v5.8.0

New Features

• OpenAPI 3.1 Support: Added compatibility with version 3.1 of the OpenAPI Specification.
• API Greasing: Introduced a new feature to streamline API lifecycle management.

Upgrades

• Dependency Updates: Upgraded various dependencies for enhanced stability and security.

Improvements

• XML Content Support: Mixed Configuration Elements now accept XML content (#1388).
• Enhanced XML Protection: XML messages containing external entities are consistently blocked for improved security.
• Detailed Error Handling: Enhanced ProblemDetails messages and added more specific details in error reports.
• Improved Logging: Logs are now more structured, facilitating easier debugging and monitoring.
• Expanded and Rewritten Examples:
  • Internal Proxy
  • API Keys
  • SOAP Validation
  • JSONPath

Bug Fixes

• OpenTelemetry Issue: Resolved missing library for OpenTelemetry integration (#1378).
• WSDL Parsing: Fixed an issue with reading WSDL files that include a UTF-8 BOM.

v5.5.9

Fixes:

• Tests

v5.5.8

Fixes:

• Connection problems from APIs that manipulate the body using plugins that manipulate the body like template or xml2json
• Wrong dependency in OpenTelemetry plugin

v5.7.3

New Features:

• added <static/> to serve static content
• added <shadowing/> which can mirror HTTP traffic to a second backend
• added <replace> with JSON path support, see examples/message-transformation
• <oAuth2Server> with <jwtBearerToken/> will now correctly serve the public part of the key on the jwks_uri used to sign the access tokens
• support for <ssl keyAlias="..."/>

Upgrades:

• dependency upgrades

Improvements:

• refactored SSL handling
• added examples/ssl/api-with-tls-pem demonstrating using Membrane with PEM formatted certificates and keys

v5.7.1

Features:

• Added configurable path to OTLP exporter: <otlpExporter host="demo.example.com" path="/demo" .../>

Fixes:

• upgraded dependencies

v5.7.0

Features:

• add additional headers and HTTPS to OtlpExporter
• add OpenAPI metadata to OTLP spans
• precompile SpEL expressions

v5.6.0

Improvements:

• fixed rewriting for OpenAPI handling in <apiDocs/>
• added <api test="..."> attribute, which can be used to arbitrary expressions. The expression must be true for the rule to match.
• improved debug output for <acme><azureTableStorage>
• <oauth2AuthorizationServer> now supports <jwtBearerTokens/>
• <oauth2AuthorizationServer> now supports <refresh><jwtBearerTokens/>
• dependency upgrades

Fixes:

• fixed deserialization of errors in <acme> (avoiding order flood)

v5.5.4

Improvements:

• <openapi><rewrite>: fixed test, added example
• added weight() function to support 80%-20%-routing of HTTP requests

Fixes:

• <oauth2Resource2/>: fixed calling endSessionEndpoint

v5.5.3

Features:

• added support for JSON greasing, see also examples/greasing.
• added support for combining <openapi> with <rewrite>, see examples/rewriter/openapi.
• Added compatibility for HTTP in OtlpExporter
• added <setProperty> interceptor to simplify several groovy workarounds
• support complex proxy match rules (WIP)

Fixes:

• #1119 NullPointerException during OpenAPI response header validation
• dependency upgrades
• OAuth2: Fixed error on logout after stale session callback

v5.5.2

Improvements:

• added <memcachedSessionManager cookiePrefix="..."/> to support multiple Membrane instances using MemcacheD as session storage
• added <flowInitiator logoutBeforeFlow="true" /> attribute
• added <openapi> response header validation

Fixes:

• upgraded several dependencies
• fixed some examples using external services
• fixed <openapi><rewrite> logic
• fixed <openapi> response validation with status code 204