Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

bump to v2.18.0 #2120

Merged
merged 29 commits into from
Dec 17, 2024
Merged

bump to v2.18.0 #2120

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
29 commits
Select commit Hold shift + click to select a range
16a90ab
Patch critical vulnerability (#2098)
SamuelPull Nov 15, 2024
c152e72
2097: New TruBudget background (#2099)
pmolnar-dev Nov 15, 2024
a6fe67a
ci: Bump audit versions (#2101)
SamuelPull Nov 18, 2024
9a452f4
api:upgrade fastify (#2102)
galethil Nov 19, 2024
3d2697a
2079 Project Description field (#2085)
SamuelPull Nov 19, 2024
ea21621
2083 env vars generator (#2100)
galethil Nov 19, 2024
2a5fef4
refactor workflow action styles
pmolnar-dev Nov 21, 2024
14d9152
Merge pull request #2106 from openkfw/2105-refactor-workflow-action-s…
MartinJurcoGlina Nov 22, 2024
8897fd5
api: refresh and access token configuration
SamuelPull Nov 25, 2024
348efd8
reverted some changes
SamuelPull Nov 25, 2024
ab887e9
mr comment
SamuelPull Nov 25, 2024
196de38
Merge pull request #2104 from openkfw/2103-token-security
MartinJurcoGlina Nov 25, 2024
9d3d837
2107: More descriptive Add buttons (#2108)
pmolnar-dev Nov 27, 2024
3cdbffc
frontend:New tour prototype
Nov 27, 2024
9181b21
ui: fix root switch (#2110)
SamuelPull Nov 29, 2024
f88475e
frontend:Tour with extended functionality
Dec 2, 2024
5e15e5d
frontend:Add translations
Dec 4, 2024
bdac5de
frontend:Add timeout clearing for useEffect
Dec 5, 2024
bc46549
frontend:Add timeout clearing for useEffect
Dec 5, 2024
7aebbc9
frontend:Add missing translations
Dec 5, 2024
628b3eb
Merge pull request #2112 from openkfw/1583-tour
MartinJurcoGlina Dec 5, 2024
d67c8d4
frontend:Change styles to em
Dec 6, 2024
d514733
frontend:Change styles to rem
Dec 6, 2024
bace235
fixed vulnerabilities
MartinJurcoGlina Dec 10, 2024
55206d4
few more vulnerabilities fixed
MartinJurcoGlina Dec 10, 2024
8bdab2d
Merge pull request #2117 from openkfw/vulnerability-fixes
MartinJurcoGlina Dec 10, 2024
9b27a85
Merge branch 'main' of github.com:openkfw/TruBudget into 1583-tour-st…
MartinJurcoGlina Dec 11, 2024
faf25d4
Merge pull request #2116 from openkfw/1583-tour-styles
MartinJurcoGlina Dec 11, 2024
e3c318d
bump to v2.18.0 (#2118)
galethil Dec 17, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/workflows/daily-security-check.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ jobs:
if: always()
strategy:
matrix:
tags: ["main", "v2.16.0"]
tags: ["main", "v2.17.0"]
steps:
- uses: actions/checkout@v4
- name: Use Node.js 18.x
Expand Down Expand Up @@ -53,7 +53,7 @@ jobs:
audit-libraries:
strategy:
matrix:
releases: ["main", "v2.15.0", "v2.14.0"]
releases: ["main", "v2.17.0"]
runs-on: ubuntu-latest
if: always()
steps:
Expand Down
1 change: 1 addition & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ scripts/operation/.env
docs/developer/api-docs
scripts/development/.env.bak
scripts/operation/.env.bak
scripts/operation/.env.file.bak
scripts/operation/cronjob.err
scripts/operation/cronjob.output
api/src/trubudget-config/upgrade_version.txt
Expand Down
24 changes: 23 additions & 1 deletion CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,27 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
<!-- ### Fixed -->


## [2.18.0] - 2024-12-17

<!-- ## Unreleased -->

### Added

- UI: More descriptive Add buttons [#2107](https://github.com/openkfw/TruBudget/issues/2107)
- api: Configurable refresh token and session token length [#2103](https://github.com/openkfw/TruBudget/issues/2103)


### Changed

- UI: Refactor styles for Workflow action [#2105](https://github.com/openkfw/TruBudget/issues/2105)
- UI: New TruBudget background [#2097](https://github.com/openkfw/TruBudget/issues/2097)


### Fixed

- ui: Permissions not loaded correctly when switching users [#2109](https://github.com/openkfw/TruBudget/issues/2109)


## [2.17.0] - 2024-11-11

<!-- ## Unreleased -->
Expand Down Expand Up @@ -1308,7 +1329,8 @@ If you install TruBudget freshly, this is not an issue for you. If you update to
- Updated translation keys and language-specific formatting.
- Fixed bug where the subproject permissions dialog would break the details view of another project.

[unreleased]: https://github.com/openkfw/TruBudget/compare/v2.17.0...main
[unreleased]: https://github.com/openkfw/TruBudget/compare/v2.18.0...main
[2.18.0]: https://github.com/openkfw/TruBudget/compare/v2.17.0...v2.18.0
[2.17.0]: https://github.com/openkfw/TruBudget/compare/v2.16.0...v2.17.0
[2.16.0]: https://github.com/openkfw/TruBudget/compare/v2.15.0...v2.16.0
[2.15.0]: https://github.com/openkfw/TruBudget/compare/v2.14.0...v2.15.0
Expand Down
6 changes: 4 additions & 2 deletions api/environment-variables.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
| **ORGANIZATION** | no | MyOrga | In the blockchain network, each node is represented by its organization name. This environment variable sets this organization name. It is used to create the organization stream on the blockchain and is also displayed in the frontend's top right corner. Minimal value: 1. Maximal value: 100. |
| **PORT** | no | 8091 | The port used to expose the API for your installation. Example: If you run TruBudget locally and set API_PORT to `8080`, you can reach the API via `localhost:8080/api`. Value is a port with minimal value 0 and maximal value 65535 |
| **ORGANIZATION_VAULT_SECRET** | yes | - | This is the key to en-/decrypt user data of an organization. If you want to add a new node for your organization, you want users to be able to log in on either node. **Caution:** If you want to run TruBudget in production, make sure NOT to use the default value from the `.env.example` file! Minimal value: 5. |
| **ROOT_SECRET** | no | 8d0ab15d21b6d2c48d834bad4785a52126573906c84e6120506fce35f5ce4708 | The root secret is the password for the root user. If you start with an empty blockchain, the root user is needed to add other users, approve new nodes,.. If you don't set a value via the environment variable, the API generates one randomly and prints it to the console **Caution:** If you want to run TruBudget in production, make sure to set a secure root secret. Minimal value: 8. |
| **ROOT_SECRET** | no | 361d01c8e3ad45279314d5d28f9b6ac12634c90a7f9fdd719518c7b71349dc35 | The root secret is the password for the root user. If you start with an empty blockchain, the root user is needed to add other users, approve new nodes,.. If you don't set a value via the environment variable, the API generates one randomly and prints it to the console **Caution:** If you want to run TruBudget in production, make sure to set a secure root secret. Minimal value: 8. |
| **MULTICHAIN_RPC_HOST** | no | localhost | The IP address of the blockchain (not multichain daemon,but they are usally the same) you want to connect to. |
| **MULTICHAIN_RPC_PORT** | no | 8000 | The Port of the blockchain where the server is available for incoming http connections (e.g. readiness, versions, backup and restore) |
| **MULTICHAIN_PROTOCOL** | no | http | The protocol used to expose the multichain daemon of your Trubudget blockchain installation(bc). The protocol used to connect to the multichain daemon(api). This will be used internally for the communication between the API and the multichain daemon. |
Expand All @@ -18,7 +18,7 @@
| **BLOCKCHAIN_PROTOCOL** | no | http | The Protocol of the blockchain where the server is available for incoming http connections. |
| **SWAGGER_BASEPATH** `deprecated` | no | - | deprecated This variable was used to choose which environment (prod or test) is used for testing the requests. The variable is deprecated now, as the Swagger documentation can be used for the prod and test environment separately. Example values: "/". |
| **JWT_ALGORITHM** | no | HS256 | Algorithm used for signing and verifying JWTs. |
| **JWT_SECRET** | yes (if JWT_ALGORITHM=RS256) | 9640f5d6c8af1bc72275 | A string that is used to sign JWT which are created by the authenticate endpoint of the api. If JWT_ALGORITHM is set to `RS256`, this is required and holds BASE64 encoded PEM encoded private key for RSA. |
| **JWT_SECRET** | yes (if JWT_ALGORITHM=RS256) | 9e33c0e28cd6ca61ce4d | A string that is used to sign JWT which are created by the authenticate endpoint of the api. If JWT_ALGORITHM is set to `RS256`, this is required and holds BASE64 encoded PEM encoded private key for RSA. |
| **JWT_PUBLIC_KEY** | yes (if JWT_ALGORITHM=RS256) | - | If JWT_ALGORITHM is set to `RS256`, this is required and holds BASE64 encoded PEM encoded public key for RSA. |
| **DOCUMENT_FEATURE_ENABLED** | no | - | If true, all uploaded documents are stored using trubudget's storage-service. If false, the document feature of TruBudget is disabled, and trying to upload a document will result in an error. |
| **DOCUMENT_EXTERNAL_LINKS_ENABLED** | no | - | If true, it is possible to use external documents links also without TruBudget's storage-service. If false, the external documents links feature of TruBudget is still possible to use in case DOCUMENT_FEATURE_ENABLED equals "true". |
Expand All @@ -38,6 +38,8 @@
| **AUTHPROXY_JWS_SIGNATURE** | yes (if AUTHPROXY_ENABLED=true) | - | secret/public key/certificate for verifying auth proxy token signature |
| **DB_TYPE** | no | pg | - |
| **SQL_DEBUG** | no | - | - |
| **REFRESH_TOKEN_EXPIRATION** | no | 8 | Refresh token expiration in hours. After a defined time, login session will be invalid. |
| **ACCESS_TOKEN_EXPIRATION** | no | 0.25 | Access token expiration in hours |
| **REFRESH_TOKEN_STORAGE** | no | - | Determining the type of storage for refresh tokens. Allowed values are "db" or "memory" or blank to disable refresh token functionality. |
| **API_DB_USER** | yes (if REFRESH_TOKEN_STORAGE=db) | postgres | Database user for database connection, e.g. postgres |
| **API_DB_PASSWORD** | yes (if REFRESH_TOKEN_STORAGE=db) | test | Database password for database connection |
Expand Down
Loading
Loading