This repository has been archived by the owner on Jul 12, 2023. It is now read-only.
v0.9.0
Changes since v0.8.0
Breaking
- *Potentially breaking- Require region codes be globally unique, add database constraint for realm name uniqueness (#621, @sethvargo)
- Remove create firebase user page. Users should be invited by an admin only. (#565, @whaught)
- Remove add-realm tool, move other tools to tools/ directory (#587, @sethvargo)
Security
- Add modeling service for abuse detection (and prevention in the future) (#551, @sethvargo)
- Add database fields and UI structure for abuse prevention (#548, @sethvargo)
- Add enforcement mechanism for realm quotas (#571, @sethvargo)
- Avoid integer overflow when model is negative (#625, @sethvargo)
- Give modeler ability to clear the cache (#626, @sethvargo)
- Add session idle duration with a default of 20min (#583, @sethvargo)
- Change default session duration from 24h to 20h (#578, @sethvargo)
System administration
- Allow managing system admins via the UI (#562, @sethvargo)
- Allow system admins to remove themselves from realms (#561, @sethvargo)
Realm administration
- Add customizable realm welcome banner (#585, @sethvargo)
- Add info page for admins to see build info (#560, @sethvargo)
- Add password-reset button for admins
Change new-user redirect to show-user (#598, @whaught) - Differentiated nav bar for System Admin (#603, @whaught)
- Enforce password rotation (#596, @whaught)
- Fix stats inconsistencies (#569, @sethvargo)
- For ENX enabled domains, take advantage of the enx-redirect service for https:// clickable links / universal links / ens:// redirect. (#597, @mikehelmick)
- Make it more difficult to accidentally disable ENX (#623, @sethvargo)
- New realm setting for password rotation requirements (#592, @whaught)
- New realm setting to allow skipping or requiring email verification (#563, @whaught)
- Improve UX on realm settings page (#601, @sethvargo)
- Logic for bulk user import (#553, @whaught)
Account management
- Add a password selection page (#568, @whaught)
- Added UI for password complexity requirements (#579, @whaught)
- Allow users to delete enrolled factor for MFA (#628, @whaught)
- As-you-type password validation
fix redirects from password change page (#602, @whaught) - Created a 'my account' page for the current user's settings (#599, @whaught)
Misc
-
Iff redirect_domain_map is specified in terraform, we will setup a second IP and LB for it. (#581, @icco)
-
Introduce deep link redirect service to support exposure notification express. (#546, @mikehelmick)
-
Add enx-redirect to deployment and promote (#590, @sethvargo)
-
Use the configured cacher for public key and signing key caches (#604, @sethvargo)
-
Switch to toasts for notices (#566, @sethvargo)
Dependencies
Added
- github.com/aymerick/douceur: v0.2.0
- github.com/chris-ramon/douceur: v0.2.0
- github.com/gonum/blas: f22b278
- github.com/gonum/floats: c233463
- github.com/gonum/internal: f884aa7
- github.com/gonum/lapack: e4cdc5a
- github.com/gonum/matrix: c518dec
- github.com/gorilla/css: v1.0.0
- github.com/microcosm-cc/bluemonday: v1.0.4
- github.com/sethvargo/go-password: v0.2.0
Changed
- github.com/aws/aws-sdk-go: v1.34.18 → v1.34.19
- github.com/google/exposure-notifications-server: v0.7.0 → v0.9.1
- github.com/sethvargo/go-limiter: v0.4.1 → v0.5.2
- github.com/sethvargo/go-redisstore: v0.1.2-opencensus → v0.2.1-opencensus
- golang.org/x/tools: ea3a2cd → acefd22
Removed
Nothing has changed.