ยซ Changelog History


Kong v0.7.0 Release Notes

Release Date: 2016-02-24 // about 8 years ago

  • ๐Ÿ’ฅ Breaking changes

    ๐Ÿ”’ Due to the NGINX security fixes (CVE-2016-0742, CVE-2016-0746, CVE-2016-0747), OpenResty was bumped to 1.9.7.3 which is not backwards compatible, and thus requires changes to be made to the nginx property of Kong's configuration file. See the 0.7 upgrade path for instructions.

    โฌ†๏ธ However by upgrading the underlying OpenResty version, source installations do not have to patch the NGINX core and use the old ssl-cert-by-lua branch of ngx_lua anymore. This will make source installations much easier.

    โž• Added

    • ๐Ÿ‘Œ Support for OpenResty 1.9.7.*. This includes NGINX security fixes (CVE-2016-0742, CVE-2016-0746, CVE-2016-0747). #906
    • ๐Ÿ”Œ Plugins
      • New Runscope plugin: Monitor your APIs from Kong with Runscope. Courtesy of @mansilladev. #924
      • Datadog: New response.size metric. #923
      • Rate-Limiting and Response Rate-Limiting
      • New config.async option to asynchronously increment counters to reduce latency at the cost of slightly reducing the accuracy. #912
      • New config.continue_on_error option to keep proxying requests in case the datastore is unreachable. rate-limiting operations will be disabled until the datastore is responsive again. #953
    • CLI
      • Perform a simple permission check on the NGINX working directory when starting, to prevent errors during execution. #939
    • Send 50x errors with the appropriate format. #927 #970

    ๐Ÿ›  Fixed

    • ๐Ÿ”Œ Plugins
      • OAuth2
      • Better handling of redirect_uri (prevent the use of fragments and correctly handle querystrings). Courtesy of @PGBI. #930
      • Add PUT support to the /auth2_tokens route. #897
      • Better error message when the access_token is missing. #1003
      • IP restriction: Fix an issue that could arise when restarting Kong. Now Kong does not need to be restarted for the ip-restriction configuration to take effect. #782 #960
      • ACL: Properly invalidating entities when assigning a new ACL group. #996
      • SSL: Replace shelled out openssl calls with native ngx.ssl conversion utilities, which preserve the certificate chain. #968
    • โš  Avoid user warning on start when the user is not root. #964
    • ๐Ÿ”Š Store Serf logs in NGINX working directory to prevent eventual permission issues. #975
    • Allow plugins configured on a Consumer without being configured on an API to run. #978 #980
    • ๐Ÿ›  Fixed an edge-case where Kong nodes would not be registered in the nodes table. #1008

    Back to TOC