This repository has been archived by the owner on Jul 12, 2023. It is now read-only.
v0.5.1
Changes since v0.5.0
- Add redis opencensus metrics to the verification server cache. (#376, @taddari)
- Add redis opencensus metrics to the verification server, this will enable to monitor problems with redis connections itself. (#361, @taddari)
- Add support for destroying signing key versions (#389, @sethvargo)
- Add test type and issuer to show code page (#375, @whaught)
- Adds open census metrics for main API flows. (#384, @mikehelmick)
- Allow configuring database max lifetime idle timeout (#406, @sethvargo)
- Allow users to expire a code (#390, @whaught)
- Bump main server version to v0.5.1 (#408, @sethvargo)
- CRITICAL FIX: Select correct realm's signing keys for multi-tenant signing. (#398, @mikehelmick)
- Client timezone should be valid. (#340, @jeremyfaller)
- Create separate key manager instances instead of using a shared pool. This changes the configuration to require a prefix on the key managers (e.g. TOKEN_KEY_MANAGER and CERTIFICATE_KEY_MANAGER) if you are overriding the defaults. (#382, @sethvargo)
- Fix SQL error in cleanup logic (#403, @sethvargo)
- Fix redis cache environment variable (#402, @sethvargo)
- New environment variable.
DB_MAX_CONN_IDLE_TIME
a duration, when set will be passed to DB connection pool. Default value of1m
(#393, @mikehelmick)
- Set HSTS headers in production service (#387, @sethvargo)
- Set a 1m idle timeout on all Redis connections.
REDIS_HOST
andREDIS_PORT
are now prefixed based on their scope (e.g.CACHE_REDIS_HOST
andRATE_LIMIT_REDIS_HOST
). This enables using a different Redis cluster or configuration for rate limiting vs caching. (#391, @sethvargo) - Sort users and API keys (#371, @sethvargo)
- Verification server operators can rotate their token signing key.
TOKEN_SIGNING_KEY
andTOKEN_SIGNING_KEY_ID
are now array based env vars. They must be the same length. The first items in the lists represents the active key/kid and the remaining entries are allowed to validate. (#348, @mikehelmick)
Dependencies
Added
- github.com/opencensus-integrations/redigo: v2.0.1+incompatible
Changed
- github.com/google/exposure-notifications-server: v0.5.0 → v0.5.1
- github.com/sethvargo/go-limiter: v0.4.0 → v0.4.1
- github.com/sethvargo/go-redisstore: v0.1.0 → v0.1.2-opencensus
Removed
- github.com/gomodule/redigo: v1.8.2