Releases: NationalSecurityAgency/emissary
Releases · NationalSecurityAgency/emissary
Release list
8.46.0
What's Changed
Improvements 🛠
- feat: allow custom base resource path for emissary server by @ianpgifford in #1396
- Validate gRPC endpoints at startup by @rcameronm in #1424
Security 🔒
- update GitHub Actions workflows to address lint findings by @cfkoehler in #1423
Automation and Testing 🚦
- regression-test :: cleanup; update err messages by @dev-mlb in #1375
- add weekly schedule for GitHub Actions dependency updates by @cfkoehler in #1404
- Bump actions/dependency-review-action from 4 to 5 by @dependabot[bot] in #1409
- Bump docker/setup-qemu-action from 3 to 4 by @dependabot[bot] in #1406
- Bump actions/setup-java from 4 to 5 by @dependabot[bot] in #1407
- change labels for github-action dependabot updates by @jpdahlke in #1411
- Bump actions/checkout from 4 to 6 by @dependabot[bot] in #1414
- Bump docker/setup-buildx-action from 3 to 4 by @dependabot[bot] in #1413
- Bump oxsecurity/megalinter from 8 to 9 by @dependabot[bot] in #1410
- Bump docker/build-push-action from 5 to 7 by @dependabot[bot] in #1415
- Bump slackapi/slack-github-action from 1.24.0 to 3.0.3 by @dependabot[bot] in #1408
- action :: pin action versions to specific commit SHAs for consistency by @cfkoehler in #1426
- Bump actions/setup-java from 5.2.0 to 5.3.0 by @dependabot[bot] in #1437
- update dependabot schedule to weekly, increase PR limit by @cfkoehler in #1358
- Bump actions/checkout from 6.0.3 to 7.0.0 by @dependabot[bot] in #1442
- action :: fix environment variable formatting in Dockerfile and maven-ci.yml by @cfkoehler in #1438
- extraction-tests :: skip generate answers for nometa/noview and os-specific by @dev-mlb in #1419
- extraction-tests :: refactor checkAnswers by @dev-mlb in #1425
- extraction-tests :: add getters/setters and small refactor for strict mode by @dev-mlb in #1441
- fix release job by @dev-mlb in #1444
Dependencies 📦
- dependencies: bump com.google.protobuf:protobuf-java from 4.33.2 to 4.35.0 by @dependabot[bot] in #1391
- dependencies: bump io.netty:netty-bom from 4.2.13.Final to 4.2.14.Final by @dependabot[bot] in #1392
- dependencies: bump plugin.maven-surefire.version from 3.5.5 to 3.5.6 by @dependabot[bot] in #1403
- dependencies: bump io.dropwizard.metrics:metrics-bom from 4.2.38 to 4.2.39 by @dependabot[bot] in #1401
- dependencies: bump org.apache.maven.plugins:maven-dependency-plugin from 3.10.0 to 3.11.0 by @dependabot[bot] in #1416
- dependencies: bump dep.logback.version from 1.5.32 to 1.5.34 by @dependabot[bot] in #1420
- dependencies: bump org.apache.maven.plugins:maven-site-plugin from 3.21.0 to 3.22.0 by @dependabot[bot] in #1399
- dependencies: bump org.jacoco:jacoco-maven-plugin from 0.8.14 to 0.8.15 by @dependabot[bot] in #1427
- dependencies: bump io.netty:netty-bom from 4.2.14.Final to 4.2.15.Final by @dependabot[bot] in #1421
- dependencies: bump com.fasterxml.jackson:jackson-bom from 2.21.3 to 2.22.0 by @dependabot[bot] in #1422
- dependencies: bump org.glassfish.jaxb:jaxb-runtime from 4.0.8 to 4.0.9 by @dependabot[bot] in #1429
- dependencies: bump com.google.api.grpc:proto-google-common-protos from 2.71.0 to 2.72.0 by @dependabot[bot] in #1428
- remove takari-lifecycle-plugin by @dev-mlb in #1434
- dependencies: bump org.sonatype.central:central-publishing-maven-plugin from 0.10.0 to 0.11.0 by @dependabot[bot] in #1436
Other Changes ⚙️
- removing getStringParameter() usage across emissary by @sambish5 in #1388
- Fix typo in comment for SERVICE_KEY variable in DirectoryProviderPlace by @cfkoehler in #1405
- remove import of google/protobuf/empty.proto by @jpdahlke in #1412
- extraction-tests :: generate answers (adds dataFile logic) by @dev-mlb in #1387
- httpclient5 :: migrate HTTP connection handling to HttpClient 5.6 by @sambish5 in #1386
New Contributors
- @ianpgifford made their first contribution in #1396
Full Changelog: 8.45.0...8.46.0
8.45.0
What's Changed
Breaking Changes 🚨
- Remove preflight gRPC channel validation calls by @rcameronm in #1395
Bug Fixes 🐞
- Stop killing gRPC channels after RPC failure by @rcameronm in #1385
Automation and Testing 🚦
- gRPC unit test overhaul by @rcameronm in #1383
- add support for dataFile element in XML configuration and update test resource handling by @cfkoehler in #1366
Dependencies 📦
- dependencies: bump org.glassfish.jaxb:jaxb-runtime from 4.0.6 to 4.0.8 by @dependabot[bot] in #1382
- dependencies: bump org.junit:junit-bom from 5.14.3 to 5.14.4 by @dependabot[bot] in #1380
- dependencies: bump com.google.api.grpc:proto-google-common-protos from 2.67.0 to 2.71.0 by @dependabot[bot] in #1378
- dependencies: bump commons-codec:commons-codec from 1.21.0 to 1.22.0 by @dependabot[bot] in #1379
- dependencies: bump dep.slf4j.version from 2.0.17 to 2.0.18 by @dependabot[bot] in #1389
- dependencies: bump org.apache.maven.plugins:maven-enforcer-plugin from 3.6.2 to 3.6.3 by @dependabot[bot] in #1390
Full Changelog: 8.44.0...8.45.0
8.44.0
What's Changed
Breaking Changes 🚨
- Increased gRPC class modularization and updated exception handling by @rupert-griffin in #1350
- dependencies: bump com.google.protobuf:protobuf-java from 3.25.5 to 4.33.2 by @dependabot[bot] in #1222
Improvements 🛠
- Make gRPC futures thread interruptible by @rupert-griffin in #1368
Security 🔒
- update netty dependency to version 4.2.13.Final by @cfkoehler in #1377
Documentation 📚
- update security policy and operator responsibilities in SECURITY.md by @cfkoehler in #1365
Automation and Testing 🚦
- exclude github-actions[bot] from release notes by @cfkoehler in #1356
- update use of deprecated ChecksumCalculator constructor in testing classes by @sambish5 in #1373
- update use of deprecated Factory.create() in FactoryTest by @sambish5 in #1374
- extraction-test :: add support for strict (regression) mode by @dev-mlb in #1360
Dependencies 📦
- dependencies: bump commons-io:commons-io from 2.21.0 to 2.22.0 by @dependabot[bot] in #1362
- dependencies: bump com.google.code.gson:gson from 2.13.2 to 2.14.0 by @dependabot[bot] in #1361
- dependencies: bump com.fasterxml.jackson:jackson-bom from 2.21.2 to 2.21.3 by @dependabot[bot] in #1367
- dependencies: bump org.apache.httpcomponents.client5:httpclient5 from 5.6 to 5.6.1 by @dependabot[bot] in #1357
Other Changes ⚙️
- tech-debt :: updated code to use path.of by @dev-mlb in #1359
- remove use of getStringParameter() in DropOffUtil by @cfkoehler in #1363
- remove use of getStringParameter() in FilePickUpClient & test by @sambish5 in #1370
- code clean-up in AbstractFilter by @sambish5 in #1376
- upgrade deprecated provideArguments() method by @sambish5 in #1364
- code clean-up in DirectoryProviderPlace by @sambish5 in #1369
Full Changelog: 8.43.0...8.44.0
8.43.0
What's Changed
Security 🔒
- sanitize file ending values in Executrix by @blueandhack
Other Changes ⚙️
Full Changelog: 8.42.0...8.43.0
8.42.0
What's Changed
New Features ✨
- Add disk space monitoring and pause pickup by @cfkoehler in #1251
Improvements 🛠
- Add generic object type configuration support to Configurator by @rupert-griffin in #1344
- Added async gRPC support by @rupert-griffin in #1341
Dependencies 📦
- dependencies: bump com.fasterxml.jackson:jackson-bom from 2.21.1 to 2.21.2 by @dependabot[bot] in #1340
- dependencies: bump io.netty:netty-bom from 4.2.10.Final to 4.2.12.Final by @dependabot[bot] in
Full Changelog: 8.41.0...8.42.0
8.41.0
What's Changed
Improvements 🛠
- gRPC RetryHandler: added max wait time, cleaned Javadocs for improved readability by @rupert-griffin in #1325
- add option to display completion info with processing time in payload output by @cfkoehler in #1330
- Added the stuck payload's current form to Sentinel LogStackTrace and LogThreadDump messages by @drivenflywheel in #1334
Dependencies 📦
- dependencies: bump dep.logback.version from 1.5.29 to 1.5.32 by @dependabot[bot] in #1324
- dependencies: bump com.google.api.grpc:proto-google-common-protos from 2.65.1 to 2.66.0 by @dependabot[bot] in #1326
- dependencies: bump com.fasterxml.jackson:jackson-bom from 2.21.0 to 2.21.1 by @dependabot[bot] in #1327
- dependencies: bump org.apache.httpcomponents.core5:httpcore5 from 5.4.1 to 5.4.2 by @dependabot[bot] in #1332
Full Changelog: 8.40.0...8.41.0
8.40.0
What's Changed
Bug Fixes 🐞
Improvements 🛠
- sentinel :: run actions on affected threads by @dev-mlb in #1306
- improve SeekableByteChannelHelper input stream read performance by @fbruton in #1319
Security 🔒
Automation and Testing 🚦
Dependencies 📦
- dependencies: bump commons-codec:commons-codec from 1.20.0 to 1.21.0 by @dependabot[bot] in #1307
- dependencies: bump com.fasterxml.jackson:jackson-bom from 2.20.1 to 2.21.0 by @dependabot[bot] in #1305
- dependencies: bump org.apache.maven.plugins:maven-compiler-plugin from 3.14.1 to 3.15.0 by @dependabot[bot] in #1309
- dependencies: bump io.netty:netty-bom from 4.2.9.Final to 4.2.10.Final by @dependabot[bot] in #1311
- dependencies: bump com.google.api.grpc:proto-google-common-protos from 2.65.0 to 2.65.1 by @dependabot[bot] in #1310
- dependencies: bump jakarta.xml.bind:jakarta.xml.bind-api from 4.0.4 to 4.0.5 by @dependabot[bot] in #1313
- dependencies: bump org.apache.maven.plugins:maven-dependency-plugin from 3.9.0 to 3.10.0 by @dependabot[bot] in #1317
- dependencies: bump dep.logback.version from 1.5.27 to 1.5.29 by @dependabot[bot] in #1316
- dependencies: bump org.apache.httpcomponents.core5:httpcore5 from 5.4 to 5.4.1 by @dependabot[bot] in #1315
Full Changelog: 8.39.0...8.40.0
8.39.0
What's Changed
New Features ✨
Improvements 🛠
- ui :: validate nav links by @dev-mlb in #1293
- docs :: security warnings by @dev-mlb in #1291
- executrix :: validate placename with an allowlist by @dev-mlb in #1290
- configs :: validate config name with an allowlist by @dev-mlb in #1292
Security 🔒
Build, Package, Deploy 📦
- remove inputEncoding parameter from maven-pmd-plugin by @sambish5 in #1302
- update for central publishing configuration and plugin version by @cfkoehler in #1300
- dependencies: bump org.apache.commons:commons-pool2 from 2.13.0 to 2.13.1 by @dependabot[bot] in #1282
- dependencies: bump dep.logback.version from 1.5.24 to 1.5.26 by @dependabot[bot] in #1299
- dependencies: bump org.codehaus.mojo:versions-maven-plugin from 2.20.1 to 2.21.0 by @dependabot[bot] in #1297
- dependencies: bump org.junit:junit-bom from 5.14.1 to 5.14.2 by @dependabot[bot] in #1284
- dependencies: bump io.dropwizard.metrics:metrics-bom from 4.2.37 to 4.2.38 by @dependabot[bot] in #1303
- dependencies: bump com.google.api.grpc:proto-google-common-protos from 2.63.2 to 2.65.0 by @dependabot[bot] in #1298
Full Changelog: 8.38.0...8.39.0
8.38.0
What's Changed
Improvements 🛠
- Added preserve-case option to Configurator String Match Multimap by @rupert-griffin in #1252
- Configure form for files with no results in MultiFileUnixCommandPlace by @nixon124 in #1280
Automation and Testing 🚦
Other Changes ⚙️
Full Changelog: 8.37.0...8.38.0
8.37.0
What's Changed
Security 🔒
- dependencies: bump io.netty:netty-bom from 4.2.7.Final to 4.2.9.Final by @dependabot[bot] in #1265
Build, Package, Deploy 📦
- dependencies: bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.7 to 3.2.8 by @dependabot[bot] in #1250
- dependencies: bump org.apache.commons:commons-lang3 from 3.18.0 to 3.20.0 by @dependabot[bot] in #1248
- dependencies: bump org.webjars:jquery from 3.6.0 to 3.7.1 by @dependabot[bot] in #1243
- dependencies: bump org.codehaus.mojo:versions-maven-plugin from 2.19.0 to 2.20.1 by @dependabot[bot] in #1254
- dependencies: bump org.apache.maven.plugins:maven-release-plugin from 3.2.0 to 3.3.1 by @dependabot[bot] in #1257
- dependencies: bump io.github.git-commit-id:git-commit-id-maven-plugin from 9.0.1 to 9.0.2 by @dependabot[bot] in #1258
- dependencies: bump com.puppycrawl.tools:checkstyle from 10.9.3 to 10.26.1 by @dependabot[bot] in #1259
- dependencies: bump org.apache.commons:commons-pool2 from 2.11.1 to 2.13.0 by @dependabot[bot] in #1261
- dependencies: bump org.apache.commons:commons-collections4 from 4.4 to 4.5.0 by @dependabot[bot] in #1260
- dependencies: bump org.apache.maven.plugins:maven-pmd-plugin from 3.27.0 to 3.28.0 by @dependabot[bot] in #1256
- dependencies: bump com.google.guava:guava from 32.1.2-jre to 32.1.3-jre by @dependabot[bot] in #1264
- dependencies: bump net.revelc.code:impsort-maven-plugin from 1.8.0 to 1.9.0 by @jpdahlke in #1266
- dependencies: bump com.google.api.grpc:proto-google-common-protos from 2.63.1 to 2.63.2 by @dependabot[bot] in #1263
- dependencies: bump org.apache.maven.plugins:maven-enforcer-plugin from 3.5.0 to 3.6.2 by @dependabot[bot] in #1262
- dependencies: bump org.apache.commons:commons-compress from 1.27.1 to 1.28.0 by @dependabot[bot] in #1268
- dependencies: bump net.logstash.logback:logstash-logback-encoder from 7.2 to 7.4 by @dependabot[bot] in #1267
- dependencies: bump dep.logback.version from 1.5.21 to 1.5.22 by @dependabot[bot] in #1269
- dependencies: bump commons-io:commons-io from 2.19.0 to 2.21.0 by @dependabot[bot] in #1272
- dependencies: bump io.dropwizard.metrics:metrics-bom from 4.2.30 to 4.2.37 by @dependabot[bot] in #1270
- dependencies: bump org.apache.commons:commons-exec from 1.4.0 to 1.6.0 by @dependabot[bot] in #1273
- dependencies: bump org.apache.httpcomponents.client5:httpclient5 from 5.5.1 to 5.6 by @dependabot[bot] in #1275
- dependencies: bump org.apache.httpcomponents.core5:httpcore5 from 5.3.6 to 5.4 by @dependabot[bot] in #1276
- dependencies: bump org.eclipse.jetty:jetty-bom from 11.0.24 to 11.0.26 by @dependabot[bot] in #1277
- dependencies: bump org.mockito:mockito-core from 5.17.0 to 5.21.0 by @dependabot[bot] in #1278
- dependencies: bump dep.logback.version from 1.5.22 to 1.5.23 by @dependabot[bot] in #1274
- dependencies: bump org.codehaus.mojo:exec-maven-plugin from 3.6.2 to 3.6.3 by @dependabot[bot] in #1279
Automation and Testing 🚦
- github-actions :: Upgrade CodeQL initialization action to v4 by @cfkoehler in #1253
Full Changelog: 8.36.0...8.37.0