Skip to content

v4.0.0

Choose a tag to compare

View all tags
@gknopf-aranya gknopf-aranya released this 14 Nov 21:52
· 65 commits to main since this release
v4.0.0
6850dce
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Highlighted Features

  • Custom roles. To start using custom roles out-of-the-box, a default set of roles and permissions defined by policy.md can be initialized with setup_default_roles(). If the preview feature flag is enabled, more general purpose custom roles functionality can be used. This includes the ability to create/delete roles, add/remove permissions from those roles, assign roles to devices, and revoke roles from devices. Permissions can be assigned to roles and roles can be assigned to devices. We do not support directly assigning permissions to devices in favor of RBAC best practices. We've introduced the concept of role owners and role management permissions as a fine-grained way to control which roles are allowed to assign/revoke other roles and change permissions of other roles.
  • Hello Sync. Polling sync requests periodically uses a lot of network resources and introduces latency for peers that want to keep their graphs up-to-date. Hello sync solves this by sending subscribers updates whenever the graph head changes. This allows peers to sync immediately with any peers that have updates. Since this is a new feature with planned improvements it is behind the preview flag.
  • AFC has been moved out from behind the preview feature flag. The afc feature is now a default feature. We've made security improvements to mitigate against nonce reuse.

Security Patches

  • We identified a nonce reuse vulnerability when replaying AFC ctrl messages during channel creation. This affected receivers of bidirectional AFC channels and receivers with send permissions on the channel. To mitigate against this vulnerability, only unidirectional channels where the creator of the channel is the sender and the receiver of the channel is the receiver are supported. To send data both ways, two unidirectional channels must be created between a pair of peers in opposite directions.

Breaking Changes

  • AFC has been upgraded from a "preview" feature to a "default" feature. Support for creation of bidirectional and receive-only AFC channels has been removed from the API.
  • AQC has been removed in favor of AFC. AFC has improved security properties and is easier to use with custom application transports.

Coming Soon

  • Push sync which will push graph updates to subscribed peers without requiring sync requests to be initiated from each client
  • AFC performance enhancement by supporting concurrent shared-memory readers

What's Changed

Full Changelog: v3.0.0...v4.0.0

Contributors

elagergren-spideroak, djohnson-spideroak, and 5 other contributors
Assets 15
Loading