Version 3.4.0

Bug Fixes

• bv-multitenancy: Fixed caching during application startup

Features

• bv-security: Removed token logging because it contains client identifying data (CID)

Version 3.3.1

Bug fixes

• bv-app: Fixed exception handling of MissingServletRequestParameterException, BindException, MethodArgumentTypeMismatchException in rest controllers
• bv-multitenancy: Removed EnableMultitenancyJpaRepositories annotation

Features

• bv-multitenancy: Added test applications using bv-multitenancy with jooq and spring-data-jpa

Version 3.3.0

Features

• Added bv-multitenancy module
• bv-core: Added DateUtil for working with LocalDate
• bv-app: Added mapping of inherited fields to GenericConverter
• bv-test-core: Added RestAssertions and RestTestUtils classes to help with writing tests for rest controllers

Version 3.2.1

Bug fixes

• bv-security: OpenAPI and SwaggerUI accessible without auth token.

Version 3.2.0

Dependency upgrade

• bv-security: spring-security-oauth2-autoconfigure upgraded to 2.6.8.
• bv-security: spring-security-oauth2 upgraded to 2.5.2.

Features

• bv-app: Added feign client error decoder configuration.

Version 3.1.0

Dependency upgrade

• all-modules: spring boot upgraded to 2.7.1
• all-modules: swagger replaced with springdoc-openapi
• all-modules: spring-cloud upgraded to 2021.0.3

Version 3.0.2

Bug fixes

• bv-app: Spring4Shell exploit fix provided.

Version 3.0.1

Dependency upgrade

• security-utils lib upgraded to version 1.1.1 (log4j fix)

Version 3.0.0

Dependency upgrade

• all-modules: spring boot upgraded to 2.5.5

Version 2.4.2

Dependency upgrade

• security-utils lib upgraded to version 1.1.1 (log4j fix)

Version 2.4.1

Features

• bv-security: Actuator readiness and liveness endpoints open.

Version 2.4.0

Features

• bv-security: Adding mapping for impersonator data in JWT.
• bv-app: Adding request headers into MDC logging context for every request
• bv-app: Adding Feign client configuration for setting request headers from MDC logging context

Version 2.3.0

Features

• bv-jdbc-doc: Enum storing/reading supported in jdbc doc repository.

Version 2.2.1

Bug fixes

• bv-security: Auth Manager parent loop fixed.

Version 2.2.0

Features

• bv-security: Authentication has a default USER role.

Bug fixes

• bv-security: OAuth2 RoleHierarchy overriding fixed.

Version 2.1.1

Bug fixes

• bv-data-doc: Null entities from DB can be read.

Version 2.1.0

Features

• bv-app: Changing log level in runtime
• bv-security: Security access extended to support matching by IP as well as defining custom criteria
• bv-data-docs: Module introduced for the database support.
• integration: Introduced new configuration examples for integration testing.
• bv-core: Localized text entity added.
• bv-core: Added uuid encoding util class.

Bug fixes

• bv-app: Swagger not available after the migration to new Spring version.

Version 2.0.0

Dependency upgrade

• all-modules: JDK11 and spring boot 2.3.3.

Breaking changes

• All related breaking by JDK11 and spring 2.3.3.

Version 1.2.1

Bug fixes

• bv-security: Make spring-security maven dependency optional.

Version 1.2.0

Features

• bv-core: Loading secrets from file system (support for docker secrets).

Version 1.1.0

Features

• bv-security: Expose users IP address through current user service.

Version 1.0.0

Features

• bv-app: Frontend configuration cookie disabled by default.

Breaking changes

• If some app uses frontend cookie, additional configuration to enable the cookie must be added.

Version 0.9.1

Bug fixes

• bv-security: Username available in OAuth2 context via currentUserService.

Version 0.9.0

Features

• bv-app: Handling of the AccessDenied error in RestHandler.
• bv-security: Removed @EnableGlobalMethodSecurity from default security configuration.

Version 0.8.0

Features

• bv-security: Expose user info rest endpoint.
• bv-security: Log invalid tokens option.

Version 0.7.7

Features

• bv-security: Add support for serialisation of PropertyDetails object for purpose of saving it in JDBC session.

Version 0.7.6

Features

• bv-security: Add feign client authorization interceptor fot token propagation.

Version 0.7.5

Bug fixes

• bv-security: Disabling security headers.

Version 0.7.4

Features

• bv-security: security headers enhancement(SCP & X-Frame).
• bv-core: StringUtils and ResourceUtils.
• bv-test-core: BlankStrings.
• bv-app: Front-end cookie enhancement: secure & insertion on (*.js & *.html).

Version 0.7.3

Features

• bv-security: Provides access to token props through the CurrentUserService details.

Version 0.7.2

Bug fixes

• bv-security: Fixed access toked parsing with JWK config.

Version 0.7.0

Features

• bv-security: Added ACP security. ACP Tokens are extracted and validated from requests.
• bv-security: Added ACP AIL feign client for validating tokens.
• bv-security: Changed version of security-utils.
• bv-security: Parsing of roles from JWT token now uses json path.
• bv-security: Added JWT token generator and store.

Version 0.6.0

Features

• bv-security: Default public endpoints: actuator, index.html, swagger-ui, static data.

Version 0.5.2

Bug fixes

• bv-security: Jwt admin users - fix issue: JWT parser does not resolves admins by configuration.

Version 0.5.0

Features

• MdcLoggingInjector (bv-app) - adding information about the build in every request.
• OnBehalfAuthentication (bv-security) - support for SAML on behalf.
• OAuth2 ResourceServer (bv-security) - support for oauth resource server.
• DevMode-JWT (bv-security) - support dev mode for JWT token(resource server).
• MDCLogging current user (bv-security) - adding current user into MDC logging context for every request.

Version 0.4.0

Features

• NullableUtils (bv-core) - utils for null/optional handling is introduced.
• bv-security dependency (bv-security) - has been upgraded to version 0.1.2.
• Contract verification ignore (bv-test) - mechanism that allows ignoring verification of a case in contract.

Bug fixes

• ProxyAware (bv-app) - fix issues with scheme, port and context path.

Version 0.3.1

Features

• documentation fixed

Version 0.3.0

Features

• ProxyAware - (bv-app) logic that makes application aware that app runs behind a proxy has been extracted to new component and enhanced with new params.
• SecurityAuditorAware - (bv-security) supports spring-data mechanism for auditing to get current user.
• Feign client validation - (bv-app) mechanism for declarative validating(hibernate-validators annotations) of incoming entities.
• Slice testing - (bv-test) slice testing by layers(repository, service, resource).
• Converters - (bv-app) generic converters improvement, dynamic conversion based on annotation.

Version 0.2.0

Features

• GenericConverter (bv-app) - abstract class for easy creating a custom Spring converter service.
• Exception handling (bv-app) - we provided a default handling of common exception in BlueVibes application.
• Swagger HATEOAS patch (bv-app) - a patch for swagger that prevents swagger to put links into model.
• ResourceApi annotation(bv-app) - composition of common annotations that are constantly repeated on est controllers.
• ApplicationException (bv-core) - a general BlueVibes runtime exception.
• FrontEndConfiguration (bv-app) - a mechanism to allow running behind a reverse proxy.