-
Notifications
You must be signed in to change notification settings - Fork 0
/
changelog
executable file
·93 lines (93 loc) · 7.08 KB
/
changelog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
9.2.8:
BUGFIX: Found a bug with not checking if WeakReference was unloaded
BUGFIX: Bug Fixes to database logging and prepared statements
BUGFIX: Severe bug with EventBus not creating new EventHandlers for each AbstractEvent
BUGFIX: Tasks not canceling on disable
BUGFIX: Token management was buggy
BUGFIX: TemplatesPlugin includes
UPDATED: EventBus.callEvent now returns the AbstractEvent for easy stacking
UPDATED: EventBus now synchronizes using an object instead of itself, no longer will block for less critical systems
UPDATED: EventHandlers are now tracked from inside EventBus instead of each Event
UPDATED: Tweaks and improvements to Permission Commands
UPDATED: Several tweaks and improvements to the Permission subsystem
UPDATED: various other improvements to the EventBus
UPDATED: Made updates to Dropbox Plugin
UPDATED: Changed maven download URL to JCenter Bintray, Maven Central used as a backup location
FEATURE: Added H2 Database support, files only
FEATURE: [WIP] Added datastores, currently only intended to replace SQL databases but will also implement file backend.
9.3.0
BUGFIX: HTTP log routine was reporting incorrect date and timestamps
BUGFIX: Issues with SQL Account saving
UPDATED: Deprecated old unused log arguments and implemented the use of a logs directory
UPDATED: Changed how Account subsystem returns results
UPDATED: Changed routing log level from FINE to FINER
UPDATED: SQLQueryInsert (SQL Datastore) now checks that all required columns have been provided before executing query
9.3.1:
BUGFIX: Compatibility issues with SQL datastores and SQLite
UPDATED: Moved task ticks from Timings to new Ticks class for easier understanding
UPDATED: Refactored much of the startup, shutdown, and restart subroutines, streamlined for much improved efficiency
UPDATED: AutoUpdater monitors server jar for modification and restarts to apply changes. (configurable)
FEATURE: [WIP] Added new Server File Watcher
FEATURE: Implemented optional Watchdog process that monitors a separate spawned JVM instance for crashes and restarts. (use --watchdog to enable) Only tested on Linux
9.3.2:
BUGFIX: NullPointer in ServerLogger
BUGFIX: request.getBinding() could be null when creating ScriptingFactory
BUGFIX: SqlDatastore, NOTEQUAL method
BUGFIX: Query kicking issue
BUGFIX: SQLPermissions, Entry reload and loading
UPDATED: Catch for OutOfMemoryError
FEATURE: SSL annotation, options include REQUIRE, IGNORE. and DENY with respected meaning
FEATURE: AutoUpdater auto reloads configuration on detected changes
NEW: sys.query permission node
9.3.3:
DEPRECATED: StringFunc.md5 and base64 methods, use SecureFunc instead
DEPRECATED: Sessions are no longer cleaned up at shutdown to spare a long agonizing shutdown delay
BUGFIX: Login redirect bug with http code 307
BUGFIX: generateAcctId() is now more reliable
UPDATED: Rewrote SSL to be compatible with normal certificates (PEM certificates and PKCS8 keys) over ugly Java key stores
UPDATED: Changed the minimum required version to Java 1.8, this gave us a few more modern SSL/TLS protocols and an improved API
UPDATED: Refactored Tasks Manager methods
FEATURE: [WIP] Very basic CSRF security tokens, use annotation '@security: CSRF' to enable per page, form value is at _CRSF_TOKEN global or getSession().getCSRFToken()
NEW: Post redirect method that preserves the query strings.
9.3.4:
DEPRECATED: SQL site configurations
UPDATED: Restructured site directories, new conventions using public (root and subdomains) and resource (packages) roots
UPDATED: Moved file site configuration to webroot, i.e., /webroot/[siteId]/config.yaml
UPDATED: Subdomain 'www' auto redirects to root domain if non-existent
FEATURE: SSL per site and subdomain
FEATURE: [WIP] Implemented new ACME SSL certificate plugin, initial mockup. Say hello to Let's Encrypt and start securing the web for free
9.3.5:
DEPRECATED: Site aliases and metatags, feature will be fully removed once alternatives can be conjured up
BUGFIX: Session Cleanup Task fixed by changing it to an async task, there is a severe bug with sync'd tasks which still needs fixing
BUGFIX: include() and require() methods were throwing FileNotFoundException when it should have been logging the exception for retrieval later instead
BUGFIX: Improved SSL exception catching, still will need some practical implementation
UPDATED: Site configuration files with mismatching siteId and directories names will be auto corrected
UPDATED: Improved Site domain and subdomain configuration, sites can now have multiple domains and be nested within each other, e.g., siteB.siteA.com within siteA.com
UPDATED: Sites can now be accessed thru the default site using the tilde character, e.g., http://localhost/~siteId
UPDATED: Sites can not have dedicated IPv4 and IPv6 addresses assigned to them, e.g., http://123.123.123.123/ -> SiteA and http://234.234.234.234/ -> SiteB
UPDATED: [WIP] Some fleshing out of the new Acme Plugin for Let's Encrypt CA. Finished the domain verification function
UPDATED: Sites are now properly saved back to their configuration files
UPDATED: Changes to YamlConfiguration, added getAsList(), copy(), move(), and improved getList() methods
UPDATED: Enabled about 22 additional cipher suites for SSL
UPDATED: Moved https.* to http
UPDATED: CSRF has been renamed to Nonce, annotation is @nonce [Disabled, Flexible, PostOnly, GetOnly, Required]. Nonce can now also be used to carry short lived strings between requests
UPDATED: New SSL annotation options, PostOnly and GetOnly. Each will REQUIRE SSL if request is being made over POST or GET.
ADDED: SSL ciphers can be modified from the EnabledCipherSuites.txt file
ADDED: Ticks class added to Groovy Imports list
ADDED: Added methods prepend(), reverseOrder(), subNamespace(), and subNodes() to Namespace Class
ADDED: regexCapture() method to StringFunc class, can be used to very easily capture a section of a string
9.3.6:
FEATURE: [WIP] Implement Apache Configuration and .htaccess function. When finished, it will be able to read about 90% of all Apache directives and use them for controlling server behavior
UPDATED: Cleaned up JAVADOC and code for HttpHandler class
UPDATED: Slight changes to the Groovy Scripting Base, most builtin methods moved to Builtin class
UPDATED: Removed use of the Netty SNI Handler and replaced it with a builtin event driven SNI Handler, allows plugins to provide certificate mappings
UPDATED: Majority of the work finished on Let's Encrypt (Acme) Plugin. It's about 95% work and only needs some bugfixes to proper certificate handling
ADDED: getDeveloperContact() and getHTMLFooter() methods to Versioning class
ADDED: ObjectStacker helper class, a utility class for stacking child and parent object nodes
ADDED: Added new methods FileFunc#buildFile(parts...), FileFunc#relPath(File), Namespace#getFirst(), Namespace#getLast(), SecureFunc#rand(len, bool, bool, chars)
TODO:
1. Implement a SecurityManager
2. Update YAML Configuration saving to not override changes made to a configuration file since last read
3. Bug fix SYNC'd task issue on load
4. Improve JavaDoc quality
5. Fix missing method or class exceptions thrown at shutdown