2022-01-27
Release notes
-
The
nginz
chart now configures nginx to only allow cross-origin requests from an explicit allow list of subdomains. By default these are:nginz: nginx_conf: allowlisted_origins: - webapp - teams - account
If you changed the names of these services, you must adjust those names in the nginz config as well. (#1630)
-
Backend now separates conversation access control for guests and services. The old access roles are still supported but it is encouraged to upgrade clients since mapping between the old access roles and the new access roles is not isomorphic. For more details refer to the API changes below or the Swagger docs.
Old clients are fully supported; if new clients and old clients are mixed, to old clients, either guests of services may appear to be enable if they are not, which may lead to error messages (confusing but harmless). (#2035)
API changes
- Endpoints that recently have accepted
access_role
in their payload will now acceptaccess_role_v2
as well which will take precedence overaccess_role
. See Swagger docs for how values are mapped. Endpoints that recently have returnedaccess_role
in their payload will now additionally return theaccess_role_v2
field. (#2035)
Features
- Conversation access roles now distinguish between guests and services. (#2035)
Bug fixes and other updates
- There is now an explicit CORS allow list for all endpoints. In previous releases, all subdomains were accepted, however they must now be listed explicitly. This is a breaking change, as now only known Javascript applications may access the backend. (#1630)
- Prevent 500s when SFTs are not reachable from Backend (#2077)
Internal changes
- Bump hsaml2 package version (#2075)
- Separate Spar.Data module into smaller Cassandra interpreters (#2064)
- Fix some HLint issues in libs/wire-api. (#2065)
- Fix broken build process of package "old-time" for some environments (#2056)
- Refresh license headers (#2062)
- Rename Spar.Sem.ScimTokenStore.GetByTeam to LookupByTeam (#2068)
- (Try syntax change in config file that breaks nginz (#2073, reverted in a4a6193))
Federation changes
- Tag several federation tests cases for the M2 release (#2045)