v2.0.2

Features & Updates

This patch focuses on minor enhancements and improved error handling for the database.

What's Changed

• chore(deps): bump express from 4.18.2 to 4.19.2 in /mockidentityprovider by @dependabot in #105
• chore(deps): bump express from 4.18.2 to 4.19.2 in /server by @dependabot in #104
• chore(deps-dev): bump braces from 3.0.2 to 3.0.3 in /server by @dependabot in #109
• UNTRACKED(chore): add tests for ignore use case by @mikelax in #111
• UNTRACKED(chore): Remove uuid lib and nodejs version by @mikelax in #113
• UNTRACKED /k1ch/bump-version-to-2.0.2 by @k1ch in #114

Full Changelog: v2.0.1...v2.0.2

v2.0.1

Features & Updates

This patch focuses on enhancing the performance of a critical SQL query, particularly addressing scalability issues observed on larger databases.

What's Changed

• chore(deps): bump jose from 4.15.4 to 4.15.5 in /server by @dependabot in #102
• Topic/k1ch/ SQL optimization: selectTenantPersonaClients by @k1ch in #103

Full Changelog: v2.0.0...v2.0.1

v2.0.0

Version 2 is Here

This release marks the start of version 2 of The Usher. The significant improvement is the addition of Administration APIs. These APIs will make managing the data itself within Usher much easier. Be sure to review the Open API Spec to view the new APIs now available.

We'll be updating the documentation to detail in more detail how to configure Administration Users that are entitled to perform Admin functions on The Usher. The TL/DR will be creating a role named the-usher:usher-admin and assign the User persona to this role.

What's Changed

• chore: lib updates by @mikelax in #68
• chore: upgrade mock server to oas-tools 3 by @mikelax in #69
• QUICKSTART.md: Correct IDP token script invocation by @plaurent in #73
• UNTRACKED: chore: update pg version by @mikelax in #74
• chore: update misc libs by @mikelax in #75
• explain mock identity provider behavior, update script by @plaurent in #78
• Topics/k1ch/Admin APIs - POST:/personas by @k1ch in #79
• Topics/k1ch/ introduce get/personas-permissions by @k1ch in #80
• UNTRACKED(chore): update misc libs to latest by @mikelax in #81
• chore: Use dev deps for server project, remove unused libs by @mikelax in #82
• chore(deps-dev): bump semver from 5.7.1 to 5.7.2 in /server by @dependabot in #83
• chore(deps): bump the npm_and_yarn at /server security update group in /server with 2 updates by @dependabot in #77
• chore(deps): bump the npm_and_yarn at /server security update group in /server with 1 update by @dependabot in #76
• chore(deps): bump ansi-regex from 5.0.0 to 5.0.1 in /server by @dependabot in #53
• chore(deps): bump minimatch from 3.0.4 to 3.1.2 in /database by @dependabot in #50
• Topics/k1ch/admin-post-personas-permissions by @k1ch in #84
• Topics/k1ch/admin-delete-personas-permissions by @k1ch in #85
• fix: first cut at admin clients api by @mikelax in #16
• Topics/k1ch/admin GET: /personas/{persona_key}/roles by @k1ch in #87
• Topics/k1ch/admin PUT:/personas/{persona_key}/roles by @k1ch in #88
• Topics/k1ch/ Admin DELETE:/personas/{persona_key} by @k1ch in #90
• Topics / k1ch/ Admin API / DELETE:/personas/{persona_key}/roles/{role_key} by @k1ch in #89
• UNTRACKED/k1ch/update-get-jwks/ use knex instead of PG pool by @k1ch in #92
• Topic/k1ch/ Admin GET:/personas by @k1ch in #91
• Topics/k1ch/ Admin GET:/personas/{persona_key} by @k1ch in #93
• Chore: k1ch/update libs and package-lock files by @k1ch in #94
• Topic/k1ch/ bump up package version to: v2.0.0 by @k1ch in #95
• chore: add fk to permissions table for client key by @mikelax in #96
• chore: update codeql workflow file by @mikelax in #97
• Topic/k1ch/ support token generation for persona with permission and no role (#71) by @k1ch in #98
• Topic/k1ch/ Introduce API - PUT:/clients/{client_id} by @k1ch in #99
• UNTRACKED/k1ch/update-oas-version by @k1ch in #100

New Contributors

• @k1ch made their first contribution in #79

Full Changelog: v1.6.1...v2.0.0

v1.6.1

Features & Updates

This release will most likely be the last in v1.x . Coming soon will be new APIs to interact with all Usher objects enforced by the newly added permissions layer. APIs will be managed by named roles for either usher-admin or client-admin functionality.

Please see the INSTALL.md instructions for more information. In version 2.x the getting started process should be easier.

• fix: correct bug in deletePersona db function. PR #65 and #66
• Update GitHub Actions and Docker containers to node v18

Library & Security Updates

NA

v1.6.0

Features & Updates

This release will most likely be the last in v1.x . Coming soon will be new APIs to interact with all Usher objects enforced by the newly added permissions layer. APIs will be managed by named roles for either usher-admin or client-admin functionality.

Please see the INSTALL.md instructions for more information. In version 2.x the getting started process should be easier.

• fix: update pg library to latest. PR #47
  • Based on the changelog this may resolve some intermittent errors experienced when running the server in an AWS Lambda (or any serverless env) function.

Library & Security Updates

• chore: bump misc. libraries to current versions PR #33 #47
• Replace lgtm (service was deprecated) with GitHub CodeQL. PR #38

v1.5.1

Features & Updates

This release will most likely be the last in v1.x . Coming soon will be new APIs to interact with all Usher objects enforced by the newly added permissions layer. APIs will be managed by named roles for either usher-admin or client-admin functionality.

Please see the INSTALL.md instructions for more information. In version 2.x the getting started process should be easier.

• fix: #24 Fix bug in /self/roles API that was returning incorrect response data

Library & Security Updates

N/A

v1.5.0

Features & Updates

This release will most likely be the last in v1.x . Coming soon will be new APIs to interact with all Usher objects enforced by the newly added permissions layer. APIs will be managed by named roles for either usher-admin or client-admin functionality.

Please see the INSTALL.md instructions for more information. In version 2.x the getting started process should be easier.

• feat: #20 Updated server variables to make THEUSHER_AUD_CLAIMS optional.

Library & Security Updates

• chore: Bump express from 4.17.2 to 4.17.3 in /server
• chore: Bump express-jwt from 6.1.0 to 6.1.1 in /server
• #22 Additional small lib upgrades

v1.4.2

Features & Updates

This release will most likely be the last in v1.x . Coming soon will be new APIs to interact with all Usher objects enforced by the newly added permissions layer. APIs will be managed by named roles for either usher-admin or client-admin functionality.

Please see the INSTALL.md instructions for more information. In version 2.x the getting started process should be easier.

• fix: Change the /self/token endpoint to only return roles corresponding to the requested permissions.
• fix: Correct bug when issuing new tokens using a refresh token. The logic was previously incorrect for determining expiration dates and could possibly issue a new already expired access token
• feat: Add mock identity server to use for unit tests instead of relying on Auth0
• feat: Display the published version number in the Root API instead of the git commit hash

Library & Security Updates

• chore: Bump nodemon from 2.0.14 to 2.0.15 in /server
• chore: Bump http-errors from 1.8.0 to 1.8.1 in /server
• chore: Bump knex from 0.95.13 to 0.95.14 in /database
• Additional small lib upgrades