Releases: CERT-Polska/mwdb-core
Releases · CERT-Polska/mwdb-core
v2.16.1
v2.16.0
Highlights:
- Minimum supported Python version is 3.10 (#1070)
New features and improvements:
- UI: Strings preview mode (by @KWMORALE in #1051)
- Rich attributes: added
arrayIndexandisLastElementlocal variables in array sections (#1060) - UI: Object actions are grouped in dropdown (by @KWMORALE in #1063)
- Performance improvement: objects are ordered by upload_time, not (only) by id, so index is better utilized (#1068)
- UI: Search field supports syntax coloring and autocompletion (by @psrok1 in #1072)
- Password-based login can be disabled (#1083)
- CLI:
set-admin-passwordutility command to set admin password (by @psrok1 in #1084) - Web plugins: InjectAfter - allow to inject component in the middle of the original children list (by @psrok1 in #1085)
Bugfixes:
- Rich attribute: disable auto-URL rendering that breaks URLs and e-mail addresses (#1059)
- Consistent hooks calling (#1071)
New Contributors
Full Changelog: v2.15.1...v2.16.0
Contributors
psrok1, clin1234, and KWMORALE
Assets 2
v2.15.1
This release contains minor frontend bugfixes.
What's changed:
- Fixed CSS for relations graph tags (by @yankovs in #1054)
- Fix: set maxHeight to 100% for ConfirmationModal (set to 80% in v2.15.0) to keep compatibility with plugin modals that doesn't show correctly (#1055)
- Added ability to add custom content style to ConfirmationModal (by @yankovs in #1053)
Thanks @yankovs for contributions!
Full Changelog: v2.15.0...v2.15.1
Contributors
yankovs
Assets 2
v2.15.0
New features:
- Lambdas: extension to Rich Attributes that allow transformation of objects and to render arbitrary widgets (by @yankovs and @psrok1 in #1021)
- Feature: brownout deprecated API features via enable_brownout flag (by @psrok1 in #1007)
- Feature: more configuration options for logging (#1026)
- Dots are allowed in user and group names (#1014)
- 'hash_pathing_fallback' option (#1017)
- Feature: easy toggle to raw JSON view for Rich Attribute (#1044)
Improvements:
- Limit exposed relationships type-wise to 100 elements (#1023)
- Add index on comment.user_id (#992)
- Changed object.tags eager-load strategy to select-in by @psrok1 in #996
- Various dependency version bumps (sqlalchemy 1.3 -> 1.4, Vite v4 -> v6
Bugfixes:
- Fix tag visibility in relation graph #1011 (by @postrowinski in #1012)
- Fix Prometheus metrics MIME type and bump prometheus-client to 0.21.1 (#1016)
Full Changelog: v2.14.0...v2.15.0
Contributors
psrok1, postrowinski, and yankovs
Assets 2
v2.14.0
New features and improvements:
- Performance improvements:
- Open-ID Connect improvements:
- Custom rate limit settings for specific group of users (#987)
- Allow to set limit of tags returned by TagListResource (#960)
Bugfixes:
- Fix internal server error when querying without field (by @msm-cert in #957)
- Fix: 'mwdb-core configure web' command after transition to Vite (#966)
- Fix: 'Back' doesn't work in RecentView because of navigation loop (#975)
Full Changelog: v2.13.0...v2.14.0
Contributors
msm-cert
Assets 2
v2.13.0
This release is focused on further improvements of search performance and bugfixes.
It's recommended to upgrade your karton-system to v5.4.0 before applying this upgrade.
New features and improvements:
- Improved performance of object lists in Web UI (#949)
- Improved performance of wildcard queries for JSONB fields by @psrok1 in #943
- Karton is upgraded to v5.4.0 with much faster analysis status lookup method (#938)
- Tags are passed to Karton tasks (by @aBUDmdBQ in #934)
- Frontend: added warning banner when server version is different than client version, so user needs to clear cache (#950)
- Allow to set custom upload size limit via NGINX_MAX_UPLOAD_SIZE env var in mwdb-web Docker image
(#930)
Bugfixes:
- Fix: ISE 500 on concurrent tag addition (#926)
- Fix: ISE 500 when non-numerical value appears in range search in JSON column by @psrok1 in #953
- Fix possible issues with plugins after replacing Flask-RESTful with own implementation (#937)
- Fix searching in diff mode (#941)
- Fix too eager schema for FileItemResponseSchema.latest_config field that affected performance of getting file items (#942)
- Fix unnecessary joined relationship for 'favorite' parameter affecting performance of searching and getting object lists (#948)
New Contributors
- @aBUDmdBQ made their first contribution in #934
Full Changelog: v2.12.0...v2.13.0
Contributors
psrok1 and LSI-Bayern
Assets 2
v2.12.0
Upgrade highlights:
If you use plugins that are adding new endpoints to the API, you need to fix Resource imports before upgrade: What's changed
New features and improvements:
- Support for Prometheus metrics (#908, Prometheus metrics docs)
- Refactored search engine to improve search performance for configs, attributes and file names (#906)
- UI: changed attribute adding modal to always show preview and make JSON values less concerning (#921)
- Limited default verbosity of logs (#909, see note about enable_debug_log)
- Added support for
executeattribute that is passed to Karton to enable/disable execution in sandbox (#904, thanks @msm-cert) - Flask-Limiter was replaced with direct use of limits library (#915)
- Dropped usage of Flask-Restful (#916)
Bug fixes:
- Fix: installation issues on Debian 12 (bumped psycopg2-binary to 2.9.9, #922)
- Fix: ISE 500 on user removal (#913)
- Fix: Don't treat 0 number as an empty attribute value (#920)
- Fix: MWDB doesn't surrender on Karton when can't be loaded eagerly and tries to load it lazily (#919)
- Web: Fixed race condition with applying request_timeout value (#905)
Full Changelog: v2.11.0...v2.12.0
Contributors
msm-cert
Assets 2
v2.11.0
New features and improvements:
- Simple UI for uploading configurations and blobs (by @postrowinski in #803)
- Object tabs are extendable via plugins (by @yankovs in #896)
- Bump karton-core to v5.3.2 (by @yankovs in #902)
Full Changelog: v2.10.3...v2.11.0
Contributors
postrowinski and yankovs