2019-08-08

Features

• legalhold (#802), but block feature activation (#823)
• a few shell scripts for self-hosters (#805, #801)
• Release nginz_disco (#759)

Public API changes

• SSO is disabled by default now; but enabled for all teams that already have an IdP.
• feature flags (starting with legalhold, sso) (#813, #818)
  • new public end-points (#813, #818):
    • get "/teams/:tid/features/legalhold"
    • get "/teams/:tid/features/sso"
  • new internal end-points:
    • get "/i/teams/:tid/features/legalhold"
    • get "/i/teams/:tid/features/sso"
    • put "/i/teams/:tid/features/legalhold"
    • put "/i/teams/:tid/features/sso"
  • new backoffice end-points:
    • get "/teams/:tid/features/legalhold"
    • get "/teams/:tid/features/sso"
    • put "/teams/:tid/features/legalhold"
    • put "/teams/:tid/features/sso"
• Always throw json errors, never plaintext (#722, #814)
• Register IdP: allow json bodies with xml strings (#722)

Backend-internal changes

• [stern aka backoffice] allow galeb returning a 404 (#820)
• Cleanup logging (#816, #819)
• Canonicalize http request path capture names (#808, #809)
• Galley depends on libsodium too now (#807)
• Add generics instances to common, brig, galley types. (#804)
• Upgrade CQL protocol version to V4 (#763)
• Log last prekey used only at debug level (#785)
• Cleanup (#799)

2019-07-08

Internal Changes

• restund: add EXTRA_CFLAGS to work on ubuntu 16 (#788)
• Fix flaky unit test. (#770)
• Add upstream references in stack.yaml deps (wai-middleware-prometheus). (#760)
• Cannon analytics (2) (#750)
• fix CHANGELOG.md

2019-05-13

Documentation changes

• Group provisioning (#724)
• Instructions for running load tests (#738)
• Twilio configuration (#733)

Bug fixes

Cannon no longer reports 500s in the prometheus metrics when establishing websocket connections. (#751, #754)

Features

Per-installation flag: Allow displaying emails of users in a team (code from #724, see description in #719)

Internal Changes

Docker image building improvements (#755)

Changes (potentially) requiring action for self-hosters

Config value setEmailVisibility must be set in brig's config file (if you're not sure, visible_to_self is the preferred default)

2019-05-02

Documentation changes

• Improved Cassandra documentation in docs/README.md
• Improved documentation on SCIM storage in docs/README.md
• Improved documentation on SCIM Tokens in docs/reference/provisioning/scim-token.md

Bug fixes

• Sanitize metric names to be valid prometheus names in metrics-core
• Add missing a .git suffix on gitlab dependencies in stack.yaml
• Time bounds checks now allow 60s of tolerance; this is helpful in cases of drifting clocks (#730)

Features

• Services now provide Prometheus metrics on /i/metrics
• Garbage Collection and memory statistics are available alongside other prometheus metrics

Internal Changes

• Alpine Builder is no longer built with --profile
• SCIM users now have an additional wire-specific schema attached.

Changes (potentially) requiring action

• /i/monitoring is DEPRECATED. Please use prometheus metrics provided by /i/metrics instead.
• On password reset the new password must be different than the old one
• Stern is now available as a new tool for performing administrative tasks via API (#720)
• SCIM handler errors are now reported according to SCIM error schema (#575)

2019-04-09

API changes

• Do not allow provisioning saml users if SCIM is configured (#706)

Documentation changes

• Docs for user deletion via SCIM. (#691)
• Docs for jump-to-definition with Emacs (#693)
• Add missing config options in demo (#694)
• Move the connections doc, add haddocks (#695)

Bug fixes

• Fix templating in outgoing SMSs. (#696)
• Saml implicit user creation no longer chokes on odd but legal names. (#702)
• Fix: user deletion via scim (#698)

Internal changes

• Remove redundant cassandra write in renewCookie (#676)
• Add Prometheus middleware for wire-services (#672)
• Improve logging of spar errors (#654)
• Upgrade cql-io-1.1.0 (#697)
• Switch metrics-core to be backed by Prometheus (#704)
• Refactorings:
  • #665, #687, #685, #686

Changes (potentially) requiring action for self-hosters

• Switch proxy to use YAML-only config (#684)

2019-03-25

API changes

• SCIM delete user endpoint (#660)
• Require reauthentication when creating a SCIM token (#639)
• Disallow duplicate external ids via SCIM update user (#657)

Documentation changes

• Make an index for the docs/ (#662)
• Docs: using scim with curl. (#659)
• Add spar to the arch diagram. (#650)

Bug fixes

• ADFS-workaround for SAML2 authn response signature validation. (#670)
• Fix: empty objects {} are valid TeamMemberDeleteData. (#652)
• Better logo rendering in emails (#649)

Internal changes

• Remove some unused instances (#671)
• Reusable wai middleware for prometheus (for Galley only for now) (#669)
• Bump cql-io dep from merge request to latest release. (#661)
• docker image building for all of the docker images our integration tests require. (#622, #668)
• Checking for 404 is flaky; depends on deletion succeeding (#667)
• Refactor Galley Tests to use Reader Pattern (#666)
• Switch Cargohold to YAML-only config (#653)
• Filter newlines in log output. (#642)

2019-02-28

API changes

• Support for SCIM based rich profiles (#645)
  * PUT /scim/v2/Users/:id supports rich profile
  * GET /users/:id/rich-info to get the rich profile id

Internal changes

• Gundeck now uses YAML based config
• Brig templates can now be easily customized and have been updated too
• Misc improvements to our docs and build processes

2019-02-22

API changes

• n/a

Bug fixes

• SAML input sanitization (#636)

Internal changes

• helper script for starting services only without integration tests (#641)
• Scim error handling (#640)
• Gundeck: cleanup, improve logging (#628)

2019-02-18

API changes

• Support for SCIM (#559, #608, #602, #613, #617, #614, #620, #621, #627)
  • several new end-points under /scim (see hscim package or the standards for the details; no swagger docs).
  • new end-point put "/i/users/:uid/managed-by" for marking scim-managed users (no swagger docs)
• Add support for excluding certain phone number prefixes (#593)
  • several new end-points under /i/users/phone-prefixes/ (no swagger docs)
• Fix SAML2.0 compatibility issues in Spar (#607, #623)

Bug fixes

• Update swagger docs (#598)

Internal changes

• Architecture independence, better use of make features, more docs. (#594)
• Fix nginz docker image building (#605)
• Enable journaling locally and fix integration tests (#606)
• Use network-2.7 for more informative "connection failed" errors (#586)
• Use custom snapshots (#597)
• Add module documentation for all Spar modules (#611)
• Change the bot port in integration tests to something less common (#618)
• Spar metrics (#604, #633)
• Extend the list of default language extensions (#619)
• Fix: do not have newlines in log messages. (#625)

2019-01-24

API changes

• Track inviters of team members (#566)
• New partner role. (#569, #572, #573, #576, #579, #584, #577, #592)
• App-level websocket pongs. (#561)

Bug fixes

• Spar re-login deleted sso users; fix handling of brig errors. (#588)
• Gundeck: lost push notifications with push-all enabled. (#554)
• Gundeck: do not push natively to devices if they are not on the whitelist. (#554)
• Gundeck: link gundeck unit tests with -threaded. (#554)

Internal changes

• Get rid of async-pool (unliftio now provides the same functionality) (#568)
• Fix: log multi-line error messages on one line. (#595)
• Whitelist all wire.com email addresses (#578)
• SCIM -> Scim (#581)
• Changes to make the demo runnable from Docker (#571)
• Feature/docker image consistency (#570)
• add a readme, for how to build libzauth. (#591)
• better support debian style machines of different architecturs (#582, #587, #583, #585, #590, #580)