Skip to content

v2.11.0

Latest
Latest

Choose a tag to compare

View all tags
@anton62k anton62k released this 12 May 04:30
· 6 commits to master since this release
v2.11.0
d306a40
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Highlights

@revisium/core 2.11.0 is a polish release on top of the 2.10.0 architecture changes. It hardens the billing and limits wiring shipped in 2.10.0, fixes auth-cache invalidation on project visibility changes, integrates @revisium/engine 0.7.0, restores NO_AUTH login on the JWT cookie path, normalises REST error responses, expands test coverage, and tightens the release-train workflow, Redis health-check, and CI dependencies.

Billing And Limits

  • Resolved LIMITS_SERVICE_TOKEN globally in BillingCheckService so the limits client is available wherever billing checks run. #542
  • Reduced usage-report noise from the payment-service client. #541
  • Silenced noisy logs when billing is disabled and on expected 4xx responses from the payment service. #533
  • Fixed the tables_per_revision counter to key by revisionId and to exclude system tables from the count. #544 #546 #547

Auth, Cache, And API Surface

  • Invalidated the revisionId-keyed auth cache when project visibility changes or a project is deleted, so permission decisions stop using stale entries. #534
  • Allowed an empty password on login so NO_AUTH mode can issue a JWT through the cookie-session flow. #526
  • Standardised REST error responses to a consistent JSON shape. #527
  • Exported the shared HTTP app bootstrap so standalone and microservice startups apply the same middleware configuration. #540

Engine And Core Integration

  • Updated @revisium/engine to 0.7.0. #532

Reliability

  • Avoided Redis health-check connection churn. #537

Testing And Sonar

  • Added shared-kit coverage for the row-* system-field plugins. #531
  • Covered the validation filter and Prisma-to-model transformers. #530
  • Cleared the Sonar gate by pinning CI dotenv and covering reconcile/usage paths. #528
  • Excluded boilerplate from Sonar coverage measurement. #529

Docs

  • Documented the INTERNAL_API_KEY format and rotation procedure. #535

Build, Security, And Release

  • Bumped vulnerable transitive dependencies via package overrides. #551
  • Pinned the npm publish workflow actions and updated the npm publish workflow actions pin. #548
  • Migrated to revisium-actions v0.3.2 workflows and restored CI / deploy workflow definitions. #538 #539
  • Addressed release-workflow review comments, guarded the "latest release" tag selection, and fixed release-workflow env handling. #523 #524 #525 #536

Compatibility Notes

  • No database migration is required.
  • Billing wiring is unchanged from 2.10.0 — deployments that enable billing still configure PAYMENT_SERVICE_URL and PAYMENT_SERVICE_SECRET. The LIMITS_SERVICE_TOKEN resolution fix is transparent to operators.
  • The tables_per_revision counter now excludes system tables. Existing limit configurations that were sized against the previous count may now report lower usage.
  • NO_AUTH deployments can again log in with an empty password under the cookie-session flow.
  • Release publication remains tag-driven; GitHub Releases are manual release documentation over an existing tag.

Full Changelog: v2.10.0...v2.11.0

Assets 2
Loading