Release 2022-08-16 - (expected chart version 4.22.0) #2614
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Back to develop
Also include subdomains
Fix an issue for larger client requests on e.g. /list-users and /list-conversations, which were giving 413 errors for some users. See https://wearezeta.atlassian.net/browse/SQPIT-1044 Allow client requests of 256k by default (was 64k).
* A type-safe usage of a timeout in proposals * Delete expired packages upon claiming and counting * Support lifetime in key package creation test utility * Test key package expiration
Linted wire-api.
* refactor: blackliststore effect * feat: impl blacklistphoneprefixstore * chore: inline Brig.Data.Blacklist into interpreters Co-authored-by: Sandy Maguire <[email protected]>
[SQSERVICES-1067] Address user account consistency issue when SCIM provisioning crashes
* Refactor. * Add (failing) tests. * Fix failing test. * Revert "Fix failing test." (different approach coming up.) * Update test (now failing again, but being correct about that). * Use "default" keyword to delete existing splash screen asset key. (like with `Icon`.) * Update legacy swagger1.2.
* Remove deprecated member add endpoint from tests * Use V2 instead of "v2" in an MLS test - This should help with catching non-supported API version at compile time instead of at test time * Remove the deprecated endpoint for member removal
…t (CI copy) (#2580) * RichInfoAssocList schema and getRichInfo endpoint * Implement team search endpoint Co-authored-by: Sandy Maguire <[email protected]>
Removes ECDHE-ECDSA-AES128-GCM-SHA256 and ECDHE-RSA-AES128-GCM-SHA256 ciphers from: - from ingress traffic getting to nginz; - from ingress-traffic getting to nginz-cannon; - and if applicable (not installed by default) backoffice (which was using a larger list of ciphers). - removes these ciphers from being used/allowed in server-to-server federation exchanges. Also removes `TLS_CHACHA20_POLY1305_SHA256` in case TLS 1.3 is active. Co-authored-by: Sebastian Willenborg <[email protected]>
* rm */**/package.yaml * cleanup * changelog
* Delete bonanza The tool is no longer required. Please use 'StructuredJSON' log format. * Delete makedeb and all references to it * Add changelog * remove debian package information Exception: brig, which needs to keep its deb folder, as it contains the email templates referred to elsewhere and copied during docker image builds. * Makefiles: delete references to DEBian packages Co-authored-by: jschaul <[email protected]>
Co-authored-by: Leif Battermann <[email protected]>
The logic has been manually tested. Automated tests will be added/integrated by FS-797.
Co-authored-by: Stefan Matting <[email protected]>
…ching our deployments (#2610)
This reflects a prior behavior that is used (required) by Ibis. Additionally, it's more consistent when all setters can be called with PUT and PATCH.
* Use rustup to build mls-test-cli * use official Rust Docker image and a fixed version instead of curling Co-authored-by: Stefan Berthold <[email protected]>
replace the release notes with a page pointing to github release note…
Co-authored-by: Paolo Capriotti <[email protected]>
zebot
added
the
ok-to-test
akshaymankar
previously requested changes
Aug 16, 2022
supersven
force-pushed
the
release_2022-08-16_08_27
branch
from
8d60185 to
470e57a
Compare
jschaul
approved these changes
Aug 16, 2022
jschaul
dismissed
akshaymankar’s stale review
change requests have been addressed.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
[2022-08-16] (Chart Release 4.22.0)
API changes
Features
charts/cannon: Ensure HSTS headers are set for all endpoints (charts/cannon: Ensure HSTS headers are set for all endpoints #2574)
Expired MLS key packages are deleted from the database ([FS-794] MLS: Delete Expired Key Packages #2582)
Add support for MLS Remove proposals (FS-720 Add support for MLS Remove proposals #2561)
Human readable names for SAML IdPs (Sqservices 1533 be give saml id ps human readable names in tm #2565)
The
preferredLanguagefield from SCIM now maps to the user locale in BRIG and will be set and updated on post SCIM user and on update SCIM user using SAML. (SQSERVICES-1388-email-localization-when-provisioning-users-with-scim-2 #2605)For TLS1.2, by default, remove ECDHE-ECDSA-AES128-GCM-SHA256 and ECDHE-RSA-AES128-GCM-SHA256 ciphers for ingress traffic. (Remove AES128 TLS ciphers for TLS 1.2 by default #2528)
Bug fixes and other updates
Internal changes
that is used by Ibis. Additionally, it's more consistent when all setters can be
called with PUT and PATCH. As this will fix calls by Ibis, the deployment order
doesn't matter. (Allow features to be set with HTTP method PATCH (SQPIT-1142) #2575)
Brig should be deployed before Galley. (update clients' key package refs upon committing #2604)
Federation changes