Releases: micheldrescher/cw-project-radar
Cyberwatching.eu Project Radar v1.1.2
A quick release fixing three bugs, one of them a hot fix for layout issues accidentally introduced in the last release.
New feature(s):
n/a
Security
n/a
Improvement(s):
n/a
Bugfix(es):
- Leaked development changes caused layout issues
- Regression in API caused Web client to be unable to edit projects
- project budgets occasionally have decimal values; the server allowed decimals, but no the browser UI, which refused to submit decimal values
Cyberwatching.ey Project Radar v1.1.1
This release focussed on massively expanding on the documentation available for the Project Radar.
New feature(s):
n/a
Security
n/a
Improvement(s):
- Various refactorings
- Massive improvement in documentation
Bugfix(es):
- Project blip numbers not rotating in Safari (#41)
Cyberwatching Project Radar v1.1.0
Another quick release.
New feature(s):
- Provide some statistics about projects that are visible according to filters set by the user
Security
none
Improvement(s):
none
Bugfix(es):
- Authentication issues with tokens for services that use the API
- MongoDB duplicate key errors changed during upgrade, causing code to throw unhandled TypeErrors.
- Race condition in statistics update caused undefined values to be shown
Cyberwatching Project Radar v1.0.3
The devil is in the detail. While running in production, some unforeseen side-effects needed to be taken care of. These are bundled in this new patch release as follows:
Bugfix(es):
- Strict HTTPS flag for AuthN/AuthZ session cookie removed, as this may interfere with deployment configurations where a fronting proxy provides the HTTPS functionality.
- Typo in
.env.templateled to not picking up certificate and private key for direct HTTPS mode of the server - API endpoint reimplemented away from generic factory handler and controller
Cyberwatching Project Radar v1.0.2
Another quick release.
New feature(s):
Security
Improvement(s):
Bugfix(es):
- Requesting the widget for a project without MTRL scores resulted in an error message. Now the widget simlpy displays
n/afor MRL and TRL scores
Cyberwatching Project Radar v1.0.1
This release is a quick update to the first production release of the tool.
In the hectic of scrambling to publish the new production version, some tasks have fallen off the table. Some of them are captured in this release.
New feature(s):
Security
Improvement(s):
- Some more documentation available (more to come gradually)
- For those interested, a link to the release notes (this page) has been added. It is configurable in the application's
.envfile
Bugfix(es):
- Comment out widget code on the main page. Once properly documented, the commented out widget wll be removed.
Cyberwatching Project Radar v1.0.0
A major milestone for the Cyberwatching.eu Project Radar!
The project has decided to push the radar into production.
Extensive tests have been conducted in the beta phase, and a data migration path is available to retain all data produced in the current radar to continue to be served in this new reimplementation.
The following changes were made since the last beta release:
New feature(s):
Security
- URL parameter validation before they are used in the code
- Google Analytics integration now uses IP address anonymisation
- If no certificate & private key are configured, the server reverts to HTTP (on default port 8080). HTTPS default port is 8443
- Updated dependencies fixing security vulnerabilities
- Configured CSP to allow any site to use the widget in an
iframe
Improvement(s):
- Produce MTRL score cards for projects that have 2+ scores (previously: 3+)
- Updated data baseline migrating the production data from the previous production radar
- Very basic documentation update
- Documentation to set up a dev env added
Bugfix(es):
- Remove empty
divelements left behind from modal dialogues - Authentication regression errors
- Layout error in Safari
- mouse events now use standard mouse event attributes
Cyberwatching Project Radar Beta 4 (v0.7.4)
A new point release for the Cyberwatching project radar - beta 4.
This release features two new features adding more value to the application. MTRL scores feature a new, optional, summary field; and projects with three or more MTRL submissions will feature a 'score card' with a score diagram and full score history.
New feature(s):
- Projects with three or more MTRL scores now allow showing the MTRL graph and its score history in a new modal dialogue (project score card)
- MTRL scores now carry an optional field for submitters summarising the reasons why this particular score has been achieved. This summary will be used in the project's MTRL score card (see above)
Security
- Upgrading external libraries to new versions fixing various security vuilnerabilities
Improvement(s):
- App modal dialogues (project info, and project score card) can be closed by pressing the ESC key
- When fetching a proejct by its CW id, add request query parameters to add the newest or all scores/classifications to the response. For example
?scores=all&class=newest - Various code quality and design improvements for better maintainability
Bugfix(es):
- Various internal bug fixes
Cyberwatching Project Radar Beta 3 (v0.7.3)
A new point release for the Cyberwatching project radar - beta 3.
This release mostly focused on improving security, addressing XSS, CSRF, proper CORS handling and secure JWT management for AuthN and AuthZ.
New feature(s):
- Errors are now logged in a separate error.log file on the server
Security
- #33 Logging in is now hardened against NoSQL attacks
- CORS configuration clamped down to specific paths in the API
- JWT payload is now encrypted, making it impossible for attackers to exploit it without the server-side encryption key
- Browser cookie hardened against CSRF attacks
- HTTPS is now mandatory - the server will not work without it.
Improvement(s):
- #36 The server integrates with Google Analytics if configured to do so
Bugfix(es):
- #32 Redesign of MTRL score graph to avoid edge cases causing overlapping max/min score with median
- #37 Layout of the filter section (incl. search) now prevents the clear button to flow into a second line
- #31 The JRC Taxonomy filter tags display now has a defined maximum size; to show all tags hover the mouse over it.
Cyberwatching Project Rdar beta 0.7.2
A new point release for the Cyberwatching project radar.
New feature(s):
- Server in production mode now logs properly into log files (errors are also emitted on the server console)
- #25 Search results are now clickable (showing project info)
- #30 each filter tag can be removed individually
- #27 A new 'clear all' button now clears all taxonomy filter tags in the selection model