All Versions
32
Latest Version
Avg Release Cycle
43 days
Latest Release
1377 days ago

Changelog History
Page 2

  • v2.9.4.4 Changes

    September 09, 2020

    Tyk Gateway v2.9.4.4

    • ๐Ÿ›  Fixed concurrent map writes panic in session object #3274
    • ๐Ÿ›  Fixed reload implementation #3269
    • Don't encode and reset RawQuery after JSVM if no change on query params #3283
    • โž• Added a way to use sentinel rate limiter during Redis fallback with DRL #3298
    • Implemented rw mutex for session and avoid multiple write access to the session #3274
  • v2.9.4.3 Changes

    July 31, 2020

    Tyk Gateway 2.9.4.3

    • Request signing now works with query params
    • ๐Ÿ›  Fixed request signing if upstream do not have trailing slash #3242
    • ๐Ÿ›  Fixed custom keys in MDCB environment #3103
    • ๐Ÿ›  Fixed issue when update of hashed token caused generated rudimentary record in Redis #3109

    Tyk Dashboard 1.9.4.3

    • ๐Ÿ›  Fixed dashboard bootstrapping when using TLS
  • v2.9.4.2 Changes

    June 09, 2020
    • ๐Ÿ”ง Now Open Tracing configuration options can be set via ENV variables #3112
    • ๐Ÿ›  Fixed Key quota Monitor #3078
  • v2.9.4.1 Changes

    April 27, 2020

    ๐Ÿš€ The last patch released introduced improved package signing changes, however, we found that some old RPM base systems, do not support signing using sub-keys. So we have released packages for all products, to fix that issue.

    โž• Additional changes:

    Tyk Gateway 2.9.4.1

    Tyk Dashboard 1.9.4.1

    • ๐Ÿ›  Fixed OAuth token revocation even propagation in multi-datacenter scenario
    • ๐Ÿ›  Fixed bug preventing using SSO lookup together with temporary SSO users.
    • ๐Ÿ›  Fixed UI bug which adds double OrgID to the certificate IDs when using certificate modal

    Tyk MDCB 1.7.4

    • ๐Ÿ›  Fixed OAuth token revocation even propagation in multi-datacenter scenario
  • v2.9.3 Changes

    February 03, 2020

    Tyk Gateway 2.9.3

    • ๐Ÿ‘ฎ Added a way to force the validation of a hostname against the certificate Common Name. Added two Boolean variables to enable it on the API definition layer proxy.transport.ssl_force_common_name_check and the global tyk.conf level ssl_force_common_name_check. #2774
    • Now plugins can fully override the response body. Added new boolean option: for Python and gRPC plugins set return_overrides.override_error, or for JSVM plugins ReturnOverrides.OverrideError. #2693
    • ๐Ÿ‘€ Now, for overriding a response via plugins, use ResponseBody (JSVM) or response_body (Python/gRPC), instead of ResponseError and response_error fields respectively. The old field still can be used for backward compatibility. #2693
    • โž• Added support for specifying Policy metadata, similar to Keys. All Keys created based on policy will inherit policy metadata. #2717
    • Now you can configure the maximum size of gRPC plugin messages using coprocess_options.grpc_recv_max_size and coprocess_options.grpc_send_max_size variables. #2203
    • ๐Ÿ›  Fixed the case when using throttling can lead to an infinite loop, if during throttling event if another gateway instance was added or removed from the cluster. #2687
    • โž• Added Redis Sentinel support, using new storage.master_name variable. #2769
    • โž• Added new storage.addrs string array field, to specify a list of hosts, instead of storage.hosts. This allows you to specify Redis servers on the same domain but different ports. #2769
    • ๐Ÿ›  Fixed issues when Keys and Certificate listing endpoints do not return all the data when using Redis Cluster #2760
    • ๐Ÿ›  Fixed issue with analytics data expiration for Multi-Cloud clients #2797
    • ๐Ÿ›  Fixed MutualTLS auth when multiple APIs are deployed on the same domain and only one of them has mutual TLS enabled #2625
    • ๐Ÿ›  Fixed the validation of Redis event verification for inter-cluster messages #2762
    • ๐Ÿ›  Fixed bug when CORS headers can be duplicated in the response #2629
    • Added a way to set the custom header for upstream request signing, using request_signing.signature_header option. #2849
    • ๐Ÿ›  Fixed detailed logging for responses generated by plugins #2367
    • ๐Ÿ”Œ Now you can access an API definition inside a Go plugin, using ctx.GetDefinition #2624
    • ๐Ÿ›  Fixed Reds fallback for oAuth APIs #2799
    • ๐Ÿ›  Fixed WebSocket proxying errors on high concurrency #2708
    • ๐Ÿ›  Fixed the combination of method transform and URL rewrite plugins #1598
    • ๐Ÿ›  Fix python plugins crashes on concurrent calls #2760
    • OAuth authorize endpoint now properly returns state attribute #2678
    • ๐Ÿ‘Œ Improved the memory consumption for the Gateways which have JSVM enabled. Now it should load JSVM VM only API actually uses it. #2702
    • Distributed rate limiter now automatically switch to Redis algorithm (a bit slower but more accurate), if the DRL canโ€™t provide enough accuracy (like low limits with high number of servers), you can control this behavior using drl_threshold option, which specifies the min number of requests PER gateway, for the rate limit. If it is lower then the Redis algorithm will be used. #2674

    Tyk Dashboard 1.9.3

    • ๐Ÿ”ง Now each authentication middleware can have its own configuration for authentication header name, query param, or cookie name.
    • ๐Ÿ“‡ Now you can set metadata for a Policy.
    • Dashboard notifications now do not require exposing a separate port.
    • Added Redis Sentinel support, using the new redis_master_name variable.
    • โž• Added new storage.addrs string array field, to specify a list of hosts, instead of storage.hosts. This allows you to specify Redis servers on the same domain but different ports.
    • ๐Ÿ‘Œ Improved form validation on Pages screen
    • ๐Ÿšš Disabling versioning now should not remove endpoints from the first version
    • ๐Ÿ›  Fixed duplication when updating an OAuth client
    • ๐Ÿ›  Fix OAuth client screen to allow you to pick a policy which has multiple APIs https://github.com/TykTechnologies/tyk-analytics-ui/issues/1572
    • Fixed disable_parallel_sessions behavior when using Single Sign-On

    Tyk Pump 0.8.4

    • โž• Added Redis Sentinel support, using new storage.master_name variable.
    • โž• Added new storage.addrs string array field, to specify a list of hosts, instead of storage.hosts. This allows you to specify Redis servers on the same domain but different ports.
    • ElasticSearch pump extended with decode_base64 boolean option, in order to skip base64 encoding for raw request and response objects.

    Tyk MDCB 1.7.2

    • โž• Added Redis Sentinel support, using the new storage.master_name variable.
    • โž• Added new storage.addrs string array field, to specify a list of hosts, instead of storage.hosts. This allows you to specify Redis servers on the same domain but different ports.

    Tyk Identity Broker 0.7.1

    • ๐Ÿ”ง You can now configure requested scopes for an OpenID plugin, using the โ€œscopesโ€ string array TykTechnologies/tyk-identity-broker#75
    • ๐Ÿ›  Fixed setting UseSSL and SSLInsecureSkipVerify fields for Redis backend TykTechnologies/tyk-identity-broker#80
    • โž• Added support for specifying User Group ID inside profiles. You can set the static value via DefaultGroupID or dynamic value based on the field of oAuth/OpenID scope using CustomUserGroupField and UserGroupMapping fields. Example:

      { "DefaultUserGroupID": "default-user-group", "CustomUserGroupField": "scope", "UserGroupMapping": { "admin": "", "analytics": "" } }

  • v2.9.3-rc1

    February 03, 2020
  • v2.9.3-old

    February 07, 2020
  • v2.9.3.2 Changes

    March 23, 2020

    Tyk Gateway v2.9.3.2

    • ๐Ÿ›  Fix overriding metadata using key_rules during oAuth flow #2724
  • v2.9.3.1 Changes

    February 12, 2020
    • ๐Ÿ›  Fixed usage of JWT auth middleware in multi-auth scenario
  • v2.9.2 Changes

    November 29, 2019

    Tyk Gateway 2.9.2

    ๐Ÿ›  Fixed Open Tracing issues [#2655, #2685, #2688]
    ๐Ÿคก This Addresses an issue where middleware such as mocked responses, url rewrites, method transform & versioning would stop working when tracing is enabled.

    โž• Added ignore case option for Whitelist/Blacklist/Ignore plugins [#2330]
    For example, if /orderpizza is whitelisted, then any combination of upper/lowercase can be whitelisted thanks to ignore case option- /orderPizza, /OrderPizza, /orDerpiZZa etc.

    ๐Ÿ”Œ Ignore plugin can now be used with URL rewrite [#2579]
    ๐Ÿ”Œ The purpose of the ignore plugin is to bypass authentication. This had an adverse effect in that it also bypassed several other middlewares such as URL rewrite. The Ignore plugin no longer causes relevant middleware to be bypassed.

    ๐Ÿ“‡ OAuth client metadata is now applied to OAuth token [#2682]

    ๐Ÿ”ง OAuth error code is now configurable [#2381]
    It is now possible to tune the error status code by modifying oauth_error_status_code in tyk.conf. If no value is set, it defaults to a 403 error.

    โž• Added RSA support in request signing middleware [#2452]
    ๐Ÿ‘ Request Signing middleware previously only supported HMAC. This is now extended to support RSA.

    ๐Ÿ”Œ Circuit Breaker plugin now trips for any 5xx status code, not just 500 [#2660]

    ๐Ÿฑ โš ๏ธ Deprecated auth field in favour of auth_configs in api definition object [#2580]

    {
      "auth_configs": {
        "authToken": {"auth_header_name": "My-Auth-Header-Key"}
        "basic": {"auth_header_name": "My-Basic-Auth-Header-Key"},
        ...
      }
    }
    

    ๐Ÿ‘ This enables better control with multiple chained authentication mechanisms enabled for an API. Now we can set distinct Headers for different auth modes.

    • Redis MGET driver fix in cluster mode [#2703]
      ๐Ÿ‘ Commands performing multiple keys operations (such as MGET) cannot be supported when using a cluster of Redis nodes because they are commands meant to operate atomically on a single node. MGET has been resolved by aggregating the result of several GET commands.

    Tyk Dashboard 1.9.2

    ๐Ÿ’ป Resolved a UI error which made it impossible to delete a portal navigation item from the admin dashboard

    ๐Ÿ‘Œ Improved guidance for custom domains regex in Dashboard API Designer

    ๐Ÿ“š Updating the developer portal catalogue no longer generates a new URL for portal documentation. This allows portal documentation to be shared publicly and updated without causing 404 broken links

    Converted API version expiry date to UTC format to handle timezone differences

    ๐Ÿ›  Fixed catalogue issues during a key request in a multi-selection flow
    ๐Ÿ›  Require Key Approval feature wasn't working correctly in a multi API flow. Now, all cases are fixed.

    ๐Ÿ›  Fixed pagination issues
    Page count was wrong on some lists such policies, APIs etc.

    ๐Ÿ‘‰ Showed policy name along with ID for OIDC authentication
    On OIDC authentication, once a policy is added, it is identified by the policy ID, rather than the name. Now, It displays both the policy name and ID.

    Fixed the issue that a user can login to multiple sessions through TIB even with disable_parallel_sessions is set to true

    ๐Ÿ›  Fixed URL rewrite triggers in case of API update
    โšก๏ธ When updating an API through the dashboard, the API was incorrectly modified and the advanced rewrite "match" value was incorrectly changed from true to false.

    ๐Ÿ›  Fixed broken key update/delete events that affect Multi-Cloud installations
    ๐Ÿ”จ Internal key event names were refactored but this broke backwards compatibility so we have returned back to the previous event names.

    Tyk Pump 0.8.3

    ๐Ÿ– Handled unsupported MongoDB characters [TykTechnologies/tyk-pump/issues/113]
    ๐Ÿ‘ MongoDB doesn't support . in parent field names. Should a path contain . , mongoDB would get corrupted. We have now replaced the . character with its Unicode equivalent.

    โž• Added support for pumping to an Elasticsearch Cluster [TykTechnologies/tyk-pump/pull/180]
    ๐Ÿ“ˆ Previously, it was only possible to pump analytics to a single Elasticsearch endpoint. Due to this limitation, it was not previously possible to support Elasticsearch clusters.

    ๐Ÿ“ˆ Resolved issue where aggregate TCP proxy analytics were incorrectly calculated [TykTechnologies/tyk-pump/issues/182]

    Tyk MDCB 1.7.1

    Enable http profiling by setting "enable_http_profiler": true in tyk_sink.conf

    โž• Added new configuration options:
    ๐Ÿท ignore_tag_prefix_list (in mongo aggregate and hybrid pump): It will not store analytics for tags having a prefix specified in the list. Note: The prefix "key-" is added in the list by default. This tag is added by the Gateway for keys.

    threshold_len_tag_list (in mongo aggregate pump): If the number of tags in a document grows beyond a specified value, the pump will throw a warning. The warning will print the top 5 common tag prefixes. The default value is 1000. To disable alerts set it to -1.

    ๐Ÿ“ˆ store_analytics_per_minute: Currently, aggregate data is generated per hour. If this option is enabled, aggregate data will be generated per minute.

    track_all_paths: Currently, analytics for an endpoint is stored only if the Track Endpoint plugin is enabled on that endpoint. If track_all_paths is enabled, it will store analytics for all the endpoints, irrespective of Track Endpoint plugin.

    ๐Ÿ›  Fixed Redis connection leak