Changelog History
Page 10
-
v0.8.2 Changes
May 25, 2016๐ This release includes bugfixes and minor updates:
โ Added
- ๐ Support for a simple slash in
request_path
. #1227 - ๐ Plugins:
- Response Rate Limiting: it now appends usage headers to the upstream requests in the form of
X-Ratelimit-Remaining-{limit_name}
and introduces a newconfig.block_on_first_violation
property. #1235
- Response Rate Limiting: it now appends usage headers to the upstream requests in the form of
๐ Changed
- ๐ Plugins:
- Mashape Analytics: The plugin is now called "Galileo", and added support for Galileo v3. #1159
๐ Fixed
- ๐ง Postgres now relies on the
search_path
configured on the database and its default value$user, public
. #1196 - Kong now properly encodes an empty querystring parameter like
?param=
when proxying the request. #1210 - The configuration now checks that
cluster.ttl_on_failure
is at least 60 seconds. #1199 - ๐ Plugins:
- Loggly: Fixed an issue that was triggering 400 and 500 errors. #1184
- JWT: The
TYP
value in the header is not optional and case-insensitive. #1192 - Request Transformer: Fixed a bug when transforming request headers. #1202
- OAuth 2.0: Multiple redirect URIs are now supported. #1112
- IP Restriction: Fixed that prevented the plugin for working properly when added on an API. #1245
- CORS: Fixed an issue when
config.preflight_continue
was enabled. #1240
- ๐ Support for a simple slash in
-
v0.8.1 Changes
April 27, 2016๐ This release includes some fixes and minor updates:
โ Added
- โ Adds
X-Forwarded-Host
andX-Forwarded-Prefix
to the upstream request headers. #1180 - ๐ Plugins:
- Datadog: Added two new metrics,
unique_users
andrequest_per_user
, that log the consumer information. #1179
- Datadog: Added two new metrics,
๐ Fixed
- ๐ Fixed a DAO bug that affected full entity updates. #1163
- ๐ Fixed a bug when setting the authentication provider in Cassandra.
- โก๏ธ Updated the Cassandra driver to v0.5.2.
- Properly enforcing required fields in PUT requests. #1177
- ๐ Fixed a bug that prevented to retrieve the hostname of the local machine on certain systems. #1178
- โ Adds
-
v0.8.0 Changes
April 18, 2016๐ This release includes support for PostgreSQL as Kong's primary datastore!
๐ฅ Breaking changes
- โ Remove support for the long deprecated
/consumers/:consumer/keyauth/
and/consumers/:consumer/basicauth/
routes (deprecated in0.5.0
). The new routes (available since0.5.0
too) use the real name of the plugin:/consumers/:consumer/key-auth
and/consumers/:consumer/basic-auth
.
โ Added
- ๐ Support for PostgreSQL 9.4+ as Kong's primary datastore. #331 #1054
- ๐ง Configurable Cassandra reading/writing consistency. #1026
- Admin API: including pending and running timers count in the response to
/
. #992 - ๐ Plugins
- New correlation-id plugin: assign unique identifiers to the requests processed by Kong. Courtesy of @opyate. #1094
- LDAP: add support for LDAP authentication. #1133
- StatsD: add support for StatsD logging. #1142
- JWT: add support for RS256 signed tokens thanks to @kdstew! #1053
- ACL: appends
X-Consumer-Groups
to the request, so the upstream service can check what groups the consumer belongs to. #1154 - Galileo (mashape-analytics): increase batch sending timeout to 30s. #1091
- Added
ttl_on_failure
option in the cluster configuration, to configure the TTL of failed nodes. #1125
๐ Fixed
- 0๏ธโฃ Introduce a new
port
option when connecting to your Cassandra cluster instead of using the CQL default (9042). #1139 - ๐ Plugins
internal
- replace globals with singleton pattern thanks to @mars. ๐ > - fixed resolution mismatches when using deep paths in the path resolver.
- โ Remove support for the long deprecated
-
v0.7.0 Changes
February 24, 2016๐ฅ Breaking changes
๐ Due to the NGINX security fixes (CVE-2016-0742, CVE-2016-0746, CVE-2016-0747), OpenResty was bumped to
1.9.7.3
which is not backwards compatible, and thus requires changes to be made to thenginx
property of Kong's configuration file. See the 0.7 upgrade path for instructions.โฌ๏ธ However by upgrading the underlying OpenResty version, source installations do not have to patch the NGINX core and use the old
ssl-cert-by-lua
branch of ngx_lua anymore. This will make source installations much easier.โ Added
- ๐ Support for OpenResty
1.9.7.*
. This includes NGINX security fixes (CVE-2016-0742, CVE-2016-0746, CVE-2016-0747). #906 - ๐ Plugins
- New Runscope plugin: Monitor your APIs from Kong with Runscope. Courtesy of @mansilladev. #924
- Datadog: New
response.size
metric. #923 - Rate-Limiting and Response Rate-Limiting
- New
config.async
option to asynchronously increment counters to reduce latency at the cost of slightly reducing the accuracy. #912 - New
config.continue_on_error
option to keep proxying requests in case the datastore is unreachable. rate-limiting operations will be disabled until the datastore is responsive again. #953
- CLI
- Perform a simple permission check on the NGINX working directory when starting, to prevent errors during execution. #939
- Send 50x errors with the appropriate format. #927 #970
๐ Fixed
- ๐ Plugins
- OAuth2
- Better handling of
redirect_uri
(prevent the use of fragments and correctly handle querystrings). Courtesy of @PGBI. #930 - Add
PUT
support to the/auth2_tokens
route. #897 - Better error message when the
access_token
is missing. #1003 - IP restriction: Fix an issue that could arise when restarting Kong. Now Kong does not need to be restarted for the ip-restriction configuration to take effect. #782 #960
- ACL: Properly invalidating entities when assigning a new ACL group. #996
- SSL: Replace shelled out openssl calls with native
ngx.ssl
conversion utilities, which preserve the certificate chain. #968
- โ Avoid user warning on start when the user is not root. #964
- ๐ Store Serf logs in NGINX working directory to prevent eventual permission issues. #975
- Allow plugins configured on a Consumer without being configured on an API to run. #978 #980
- ๐ Fixed an edge-case where Kong nodes would not be registered in the
nodes
table. #1008
- ๐ Support for OpenResty
-
v0.6.1 Changes
February 03, 2016๐ This release contains tiny bug fixes that were especially annoying for complex Cassandra setups and power users of the Admin API!
โ Added
- ๐ง A
timeout
property for the Cassandra configuration. In ms, this timeout is effective as a connection and a reading timeout. #937
๐ Fixed
- ๐ง Correctly set the Cassandra SSL certificate in the Nginx configuration while starting Kong. #921
- ๐ Rename the
user
Cassandra property tousername
(Kong looks forusername
, henceuser
would fail). #922 - ๐ Allow Cassandra authentication with arbitrary plain text auth providers (such as Instaclustr uses), fixing authentication with them. #937
- Admin API
- Fix the
/plugins/:id
route forPATCH
method. #941
- Fix the
- ๐ Plugins
- ๐ง A
-
v0.6.0 Changes
January 22, 2016๐ฅ Breaking changes
We would recommended to consult the suggested 0.6 upgrade path for this release.
- Serf is now a Kong dependency. It allows Kong nodes to communicate between each other opening the way to many features and improvements.
- ๐ง The configuration file changed. Some properties were renamed, others were moved, and some are new. We would recommend checking out the new default configuration file.
- โฌ๏ธ Drop the Lua 5.1 dependency which was only used by the CLI. The CLI now runs with LuaJIT, which is consistent with other Kong components (Luarocks and OpenResty) already relying on LuaJIT. Make sure the LuaJIT interpreter is included in your
$PATH
. #799
โ Added
๐ One of the biggest new features of this release is the cluster-awareness added to Kong in #729, which deserves its own section:
- ๐ง Each Kong node is now aware of belonging to a cluster through Serf. Nodes automatically join the specified cluster according to the configuration file's settings.
- ๐ The datastore cache is not invalidated by expiration time anymore, but following an invalidation strategy between the nodes of a same cluster, leading to improved performance.
- Admin API
- Expose a
/cache
endpoint for retrieving elements stored in the in-memory cache of a node. - Expose a
/cluster
endpoint used to add/remove/list members of the cluster, and also used internally for data propagation.
- Expose a
- CLI
- New
kong cluster
command for cluster management. - New
kong status
command for cluster healthcheck.
- New
Other additions include:
- ๐ New Cassandra driver which makes Kong aware of the Cassandra cluster. Kong is now unaffected if one of your Cassandra nodes goes down as long as a replica is available on another node. Load balancing policies also improve the performance along with many other smaller improvements. #803
- Admin API
- A new
total
field in API responses, that counts the total number of entities in the datastore. #635
- A new
- ๐ง Configuration
- Possibility to configure the keyspace replication strategy for Cassandra. It will be taken into account by the migrations when the configured keyspace does not already exist. #350
- Dnsmasq is now optional. You can specify a custom DNS resolver address that Kong will use when resolving hostnames. This can be configured in
kong.yml
. #625
- ๐ Plugins
- New "syslog" plugin: send logs to local system log. #698
- New "loggly" plugin: send logs to Loggly over UDP. #698
- New "datadog" plugin: send logs to Datadog server. #758
- OAuth2
- Add support for
X-Forwarded-Proto
header. #650 - Expose a new
/oauth2_tokens
endpoint with the possibility to retrieve, update or delete OAuth 2.0 access tokens. #729 - JWT
- Support for base64 encoded secrets. #838 #577
- Support to configure the claim in which the key is given into the token (not
iss
only anymore). #838 - Request transformer
- Support for more transformation options:
remove
,replace
,add
,append
motivated by #393. See #824 - Support JSON body transformation. #569
- Response transformer
- Support for more transformation options:
remove
,replace
,add
,append
motivated by #393. See #822
๐ Changed
- ๐ง As mentioned in the breaking changes section, a new configuration file format and validation. All properties are now documented and commented out with their default values. This allows for a lighter configuration file and more clarity as to what properties relate to. It also catches configuration mistakes. #633
- ๐ Replace the UUID generator library with a new implementation wrapping lib-uuid, fixing eventual conflicts happening in cases such as described in #659. See #695
- Admin API
๐ Fixed
- Behaviors described in #603 related to the failure of Cassandra nodes thanks to the new driver. #803
- ๐ค Latency headers are now properly included in responses sent to the client. #708
strip_request_path
does not add a trailing slash to the API'supstream_url
anymore before proxying. #675- Do not URL decode querystring before proxying the request to the upstream service. #749
- Handle cases when the request would be terminated prior to the Kong execution (that is, before ngx_lua reaches the
access_by_lua
context) in cases such as the use of a custom nginx module. #594 - Admin API
- The PUT method now correctly updates boolean fields (such as
strip_request_path
). #765 - The PUT method now correctly resets a plugin configuration. #720
- PATCH correctly set previously unset fields. #861
- In the responses, the
next
link is not being displayed anymore if there are no more entities to be returned. #635 - Prevent the update of
created_at
fields. #820 - Better
request_path
validation for APIs. "/" is not considered a valid path anymore. #881
- The PUT method now correctly updates boolean fields (such as
- ๐ Plugins
- Galileo: ensure the
mimeType
value is always a string in ALFs. #584 - JWT: allow to update JWT credentials using the PATCH method. It previously used to reply with
405 Method not allowed
because the PATCH method was not implemented. #667 - Rate limiting: fix a warning when many periods are configured. #681
- Basic Authentication: do not re-hash the password field when updating a credential. #726
- File log: better permissions for on file creation for file-log plugin. #877
- OAuth2
- Implement correct responses when the OAuth2 challenges are refused. #737
- Handle querystring on
/authorize
and/token
URLs. #687 - Handle punctuation in scopes on
/authorize
and/token
endpoints. #658
- Galileo: ensure the
internal
- Event bus for local and cluster-wide events propagation. Plans for this event bus is to be widely used among Kong in the future.
- The Kong Public Lua API (Lua helpers integrated in Kong such as DAO and Admin API helpers) is now documented with ldoc. ๐ท > - Work has been done to restore the reliability of the CI platforms. ๐ง > - Migrations can now execute DML queries (instead of DDL queries only). Handy for migrations implying plugin configuration changes, plugins renamings etc... #770
-
v0.5.4 Changes
December 03, 2015๐ Fixed
- ๐ Mashape Analytics plugin (renamed Galileo):
-
v0.5.3 Changes
November 16, 2015 -
v0.5.2 Changes
October 21, 2015๐ A few fixes requested by the community!
๐ Fixed
- Kong properly search the
nginx
in your $PATH variable. - ๐ Plugins:
- Kong properly search the
-
v0.5.1 Changes
October 13, 2015๐ Fixing a few glitches we let out with 0.5.0!
โ Added
- ๐ Basic Authentication and HMAC Authentication plugins now also send the
X-Credential-Username
to the upstream server. - Admin API now accept JSON when receiving a CORS request. #580
- โ Add a
WWW-Authenticate
header for HTTP 401 responses for basic-auth and key-auth. #588
๐ Changed
- Protect Kong from POODLE SSL attacks by omitting SSLv3 (CVE-2014-3566). #563
- โ Remove support for key-auth key in body. #566
๐ Fixed
- ๐ Plugins
- ๐ Fix an occasional error when updating a plugin without a config. #571
- ๐ Basic Authentication and HMAC Authentication plugins now also send the