Releases: OADA/server
Releases · OADA/server
v4.0.0
4.0.0 — 2025-10-05
🛡️ Security
- update vulnerable dependencies to pino:8.6.0 fastify:4.6.0 fastify-graceful-shutdown:3.3.0 find-my-way:7.1.0 light-my-request:5.6.1 got:12.5.0 — (93b765c)
- update vulnerable dependencies to kafkajs:2.2.1 chalk:5.1.2 express:4.18.2 got:12.5.2 minimist:1.2.7 fastify:4.8.1 find-my-way:7.3.1 — (d209ee6)
- update vulnerable dependencies to kafkajs:2.2.2 fastify-plugin:4.3.0 pino:8.7.0 @fastify/helmet:10.0.2 cacache:17.0.1 randomstring:1.2.3 @OADA/client:4.4.1 — (565a102)
- security updates to k8s-wait-for — (4ecab1e)
- update vulnerable dependencies to arangojs:8.0.0 deep-equal:2.1.0 tslib:2.4.1 @fastify/cors:8.1.1 @fastify/request-context:4.1.0 @fastify/websocket:7.1.1 cacache:17.0.2 — (4b166ec)
- update vulnerable dependencies to dezalgo:1.0.4 formidable:2.1.2 — (12b0bf7)
- update vulnerable dependencies to cookiejar:2.1.4 HTTP-cache-semantics:4.1.1 node-jose:2.2.0 — (7f2f34f)
- update vulnerable dependencies to arangojs:8.4.1 flat:6.0.0 tslib:2.6.2 yaml:2.3.2 uuid:9.0.1 fastify-plugin:4.5.1 pino:8.15.1 pino-pretty:10.2.0 typescript:5.2.2 @fastify/helmet:11.1.1 @fastify/rate-limit:8.0.3 @fastify/secure-session:7.1.0 @fastify/sensible:5.3.0 @fastify/static:6.11.2 @fastify/view:8.1.0 @OADA/types:3.5.3 es-main:1.3.0 fastify-graceful-shutdown:3.5.1 jose:4.14.6 @OADA/formats-server:3.5.3 cacache:18.0.0 light-my-request:5.11.0 p-queue:7.4.1 — (565b7c3)
- update vulnerable dependencies to semver:5.7.2 tough-cookie:4.1.3 — (b686b1e)
- upgrade pino-pretty from 10.2.2 to 10.2.3 — (851ab1f)
- update vulnerable dependencies to yaml:2.4.0 fastify:4.26.2 light-my-request:5.11.0 — (8270e68)
- OADA/services/auth/package.json to reduce vulnerabilities — (4264eb8)
- update vulnerable dependencies to braces:3.0.3 fill-range:7.1.1 tar:6.2.1 — (8d1c669)
- update vulnerable dependencies to yaml:2.6.1 nstats:6.0.1 cross-spawn:7.0.5 @OADA/client:5.2.6 — (7c5fdc2)
- update vulnerable dependencies to jsonpath-plus:10.3.0 undici:6.21.1 — (0b026d4)
- update vulnerable dependencies to @babel/runtime:7.26.10 axios:1.8.3 — (befc658)
- update vulnerable dependencies dotenv:16.5.0 yaml:2.7.1 @fastify/cors:11.0.1 @fastify/jwt:9.1.0 @fastify/view:11.0.0 fastify:5.2.2 ioredis:5.6.1 fastify-jwt-jwks:2.0.1 type-is:2.0.1 got:14.4.7 — (c32164b)
- update vulnerable dependencies to @lukeed/ms:2.0.2 fast-jwt:5.0.6 mnemonist:0.40.3 obliterator:2.0.4 — (7cc4274)
- update vulnerable dependencies to pino-caller:4.0.0 superagent:10.0.0 @fastify/request-context:6.2.0 @fastify/secure-session:8.2.0 fastify:5.3.2 fastify-jwt-jwks:2.0.2 — (610a1f6)
- update vulnerable dependencies to debug:4.4.1 yaml:2.8.0 @fastify/view:11.1.0 fastify:5.3.3 jose:6.0.11 — (09ef68c)
- update vulnerable dependencies to brace-expansion:1.1.12 brace-expansion:2.0.2 — (3e32c04)
- update vulnerable dependency form-data:4.0.4 — (9830503)
- non-security non-breaking dependency updates — (6a10283)
🚀 Features
- stability improvements — (350b113)
OpenID Connect
- add debug level logging of discovery results — (5090643)
ArangoDB
- update arangojs and token CLI — (dd1c477)
Auth
- automatic bcrypt salt generation — (a0b0465)
- switch logging to pino — (1b6af25)
- rewrite/update auth server for PKCE support — (c340eaa)
- improve crypto key/code handling/generation — (8e2a588)
- implement PKCE checks per rfc7636 — (b2e5d6c)
- start of support for external oauth/OpenID Connect providers — (af6babd)
- can authenticate w/ Auth0 using OpenID Connect — (9dccd9b)
- more progress towards full auth0/OpenID Connect support — (171430d)
- retrieve user via oauth/OpenID Connect id_token — (684adfe)
- [breaking] update token cli for OpenID Connect — (692705e)
- decouple storage of tokens/users/codes — (1c0d113)
Config
- add logging support to lib-config — (e5da2e3)
Helm
- add basic grafana dashboards for OADA — (c93c847)
- update chart for ASK compat — (bea26c9)
- [breaking] somewhat major rework of OADA chart — (3e17154)
- support upgrading chart releases — (651b22e)
- simple support for microservices — (bec2266)
- add support for new rate-limit feature — (75b16ab)
- update chart for OADA v4 — (853cb3e)
- new OADA chart version — (fb6d431)
- better OpenShift compatibility — (6bb7c2e)
HTTP
- add optional rate-limiting to HTTP-handler — (81d3dc3)
- ignore x-OADA-ensure-link when meaningless — (dca7813)
Import
- add ArangoDB import command — (ca8e26c)
- trace log import improvements — (bf2165b)
- add batching support — (7f58c68)
- smaller default batches — (d5563bb)
Kafka
- automatically create topics on startup if able — (815ad50)
Lib-prom
Logging
- improved pino/Loki support — (7f26568)
Logs
- improve HTTP request id logging — (5ebf796)
Metrics
- ServiceMonitors for ArangoDB/Redpanda — (664cf5e)
Pino-debug
- update to esm — (a68d136)
- export Logger type, make use of options.base — ([6dafb...
oada-chart-v5.0.5
A Helm chart for the OADA API server
oada-chart-v5.0.4
A Helm chart for the OADA API server
oada-chart-v5.0.3
A Helm chart for the OADA API server
oada-chart-v5.0.2
A Helm chart for the OADA API server
oada-chart-v5.0.1
A Helm chart for the OADA API server
oada-chart-v5.0.0
A Helm chart for the OADA API server
OADA v4.0.0-rc.3
v4.0.0-rc.3
This tag was signed with the committer’s verified signature.
awlayton
Alex Layton
Adds support for external OIDC auth provider
Update to node 22
oada-chart-v4.0.0
A Helm chart for the OADA API server
OADA v4.0.0-rc.2
v4.0.0-rc.2
This tag was signed with the committer’s verified signature.
awlayton
Alex Layton
Adds support for external OIDC auth provider
Update to node 22