotDeployer implements StringService (81edb4d)
  • Add StringService (880e049)
  • 💥 Added GraphQLRequest class. Now both content-types application/json and application/graphql are supported and server response is in the format required by GraphQL specification. (72808d3)
  • Add native-image configuration for restheart-polyglot (75d2b79)
  • 💥 Enhance ChannelReader by using ByteBufferPool from Exchange (f2e7551)
  • Now is possible to map a GraphQL field with a MongoDB field that has a different name (d2a036f)
  • 💥 Support writeMode for bulk POST (c2eb75d)
  • 💥 Add --version command option (cd01daa)
  • Bson String, Int32, Int64, Double and Boolean scalars are now managed by graphql-java built-in scalars but replacing their 'Coercing' component (120e03e)
  • Added some BSON scalars. Now a unique general GraphQLDataFetcher is used. (b9a6ae1)
  • Added BsonInt32, BsonInt64, BsonString and BsonDocument scalars (e5c4199)
  • Switched to BsonDocument and implemented ObjectId Scalar (23ec82f)
  • Introduced a loading cache for app definitions. Moreover, now is possible to handle requests sended to /graphql/ endpoint if mappings, of app named '', are already loaded into database. (ace9eee)
  • Modified how relationships between documents of different collections are mapped. (88dac28)
  • Now ONE-TO-ONE relationships are supported. Refactoring: introduced a Mapping abstract class to model both Query mappings and Association mappings. (1a6aa1f)
  • Introduced two differents GraphQLDataFetcher (SingleDataFetcher, MultipleDataFetcher). Implemented a method to interpolate arguments of mongodb methods (e.g. find(), limit(), skip() etc.) with GraphQL query arguments. Code cleanup. (2775738)
  • Added Query, QueryBuilder, GraphQLApp and GraphQLDataFetcher classes (Not tested yet). (acc92a8)
  • Implemented prototype graphql data fetecher that build the query dynamically (04aff32)
  • Add graphql module (1fcd6e6)
Assets 5