Releases: ExpressGateway/express-gateway
v1.4.0
Almost another month has passed and we've been working hardly to bring new features, as well bug fixes!
Added:
-
We have almost completely automated our deployment pipeline. Everytime a new tag is pushed on Github, our lovely CI system will publish the package on npm as well as update all our docker images. Less time on errands, more time on code! (#496)
-
Express Gateway has now got a migration framework, node-migrate. This is required because as we're refactoring different parts of our codebase, we might need to move the data to ensure consistency with the evolution of the product. Don't worry though — when a new migration is in place, we'll let you know through the release notes. (#494)
-
We have added the schema definition to our Typescript definition file. If you're writing a plugin using Typescript, you'll now benefit for full type checking and autocomplete for JSONSchema (#518)
-
Speaking about style guide, we started with some changes last month and we're keeping going with that. Now we are emplying lint-staged to check and fix all code before commit it to the git repository. This should lower the barrier for contributors willing to help us writing the code (#529) (Thanks to @dotBits for the initial implementation)
-
We have replaced our internal Redis client from node-redis to ioredis. This brings to us a lot of improvements (for example, it's Promise based by default so we do not have to monkey patch its methods) and it also supports a lot of features the community has been asking for, such as Sentiel (Redis' built in high avaialabilty solution) and cluster connections. Please refer to our documentation to learn how to leverage those changes (#499) (Big thanks to @stipsan and his great
ioredis-mocklibrary. He's been extremely collaborative and responsive and we wouldn't be able to ship this big change without his collaboration) -
We have modified our CI environment so now all the tests suite is ran against a real Redis instance as well as the emulate experience. This will ensure that all the scenarios will be working correctly (#499)
-
We have added a
requestIDto every request that's passing through the gateway. This should simplify the scenarios where you want to track the journey of a web request and understand what policies processed it. This value will be forwarded as an header under the nameeg-request-id(#543). -
All our authentication policies have now an additional
passthroughparameter. When this is set to true, if an user does not pass the authentication stage it won't stop the pipeline process anymore (returning 401 or 403), but it will continue down into the pipeline as unauthenticated request. (#544) -
2 new conditions
authenticatedandanonymoushave been added to the core in order to support new scenarios (such as rate-limiting unauthenticated requests) (#544) -
A new
terminatepolicy has been added to the core. You can use this one to stop the request from being processed under some determinate conditions (#544) -
A new policy called
headerhas been added into the core. This will let you forward as headers some parts of the gateway that you feel they're important for your application. You can find further information in the documentation section (#546)
Changed:
-
The proxy policy has been modified to allow you guys to pass the whole set of options that the underlying middleware is offering. This was particularly required by users willing to set certificate and keyfiles in the proxies. (#491)
-
We have updated all our patch and minor dependencies version. I know we should do the same for major. We'll get there. (#532)
-
It is now possible to provide keyId and keySecret parameters when creating a new key-auth credential type. This might be helpful when recreating the gateway and you want to preserve the keys. (#523)
We have modified the Admin API (and by cascade on the CLI) so that you can now refer to an application by using its name instead of its ID (#512) -
It is now possible to specify a key/cert file tuple when connecting to a Redis instance (#497) (Thanks to @srcnix)
Fixed:
- We have fixed our credentials part in the Admin API (and, by cascade, the CLI experience) in a way that now an operation performed on an user by ID is going to be the same as if it would have been performed by name. Therefore:
eg credentials create -c usernameandeg credentials create -c user-idwill now look and act on the same user. Previously they were treated as two different entities, causing some bugs during login phases. We have provided a migration script as well to adjust all the data in your system. Please runnpx migratebefore starting the Gateway once updated. (#490)
Thank you guys!
In this release we have received multiple external contributions and we have acknowledged all of them in our changelog. Thank you.
v1.3.0
Added:
- The Admin API has been extendend to let you control the gateway even more. In particular, pipelines, endpoints and allowed policies are now exposed. (#418)
- Express Gateway is now shipped with a Typescript definition file that should improve the experience when writing plugins. To know more about this feature, point your browser to the docs (#453)
- Express Gateway has now a built in schema validator for policies, plugins, options. This will prevent the gateway from starting if required parameters are not valid (#426)
eg credential listcommand now accepts a -f parameter that will let you filter the credentials based on their status (so far, active and archived) (#428)
Changed:
- Removed bluebird and lodash dependency. Promises are first class citizens in Node 6+, therefore we wanted to remove an abstraction layer (#480, #441)
- We've changed the way we craft the Docker images — and we're now officially publishing all versions on DockerHub (#430)
- Code style is very important not just for us, but also to attract new contributors. Although we're far away from having a standard codebase, we're now slowly start to put some efforts to it. We started with #455, and we hope to fix some of the issues as we roll new gateway versions.
- Scopes definition can now be both an array and a string (#441)
- All minor and patch dependencies have been updated to the latest versions (#473)
Fixed:
- The AppVeyor build, that was testing the Gateway for Windows, has been broken for a while, as well as the CircleCI build due to some flaky tests. We got tired of seeing a red color on our CI system, therefore we fixed it and we're now running on CircleCI 2 (#423, #456)
- Fixed wrong logger path in the keyauth policy. Thing might have give you an error while using this policy in particular circumstances. You can now secure your APIs!
v1.2.0
Added
-
Plugin Engine (#381)
-
Express gateway can be extended with:
- Policies
- Conditions
- Routes
- Event handlers for lifecycle events
-
Plugins have access to:
- configuration
- consumer management services
- running instances of ExpressJS apps
- internal event bus and events
-
-
CLI for Plugins (#404)
- install a plugin
- configure plugin
- enable plugin and register policies in the whitelist
-
Plugins API (#404)
- install and configure plugins (flag required --experimental-plugins-api)
Changed:
node-uuid module changed with uuid due to deprecation (#403)
Fixed:
Example pipelines (#405)
v1.1.1
Added
- CLI: Header and verbose support (#350)
Changed
- Dockerfile updates (#351)
- Remove Bluebird usage for Redis access (#358)
- Adding
diralias foreg gateway create(#373)
Fixed
- CLI should use the config dir in context (#363)
- Fixing CLI delegation on Windows (#364)
- Making CLI config of Admin API URL backwards compatible (#375)
Tests
v1.1.0
v1.0.2
v1.0.1
v1.0.0
It's the first major release!