@sulkaharo sulkaharo released this Feb 7, 2019 · 1 commit to master since this release

Make sure you use the released version. That can be found at
https://github.com/nightscout/cgm-remote-monitor/releases

51906453_642177816232983_7379027365290049536_n

Changes

Over 360 commits, 89 files changed, +8,428 / −6,569 lines of changes (full list of changes here:
https://github.com/nightscout/cgm-remote-monitor/pull/4022/commits )

New features

  • Fully secure by default out of the box. Unsecure access via http is not allowed anymore by default. This might force you to re-authenticate with your API_SECRET or token if you were using unsecure access. (@PieterGit )
  • No outdated packages with vulnerabilities are being used anymore (@PieterGit )
  • Add Week to Week report (@jpcunningh, #4123 )
  • Add Loopalyzer report to analyse looping. Visualize your loop (@lixgbg, #3629 #4235 )
  • Add predictions support to Day to Day report (@lixgbg, #3179 )
  • Add cgm sensor stop to Careportal (@jpcunningh, #4060)

Removed features

  • remove mqtt module, because it had a security issue and was not used
  • remove sgvdata module, because it had a security issue, added a lot of complexity and wasn't needed (@PieterGit ). Replacement implementation for CSV and TSV export (@sulkaharo ).

Improvements

  • Fix MongoDB database insert handling. Log error on inserts and don't crash in case the MongoDB disk is full or MongoDB quota is reached (@sulkaharo and @jpcunningh)
  • Upgrade packages to recent version, fixing all known security issues with dependencies (@PieterGit)
  • Redirect redirect HTTP to HTTPS and implement HSTS (@jweismann, @PieterGit, #4044 and #4010 and #4253 )
  • Technical improvement: Migrate from uglify-js to terser-webpack-plugin (@PieterGit)
  • Streamlined Heroku deployment template with more descriptive text and more appropriate defaults for new users (@unsoluble, #4116 )

Bug fixes

Documentation and language updates

  • Language updates for Danish, Dutch, German, Hebrew, Norwegian, Russian
  • New languages: Japanese, Turkish
  • Update Alexa documentation. Note that some Alexa improvements are postponed to Nightscout 0.12 because the Alexa plugin needs refactoring, see #4168 (comment)
  • Update IFTTT maker-setup.md docs (@Dave9111, @unsoluble, #4206 )
  • Updated various docs, including CONTRIBUTING documentation

Upgrade notes

  • We only allow Nightscout to start with a secure Node JS.
    • Latest Node 8 LTS (8.15.0 or later) and Latest Node 10 LTS (10.15.1 or later) are recommended and supported.
    • Latest Node version on Azure (currently 10.14.0) is tolerated, but not recommended
    • Other versions will not start
  • The rawbg settings are converted to a single setting tri-state variable.
  • We improved security and added several new environment variables such as INSECURE_USE_HTTP and SECURE_HSTS_HEADER
    • Your site redirects to https by default. If you don't want that or use a Nginx or Apache proxy, set INSECURE_USE_HTTP to true.
    • We enabled HTTP Strict Transport Security (HSTS) headers by default, settings SECURE_HSTS_HEADER and SECURE_HSTS_HEADER_*

Upgrade notes for Azure users

We recommend Azure users consider migrating their hosting to Heroku, as we've observed Heroku users have significantly less issues with having their sites work reliably. If you want to continue using Azure, change the following configuration variables in Azure before updating to the latest Nightscout version:

WEBSITE_NODE_DEFAULT_VERSION=10.14.1
SCM_COMMAND_IDLE_TIMEOUT=300

Install instructions

Install instructions can be found: https://github.com/nightscout/cgm-remote-monitor/blob/master/README.md#install

Contributors to this release

The release coordination for this release was done by @PieterGit
We would like to thank the following people for their contribution (in alphabetical order):
@anderser, @apanasef, @balshor, @bewest, @blocklist_twitter, @CaroGo, @cascer1, @cluckj, @danamlewis, @Dave9111, @diabetlum, @herzogmedia, @janrpn, @jasoncalabrese, @jpcunningh, @jweismann, @kenstack, @Kywalh, @lixgbg, @LuminaryXion, @MilosKozak, @mitrei, @PaperT1D, @PieterGit, @unsoluble, @rarneson, @renegadeandy, @scottleibrand, @sulkaharo, @T-o-b-i-a-s, @tynbendad, @unsoluble, @veryfancy, @viq, @wootmasterslick

(if I forgot somebody, please respond)

TODO for next release

TODO: Translations, Languages with less than 80% will be removed in a future Nightscout version. Currently the following languages are at risk:
中文(繁體) (zh_tw), Hrvatski (hr), Ελληνικά (el), 한국어 (ko)
See https://gitter.im/nightscout/public?at=5bef2f34de42d46bba766f66

Assets 2