1.3.0.0

Compatible with OpenSearch 1.3.0

Enhancements

• Adds CI support for Java 8, 11 and 14 (#1580)
• Updates the test retry-count to give flaky tests more chances to pass (#1601)
• Adds support for OPENSEARCH_JAVA_HOME (#1603)
• Adds auto delete workflow for backport branches (#1604)
• Create the plugin-descriptor programmatically (#1623)
• Add test to make sure exception causes aren't sent to callers (#1639)
• Switch gradle to info logging for improved test debugging (#1646)
• Remove artifact step from CI workflow (#1645)
• Adds ssl script (#1530)
• Adds Java-17 to CI matrix (#1609)
• Reverts ssl script PR (#1637)
• Remove java17 from 1.3 build matrix (#1668)

Bug fixes

• Bumps JJWT version (#1589)
• Updates backport workflow with custom branch and github app (#1597)
• Always run checks on PRs (#1615)
• Adds 'opens' command-line argument for java.io libraries to unblock build (#1616)
• Adds jacoco report and pass the location to codecov (#1617)
• Fixes the settings of roles_separator (#1618)
• Use standard opensearch.version property (#1622)

Maintenance

• Updates bug template (#1582)
• Updates jackson-databind library version (#1584)
• Upgrades Kafka version (#1598)
• Upgrades Guava version (#1594)
• Update maintainers list (#1607)
• Exclude velocity 1.7 from OpenSAML dependency (#1606)
• Migrate build system to gradle (#1592)
• Updates documentation for practices for maintainers (#1611)
• Remove jcenter repository (#1625)
• Remove '-SNAPSHOT' from opensearch.version in plugin descriptor (#1634)
• Add git ignore for VScode IDE settings (#1629)
• Remove netty-tcnative dependency to unblock security plugin build on ARM64 (#1649)
• Add plugin-descriptor.properties to .gitignore (#1651)
• Removes Github DCO action as it is replaced by Github app (1657)
• Configure ML reserved roles and system indices (#1662)
• Release Notes for 1.3.0.0 (#1671)

Version 1.2.4.0

Compatible with OpenSearch 1.2.4

Maintenance

• Bump log4j-core from 2.17.0 to 2.17.1 (#1551)
• Update CXF version to 3.4.5 (#1540)
• Version bump to 1.2.4.0 (#1558)
• Release notes for 1.2.4.0 (#1569)

Release 1.2.3.0

Compatible with OpenSearch 1.2.3

Maintenance

• Bump log4j-core from 2.16.0 to 2.17.0 (#1535)

Release 1.2.2.0

Compatible with OpenSearch 1.2.2

Maintenance

• Bumping log4j to 2.16.0 (#1525)

Release 1.2.1.0

Compatible with OpenSearch 1.2.1

Maintenance

• Bumping log4j to 2.15.0 (#1520)

Release 1.2.0.0

Compatible with OpenSearch 1.2.0

Enhancements

• Add observability permissions and index (#1484)
• Add AD validate, multi-category results API permissions to AD read access (#1480)

Bug fixes

• Fix to include hidden indices when resolving wildcards (#1472)

Maintenance

• Adding DCO check to repo (#1468)
• Moved dco.yml to workflows folder (#1469)
• Incremented version to 1.2.0.0-SNAPSHOT (#1464)
• Moved SNAPSHOTS repo to project level (#1479)
• Update OpenSearch core dependency version to 1.2.0 (#1482)
• Bump xmlsec from 2.2.0 to 2.2.3 (#1450)
• Create 1.2.0.0 release notes (#1494)
• Updated copyright notices (#1477)
• Updated release notes for 1.2 with copyright updates (#1496)

Release 1.1.0.0

Compatible with OpenSearch 1.1.0

Enhancements

• Added replication specific roles and system index to the configuration (#1408)
• Handled DLS/FLS/Field masking for replication actions (#1330)
• Extended role injection support for cross cluster requests (#1195)
• Added changes to support validation of security roles for plugins (#1367)
• Adding the default role for IM plugin (#1427)

Maintenance

• Upgrade OpenSearch version to 1.1.0 (#1335)
• Incremented version to 1.1.0.0-SNAPSHOT. (#1429)
• Remove alerting and ism indices from protected indices usage in sample configuration (#1416)
• Build against OpenSearch 1.1.0-SNAPSHOT. (#1430)
• Create release notes 1.1.0.0 (#1440)
• Switch opensearch from 1.x to 1.1 (#1445)

Release 1.0.1.0

Compatible with OpenSearch 1.0.0.

Bug fixes

• Return HTTP 409 if get parallel put request (#1158)
• Add validation for null array DataType (#1157)
• Add support for ResolveIndexAction handling (#1312)
• Fix LDAP authentication when using StartTLS (#1415)
• Fix index permissions for negative lookahead and negated regex index patterns (#1300)

Maintenance

• Fix maven build ${version} deprecation warning (#1209)
• Fix race condition on async test for PR #1158 (#1331)
• Build OpenSearch in CD workflow in order to build security plugin (#1364)
• Update checkNullElementsInArray() unit test to check both error message and error code instead of only checking the error code (#1370)
• Add themed logo to README (#1333)
• Checkout OpenSearch after Cache in CD (#1410)
• Address follow up comments for PR #1172 (#1224)
• Upgrade CXF to v3.4.4 (#1412)
• Bump version to 1.0.1.0 (#1418)

Release 1.0.0.0

Compatible with OpenSearch 1.0.0.

Enhancements

• Allow attempt to load security config in case of plugin restart even if security index already exists (#1154)
• Allowing granular access for data-stream related transport actions (#1170)
• Introducing passive_intertransport_auth to facilitate communication between nodes with adv sec enabled and nodes without adv sec enabled. (#1156)
• Add static action group for managing data streams (#1258)

Bug fixes

• Delay the security index initial bootstrap when the index is red (#1153)
• Remove redundant isEmpty check and incorrect string equals operator (#1181)
• Do not trim SAML roles (#1207)
• Replace opensearch class names with opendistro class names during serialization and restore them back during deserialization (#1278)

Maintenance

• Bump commons-io from 2.6 to 2.7 (#1137)
• Update issue template with multiple labels (#1164)
• move issue templates to ISSUE_TEMPLATE (#1166)
• Rename kibana substrings with OpenSearchDashboards in class name, method name and comments (#1160)
• Rename 'Open Distro' to follow open search naming convention (#1149)
• Build plugin on top of 1.x branch of OpenSearch core (#1174)
• Add build.version_qualifier and make security plugin compatible with OpenSearch 1.0.0-rc1 (#1179)
• Update anchor link for documentation and apply opensearch-security naming convention in PR template (#1180)
• Force the version of json-path 2.4.0 (#1175)
• Bump version to rc1, create release notes and fix the url used in release notes drafter (#1186)
• Rename settings constant value and related testing yml files for migration to Opensearch (#1184)
• Remove prefix "OPENDISTRO_" for identifier for settings (#1185)
• Rename documents and demo for settings (#1188)
• Add fallback for opendistro_security_config.ssl_dual_mode_enabled (#1190)
• Change security plugin REST API to support both opensearch and opendistro routes (#1172)
• Fix CODEOWNERS file (#1193)
• Dashboards rename related changes (#1192)
• Build OpenSearch 1.0 branch on CI (#1189)
• Fix install_demo_configuration.sh (#1211)
• Move AdvancedSecurityMigrationTests.java to opensearch directory (#1255)
• upgrade CXF to v3.4.3 (#1210)
• Bump httpclient version from 4.5.3 to 4.5.13 (#1257)
• Cleanup md files (#1298)
• Upgrade json-smart from 2.4.2 to 2.4.7 (#1299)
• Bump version to 1.0.0.0 and create release notes (#1303)
• Build on OpenSearch 1.0.0 (#1304)
• Consolidate the release notes for RC1 and GA (#1305)

Release 1.0.0.0

Compatible with OpenSearch 1.0.0.

Enhancements

• Allow attempt to load security config in case of plugin restart even if security index already exists (#1154)
• Allowing granular access for data-stream related transport actions (#1170)
• Introducing passive_intertransport_auth to facilitate communication between nodes with adv sec enabled and nodes without adv sec enabled. (#1156)
• Add static action group for managing data streams (#1258)

Bug fixes

• Delay the security index initial bootstrap when the index is red (#1153)
• Remove redundant isEmpty check and incorrect string equals operator (#1181)
• Do not trim SAML roles (#1207)
• Replace opensearch class names with opendistro class names during serialization and restore them back during deserialization (#1278)

Maintenance

• Bump commons-io from 2.6 to 2.7 (#1137)
• Update issue template with multiple labels (#1164)
• move issue templates to ISSUE_TEMPLATE (#1166)
• Rename kibana substrings with OpenSearchDashboards in class name, method name and comments (#1160)
• Rename 'Open Distro' to follow open search naming convention (#1149)
• Build plugin on top of 1.x branch of OpenSearch core (#1174)
• Add build.version_qualifier and make security plugin compatible with OpenSearch 1.0.0-rc1 (#1179)
• Update anchor link for documentation and apply opensearch-security naming convention in PR template (#1180)
• Force the version of json-path 2.4.0 (#1175)
• Bump version to rc1, create release notes and fix the url used in release notes drafter (#1186)
• Rename settings constant value and related testing yml files for migration to Opensearch (#1184)
• Remove prefix "OPENDISTRO_" for identifier for settings (#1185)
• Rename documents and demo for settings (#1188)
• Add fallback for opendistro_security_config.ssl_dual_mode_enabled (#1190)
• Change security plugin REST API to support both opensearch and opendistro routes (#1172)
• Fix CODEOWNERS file (#1193)
• Dashboards rename related changes (#1192)
• Build OpenSearch 1.0 branch on CI (#1189)
• Fix install_demo_configuration.sh (#1211)
• Move AdvancedSecurityMigrationTests.java to opensearch directory (#1255)
• upgrade CXF to v3.4.3 (#1210)
• Bump httpclient version from 4.5.3 to 4.5.13 (#1257)
• Cleanup md files (#1298)
• Upgrade json-smart from 2.4.2 to 2.4.7 (#1299)
• Bump version to 1.0.0.0 and create release notes (#1303)
• Build on OpenSearch 1.0.0 (#1304)
• Consolidate the release notes for RC1 and GA (#1305)