Version 3.4.0
Bug Fixes
- bv-multitenancy: Fixed caching during application startup
Features
- bv-security: Removed token logging because it contains client identifying data (CID)
Version 3.3.1
Bug fixes
- bv-app: Fixed exception handling of
MissingServletRequestParameterException
, BindException
, MethodArgumentTypeMismatchException
in rest controllers
- bv-multitenancy: Removed
EnableMultitenancyJpaRepositories
annotation
Features
- bv-multitenancy: Added test applications using
bv-multitenancy
with jooq
and spring-data-jpa
Version 3.3.0
Features
- Added bv-multitenancy module
- bv-core: Added
DateUtil
for working with LocalDate
- bv-app: Added mapping of inherited fields to
GenericConverter
- bv-test-core: Added
RestAssertions
and RestTestUtils
classes to help with writing tests for rest controllers
Version 3.2.1
Bug fixes
- bv-security: OpenAPI and SwaggerUI accessible without auth token.
Version 3.2.0
Dependency upgrade
- bv-security: spring-security-oauth2-autoconfigure upgraded to 2.6.8.
- bv-security: spring-security-oauth2 upgraded to 2.5.2.
Features
- bv-app: Added feign client error decoder configuration.
Version 3.1.0
Dependency upgrade
- all-modules: spring boot upgraded to 2.7.1
- all-modules: swagger replaced with springdoc-openapi
- all-modules: spring-cloud upgraded to 2021.0.3
Version 3.0.2
Bug fixes
- bv-app: Spring4Shell exploit fix provided.
Version 3.0.1
Dependency upgrade
- security-utils lib upgraded to version 1.1.1 (log4j fix)
Version 3.0.0
Dependency upgrade
- all-modules: spring boot upgraded to 2.5.5
Version 2.4.2
Dependency upgrade
- security-utils lib upgraded to version 1.1.1 (log4j fix)
Version 2.4.1
Features
- bv-security: Actuator readiness and liveness endpoints open.
Version 2.4.0
Features
- bv-security: Adding mapping for impersonator data in JWT.
- bv-app: Adding request headers into MDC logging context for every request
- bv-app: Adding Feign client configuration for setting request headers from MDC logging context
Version 2.3.0
Features
- bv-jdbc-doc: Enum storing/reading supported in jdbc doc repository.
Version 2.2.1
Bug fixes
- bv-security: Auth Manager parent loop fixed.
Version 2.2.0
Features
- bv-security: Authentication has a default USER role.
Bug fixes
- bv-security: OAuth2 RoleHierarchy overriding fixed.
Version 2.1.1
Bug fixes
- bv-data-doc: Null entities from DB can be read.
Version 2.1.0
Features
- bv-app: Changing log level in runtime
- bv-security: Security access extended to support matching by IP as well as defining custom criteria
- bv-data-docs: Module introduced for the database support.
- integration: Introduced new configuration examples for integration testing.
- bv-core: Localized text entity added.
- bv-core: Added uuid encoding util class.
Bug fixes
- bv-app: Swagger not available after the migration to new Spring version.
Version 2.0.0
Dependency upgrade
- all-modules: JDK11 and spring boot 2.3.3.
Breaking changes
- All related breaking by JDK11 and spring 2.3.3.
Version 1.2.1
Bug fixes
- bv-security: Make spring-security maven dependency optional.
Version 1.2.0
Features
- bv-core: Loading secrets from file system (support for docker secrets).
Version 1.1.0
Features
- bv-security: Expose users IP address through current user service.
Version 1.0.0
Features
- bv-app: Frontend configuration cookie disabled by default.
Breaking changes
- If some app uses frontend cookie, additional configuration to enable the cookie must be added.
Version 0.9.1
Bug fixes
- bv-security: Username available in OAuth2 context via currentUserService.
Version 0.9.0
Features
- bv-app: Handling of the AccessDenied error in RestHandler.
- bv-security: Removed @EnableGlobalMethodSecurity from default security configuration.
Version 0.8.0
Features
- bv-security: Expose user info rest endpoint.
- bv-security: Log invalid tokens option.
Version 0.7.7
Features
- bv-security: Add support for serialisation of PropertyDetails object for purpose of saving it in JDBC session.
Version 0.7.6
Features
- bv-security: Add feign client authorization interceptor fot token propagation.
Version 0.7.5
Bug fixes
- bv-security: Disabling security headers.
Version 0.7.4
Features
- bv-security: security headers enhancement(SCP & X-Frame).
- bv-core: StringUtils and ResourceUtils.
- bv-test-core: BlankStrings.
- bv-app: Front-end cookie enhancement: secure & insertion on (*.js & *.html).
Version 0.7.3
Features
- bv-security: Provides access to token props through the CurrentUserService details.
Version 0.7.2
Bug fixes
- bv-security: Fixed access toked parsing with JWK config.
Version 0.7.0
Features
- bv-security: Added ACP security. ACP Tokens are extracted and validated from requests.
- bv-security: Added ACP AIL feign client for validating tokens.
- bv-security: Changed version of security-utils.
- bv-security: Parsing of roles from JWT token now uses json path.
- bv-security: Added JWT token generator and store.
Version 0.6.0
Features
- bv-security: Default public endpoints: actuator, index.html, swagger-ui, static data.
Version 0.5.2
Bug fixes
- bv-security: Jwt admin users - fix issue: JWT parser does not resolves admins by configuration.
Version 0.5.0
Features
- MdcLoggingInjector (bv-app) - adding information about the build in every request.
- OnBehalfAuthentication (bv-security) - support for SAML on behalf.
- OAuth2 ResourceServer (bv-security) - support for oauth resource server.
- DevMode-JWT (bv-security) - support dev mode for JWT token(resource server).
- MDCLogging current user (bv-security) - adding current user into MDC logging context for every request.
Version 0.4.0
Features
- NullableUtils (bv-core) - utils for null/optional handling is introduced.
- bv-security dependency (bv-security) - has been upgraded to version 0.1.2.
- Contract verification ignore (bv-test) - mechanism that allows ignoring verification of a case in contract.
Bug fixes
- ProxyAware (bv-app) - fix issues with scheme, port and context path.
Version 0.3.1
Features
Version 0.3.0
Features
- ProxyAware - (bv-app) logic that makes application aware that app runs behind a proxy has been extracted to new component and enhanced with new params.
- SecurityAuditorAware - (bv-security) supports spring-data mechanism for auditing to get current user.
- Feign client validation - (bv-app) mechanism for declarative validating(hibernate-validators annotations) of incoming entities.
- Slice testing - (bv-test) slice testing by layers(repository, service, resource).
- Converters - (bv-app) generic converters improvement, dynamic conversion based on annotation.
Version 0.2.0
Features
- GenericConverter (bv-app) - abstract class for easy creating a custom Spring converter service.
- Exception handling (bv-app) - we provided a default handling of common exception in BlueVibes application.
- Swagger HATEOAS patch (bv-app) - a patch for swagger that prevents swagger to put links into model.
- ResourceApi annotation(bv-app) - composition of common annotations that are constantly repeated on est controllers.
- ApplicationException (bv-core) - a general BlueVibes runtime exception.
- FrontEndConfiguration (bv-app) - a mechanism to allow running behind a reverse proxy.