Merge branch 'docs-staging' into keyring-support

docs/.vuepress/config.js

@@ -1,6 +1,6 @@
 // load versions list
 const ZOWE_VERSIONS = require('./versions.json')
-const CURRENT_ZOWE_VERSION = '1.13.0 LTS'
+const CURRENT_ZOWE_VERSION = '1.14.0 LTS'
 // Due to VuePress limitation, publish url path cannot have dot (.) inside
 // so we convert it to dash
 const PUBLISH_TARGET_PATH = (process.env.PUBLISH_TARGET_PATH || 'stable').replace(/\./g, '-')
@@ -131,7 +131,7 @@ module.exports = {
   version: CURRENT_ZOWE_VERSION,
   base: `/${PUBLISH_TARGET_PATH}/`,
   dest: `.deploy/${PUBLISH_TARGET_PATH}/`,
-  description: 'Version 1.13.x LTS',
+  description: 'Version 1.14.x LTS',
   extraWatchFiles: [
     '.vuepress/theme/'
   ],

docs/.vuepress/pages.json

@@ -73,7 +73,8 @@
         "text": "Advanced Zowe configuration",
         "items": [
           "user-guide/mvd-configuration.md",
-          "user-guide/cli-configuringcli.md"
+          "user-guide/cli-configuringcli.md",
+          "user-guide/configure-data-sets-jobs-api.md"
         ]
       },
       {

docs/.vuepress/versions.json

@@ -1,7 +1,11 @@
 [{
-  "text": "v1.13.x LTS",
+  "text": "v1.14.x LTS",
   "link": "stable/"
 },
+{
+  "text": "v1.13.x LTS",
+  "link": "v1-13-x/"
+},
 {
   "text": "v1.12.x LTS",
   "link": "v1-12-x/"

docs/README.md

@@ -36,8 +36,9 @@ footer: Except where otherwise noted, content on this site is licensed under a C
 
 ### Zowe documentation
 
-You can download the Version 1.x.x Zowe documentation in PDF format from the links below. The latest version on this website is 1.13.0.
+You can download the Version 1.x.x Zowe documentation in PDF format from the links below. The latest version on this website is 1.14.0.
 
+**[V1.14.0](https://docs.zowe.org/stable/Zowe_Documentation.pdf)** |
 **[V1.13.0](https://docs.zowe.org/stable/Zowe_Documentation.pdf)** |
 **[V1.12.0](./Zowe_Documentation_1.12.0.pdf)** |
 **[V1.11.0](./Zowe_Documentation_1.11.0.pdf)** |

docs/extend/extend-apiml/onboard-plain-java-enabler.md

@@ -215,7 +215,6 @@ authentication:
     enabled: true
     verifySslCertificatesOfServices: true
     protocol: TLSv1.2
-    ciphers: TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_EMPTY_RENEGOTIATION_INFO_SCSV
     keyAlias: localhost
     keyPassword: password
     keyStore: keystore/localhost.keystore.p12
@@ -647,20 +646,9 @@ TLS/SSL configuration consists of the following parameters:
 
   This parameter specifies the truststore type. The default for this parameter is PKCS12.
 
-* **ciphers:** (Optional)
-
-    This parameter specifies the recommended ciphers.
-
-    ```
-    TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_EMPTY_RENEGOTIATION_INFO_SCSV
-    ```
-
-    To secure the transfer of data, TLS/SSL uses one or more cipher suites. A cipher suite is a combination of authentication, encryption, and message authentication code (MAC) algorithms. Ciphers are used during the negotiation of security settings for a TLS/SSL connection as well as for the transfer of data.
-
 **Notes:**
 
 * Ensure that you define both the key store and the trust store even if your server is not using an Https port.
-* Currently `ciphers` is not used. It is optional and serves as a place holder only.
 
 ### SAF Keyring configuration
 

docs/extend/extend-apiml/onboard-spring-boot-enabler.md

@@ -307,7 +307,6 @@ apiml:
         ssl:
             enabled: ${server.ssl.enabled}
             verifySslCertificatesOfServices: true
-            ciphers: ${server.ssl.ciphers}
             protocol: ${server.ssl.protocol}
             enabled-protocols: ${server.ssl.protocol}
             keyStoreType: ${server.ssl.keyStoreType}

docs/extend/extend-desktop/mvd-apptoappcommunication.md

@@ -82,6 +82,32 @@ export enum ActionType {       // not all actions are meaningful for all target
 
 Actions can be created dynamically at runtime, or saved and loaded by the system at login.
 
+### Cross-launch via URL
+
+Another way the Zowe Application Framework invokes Actions is via URL Query Parameters, with parameters formatted in JSON. This feature enables users to bookmark a set of application-to-application communication actions (in the form of a URL) that will be executed when opening the webpage. Developers creating separate web apps can build a link that will open the Zowe Desktop and do specific actions in Apps, for example, opening a file in the Editor.
+
+The Cross-launch feature allows you to:
+
+1. Specify one or more actions that will be executed upon login, allowing you to bookmark a series of actions that you can share with someone else.
+
+2. Specify actions that are declared by plugins (when formatter is equal to a known action ID) or actions that you have custom-made (when formatter = 'data').
+
+3. Customize the action type, mode, and target plugin (when the formatter is equal to an existing action ID).
+
+#### Sample URL
+
+``https://localhost:8544/ZLUX/plugins/org.zowe.zlux.bootstrap/web/?app2app=org.zowe.zlux.ng2desktop.webbrowser:launch:create:data:{"url":"https://github.com/zowe/zlux-app-manager/pull/234","enableProxy":true}&app2app=org.zowe.zlux.ng2desktop.webbrowser:message:create:data:{"url":"https://github.com/zowe/zlux-app-manager/pull/234","enableProxy":true}&app2app=org.zowe.zlux.ng2desktop.webbrowser:message:create:org.zowe.zlux.test.action:{"data": {"url":"https://github.com/zowe/zlux-app-manager/pull/234","enableProxy":true}}``
+
+Query parameter format:
+
+``?app2app={pluginId}:{actionType}:{actionMode}:{formatter}:{contextData}&app2app={pluginId}:{actionType}:{actionMode}:{formatter}:{contextData}``
+
+- `pluginId` - application identifier, e.g. `'org.zowe.zlux.ng2desktop.webbrowser'`
+- `actionType` - `'launch' | 'message'`
+- `actionMode` - `'create' | 'system'`
+- `formatter` - `'data'` | actionId
+- `contextData` - context data in form of JSON
+
 ### Dynamically
 
 You can create Actions by calling the following Dispatcher method: `makeAction(id: string, defaultName: string, targetMode: ActionTargetMode, type: ActionType, targetPluginID: string, primaryArgument: any):Action`

docs/getting-started/summaryofchanges.md

@@ -2,9 +2,10 @@
 
 Learn about what is new, changed, or removed in Zowe™.
 
-Zowe Version 1.13.0 and later releases include the following enhancements, release by release.
+Zowe Version 1.14.0 and later releases include the following enhancements, release by release.
 
-- [Version 1.13.0 LTS (June 2020)](#version-1-13-0-lts-june-2020)
+- [Version 1.14.0 LTS (August 2020)](#version-1-14-0-lts-august-2020)
+- [Version 1.13.0 LTS (July 2020)](#version-1-13-0-lts-july-2020)
 - [Version 1.12.0 LTS (June 2020)](#version-1-12-0-lts-june-2020)
 - [Version 1.11.0 LTS (May 2020)](#version-1-11-0-lts-may-2020)
 - [Version 1.10.0 LTS (April 2020)](#version-1-10-0-lts-april-2020)
@@ -23,7 +24,32 @@ Zowe Version 1.13.0 and later releases include the following enhancements, relea
 - [Version 1.0.1 (March 2019)](#version-1-0-1-march-2019)
 - [Version 1.0.0 (February 2019)](#version-1-0-0-february-2019)
 
-## Version 1.13.0 LTS (June 2020)
+## Version 1.14.0 LTS (August 2020)
+
+### Notable changes
+
+### New features and enhancements
+
+<!-- If there is a corresponding GitHub issue, please also include the GitHub issue number. See v1.3.0 release notes as an example.-->
+
+The following features and enhancements were added.
+
+#### Zowe installation
+#### API Mediation Layer
+#### Zowe App Server
+#### Zowe CLI
+#### Zowe Explorer
+
+### Bug fixes
+
+The following bugs were fixed.
+
+#### API Mediation Layer
+#### Zowe App Server
+#### Zowe CLI
+
+
+## Version 1.13.0 LTS (July 2020)
 
 ### Notable changes
 
@@ -60,7 +86,7 @@ The following features and enhancements were added.
 - Added close all + undo settings + hotkeys [#153](https://github.com/zowe/zlux-editor/pull/153)
   - Globally increased the shortest duration of snackbar notifications from 2 seconds to 3 seconds
   - Added a "Close All" button in the menu (hotkey is Alt + W + Shift)
-  - Added a snackbar notification for opening a folder/file you don't have access to   
+  - Added a snackbar notification for opening a folder/file you don't have access to
   - Added an "Undo" option to the Close All feature to re-open tabs & files
 - Login activity and storage event updates [#242](https://github.com/zowe/zlux-app-manager/pull/242)
   - Converted login activity to event emitter
@@ -78,33 +104,24 @@ The following features and enhancements were added.
 The following features and enhancements were added to the **core Zowe CLI**:
 
 - Added the ability to log into and out of API ML using a token. [#718](https://github.com/zowe/zowe-cli/issues/718)
-
 - Added the `--base-profile` option to all commands that use profiles to let them make use of base profiles that contain shared values. [#718](https://github.com/zowe/zowe-cli/issues/718)
-
 - CLI commands now prompt for any of the following option values if the option is missing: host, port, user, and password. [#718](https://github.com/zowe/zowe-cli/issues/718)
-
 - Added character encoding/code page support for download and upload data set operations in the API library and the CLI. [#632](https://github.com/zowe/zowe-cli/issues/632)
-
 - Added the `--encoding` option to the `zosmf` profile type. [#632](https://github.com/zowe/zowe-cli/issues/632)
-
 - Introduced an API to delete migrated data sets. [#715](https://github.com/zowe/zowe-cli/issues/715).
 
 The following features and enhancements were added to the **Imperative CLI Framework**:
 
 - Added the `ConnectionPropsForSessCfg.addPropsOrPrompt` function to store credentials, such as a token, in a session configuration object. [#718](https://github.com/zowe/zowe-cli/issues/718)
-
     - CLI plug-ins must implement this function to create sessions in order to consume automatic token-handling and prompt for mission options features.
-
     - Connection information is obtained from the command line in the following order: Environment variables, service profiles, base profiles, or a default option value.
-
     - If connection information is not supplied to any core CLI command, the user is prompted for:
         -  host
         -  port
         -  user
         -  password
 
       The prompt times out after 30 seconds so that automated scripts will not fail.
-
 - Added base profiles, a type of profile that can store values and provide them to other profile types, such as zosmf profiles. [#402](https://github.com/zowe/imperative/pull/402)
 
   The following properties can be stored in a base profile:
@@ -116,23 +133,14 @@ The following features and enhancements were added to the **Imperative CLI Frame
   - rejectUnauthorized
   - tokenType
   - tokenValue
-
 - Added `login` and `logout` commands to retrieve and delete tokens. [#405](https://github.com/zowe/imperative/issues/405)
-
   - Added a `showToken` flag to display the token and not save it to the user profile.
-
   - Added the ability to create a user profile upon login, if no profile of that type existed previously.
-
 - Added the `--dd` flag, which lets users create a profile without using the default values specified for that profile. [#718](https://github.com/zowe/zowe-cli/issues/718)
-
 - If a token is present in the underlying REST session object, Imperative uses the token for authentication.
-
 - CLI help text includes new options such as `tokenValue`. Plug-in developers might need to update mismatched snapshots in automated tests.
-
 - Updated the version of TypeScript from v3.7.4 to v3.8.0.
-
 - Updated the version of TSLint from v5.x to v6.1.2.
-
 - Update log4js to improve Webpack compatibility for extenders.
 
 #### Zowe Explorer
@@ -152,29 +160,23 @@ The following features and enhancements were added to **Zowe Explorer**:
 
 The following bugs were fixed.
 
-#### API Mediation Layer
-
 #### ZSS
 
 - Bugfix: ICFS error message is not printed. In this version, the issue has been resolved [#143](https://github.com/zowe/zowe-common-c/pull/143)
 
 #### Zowe App Server
 
-- Bugfix: Changing editor syntax in the MVS explorer caused a callstack limit exception. This was due to a trap focus conflict between the Orion editor and the modal part within the ui Select component on syntax change. In this version, the issue has been resolved by disabling `disableEnforceFocus` for the syntax selector [#129](https://github.com/zowe/explorer-mvs/pull/129) 
+- Bugfix: Changing editor syntax in the MVS explorer caused a callstack limit exception. This was due to a trap focus conflict between the Orion editor and the modal part within the ui Select component on syntax change. In this version, the issue has been resolved by disabling `disableEnforceFocus` for the syntax selector [#129](https://github.com/zowe/explorer-mvs/pull/129)
 - Bugfix: An Infinite Auth loop would occur on explorer apps due to APIML and z/OSMF auth timeouts missmatch. In this version, the issue has been resolved by adding a force login flag if a datasets request comes back as 401 [#124](https://github.com/zowe/explorer-mvs/pull/124)
 - Bugfix: When using the JES Explorer to view Spool files of a job, users cannot open a spool file that has the same name as one already open. This issue has been resolved by adding a unique id to content tabs to allow opening of overlapping names [#188](https://github.com/zowe/explorer-jes/pull/188)
 - Bugfix: The `Env var` for `TERM` gets set to "linux", which is not recognized by USS. This issue has been resolved through the removal of rxjs-compat [#29](https://github.com/zowe/vt-ng2/pull/29)
 
 #### Zowe CLI
 
 - Fixed an issue where CLI web help failed to load in Internet Explorer 11. [#393](https://github.com/zowe/imperative/issues/393).
-
 - Fixed an issue where the `--help-web` option did not function on macOS when the `DISPLAY` environment variable was undefined. [#322](https://github.com/zowe/imperative/issues/322).
-
 - Updated Imperative version to include security fixes.
-
 - Updated Imperative version to fix a probem where users could not use a service profile after storing a token in a base profile.
-
 - Fixed an issue where optional secure fields were not deleted when overwriting a profile.
 
 ## Version 1.12.0 LTS (June 2020)

docs/user-guide/cli-updatingcli.md

@@ -15,11 +15,15 @@ If you have an `@lts-incremental` version of Zowe CLI (Zowe v1.0.x - v1.8.x), yo
 
 **Follow these steps:**
 
-1. **(Optional)** Copy the contents of `~/.zowe/profiles` or `%homepath%\.zowe\profiles` to another directory on your computer to preserve your existing user profiles (zosmf, cics, db2, etc..).
+1. Perform *one* of the following steps:
+
+   **a.** Delete the `~/.zowe/profiles` directory from your computer. You can recreate the profiles manually after you update the CLI.
+
+   **b.** If you want to preserve your existing profiles, copy the contents of `~/.zowe/profiles` or `%homepath%\.zowe\profiles` to another directory on your computer.
 
 2. Delete the `~/.zowe/plugins` or `%homepath%\.zowe\plugins` directory to uninstall all plug-ins.
 
-3. Uninstall the pre-LTS version of core CLI. Issue the following command:
+3. Issue the following command to uninstall the pre-LTS version of core CLI
 
     ```
     npm uninstall -g @brightside/core
@@ -29,7 +33,15 @@ If you have an `@lts-incremental` version of Zowe CLI (Zowe v1.0.x - v1.8.x), yo
 
 4. Install the most recent `@zowe-v1-lts` version CLI and optional plug-ins. For more information, see [Installing CLI](./cli-installcli.md).
 
-5. **(Optional)** Reestablish your user profiles. Move the profile configuration files that you saved in Step 1 into the `~/.zowe/profiles` or `%homepath%\.zowe\profiles` folder on your computer.
+5. **(Optional)** If you deleted your profiles in Step 1, recreate the profiles that you need manually.
+
+6. **(Optional)** If you copied your profiles to a local directory in Step 1, follow these steps:
+
+   **a.**  Move the profile configuration files that you saved in Step 1 back to the `~/.zowe/profiles` or `%homepath%\.zowe\profiles` folder on your computer.
+
+   **b.** Issue the `zowe scs update` command to update profiles that are secured with the Secure Credential Store Plug-in.
+
+   **c.** Issue the command `zowe profiles update zosmf <my-profile-name> --user <my-username> --password <my-password>` to update z/osmf profiles to use the current option names.
 
 You updated to the Zowe CLI LTS version!
 

docs/user-guide/configure-data-sets-jobs-api.md

@@ -0,0 +1,31 @@
+# Configuring the Zowe APIs
+
+Review the security considerations for Zowe APIs and learn how to prevent the Denial of Service (DoS) attacks.
+
+The default configuration before Zowe version 1.14.0 contains **Data sets and Unix files** and **Jobs** API microservices which might be vulnerable to DoS attacks in the form of slow https attacks. You can add additional configuration to the start script of these components in order to prevent resource starvation via slow https attacks.
+
+- To update the configuration of the **Data sets and Unix files** component, modify the `start.sh` script within the runtime component directory `/zowe/runtime/components/files-api/bin`.
+- To update the configuration of the **Jobs** component, modify the `start.sh` script within the runtime component directory `/zowe/runtime/components/jobs-api/bin`.
+
+Ensure that the `-Dserver.connection-timeout=8000` parameter is set. This parameter specifies how long the component waits to receive all the required information from the client that makes a request.
+
+See a snippet of a configured `start.sh` script for the Jobs component as follows:
+
+```sh
+_BPX_JOBNAME=${ZOWE_PREFIX}${COMPONENT_CODE} java -Xms16m -Xmx512m -Dibm.serversocket.recover=true -Dfile.encoding=UTF-8 \
+    -Djava.io.tmpdir=/tmp -Xquickstart \
+    -Dserver.port=${JOBS_API_PORT} \
+    -Dcom.ibm.jsse2.overrideDefaultTLS=true \
+    -Dserver.ssl.keyAlias=${KEY_ALIAS} \
+    -Dserver.ssl.keyStore=${KEYSTORE} \
+    -Dserver.ssl.keyStorePassword=${KEYSTORE_PASSWORD} \
+    -Dserver.ssl.keyStoreType=${KEYSTORE_TYPE} \
+    -Dserver.compression.enabled=true \
+    -Dserver.connection-timeout=8000 \
+    -Dconnection.httpsPort=${GATEWAY_PORT} \
+    -Dconnection.ipAddress=${ZOWE_EXPLORER_HOST} \
+    -Dspring.main.banner-mode=off \
+    -Djava.protocol.handler.pkgs=com.ibm.crypto.provider \
+    -jar ${ROOT_DIR}/components/jobs-api/bin/jobs-api-server-1.0.0-boot.jar &
+```
+In version 1.14.0 and later, the preceding snippet reflects the default configuration.

docs/user-guide/configure-xmem-server.md

@@ -143,7 +143,7 @@ The cross memory server is run as a started task from the JCL in the PROCLIB mem
 ```
 /S ZWESISTC,REUSASID=YES
 ```
-The ZWESISTC task starts and stops the ZWESSTC task as needed. Do not start the ZWESASTC task manually.
+The ZWESISTC task starts and stops the ZWESASTC task as needed. Do not start the ZWESASTC task manually.
 
 To end the Zowe cross memory server process, issue the operator stop command through SDSF: