This repository was archived by the owner on Jul 12, 2023. It is now read-only.
v0.31.0
Changes since v0.30.0
Bug fixes
- Fixes a bug where some successfully issued codes on bulk upload wouldn't appear in results CSV file. (#2135, @mikehelmick)
Security
- Add SRI integrity hashes to custom css and javascript. SRI was already present for external assets, but this includes the check on internal assets as well. (#2134, @sethvargo)
- Add alerts for when a Cloud Run service is deployed using breakglass (without Binary Authorization). Like the
HumanAccessedSecretalert, there may be legitimate reasons for a human to perform this operation, but it should be carefully checked and audited. Due to eventual consistency, the initial Terraform apply may fail due to missing metric. After 5 minutes, you can run the Terraform apply again to converge. (#2143, @sethvargo) - Ensure all external links specify noopener and noreferrer. (#2147, @sethvargo)
- Migrate from unsupported JWT library to supported JWT library (#2129, @mikehelmick)
- Scrub phone numbers from user report log lines (#2119, @mikehelmick)
User-report
- Allows for client side user-report throttling, indicating an appropriate error on the server. (#2130, @mikehelmick)
- More customization and localization of user-report web view. (#2131, @mikehelmick)
- Syncs web report learn more URL from the Google ENX application feed. (#2133, @mikehelmick)
Misc
- Remove platform field from user-report API documentation. (#2132, @mikehelmick)
- Print a log message at the error level when html/json/csv fails to marshal. (#2140, @sethvargo)
- Delete statistics that are more than 30 days old. This retention period can be configured by setting
STATS_MAX_AGEon the cleanup service. The minimum value is 7 days and the maximum retention period is 60 days. This replaces the existingKEY_SERVER_STATS_MAX_AGEvariable. (#2122, @sethvargo) - Fix an issue where a realm chaff event might be recorded for the wrong date. (#2124, @sethvargo)
- Make alerts and notices more prominent in the UI. (#2146, @sethvargo)
Dependencies
Added
- github.com/checkpoint-restore/go-criu/v5: v5.0.0
- github.com/golang-jwt/jwt: v3.2.1+incompatible
- google.golang.org/grpc/cmd/protoc-gen-go-grpc: v1.1.0
Changed
- cloud.google.com/go: v0.81.0 → v0.83.0
- contrib.go.opencensus.io/exporter/stackdriver: v0.13.5 → v0.13.6
- github.com/Azure/azure-sdk-for-go: v53.4.0+incompatible → v55.1.0+incompatible
- github.com/Azure/go-autorest/autorest/adal: v0.9.13 → v0.9.14
- github.com/Azure/go-autorest/autorest: v0.11.18 → v0.11.19
- github.com/aws/aws-sdk-go: v1.38.25 → v1.38.56
- github.com/chromedp/cdproto: 0942afb → 9e51b90
- github.com/chromedp/chromedp: v0.6.10 → v0.7.3
- github.com/cilium/ebpf: v0.2.0 → v0.5.0
- github.com/containerd/console: v1.0.1 → v1.0.2
- github.com/coreos/go-systemd/v22: v22.1.0 → v22.3.1
- github.com/form3tech-oss/jwt-go: v3.2.2+incompatible → v3.2.3+incompatible
- github.com/gin-gonic/gin: v1.6.3 → v1.7.2
- github.com/gobwas/ws: v1.0.4 → v1.1.0-rc.5
- github.com/godbus/dbus/v5: v5.0.3 → v5.0.4
- github.com/google/exposure-notifications-server: v0.29.0 → v0.31.0
- github.com/google/go-cmp: v0.5.5 → v0.5.6
- github.com/google/martian/v3: v3.1.0 → v3.2.1
- github.com/google/pprof: cbba55b → 01bbb19
- github.com/hashicorp/go-retryablehttp: v0.6.8 → v0.7.0
- github.com/hashicorp/hcl: v1.0.1-vault → 2
- github.com/leodido/go-urn: v1.2.1 → v1.2.0
- github.com/leonelquinteros/gotext: v1.4.0 → v1.5.0
- github.com/lib/pq: v1.10.1 → v1.10.2
- github.com/moby/sys/mountinfo: v0.4.0 → v0.4.1
- github.com/nyaruka/phonenumbers: v1.0.68 → v1.0.69
- github.com/opencontainers/runc: v1.0.0-rc93 → v1.0.0-rc95
- github.com/opencontainers/runtime-spec: e6143ca → 1c3f411
- github.com/prometheus/common: v0.21.0 → v0.25.0
- github.com/prometheus/statsd_exporter: v0.20.1 → v0.20.2
- github.com/stretchr/testify: v1.6.1 → v1.7.0
- github.com/ugorji/go/codec: v1.2.5 → v1.1.7
- github.com/ugorji/go: v1.2.5 → v1.1.7
- github.com/unrolled/secure: v1.0.8 → v1.0.9
- github.com/yuin/goldmark: v1.2.1 → v1.3.5
- go.uber.org/multierr: v1.6.0 → v1.7.0
- go.uber.org/zap: v1.16.0 → v1.17.0
- golang.org/x/crypto: 83a5a9b → c07d793
- golang.org/x/lint: 83fdc39 → 6edffad
- golang.org/x/net: 5f58ad6 → abc4532
- golang.org/x/oauth2: 5e61552 → f6687ab
- golang.org/x/sys: c94f622 → 9665404
- golang.org/x/time: f8bda1e → ed9ce3a
- golang.org/x/tools: 2ac05c8 → v0.1.2
- google.golang.org/api: v0.45.0 → v0.48.0
- google.golang.org/genproto: 3a41ef9 → b6d2f5b
- google.golang.org/grpc: v1.37.0 → v1.38.0
- gopkg.in/yaml.v3: 9f266ea → 496545a
- honnef.co/go/tools: v0.1.3 → v0.2.0
Removed
- github.com/checkpoint-restore/go-criu/v4: v4.1.0
pec: 1c3f411 - github.com/opencontainers/selinux: v1.8.0
- github.com/otiai10/copy: v1.2.0
- github.com/otiai10/curr: v1.0.0
- github.com/otiai10/mint: v1.3.1
- github.com/seccomp/libseccomp-golang: v0.9.1
- github.com/syndtr/gocapability: 42c35b4
- github.com/tenntenn/modver: v1.0.1
- github.com/tenntenn/text/transform: 7eef512
- github.com/vishvananda/netlink: v1.1.0
- github.com/vishvananda/netns: 0a2b9b5
- github.com/willf/bitset: v1.1.11
- gopkg.in/airbrake/gobrake.v2: v2.0.9
- gopkg.in/gemnasium/logrus-airbrake-hook.v2: v2.1.2
- gotest.tools/v3: v3.0.2