diff --git a/changes/v5.0.15-en.md b/changes/v5.0.15-en.md new file mode 100644 index 000000000..f77753c25 --- /dev/null +++ b/changes/v5.0.15-en.md @@ -0,0 +1,79 @@ +# v5.0.15 + +## Enhancements + +- [#9569](https://github.com/emqx/emqx/pull/9569) Refactor `/authorization/sources/built_in_database/` by adding `rules/` to the path. + +- [#9585](https://github.com/emqx/emqx/pull/9585) `/bridges_probe` API endpoint to test params for creating a new data bridge. + +- [#9586](https://github.com/emqx/emqx/pull/9586) Basic auth is no longer allowed for API calls, must use API key instead. + +- [#9628](https://github.com/emqx/emqx/pull/9628) Expose additional resource configuration parameters: `start_after_created` and `start_timeout`. + +- [#9722](https://github.com/emqx/emqx/pull/9722) Add the following configuration options for Pushing metrics to Prometheus Push Gateway: + - `headers`: Allows custom HTTP request headers. + - `job_name`: allows to customize the name of the Job pushed to Push Gateway. + +- [#9725](https://github.com/emqx/emqx/pull/9725) Remove the config `auto_reconnect` from the emqx_authz, emqx_authn and data-bridge componets. + This is because we have another config with similar functions: `resource_opts.auto_restart_interval`。 + + The functions of these two config are difficult to distinguish, which will lead to confusion. + After this change, `auto_reconnect` will not be configurable (always be true), and the underlying + drivers that support this config will automatically reconnect the abnormally disconnected + connection every `2s`. + + And the config `resource_opts.auto_restart_interval` is still available for user. + It is the time interval that emqx restarts the resource when the connection cannot be + established for some reason. + +- [#9736](https://github.com/emqx/emqx/pull/9736) Refactor of /bridges API to make it more consistent with other APIs: + - bridge enable/disable is now done via the endpoint `/bridges/{id}/enable/[true,false]` + - `/bridges/{id}/operation/{operation}` endpoints are now `/bridges/{id}/{operation}` + - metrics are moved out from the GET `/bridges/{id}` response and can now be fetched via `/bridges/{id}/metrics` + - the `bridges/{id}/reset_metrics` endpoint is now `/bridges/{id}/metrics/reset` + +- [#9774](https://github.com/emqx/emqx/pull/9774) Add a password complexity requirement when adding or modifying Dashboard users via the API. + Now password must contain at least 2 of alphabetic, numeric and special characters, + and must be 8 to 64 characters long. + +## Bug fixes + +- [#9626](https://github.com/emqx/emqx/pull/9626) Return authorization settings with default values. + The authorization cache is enabled by default, but due to the missing default value in `GET` response of `/authorization/settings`, it seemed to be disabled from the dashboard. + +- [#9680](https://github.com/emqx/emqx/pull/9680) Fix the problem that username and password authentication is mandatory in Influxdb v1 write API. + +- [#9726](https://github.com/emqx/emqx/pull/9726) Client fuzzy search API results were missing information which could tell if more results are available in the next pages, this is now fixed by providing `hasnext` flag in the response. + +- [#9735](https://github.com/emqx/emqx/pull/9735) Password information has been removed from information log messages for http, ldap, mongo, mqtt, mysql, pgsql and redis. + +- [#9748](https://github.com/emqx/emqx/pull/9748) Listeners not configured with `max_connections` will cause the cluster `/listeners` API to return 500 error. + +- [#9749](https://github.com/emqx/emqx/pull/9749) In some cases search APIs could respond with an incorrect `count` value in the metadata, that is usually much bigger than expected, this is now fixed. + +- [#9750](https://github.com/emqx/emqx/pull/9750) Reload overriding configs after boot. + Prior to this change, two configs were allow to change from dashboard, but will not take effect after reboot: + * Logging (such as level) + * Prometheus configs + + +- [#9751](https://github.com/emqx/emqx/pull/9751) Fix that obsoleted cert file will not be deleted after the listener is updated/deleted + +- [#9763](https://github.com/emqx/emqx/pull/9763) Fix an authentication exception when password is not provided + +- [#9765](https://github.com/emqx/emqx/pull/9765) Parse decimals as password from environment variable overrides correctly. + Prior to this change, config values for passwords are not allowed to be decimals. + e.g. `EMQX_FOOBAR__PASSWORD=12344` or `emqx.foobar.password=1234` + would result in a type check error, unless quoted as: + `EMQX_FOOBAR__PASSWORD='"12344"'` or `emqx.foobar.password="1234"`. + After this fix, the value does not have to be quoted. + +- [#9769](https://github.com/emqx/emqx/pull/9769) Fix Erlang shell prompt version prefix. e5.0.15 -> v5.0.15 + +- [#9780](https://github.com/emqx/emqx/pull/9780) When creating disk queue directory for resource worker, substitute ':' with '-' in worker id. + +- [#9781](https://github.com/emqx/emqx/pull/9781) Trace files were left on a node when creating a zip file for download. They are now removed when the file is sent. Also, concurrent downloads will no longer interfere with each other. + +- [#9785](https://github.com/emqx/emqx/pull/9785) Stop authentication hook chain if `emqx_authentication` provides a definitive result. + +- [#9787](https://github.com/emqx/emqx/pull/9787) Fix a compatible problem for the `webhook` bridge configuration which was created before the v5.0.12. diff --git a/changes/v5.0.15-zh.md b/changes/v5.0.15-zh.md new file mode 100644 index 000000000..679298613 --- /dev/null +++ b/changes/v5.0.15-zh.md @@ -0,0 +1,76 @@ +# v5.0.15 + +## 增强 + +- [#9569](https://github.com/emqx/emqx/pull/9569) 重构 `/authorization/sources/built_in_database/` 接口,将 `rules/` 添加到了其路径中。 + +- [#9585](https://github.com/emqx/emqx/pull/9585) 添加新 API 接口 `/bridges_probe` 用于测试创建桥接的参数是否可用。 + +- [#9586](https://github.com/emqx/emqx/pull/9586) API 调用不再支持基于 `username:password` 的 `baisc` 认证, 现在 API 必须通过 API Key 才能进行调用。 + +- [#9628](https://github.com/emqx/emqx/pull/9628) 为桥接资源增加了配置参数:`start_after_created` 和 `start_timeout`。 + +- [#9722](https://github.com/emqx/emqx/pull/9722) 为 Prometheus 推送到 Push Gateway 新增以下配置项: + - `headers`:允许自定义 HTTP 请求头。 + - `job_name`:允许自定义推送到 Push Gateway 的 Job 名称。 + +- [#9725](https://github.com/emqx/emqx/pull/9725) 从认证、鉴权和数据桥接功能中,删除 `auto_reconnect` 配置项,因为我们还有另一个功能类似的配置项: + `resource_opts.auto_restart_interval`。 + + 这两个配置项的功能难以区分,会导致困惑。此修改之后,`auto_reconnect` 将不可配置(永远为 true), + 支持此配置的底层驱动将以 `2s` 为周期自动重连异常断开的连接。 + + 而 `resource_opts.auto_restart_interval` 配置项仍然开放给用户配置,它是资源因为某些原因 + 无法建立连接的时候,emqx 重新启动该资源的时间间隔。 + +- [#9736](https://github.com/emqx/emqx/pull/9736) 重构部分 /bridges 的API 使得其和其他 API 能够更加一致: + - 桥接的启用和禁用现在是通过 `/bridges/{id}/enable/[true,false]` API 来实现的 + - 使用 `/bridges/{id}/{operation}` 替换了旧的 `/bridges/{id}/operation/{operation}` API + - 指标数据从 `/bridges/{id}` 的响应消息中移除,现在可以使用新的 API `/bridges/{id}/metrics` 进行访问 + - 使用 `/bridges/{id}/metrics/reset` 替换了旧的 `bridges/{id}/reset_metrics` API + +- [#9774](https://github.com/emqx/emqx/pull/9774) 通过 API 添加、修改 Dashboard 用户时,增加对密码复杂度的要求。 + 现在密码必须包含字母、数字以及特殊字符中的至少 2 种,并且长度范围必须是 8~64 个字符。 + +## 修复 + +- [#9626](https://github.com/emqx/emqx/pull/9626) 为授权设置 API 返回默认值。 + 授权缓存默认为开启,但是在此修复前,因为默认值在 `/authorization/settings` 这个 API 的返回值中缺失, + 使得在仪表盘配置页面中看起来是关闭了。 + +- [#9680](https://github.com/emqx/emqx/pull/9680) 修复 InfluxDB v1 桥接写入 API 配置中强制需要用户名密码认证的问题。 + +- [#9726](https://github.com/emqx/emqx/pull/9726) 在此修复前,客户端模糊搜索 API 缺少一些可以用于判断是否可以继续翻页的信息,现在通过在响应中提供 `hasnext` 标志来解决这个问题。 + +- [#9735](https://github.com/emqx/emqx/pull/9735) 密码信息已从http、ldap、mongo、mqtt、mysql、pgsql和redis的信息日志消息中删除。 + +- [#9748](https://github.com/emqx/emqx/pull/9748) 监听器不配置 `max_connections` 时会导致集群 `/listeners` 接口返回 500 错误。 + +- [#9749](https://github.com/emqx/emqx/pull/9749) 在某些情况下,搜索 API 可能会在元数据中响应不正确的 `count` 值,这通常比预期的要大得多,现在已经修复了。 + +- [#9750](https://github.com/emqx/emqx/pull/9750) 启动后重新加载一些重载配置项。 + 在此修复前,下面两个配置项允许从 Dashboard 控制台修改,但是在重启后无法生效: + * 日志 (例如日志级别) + * Prometheus 配置 + +- [#9751](https://github.com/emqx/emqx/pull/9751) 修复在更新或者删除监听器后,过时的证书文件没有被删除的问题。 + +- [#9763](https://github.com/emqx/emqx/pull/9763) 修复客户端没有提供密码时的一个异常 + +- [#9765](https://github.com/emqx/emqx/pull/9765) 允许使用纯数字作为密码配置。 + 在此修复前,密码的配置必须是字符串,使用纯数字时,会报类型检查错误。 + 例如,`EMQX_FOOBAR__PASSWORD=12344` 或 `emqx.foobar.password=1234` 会出错, + 必须用引把值括起来才行: + `EMQX_FOOBAR__PASSWORD='"12344"'` 或 `emqx.foobar.password="1234"`。 + 修复后可以不使用引号。在环境变量重载中使用更加方便。 + + +- [#9769](https://github.com/emqx/emqx/pull/9769) 修复 Eralng 控制台版本号前缀的打印错误 e5.0.15 -> v5.0.15 + +- [#9780](https://github.com/emqx/emqx/pull/9780) 在为资源缓存进程创建磁盘队列目录时,在ID中用 '-' 代替 ':'。 + +- [#9781](https://github.com/emqx/emqx/pull/9781) 当下载 日志追踪 的日志时,一些中间文件将存留在处理节点上,现在这个问题得到了修复。同时,并发下载日志将不再相互干扰。 + +- [#9785](https://github.com/emqx/emqx/pull/9785) 如果 `emqx_authentication` 提供了确定的结果,则停止认证钩子链。 + +- [#9787](https://github.com/emqx/emqx/pull/9787) 修复对在 v5.0.12 之前创建的 `webhook` 桥接配置的兼容问题。