All Versions
112
Latest Version
Avg Release Cycle
22 days
Latest Release
-

Changelog History
Page 10

  • v0.8.2 Changes

    May 25, 2016

    🛠 This release includes bugfixes and minor updates:

    ➕ Added

    • 👌 Support for a simple slash in request_path. #1227
    • 🔌 Plugins:
      • Response Rate Limiting: it now appends usage headers to the upstream requests in the form of X-Ratelimit-Remaining-{limit_name} and introduces a new config.block_on_first_violation property. #1235

    🔄 Changed

    • 🔌 Plugins:
      • Mashape Analytics: The plugin is now called "Galileo", and added support for Galileo v3. #1159

    🛠 Fixed

    • 🔧 Postgres now relies on the search_path configured on the database and its default value $user, public. #1196
    • Kong now properly encodes an empty querystring parameter like ?param= when proxying the request. #1210
    • The configuration now checks that cluster.ttl_on_failure is at least 60 seconds. #1199
    • 🔌 Plugins:
      • Loggly: Fixed an issue that was triggering 400 and 500 errors. #1184
      • JWT: The TYP value in the header is not optional and case-insensitive. #1192
      • Request Transformer: Fixed a bug when transforming request headers. #1202
      • OAuth 2.0: Multiple redirect URIs are now supported. #1112
      • IP Restriction: Fixed that prevented the plugin for working properly when added on an API. #1245
      • CORS: Fixed an issue when config.preflight_continue was enabled. #1240

    Back to TOC

  • v0.8.1 Changes

    April 27, 2016

    🚀 This release includes some fixes and minor updates:

    ➕ Added

    • ➕ Adds X-Forwarded-Host and X-Forwarded-Prefix to the upstream request headers. #1180
    • 🔌 Plugins:
      • Datadog: Added two new metrics, unique_users and request_per_user, that log the consumer information. #1179

    🛠 Fixed

    • 🛠 Fixed a DAO bug that affected full entity updates. #1163
    • 🛠 Fixed a bug when setting the authentication provider in Cassandra.
    • ⚡️ Updated the Cassandra driver to v0.5.2.
    • Properly enforcing required fields in PUT requests. #1177
    • 🛠 Fixed a bug that prevented to retrieve the hostname of the local machine on certain systems. #1178

    Back to TOC

  • v0.8.0 Changes

    April 18, 2016

    🚀 This release includes support for PostgreSQL as Kong's primary datastore!

    💥 Breaking changes

    • ✂ Remove support for the long deprecated /consumers/:consumer/keyauth/ and /consumers/:consumer/basicauth/ routes (deprecated in 0.5.0). The new routes (available since 0.5.0 too) use the real name of the plugin: /consumers/:consumer/key-auth and /consumers/:consumer/basic-auth.

    ➕ Added

    • 👌 Support for PostgreSQL 9.4+ as Kong's primary datastore. #331 #1054
    • 🔧 Configurable Cassandra reading/writing consistency. #1026
    • Admin API: including pending and running timers count in the response to /. #992
    • 🔌 Plugins
      • New correlation-id plugin: assign unique identifiers to the requests processed by Kong. Courtesy of @opyate. #1094
      • LDAP: add support for LDAP authentication. #1133
      • StatsD: add support for StatsD logging. #1142
      • JWT: add support for RS256 signed tokens thanks to @kdstew! #1053
      • ACL: appends X-Consumer-Groups to the request, so the upstream service can check what groups the consumer belongs to. #1154
      • Galileo (mashape-analytics): increase batch sending timeout to 30s. #1091
    • Added ttl_on_failure option in the cluster configuration, to configure the TTL of failed nodes. #1125

    🛠 Fixed

    • 0️⃣ Introduce a new port option when connecting to your Cassandra cluster instead of using the CQL default (9042). #1139
    • 🔌 Plugins
      • Request/Response Transformer: add missing migrations for upgrades from <= 0.5.x. #1064
      • OAuth2
      • Error responses comply to RFC 6749. #1017
      • Handle multipart requests. #1067
      • Make access_tokens correctly expire. #1089

    internal

    • replace globals with singleton pattern thanks to @mars. 🛠 > - fixed resolution mismatches when using deep paths in the path resolver.

    Back to TOC

  • v0.7.0 Changes

    February 24, 2016

    💥 Breaking changes

    🔒 Due to the NGINX security fixes (CVE-2016-0742, CVE-2016-0746, CVE-2016-0747), OpenResty was bumped to 1.9.7.3 which is not backwards compatible, and thus requires changes to be made to the nginx property of Kong's configuration file. See the 0.7 upgrade path for instructions.

    ⬆️ However by upgrading the underlying OpenResty version, source installations do not have to patch the NGINX core and use the old ssl-cert-by-lua branch of ngx_lua anymore. This will make source installations much easier.

    ➕ Added

    • 👌 Support for OpenResty 1.9.7.*. This includes NGINX security fixes (CVE-2016-0742, CVE-2016-0746, CVE-2016-0747). #906
    • 🔌 Plugins
      • New Runscope plugin: Monitor your APIs from Kong with Runscope. Courtesy of @mansilladev. #924
      • Datadog: New response.size metric. #923
      • Rate-Limiting and Response Rate-Limiting
      • New config.async option to asynchronously increment counters to reduce latency at the cost of slightly reducing the accuracy. #912
      • New config.continue_on_error option to keep proxying requests in case the datastore is unreachable. rate-limiting operations will be disabled until the datastore is responsive again. #953
    • CLI
      • Perform a simple permission check on the NGINX working directory when starting, to prevent errors during execution. #939
    • Send 50x errors with the appropriate format. #927 #970

    🛠 Fixed

    • 🔌 Plugins
      • OAuth2
      • Better handling of redirect_uri (prevent the use of fragments and correctly handle querystrings). Courtesy of @PGBI. #930
      • Add PUT support to the /auth2_tokens route. #897
      • Better error message when the access_token is missing. #1003
      • IP restriction: Fix an issue that could arise when restarting Kong. Now Kong does not need to be restarted for the ip-restriction configuration to take effect. #782 #960
      • ACL: Properly invalidating entities when assigning a new ACL group. #996
      • SSL: Replace shelled out openssl calls with native ngx.ssl conversion utilities, which preserve the certificate chain. #968
    • ⚠ Avoid user warning on start when the user is not root. #964
    • 🔊 Store Serf logs in NGINX working directory to prevent eventual permission issues. #975
    • Allow plugins configured on a Consumer without being configured on an API to run. #978 #980
    • 🛠 Fixed an edge-case where Kong nodes would not be registered in the nodes table. #1008

    Back to TOC

  • v0.6.1 Changes

    February 03, 2016

    🚀 This release contains tiny bug fixes that were especially annoying for complex Cassandra setups and power users of the Admin API!

    ➕ Added

    • 🔧 A timeout property for the Cassandra configuration. In ms, this timeout is effective as a connection and a reading timeout. #937

    🛠 Fixed

    • 🔧 Correctly set the Cassandra SSL certificate in the Nginx configuration while starting Kong. #921
    • 📇 Rename the user Cassandra property to username (Kong looks for username, hence user would fail). #922
    • 👍 Allow Cassandra authentication with arbitrary plain text auth providers (such as Instaclustr uses), fixing authentication with them. #937
    • Admin API
      • Fix the /plugins/:id route for PATCH method. #941
    • 🔌 Plugins
      • HTTP logging: remove the additional \r\n at the end of the logging request body. #926
      • Galileo: catch occasional internal errors happening when a request was cancelled by the client and fix missing shm for the retry policy. #931

    Back to TOC

  • v0.6.0 Changes

    January 22, 2016

    💥 Breaking changes

    We would recommended to consult the suggested 0.6 upgrade path for this release.

    • Serf is now a Kong dependency. It allows Kong nodes to communicate between each other opening the way to many features and improvements.
    • 🔧 The configuration file changed. Some properties were renamed, others were moved, and some are new. We would recommend checking out the new default configuration file.
    • ⬇️ Drop the Lua 5.1 dependency which was only used by the CLI. The CLI now runs with LuaJIT, which is consistent with other Kong components (Luarocks and OpenResty) already relying on LuaJIT. Make sure the LuaJIT interpreter is included in your $PATH. #799

    ➕ Added

    🚀 One of the biggest new features of this release is the cluster-awareness added to Kong in #729, which deserves its own section:

    • 🔧 Each Kong node is now aware of belonging to a cluster through Serf. Nodes automatically join the specified cluster according to the configuration file's settings.
    • 🐎 The datastore cache is not invalidated by expiration time anymore, but following an invalidation strategy between the nodes of a same cluster, leading to improved performance.
    • Admin API
      • Expose a /cache endpoint for retrieving elements stored in the in-memory cache of a node.
      • Expose a /cluster endpoint used to add/remove/list members of the cluster, and also used internally for data propagation.
    • CLI
      • New kong cluster command for cluster management.
      • New kong status command for cluster healthcheck.

    Other additions include:

    • 🆕 New Cassandra driver which makes Kong aware of the Cassandra cluster. Kong is now unaffected if one of your Cassandra nodes goes down as long as a replica is available on another node. Load balancing policies also improve the performance along with many other smaller improvements. #803
    • Admin API
      • A new total field in API responses, that counts the total number of entities in the datastore. #635
    • 🔧 Configuration
      • Possibility to configure the keyspace replication strategy for Cassandra. It will be taken into account by the migrations when the configured keyspace does not already exist. #350
      • Dnsmasq is now optional. You can specify a custom DNS resolver address that Kong will use when resolving hostnames. This can be configured in kong.yml. #625
    • 🔌 Plugins
      • New "syslog" plugin: send logs to local system log. #698
      • New "loggly" plugin: send logs to Loggly over UDP. #698
      • New "datadog" plugin: send logs to Datadog server. #758
      • OAuth2
      • Add support for X-Forwarded-Proto header. #650
      • Expose a new /oauth2_tokens endpoint with the possibility to retrieve, update or delete OAuth 2.0 access tokens. #729
      • JWT
      • Support for base64 encoded secrets. #838 #577
      • Support to configure the claim in which the key is given into the token (not iss only anymore). #838
      • Request transformer
      • Support for more transformation options: remove, replace, add, append motivated by #393. See #824
      • Support JSON body transformation. #569
      • Response transformer
      • Support for more transformation options: remove, replace, add, append motivated by #393. See #822

    🔄 Changed

    • 🔧 As mentioned in the breaking changes section, a new configuration file format and validation. All properties are now documented and commented out with their default values. This allows for a lighter configuration file and more clarity as to what properties relate to. It also catches configuration mistakes. #633
    • 👀 Replace the UUID generator library with a new implementation wrapping lib-uuid, fixing eventual conflicts happening in cases such as described in #659. See #695
    • Admin API
      • Increase the maximum body size to 10MB in order to handle configuration requests with heavy payloads. #700
      • Disable access logs for the /status endpoint.
      • The /status endpoint now includes database statistics, while the previous stats have been moved to a server response field. #635

    🛠 Fixed

    • Behaviors described in #603 related to the failure of Cassandra nodes thanks to the new driver. #803
    • 🚤 Latency headers are now properly included in responses sent to the client. #708
    • strip_request_path does not add a trailing slash to the API's upstream_url anymore before proxying. #675
    • Do not URL decode querystring before proxying the request to the upstream service. #749
    • Handle cases when the request would be terminated prior to the Kong execution (that is, before ngx_lua reaches the access_by_lua context) in cases such as the use of a custom nginx module. #594
    • Admin API
      • The PUT method now correctly updates boolean fields (such as strip_request_path). #765
      • The PUT method now correctly resets a plugin configuration. #720
      • PATCH correctly set previously unset fields. #861
      • In the responses, the next link is not being displayed anymore if there are no more entities to be returned. #635
      • Prevent the update of created_at fields. #820
      • Better request_path validation for APIs. "/" is not considered a valid path anymore. #881
    • 🔌 Plugins
      • Galileo: ensure the mimeType value is always a string in ALFs. #584
      • JWT: allow to update JWT credentials using the PATCH method. It previously used to reply with 405 Method not allowed because the PATCH method was not implemented. #667
      • Rate limiting: fix a warning when many periods are configured. #681
      • Basic Authentication: do not re-hash the password field when updating a credential. #726
      • File log: better permissions for on file creation for file-log plugin. #877
      • OAuth2
      • Implement correct responses when the OAuth2 challenges are refused. #737
      • Handle querystring on /authorize and /token URLs. #687
      • Handle punctuation in scopes on /authorize and /token endpoints. #658

    internal

    • Event bus for local and cluster-wide events propagation. Plans for this event bus is to be widely used among Kong in the future.
    • The Kong Public Lua API (Lua helpers integrated in Kong such as DAO and Admin API helpers) is now documented with ldoc. 👷 > - Work has been done to restore the reliability of the CI platforms. 🔧 > - Migrations can now execute DML queries (instead of DDL queries only). Handy for migrations implying plugin configuration changes, plugins renamings etc... #770

    Back to TOC

  • v0.5.4 Changes

    December 03, 2015

    🛠 Fixed

    • 📈 Mashape Analytics plugin (renamed Galileo):
      • Improve stability under heavy load. #757
      • base64 encode ALF request/response bodies, enabling proper support for Galileo bodies inspection capabilities. #747
      • Do not include JSON bodies in ALF postData.params field. #766

    Back to TOC

  • v0.5.3 Changes

    November 16, 2015

    🛠 Fixed

    • Avoids additional URL encoding when proxying to an upstream service. #691
    • 🔌 Potential timing comparison bug in HMAC plugin. #704

    ➕ Added

    • 🔌 The Galileo plugin now supports arbitrary host, port and path values. #721

    Back to TOC

  • v0.5.2 Changes

    October 21, 2015

    🛠 A few fixes requested by the community!

    🛠 Fixed

    • Kong properly search the nginx in your $PATH variable.
    • 🔌 Plugins:
      • OAuth2: can detect that the originating protocol for a request was HTTPS through the X-Forwarded-Proto header and work behind another reverse proxy (load balancer). #650
      • HMAC signature: support for X-Date header to sign the request for usage in browsers (since the Date header is protected). #641

    Back to TOC

  • v0.5.1 Changes

    October 13, 2015

    🛠 Fixing a few glitches we let out with 0.5.0!

    ➕ Added

    • 🔌 Basic Authentication and HMAC Authentication plugins now also send the X-Credential-Username to the upstream server.
    • Admin API now accept JSON when receiving a CORS request. #580
    • ➕ Add a WWW-Authenticate header for HTTP 401 responses for basic-auth and key-auth. #588

    🔄 Changed

    • Protect Kong from POODLE SSL attacks by omitting SSLv3 (CVE-2014-3566). #563
    • ✂ Remove support for key-auth key in body. #566

    🛠 Fixed

    • 🔌 Plugins
      • HMAC
      • The migration for this plugin is now correctly being run. #611
      • Wrong username doesn't return HTTP 500 anymore, but 403. #602
      • JWT: iss not being found doesn't return HTTP 500 anymore, but 403. #578
      • OAuth2: client credentials flow does not include a refresh token anymore. #562
    • 🛠 Fix an occasional error when updating a plugin without a config. #571

    Back to TOC