Skip to content
This repository has been archived by the owner on Jul 12, 2023. It is now read-only.

v0.5.1
Compare
Choose a tag to compare
@sethvargo sethvargo released this 27 Aug 23:16
· 1568 commits to main since this release
v0.5.1
e3b8ca8
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Changes since v0.5.0

  • Add redis opencensus metrics to the verification server cache. (#376, @taddari)
  • Add redis opencensus metrics to the verification server, this will enable to monitor problems with redis connections itself. (#361, @taddari)
  • Add support for destroying signing key versions (#389, @sethvargo)
  • Add test type and issuer to show code page (#375, @whaught)
  • Adds open census metrics for main API flows. (#384, @mikehelmick)
  • Allow configuring database max lifetime idle timeout (#406, @sethvargo)
  • Allow users to expire a code (#390, @whaught)
  • Bump main server version to v0.5.1 (#408, @sethvargo)
  • CRITICAL FIX: Select correct realm's signing keys for multi-tenant signing. (#398, @mikehelmick)
  • Client timezone should be valid. (#340, @jeremyfaller)
  • Create separate key manager instances instead of using a shared pool. This changes the configuration to require a prefix on the key managers (e.g. TOKEN_KEY_MANAGER and CERTIFICATE_KEY_MANAGER) if you are overriding the defaults. (#382, @sethvargo)
  • Fix SQL error in cleanup logic (#403, @sethvargo)
  • Fix redis cache environment variable (#402, @sethvargo)
  • New environment variable.
    • DB_MAX_CONN_IDLE_TIME a duration, when set will be passed to DB connection pool. Default value of 1m (#393, @mikehelmick)
  • Set HSTS headers in production service (#387, @sethvargo)
  • Set a 1m idle timeout on all Redis connections. REDIS_HOST and REDIS_PORT are now prefixed based on their scope (e.g. CACHE_REDIS_HOST and RATE_LIMIT_REDIS_HOST). This enables using a different Redis cluster or configuration for rate limiting vs caching. (#391, @sethvargo)
  • Sort users and API keys (#371, @sethvargo)
  • Verification server operators can rotate their token signing key. TOKEN_SIGNING_KEY and TOKEN_SIGNING_KEY_ID are now array based env vars. They must be the same length. The first items in the lists represents the active key/kid and the remaining entries are allowed to validate. (#348, @mikehelmick)

Dependencies

Added

Changed

Removed

  • github.com/gomodule/redigo: v1.8.2
Assets 2
Loading