Skip to content

Latest commit

 

History

History
157 lines (82 loc) · 6.45 KB

CHANGELOG.md

File metadata and controls

157 lines (82 loc) · 6.45 KB

Change log

May 22nd 2024 – Remove prometheus metrics middleware and metrics app. We had discussed that very few teams actually go on to set up a dashboard to surface the information and tend to use application insights instead for the information. In addition it had also caused a memory leak and production issues (manifesting in increased 502 error rates) in at least two applications that had inherited from the template so it seems wise to remove this tooling by default.

PR: #365


May 10th 2024 – Derive user details from the authorization_code "user" token instead of making an API call to hmpps-manage-users-api, thereby removing an unnecessary dependency.

PR: #352


February 29th 2024 – Use same node version for outdated check and security scan. This currently defaults to node 16

PR: #321


February 15th 2024 – Move over to use Debian 12 based image (bookworm)

PR: #316


January 9th 2024 – Move over to Gov UK Frontend 5.0 and MoJ Frontend 2.0

Note, this removed support for IE8,9,10 etc.

PR: #297


November 29th 2023 – Remove getUserRoles as an api call and add as decoded from the token #274

This is to encourage services not to make additional calls to retrieve a user's role information. Usually roles are cached with the session meaning that the user has to log out and in again to bring in changes to roles - as user details are also cached this will not change this behaviour.

PR: #274


November 29th 2023 – Use in-memory token store when developing locally

PR: #273


November 6th 2023 – Add HMPPS Manage Users API to health checks

PR: #255


October 27th 2023 – Update to 4.0.0 of jwt-decode module

This had breaking changes and required an update to the import statement

PR: #252


October 27th 2023 – Update application to use node.js version 20 and npm version 10

Application updated to node 20.8 along with one minor node module tweaks

PR: #249


October 25th 2023 – Replace deprecated HMPPS Auth API endpoints with calls to HMPPS Manage Users API

/api/user/me -> /users/me
/api/user/me/roles -> /users/me/roles

PR: #247


October 4th 2023 – Improve REST client and propagate user types into res.locals

The base REST client now supports GET, DELETE, PATCH, POST, PUT methods all allowing query parameters and generic response types.

The user object built by setUpCurrentUser middleware is exposed in res.locals of request handlers preventing the need for type assertions.

PR: #238


September 28th 2023 - Add in environment name to the header

For dev and pre-prod we now display the environment name in the header to let people know that the service isn't production. This brings the template into line with the new micro frontend components header.


September 22nd 2023 - Ensure health/info endpoints are the same information as the Kotlin templates

As part of the work on the service catalogue we are trying to ensure all services and applications present standard /health and /info endpoints. As the Kotlin template is provided with a standard set of information as part of Spring Boot, it made sense to make sure the Typrscript template was made to match. This ensures these endpoints can be processed programmatically without needing to know what format the information is being presented.

For more details ask on the #hmpps-service-catalogue channel.

PR: here


August 3rd 2023 - Add /info endpoint and expose product ids

As part of the work on the service catalogue we are giving all applications their own product id. This change adds a new info endpoint to expose this id in a consistent place.

For more details ask on the #hmpps-service-catalogue channel.

PR: here


June 9th 2023 - Do not retry POST requests by default

It's not safe to retry idempotent calls as this introduces the risk of creating multiple resources. This fix changes the default to not carry out any retries but allows switching on retrying if desired.

PR: here


April 13th 2023 - Caching fix

Asset caching was only set to 20 seconds. This fix changes the default to 1 hour which has a profound effect on the number of requests the application serves.

PR: here


April 4th 2023 - Remove unnecessary build step

There was an additional unnecessary build step as part of start:dev npm task. This more than doubled the start time on the initial run.

PR: here


March 20th 2023 - CSP fix for redirects during POST on session timeout

Updates the Content Security Policy to fix issues when users would be stuck on pages after submitting a form after their session times out. (Lots more detail in the PR)

PR: here


February 3rd 2023 - Revert multi build docker image

Multibuild docker images ended up taking a very long time after the upgrade to node 18 (1hr+). Some work needs to be done to move to support multi host builds in our circle orb, in the meantime we’ve removed this and are just building images solely for deployment.

PR: here