Releases
v1.4.0
Compare
Sorry, something went wrong.
No results found
1.4.0 (2026-07-01)
⚠ BREAKING CHANGES
require auth for restricted products (#284 )
Features
add INI-style credentials format tab (2bcc3f1 ), closes #388
add INI-style credentials format tab (#389 ) (ebd4a1e )
add X-Robots-Tag header for non-production deployments (72249b9 ), closes #302
add X-Robots-Tag header for non-production deployments (#323 ) (4fa9f9d )
admin-ui: trust-policy sub-pattern preview on the federated connection edit page (#377 ) (ba82dc4 )
admin: admin email-to-profile lookup view (#350 ) (a056a28 )
admin: data connection management (CRUD, S3/Azure/GCP/R2, product mirrors) (#364 ) (9ca1f53 )
authz: let product owners view their own deactivated products (#399 ) (09fd4d0 )
data-connection: expose secret-less federated config; never return stored secrets (#376 ) (395b6c2 )
data-connection: federated backend authentication (AWS web identity + GCP/Azure scaffold) (#332 ) (999a076 )
data-connections: account-owned data connections (#383 ) (b04755b )
data-connections: expose secret-less federated config by connection visibility (#327 ) (#339 ) (43f1f63 )
data-connections: link product-owned connections to admin form (#392 ) (c6e8f10 )
data-connections: require unsigned connections to be read-only (#394 ) (c2af48b )
delete product feature with confirmation modal (#361 ) (0f68e47 )
globe: render live activity per datacenter (#395 ) (d119935 )
globe: tidy live-activity popup, per-product count on hover (#397 ) (1d92b1f )
object-browser: delete files and prefixes in edit mode (#403 ) (2b1426b )
OIDC auth (#283 ) (c40ec89 )
products: choose a data connection and enforce its allowed visibilities (#338 ) (c40818f )
products: deactivate products — form toggle, admin-only viewing, API 404s others (#372 ) (77dc24b )
products: mark deactivated products in account product list (#385 ) (b8e6806 )
profile: link to Ory settings from read-only email field (#349 ) (34a2244 )
scripts: bulk-apply web-identity auth to opendata S3 connections (#398 ) (45e4133 )
scripts: migrate restricted open-data products to unlisted (#343 ) (#371 ) (2977ee4 )
uploads: route in-browser uploads through the data proxy (#391 ) (92f61ed )
viewer: Add PDF viewer, PNG bindings (#315 ) (7927431 )
viewer: support ndjson/jsonl (3790a24 ), closes #390
Bug Fixes
api: return 200 on successful member invite (#381 ) (3be8e49 )
auth: log out sessions stuck at AAL1 when whoami requires AAL2 (#396 ) (b9af694 )
data-connection: enforce provider↔auth pairing, tighten ARN + GCP SA validation (#368 ) (4780089 )
data-connections: admin form-reset, redirect, and prefix-template handling (#379 ) (963e7c8 )
data-connections: correct trust-policy aud to sts.amazonaws.com (#382 ) (d53b894 )
email-verification: reconcile Ory verification on every page load (#347 ) (e0a85c3 )
forms: opt out of React's auto form-reset so controlled fields don't flash (#373 ) (0eb033f )
globe: fall back to static image when WebGL is disabled (#387 ) (eb5c9a6 )
make full menu item area clickable (#295 ) (e27a3c2 )
product: hide edit buttons when data connection is read-only (#353 ) (b57cfab )
products: degrade gracefully when a data-proxy read fails (#400 ) (3b5adb5 )
re-render auth UI after form-submission redirects (#344 ) (a378ebc )
require auth for restricted products (#284 ) (112265a )
return user to current view after login (#346 ) (9dd6d5f )
show same-path re-uploads without a manual refresh (#409 ) (b878b68 )
uploads: refresh STS credentials mid-upload (#401 ) (#402 ) (8da202d )
use [source-coop] as INI profile name (c06a5ac )
validate product DOI format (#319 ) (4727dec )
Performance Improvements
db: request-scoped memoization of DynamoDB reads (#320 ) (1f295cf )
Miscellaneous Chores
You can’t perform that action at this time.