Releases: google/exposure-notifications-server
v0.18.3
v0.19.1
Changelog since v0.19.0
Changes by Kind
Fixes and Improvements
- Allow stats API to be enabled/disabled on a per HA basis. (#1272, @mikehelmick)
- Fix race condition in JWKS service (#1270, @mikehelmick)
- Improve unit test coverage on authorizedapp database/model packaged. (#1264, @mikehelmick)
- Publish statistics are written in the background instead of inline with the publish request. (#1263, @mikehelmick)
Infrastructure changes
- Breaking: To continue using the Terraform module, the following input variable is needed to avoid introducing a diff:
revision_annotations = {
debugger = { "autoscaling.knative.dev/maxScale" : "10" }
export = { "autoscaling.knative.dev/maxScale" : "10" }
export-importer = { "autoscaling.knative.dev/maxScale" : "10" }
exposure = { "autoscaling.knative.dev/maxScale" : "500" }
federationin = { "autoscaling.knative.dev/maxScale" : "3" }
federationout = { "autoscaling.knative.dev/maxScale" : "5" }
mirror = { "autoscaling.knative.dev/maxScale" : "10" }
}
- Code coverage displayed as part of presubmit. (#1269, @mikehelmick)
- Monitoring: Add CloudSchedulerJobFailed alert. (#1266, @yegle)
Dependencies
Added
Nothing has changed.
Changed
Nothing has changed.
Removed
Nothing has changed.
v0.19.0
Release notes for v0.19.0 - Exposure Notifications Server
Changelog since v0.18.0
Changes by Kind
Features
- Statistics are captured on publish for health authorities, including: number of publishes by platform, number of TEKs uploaded, the days from onset to upload, and the age of the oldest TEK in the upload. (#1251, @mikehelmick)
- Adds a new API to retrieve publish related metrics for a PHA. Total # of publish requests by platform, total number of TEKs, distribution of oldest TEK in an upload, distribution of onset to upload time. (#1259, @mikehelmick)
- Allow for individual exportconfigs to have variable sizes for the max records setting. (#1215, @mikehelmick)
- [privacy] Export padding will clone every key at least once to better obscure TEK links. (#1217, @mikehelmick)
General fixes and improvements
- Add zapw and bodyclose to CI (#1254, @sethvargo)
- Export-importer changes to backfill missing data on export files during processing. (#1230, @mikehelmick)
- Improve control over logging package (#1255, @sethvargo)
- Publish all log messages in production (disable partial sampling) (#1252, @sethvargo)
- Retry Azure credential refresh in the event of a refresh failure. Shutdown if token expires. (#1218, @mikehelmick)
Google Cloud infrastructure
- Add Cloud Armor support in Terraform configs. Enabled XSS/SQL Injection/Remote Code Execution predefined rules. (#1221, @yegle)
- Breaking: To continue using the Terraform module, the following input variable is needed to avoid introducing a diff (#1260, @yegle)
revision_annotations = {
debugger = { "autoscaling.knative.dev/maxScale" : "10" }
export = { "autoscaling.knative.dev/maxScale" : "10" }
export-importer = { "autoscaling.knative.dev/maxScale" : "10" }
exposure = { "autoscaling.knative.dev/maxScale" : "500" }
federationin = { "autoscaling.knative.dev/maxScale" : "3" }
federationout = { "autoscaling.knative.dev/maxScale" : "5" }
mirror = { "autoscaling.knative.dev/maxScale" : "10" }
}
- Bump export service to 2G RAM (#1220, @sethvargo)
Dependencies
Added
- github.com/Microsoft/hcsshim: v0.8.9
- github.com/agext/levenshtein: v1.2.1
- github.com/apparentlymart/go-dump: 23540a0
- github.com/apparentlymart/go-textseg/v12: v12.0.0
- github.com/apparentlymart/go-textseg: v1.0.0
- github.com/c2h5oh/datasize: 28bbd47
- github.com/cenkalti/backoff/v3: v3.0.0
- github.com/cenkalti/backoff/v4: v4.0.2
- github.com/containerd/cgroups: bf292b2
- github.com/containerd/console: c12b1e7
- github.com/containerd/fifo: a9fb20d
- github.com/containerd/go-runc: 5a6d9f3
- github.com/containerd/ttrpc: 0e0f228
- github.com/containerd/typeurl: a93fcdb
- github.com/couchbase/gocb/v2: v2.1.4
- github.com/couchbase/gocbcore/v9: v9.0.4
- github.com/denverdino/aliyungo: d330864
- github.com/digitalocean/godo: v1.7.5
- github.com/felixge/httpsnoop: v1.0.1
- github.com/form3tech-oss/jwt-go: v3.2.2+incompatible
- github.com/gobuffalo/attrs: a9411de
- github.com/gobuffalo/depgen: v0.1.0
- github.com/gobuffalo/envy: v1.7.0
- github.com/gobuffalo/flect: v0.1.3
- github.com/gobuffalo/genny: v0.1.1
- github.com/gobuffalo/gitgen: cc08618
- github.com/gobuffalo/gogen: v0.1.1
- github.com/gobuffalo/logger: 86e12af
- github.com/gobuffalo/mapi: v1.0.2
- github.com/gobuffalo/packd: v0.1.0
- github.com/gobuffalo/packr/v2: v2.2.0
- github.com/gobuffalo/syncx: 33c2958
- github.com/godbus/dbus: ade71ed
- github.com/gophercloud/gophercloud: v0.1.0
- github.com/gostaticanalysis/analysisutil: v0.6.1
- github.com/gostaticanalysis/comment: v1.4.1
- github.com/gregjones/httpcache: 9cad4c3
- github.com/hashicorp/go-discover: c4b85f6
- github.com/hashicorp/hcl/v2: v2.8.1
- github.com/hashicorp/vault-plugin-database-couchbase: v0.2.1
- github.com/hashicorp/vault-plugin-mock: v0.16.1
- github.com/hashicorp/vic: bbfe86e
- github.com/jackc/puddle: v1.1.3
- github.com/joho/godotenv: v1.3.0
- github.com/k0kubun/colorstring: 9440f19
- github.com/k0kubun/pp: v2.3.0+incompatible
- github.com/karrick/godirwalk: v1.10.3
- github.com/ktrysmt/go-bitbucket: v0.6.4
- github.com/kylelemons/godebug: d65d576
- github.com/linode/linodego: v0.7.1
- github.com/markbates/oncer: bf2de49
- github.com/markbates/safe: v1.0.1
- github.com/moby/term: 7f0af18
- github.com/montanaflynn/stats: 1bf9dbc
- github.com/mutecomm/go-sqlcipher/v4: v4.4.0
- github.com/nicolai86/scaleway-sdk: 798f60e
- github.com/okta/okta-sdk-golang/v2: v2.0.0
- github.com/opencontainers/runtime-spec: 5b71a03
- github.com/openlyinc/pointy: v1.1.2
- github.com/ory/dockertest/v3: v3.6.2
- github.com/packethost/packngo: b9cb509
- github.com/peterbourgon/diskv: v2.0.1+incompatible
- github.com/rboyer/safeio: v0.2.1
- github.com/renier/xmlrpc: ce4a1a4
- github.com/sergi/go-diff: v1.0.0
- github.com/sethvargo/go-limiter: v0.3.0
- github.com/sethvargo/zapw: v0.1.0
- github.com/softlayer/softlayer-go: [260589d](https://gith...
v0.18.2
Release notes for v0.18.2
Changelog since v0.18.1
Changes
- Additional data defaults when importing keys from export files. (#1230, @mikehelmick)
Dependencies
Added
Nothing has changed.
Changed
Nothing has changed.
Removed
Nothing has changed.
v0.18.1
Changelog since v0.18.0
Changes by Kind
Features
- Allow for individual exportconfigs to have variable sizes for the max records setting. (#1215, @mikehelmick)
Improvements / Bug fixes
- Export padding will clone every key at least once to better obscure TEK links. (#1217, @mikehelmick)
- Retry Azure credential refresh in the event of a refresh failure. Shutdown if token expires. (#1218, @mikehelmick)
Dependencies
Added
Nothing has changed.
Changed
Nothing has changed.
Removed
Nothing has changed.
v0.18.0
Release notes for main
Changelog since v0.17.0
Changes by Kind
Database
- Enable pgaudit (#1205, @sethvargo)
Documents
- Guide for app developers in processing the export index file. (#1189, @mikehelmick)
Monitoring/Alerting
- Add some missing dependencies to Terraform setup (#1200, @sethvargo)
- Increase p50 on cleanup-export to 60s (#1212, @sethvargo)
Export
- Allow analyzing multiple files with export-analyzer (#1193, @sethvargo)
- Allow for individual exportconfigs to have variable sizes for the max records setting. (#1215, @mikehelmick)
- ExportFiles won't be deleted until they're removed from the index.html (#1171, @jeremyfaller)
- Removed usage of export batch num / batch size in the export code to prevent accidental usage of this in the future. (#1209, @mikehelmick)
Other changes
- Add unit tests for mirror service (#1210, @sethvargo)
Dependencies
Added
- github.com/jarcoal/httpmock: v1.0.4
- github.com/lestrrat-go/jwx: v0.9.0
- github.com/square/go-jose/v3: 708a9fe
- github.com/square/go-jose: v2.4.1+incompatible
Changed
- github.com/hashicorp/vault-plugin-auth-gcp: v0.6.1 → v0.8.0
- github.com/okta/okta-sdk-golang: v1.0.1 → v1.1.0
- honnef.co/go/tools: v0.0.1-2020.1.5 → v0.0.1-2020.1.6
Removed
Nothing has changed.
v0.17.0
Release notes for main
Changelog since v0.16.0a
Changes by Kind
Server changes for misbehaving clients
Some clients have experienced show-stopping bugs and have no ability to fix their shipped code. This release includes server-side mitigations.
- IMPORTANT: Export file naming and batching has changed. All batches going forward will always show all files as 1 of 1 even if there are multiple files in the batch. The sorting and grouping has changes to ensure that keys are sorted over an entire batch window and not just over the group. This bring stability over time assuming the same export parameters. (#1181, @mikehelmick)
- Remove dash in export filenames, sort by ASCII to int (#1188, @sethvargo)
- Restores filename patterns to their original format and provides instructions for regenerating export batches.
App developers should not depend on the filename pattern. (#1190, @mikehelmick) - Update batch num/size and timestamp handling (#1182, @mikehelmick)
- Fix batch num/size in signature block (#1183, @mikehelmick)
Postgres 13 upgrade
- Switch to Postgres 13 by default, support optional regional replica configuration in Terraform (#1172, @sethvargo)
- Configurable maintenance mode for exposure service (#1179, @mikehelmick)
- Parameterize database_version in Terraform configuration (#1170, @sethvargo)
Export
- Allow analyzing multiple files with export-analyzer (#1193, @sethvargo)
- BUG FIX: When using a low number for max records per export file and there are a high number of records per export file, ensure that the same exposures aren't duplicated across all files in the batch. (#1176, @mikehelmick)
- ExportFiles won't be deleted until they're removed from the index.html (#1171, @jeremyfaller)
- Failed imports will be retried up to a configurable amount (default = 5). (#1150, @jeremyfaller)
Mirror service
- Add mirror to admin console (#1174, @sethvargo)
- Cmd/mirror only : allow for mirrors to generate different filenames than what is upstream. Two patterns are accepted [timestamp] and [uuid] - uses of timestamp will always have increasing values within an individual mirror config. (#1167, @mikehelmick)
Other changes
-
*Potentially breaking- - Remove feature flags for audience checking - audience checking is always enforced for all HAs. (#1175, @sethvargo)
-
ALERT: If you are migration from 0.15 directly to 0.17 (skipping 0.16) you are at risk for DB column errors during upgrade.
This change removed DB columns that were dropped from use in v0.16.0 (#1147, @mikehelmick) -
BEHAVIOR CHANGE: The handling of symptom onset intervals is changing. Any symptom onsets older than 28 days ago (rounded down to UTC midnight) will be treated as invalid and as if 0 was passed in. Keys with a valid symptom onset days outside of -14..14 will be dropped. If there is not symptom onset passed, the symptom onset interval is set to 4 days ago.
Timing flags can be adjusted via environment variables. Default values are recommended. (#1131, @mikehelmick) -
Add REGION to .env (#1186, @sethvargo)
-
Chaff v1 api requests now return chaffed JSON data. (#1159, @jeremyfaller)
-
If a revised key is uploaded again and the reportType hasn't changed, don't error. (#1161, @mikehelmick)
Dependencies
Added
- contrib.go.opencensus.io/integrations/ocsql: v0.1.6
Changed
- github.com/mikehelmick/go-chaff: v0.3.0 → v0.4.1
Removed
Nothing has changed.
rgo))
- Realm setting to allow/disallow bulk upload (#1105, @whaught)
- Set timeouts on rawSQL before gorm (#1156, @sethvargo)
- Stop processing after the controller returns an error in admin statistics pages. (#1184, @sethvargo)
- Throttle batches for bulk code issuance (#1128, @whaught)
- Truncate long event entries in UI (#1134, @sethvargo)
Dependencies
Added
- github.com/agext/levenshtein: v1.2.1
- github.com/apparentlymart/go-dump: 23540a0
- github.com/apparentlymart/go-textseg/v12: v12.0.0
- github.com/apparentlymart/go-textseg: v1.0.0
- github.com/hashicorp/hcl/v2: v2.7.0
- github.com/kylelemons/godebug: d65d576
- github.com/leonelquinteros/gotext: v1.4.0
- github.com/sergi/go-diff: v1.0.0
- github.com/vmihailenco/msgpack: v3.3.3+incompatible
- github.com/zclconf/go-cty: v1.2.0
Changed
- github.com/google/exposure-notifications-server: v0.16.0 → v0.17.0
- github.com/mikehelmick/go-chaff: v0.3.0 → v0.4.1
- golang.org/x/tools: 079ba7b → 1d69943
Removed
Nothing has changed.