Skip to content

0.7.0
Compare
Choose a tag to compare
@subnetmarco subnetmarco released this 25 Feb 03:27
· 8947 commits to master since this release
0.7.0
abb9dc5

Breaking changes

Due to the NGINX security fixes (CVE-2016-0742, CVE-2016-0746, CVE-2016-0747), OpenResty was bumped to 1.9.7.3 which is not backwards compatible, and thus requires changes to be made to the nginx property of Kong's configuration file. See the 0.7 upgrade path for instructions.

However by upgrading the underlying OpenResty version, source installations do not have to patch the NGINX core and use the old ssl-cert-by-lua branch of ngx_lua anymore. This will make source installations much easier.

Added

  • Support for OpenResty 1.9.7.*. This includes NGINX security fixes (CVE-2016-0742, CVE-2016-0746, CVE-2016-0747). #906
  • Plugins
    • New Runscope plugin: Monitor your APIs from Kong with Runscope. Courtesy of @mansilladev. #924
    • Datadog: New response.size metric. #923
    • Rate-Limiting and Response Rate-Limiting
      • New config.async option to asynchronously increment counters to reduce latency at the cost of slighly reducing the accuracy. #912
      • New config.continue_on_error option to keep proxying requests in case the datastore is unreachable. rate-limiting operations will be disabled until the datastore is responsive again. #953
  • CLI
    • Perform a simple permission check on the NGINX working directory when starting, to prevent errors during execution. #939
  • Send 50x errors with the appropriate format. #927 #970

Fixed

  • Plugins
    • OAuth2
      • Better handling of redirect_uri (prevent the use of fragments and correctly handle querystrings). Courtesy of @PGBI. #930
      • Add PUT support to the /auth2_tokens route. #897
      • Better error message when the access_token is missing. #1003
    • IP restriction: Fix an issue that could arise when restarting Kong. Now Kong does not need to be restarted for the ip-restriction configuration to take effect. #782 #960
    • SSL: Replace shelled out openssl calls with native ngx.ssl conversion utilities, which preserve the certificate chain. #968
    • ACL: Properly invalidating entities when assigning a new ACL group. #996
  • Avoid user warning on start when the user is not root. #964
  • Store Serf logs in NGINX working directory to prevent eventual permission issues. #975
  • Allow plugins configured on a Consumer without being configured on an API to run. #978 #980
  • Fixed an edge-case where Kong nodes would not be registered in the nodes table. #1008
Assets 13
Loading