Releases: cloudfoundry/uaa
Releases · cloudfoundry/uaa
76.15.0
What's Changed
Fixes
- Fixes from version bump versions.bouncyCastleVersion from 1.73 to 1.75 by @dependabot in #2374 and #2382
- Fixes from version bump versions.springBootVersion from 2.7.12 to 2.7.13 by @dependabot in #2383
- Delete all user group members if user is deleted by @strehle in #2372
Features
Dependency Bumps
- build(deps): bump github.com/onsi/gomega from 1.27.7 to 1.27.8 in /k8s by @dependabot in #2350
- build(deps): bump commons-io:commons-io from 2.12.0 to 2.13.0 by @dependabot in #2352
- build(deps): bump versions.guavaVersion from 32.0.0-jre to 32.0.1-jre by @dependabot in #2357
- Upgrade Tomcat cargo version 9.0.76 by @strehle in #2361
- build(deps): bump org.eclipse.jgit:org.eclipse.jgit from 6.5.0.202303070854-r to 6.6.0.202305301015-r by @dependabot in #2369
- build(deps): bump versions.seleniumVersion from 4.9.1 to 4.10.0 by @dependabot in #2351
- build(deps): bump jasmine-core from 5.0.0 to 5.0.1 in /uaa by @dependabot in #2365
- build(deps): bump k8s.io/client-go from 0.27.2 to 0.27.3 in /k8s by @dependabot in #2373
- Bump jackson version 2.14.3 to 2.15.2 in #2377
- build(deps): bump org.json:json from 20230227 to 20230618 by @dependabot in #2379
Misc
- Dependency refactoring by @strehle in #2362
- Remove deprecated code for performance logs by @strehle in #2363
Full Changelog: v76.14.0...v76.15.0
Contributors
strehle and dependabot
Assets 2
76.14.0
What's Changed
- build(deps): bump versions.guavaVersion from 31.1-jre to 32.0.0-jre by @dependabot in #2345
Full Changelog: v76.13.0...v76.14.0
Contributors
dependabot
Assets 2
76.13.0
What's Changed
Fixes
- Fix regression from 76.12.0 in #2340
- Exclude unsupported response types in exception by @mikeroda in #2329
- CVE-2023-20883: Spring-Boot bump from 2.7.11 to 2.7.12 by @dependabot in #2332
Dependency Bumps
- build(deps): bump commons-io:commons-io from 2.11.0 to 2.12.0 by @dependabot in #2327
- build(deps): bump k8s.io/apimachinery from 0.27.1 to 0.27.2 in /k8s by @dependabot in #2330
- build(deps): bump k8s.io/api from 0.27.1 to 0.27.2 in /k8s by @dependabot in #2331
- build(deps): bump k8s.io/client-go from 0.27.1 to 0.27.2 in /k8s by @dependabot in #2333
- build(deps): bump github.com/onsi/gomega from 1.27.6 to 1.27.7 in /k8s by @dependabot in #2337
- Bump jackson 2.14.2 to 2.14.3 by @strehle in #2336
Misc
- Rrefactor while condition by @bruce-ricard in #2341
Full Changelog: v76.12.0...v76.13.0
Contributors
mikeroda, bruce-ricard, and 2 other contributors
Assets 2
DO NOT USE 76.12.0
DO NOT USE
Contains a regression with regards to OIDC IdPs. A fix has been included in release 76.13.0
What's Changed
Fixes
- KeyInfo fixes by @strehle in #2284
- fix: mysql 5 to mysql 8 back-and-restore by aligning collation shared in both mysql 5 and 8. by @Tallicia in #2326
Dependency Bumps
- build(deps): bump versions.seleniumVersion from 4.9.0 to 4.9.1 by @dependabot in #2319
- Upgrade Tomcat cargo version 9.0.75 by @strehle in #2321
- build(deps): bump jasmine-core from 4.6.0 to 5.0.0 in /uaa by @dependabot in #2323
Misc
Full Changelog: v76.11.0...v76.12.0
Contributors
Tallicia, strehle, and dependabot
Assets 2
76.11.0
What's Changed
Fixes
- Update gem setting to latest slate version by @strehle in #2257
- Fix issue #2303 in #2304
- Fix for ldap.ssl.skipverification by @cache-sk in #2273
- Fix auth code cleanup function in #2292
Dependency Bumps
- build(deps): bump versions.springBootVersion from 2.7.10 to 2.7.11 by @dependabot in #2295
- build(deps): bump org.seleniumhq.selenium:selenium-java from 4.8.3 to 4.9.0 by @dependabot in #2300
- build(deps): bump org.seleniumhq.selenium:selenium-http-jdk-client from 4.8.3 to 4.9.0 by @dependabot in #2299
- Update UAA image reference in k8s to 76.10.0 by @strehle in #2306
- Consolidate selenium version by @strehle in #2307
- build(deps): bump nokogiri from 1.13.10 to 1.14.3 in /uaa/slate by @dependabot in #2276
- Bump mariadb from 2.7.8 to 2.7.9 by @strehle in #2308
- Bump Gradle to 8.1.1 by @strehle in #2312
Misc
- TDD: add test for userinfo compare by @strehle in #2294
- TDD for UaaTokenStore: count DB usage in performExpirationClean by @strehle in #2293
- Test PR 2273 by @strehle in #2313
New Contributors
Full Changelog: v76.10.0...v76.11.0
Contributors
strehle, dependabot, and cache-sk
Assets 2
76.10.0
What's Changed
Fixes
- Update Spring Boot from 2.7.10 to 2.7.11 in #2297, Fixes CVE-2023-20873, CVE-2023-20862, CVE-2023-20863
- Fix: Fixing performance while calling containsAll over list by @saurabh-rahate in #2272
- Fix indexOf Checks in KeystoneAuthenticationManager by @adrianhoelzl-sap in #2268
- fix for code smells by @strehle in #2285
- fix: incorrect elapsed time determination by @bruce-ricard in #2281
Features
- Feature: Add 2 new options to JWT token policy by @strehle in #2116, Solution for issues #2109 and #1816
Dependency Bumps
- Remove unused Variable in LoginInfoEndpoint.evaluateLoginHint by @adrianhoelzl-sap in #2270
- refactor UAA token store: use good time types by @bruce-ricard in #2271
- build(deps): bump org.apache.directory.api:api-ldap-model from 2.1.2 to 2.1.3 by @dependabot in #2274
- build(deps): bump k8s.io/client-go from 0.26.3 to 0.27.0 in /k8s by @dependabot in #2277
- build(deps): bump versions.bouncyCastleVersion from 1.72 to 1.73 by @dependabot in #2278
- build(deps): bump org.owasp.esapi:esapi from 2.5.1.0 to 2.5.2.0 by @dependabot in #2282
- Remove unnecessary References to "apache.directory" Library by @adrianhoelzl-sap in #2269
- build(deps): bump k8s.io/client-go from 0.27.0 to 0.27.1 in /k8s by @dependabot in #2286
- Upgrade Tomcat cargo version 9.0.74 by @strehle in #2290
New Contributors
- @saurabh-rahate made their first contribution in #2272
Full Changelog: v76.9.0...v76.10.0
Contributors
bruce-ricard, strehle, and 3 other contributors
Assets 2
76.9.0
What's Changed
Fixes
Dependency Bumps
- build(deps): bump org.passay:passay from 1.6.2 to 1.6.3 by @dependabot in #2247
- build(deps): bump k8s.io/client-go from 0.26.2 to 0.26.3 in /k8s by @dependabot in #2249
- build(deps): bump org.postgresql:postgresql from 42.5.4 to 42.6.0 by @dependabot in #2246
- build(deps): bump jasmine from 4.5.0 to 4.6.0 in /uaa by @dependabot in #2242
- build(deps): bump jasmine-core from 4.5.0 to 4.6.0 in /uaa by @dependabot in #2241
- build(deps): bump versions.springBootVersion from 2.7.9 to 2.7.10 by @dependabot in #2254
- Bump mariadb from 2.7.7 to 2.7.8 by @strehle in #2255
- build(deps): bump github.com/onsi/gomega from 1.27.4 to 1.27.5 in /k8s by @dependabot in #2258
- Bump snakeyaml from 1.33 to 2.0 by @strehle in #2219
- build(deps): bump org.seleniumhq.selenium:selenium-java from 4.8.1 to 4.8.3 by @dependabot in #2259
- build(deps): bump org.seleniumhq.selenium:selenium-http-jdk-client from 4.8.1 to 4.8.3 by @dependabot in #2260
- build(deps): bump github.com/onsi/gomega from 1.27.5 to 1.27.6 in /k8s by @dependabot in #2266
- build(deps): bump org.apache.santuario:xmlsec from 3.0.1 to 3.0.2 by @dependabot in #2267
Misc
- Refactor snakeyaml usage: Use newer method signatures by @strehle in #2237
- fix: Use short-circuit or operator in UserIdConversionEndpoints.checkFilter by @adrianhoelzl-sap in #2265
New Contributors
- @jaristiz made their first contribution in #2252
- @adrianhoelzl-sap made their first contribution in #2265
Full Changelog: v76.8.0...v76.9.0
Contributors
strehle, jaristiz, and 2 other contributors
Assets 2
76.8.0
What's Changed
Features
- Increase the client redirect_uri length limit by @hsinn0 @jaristiz @peterhaochen47 in #2245
Dependency Bumps
- Upgrade Tomcat cargo version 9.0.73 by @strehle in #2222
- Update jQuery version to v3.6.3 by @strehle in #2226
- build(deps): bump org.eclipse.jgit:org.eclipse.jgit by @dependabot in #2232
- build(deps): bump com.icegreen:greenmail from 1.6.14 to 2.0.0 by @dependabot in #2227
- build(deps): bump rack from 2.0.9.2 to 2.1.4.3 in /uaa/slate by @dependabot in #2234
- build(deps): bump github.com/onsi/gomega from 1.27.2 to 1.27.3 by @dependabot in /k8s in #2238
- build(deps): bump github.com/onsi/gomega from 1.27.3 to 1.27.4 by @dependabot in /k8s in #2239
Fixes
Full Changelog: v76.7.0...v76.8.0
Contributors
strehle, peterhaochen47, and 3 other contributors
Assets 2
76.7.0
What's Changed
Fixes
Dependency Bumps
- build(deps): bump org.json:json from 20220924 to 20230227 by @dependabot in #2212
- build(deps): bump com.icegreen:greenmail from 1.6.13 to 1.6.14 by @dependabot in #2207
- build(deps): bump github.com/onsi/gomega from 1.27.1 to 1.27.2 in /k8s by @dependabot in #2211
- Bump Gradle to 8.0.1 by @strehle in #2197
- build(deps): bump k8s.io/client-go from 0.26.1 to 0.26.2 in /k8s by @dependabot in #2218
Full Changelog: v76.6.0...v76.7.0
Contributors
strehle and dependabot
Assets 2
76.6.0
What's Changed
Features
- Configure Content Security Policy script-src by @jameshochadel in #2168
Fixes
- Documentation fix by @strehle in #2151
- Fix: add scope parameter if defined in password grant by @strehle in #2155
- Fix k8s start of SAML SP by @strehle in #2156
- wip: Updating usage of postgres SQL for v15 to avoid system tables in… by @Tallicia in #2166
- Fix SAML config: convert SamlConfig toLower by @strehle in #2158
Dependency bumps
- Bump Gradle to 7.6 by @strehle in #2139
- build(deps): bump github.com/onsi/gomega from 1.24.1 to 1.24.2 in /k8s by @dependabot in #2140
- build(deps): bump versions.springBootVersion from 2.7.6 to 2.7.7 by @dependabot in #2146
- build(deps): bump greenmail from 1.6.11 to 1.6.12 by @dependabot in #2148
- build(deps): bump nimbus-jose-jwt from 9.25.6 to 9.26 by @dependabot in #2149
- build(deps): bump nimbus-jose-jwt from 9.26 to 9.27 by @dependabot in #2152
- build(deps): bump nimbus-jose-jwt from 9.27 to 9.28 by @dependabot in #2154
- Upgrade Tomcat cargo version 9.0.71 by @strehle in #2164
- build(deps): bump github.com/onsi/gomega from 1.24.2 to 1.25.0 in /k8s by @dependabot in #2167
- build(deps): bump k8s.io/client-go from 0.26.0 to 0.26.1 in /k8s by @dependabot in #2171
- fix: bump rack from 2.1.4.2 to 2.0.9.2 in /uaa/slate by @strehle in #2177
- build(deps): bump versions.springBootVersion from 2.7.7 to 2.7.8 by @dependabot in #2176
- build(deps): bump nimbus-jose-jwt from 9.28 to 9.29 by @dependabot in #2182
- build(deps): bump github.com/onsi/gomega from 1.25.0 to 1.26.0 in /k8s by @dependabot in #2184
- build(deps): bump com.nimbusds:nimbus-jose-jwt from 9.29 to 9.30.1 by @dependabot in #2187
- build(deps): bump com.icegreen:greenmail from 1.6.12 to 1.6.13 by @dependabot in #2191
- build(deps): bump org.postgresql:postgresql from 42.5.1 to 42.5.3 by @dependabot in #2192
- build(deps): bump com.nimbusds:nimbus-jose-jwt from 9.30.1 to 9.30.2 by @dependabot in #2198
- build(deps): bump org.postgresql:postgresql from 42.5.3 to 42.5.4 by @dependabot in #2199
- build(deps): bump github.com/onsi/gomega from 1.26.0 to 1.27.0 in /k8s by @dependabot in #2200
- build(deps): bump golang.org/x/net from 0.6.0 to 0.7.0 in /k8s by @dependabot in #2201
- build(deps): bump versions.springBootVersion from 2.7.8 to 2.7.9 by @dependabot in #2204
- build(deps): bump github.com/onsi/gomega from 1.27.0 to 1.27.1 in /k8s by @dependabot in #2202
- build(deps): bump com.nimbusds:nimbus-jose-jwt from 9.30.2 to 9.31 by @dependabot in #2203
New Contributors
- @jameshochadel made their first contribution in #2168
Full Changelog: v76.5.0...v76.6.0
Contributors
jameshochadel, Tallicia, and 2 other contributors