Skip to content

2022-01-27

Compare
Choose a tag to compare
@fisx fisx released this 28 Jan 09:27
· 2874 commits to master since this release
13a6a83

Release notes

  • The nginz chart now configures nginx to only allow cross-origin requests from an explicit allow list of subdomains. By default these are:

    nginz:
      nginx_conf:
        allowlisted_origins:
        - webapp
        - teams
        - account

    If you changed the names of these services, you must adjust those names in the nginz config as well. (#1630)

  • Backend now separates conversation access control for guests and services. The old access roles are still supported but it is encouraged to upgrade clients since mapping between the old access roles and the new access roles is not isomorphic. For more details refer to the API changes below or the Swagger docs.
    Old clients are fully supported; if new clients and old clients are mixed, to old clients, either guests of services may appear to be enable if they are not, which may lead to error messages (confusing but harmless). (#2035)

API changes

  • Endpoints that recently have accepted access_role in their payload will now accept access_role_v2 as well which will take precedence over access_role. See Swagger docs for how values are mapped. Endpoints that recently have returned access_role in their payload will now additionally return the access_role_v2 field. (#2035)

Features

  • Conversation access roles now distinguish between guests and services. (#2035)

Bug fixes and other updates

  • There is now an explicit CORS allow list for all endpoints. In previous releases, all subdomains were accepted, however they must now be listed explicitly. This is a breaking change, as now only known Javascript applications may access the backend. (#1630)
  • Prevent 500s when SFTs are not reachable from Backend (#2077)

Internal changes

  • Bump hsaml2 package version (#2075)
  • Separate Spar.Data module into smaller Cassandra interpreters (#2064)
  • Fix some HLint issues in libs/wire-api. (#2065)
  • Fix broken build process of package "old-time" for some environments (#2056)
  • Refresh license headers (#2062)
  • Rename Spar.Sem.ScimTokenStore.GetByTeam to LookupByTeam (#2068)
  • (Try syntax change in config file that breaks nginz (#2073, reverted in a4a6193))

Federation changes

  • Tag several federation tests cases for the M2 release (#2045)