Releases: CVEProject/cve-services
Releases · CVEProject/cve-services
v2.5.0
What's Changed
- Update workflow to no longer use unsupported action/upload-artifact by @david-rocca in #1280
- Bump braces from 3.0.2 to 3.0.3 by @dependabot in #1239
- Bump vue-template-compiler and depcheck by @dependabot in #1259
- Bump serve-static and express by @dependabot in #1275
- Bump webpack from 5.76.1 to 5.95.0 by @dependabot in #1281
- Migrate to the 5.1.1 schemas by @david-rocca in #1287
Full Changelog: v2.3.3...v2.5.0
v2.4.0
What's Changed
- Updated github actions to use docker compose instead of docker-compose by @jdaigneau5 in #1265
- Resolved issue #1258, adds feature to PUT /org/{shortname} to update new
last_active
field. by @jack-flores in #1262 - Update openapi.json to reflect changes from CVEProject/cve-schema@b83c668 by @M-nj in #1263
Full Changelog: v2.3.3...v2.4.0
2.3.3
What's Changed
- Resolves #1125 trim leading and trailing whitespace from JSON values by @jdaigneau5 in #1222
- Resolves #1131 and #1210 Updated documentation to explain server populated, optional fields, removed unused files by @jdaigneau5 in #1223
- Resolves #808 Updated docs to warn of possible race condition by @jdaigneau5 in #1224
- Resolves #1163 Added datePublic validator with 24 hour grace period by @jdaigneau5 in #1240
- Resolves #1133 updated post/put cna container docs by @jdaigneau5 in #1245
- Resolves #1251 fixed incorrect paths passed to validateDatePublic middleware #1252
- Bump express from 4.18.2 to 4.19.2 by @dependabot in #1217
- Bump tar from 6.1.14 to 6.2.1 by @dependabot in #1220
- Updated issue triage action by @jdaigneau5 in #1242
Full Changelog: v2.3.2...v2.3.3
v2.3.2
What's Changed
- Updated rejectExistingCve to update dataVersion by @jdaigneau5 in #1231
Full Changelog: v2.3.1...v2.3.2
v2.3.1
What's Changed
- Resolves #1226
dataVersion
patch by @jdaigneau5 in #1227
Full Changelog: v2.3.0...v2.3.1
v2.3.0
What's Changed
- Resolves #1124, #1126, #1185, #1186 5.1 schema implementation by @jdaigneau5 in #1190
- Resolves #1180 Schema version auto populated when omitted in secretariat endpoints by @jdaigneau5 in #1191
- Update version numbers to 2.3.0 by @jdaigneau5 in #1194
- Updating link to schema in docs by @jdaigneau5 in #1200
- Resolves #1204 Update Cve-Service's version of the CVE schema to address CVSS score errors by @jdaigneau5 in #1211
Full Changelog: v2.2.1...v2.3.0
v2.2.1
What's Changed
- Resolves #1176 For GET /cve-id, redacts
requested_by.user
value for situations when cve-ids changes orgs, and when users change orgs by @jdaigneau5 in #1179
Full Changelog: v2.2.0...v2.2.1
v2.2.0
What's Changed
- Resolves #1058, #1060 Implements ADP role and AdpOnly middleware by @jdaigneau5 in #1071
- Resolves #1062 implementing Create ADP container endpoint (ADP implementation commit)
- Resolves #1061 and #1063 Added tests for creating/updating ADP containers and rejecting records w/ adp contain by @jdaigneau5 in #1073
- Resolves #1066 implemented ADP id_quota to be set to 0 and created tests by @jdaigneau5 in #1078
- Resolves #1072 Create ADP integration tests by @david-rocca in #1079
- Resolves #1080 - Adds Unit test to check quota after CNA removal by @david-rocca in #1081
- Resolves #1059 Added basic user creation integration test by @jdaigneau5 in #1082
- Resolves #1075 - Addition of cna_modified boolean by @david-rocca in #1086
- Resolves #1076 - ADP short name parameter by @david-rocca in #1087
- Resolves #1036 - cve-id/:id state parameter checks by @david-rocca in #1088
- Resolves #1014 - Fixes Typo in middleware.js by @david-rocca in #1089
- Resolves #798 - Update to LF line endings. by @david-rocca in #1090
- Resolves #741 Fixes GET
/cve-id
endpoint's out of memory bug by @jdaigneau5 in #1091 - Resolves #1092 updated insertADP container response message by @jdaigneau5 in #1098
- Resolves #818 - Better Errors for Bad dates in time_modified by @david-rocca in #1099
- Resolves #1013 Updated onlyOrgWithRole middleware to onlyOrgWithPartnerRole by @jdaigneau5 in #1104
- Resolves #1018 - Character and User limits by @david-rocca in #1107
- Resolves #803 - Updates Error messaging for null bytes & tests by @david-rocca in #1113
- Resolves #1114 - Fixes bugs with new parameters by @david-rocca in #1115
- Resolves #1050 Created new GET
/cve_cursor
endpoint that implements cursor pagination for getting CVE records by @jdaigneau5 in #1108 - Resolves #1074 - Update openapi.json bindings by @david-rocca in #1095
- Resolves #1006 added specific error handler for $ in x_fields by @jdaigneau5 in #1122
- Resolves #833 removed incorrect comment by @jdaigneau5 in #1123
- Resolves #816 - Updates Error message, and fixes date validation by @david-rocca in #1134
- Resolves issue #832 updated helmet node module to handle response headers by @jdaigneau5 in #1143
- Resolves issue #944 - Better filtering for invalid characters in query parameters by @david-rocca in #1144
- Resolves #962 #728 removed
decodeEntities
andescape
calls by @jdaigneau5 in #1148 - Resolves issue #836 - Update access management workflow in updateUser by @david-rocca in #1149
- Resolves issue #958 and #957 - Move away from validate-date to luxon by @david-rocca in #1152
- Resolves issue #1142 - Adds details about rate limiting headers by @david-rocca in #1153
- Resolves #1158, #1159 - Adds type checks and validation to prevent unintended errors from
toString
- Bump webpack from 5.74.0 to 5.76.1 by @dependabot in #1044
- Bump word-wrap from 1.2.3 to 1.2.4 by @dependabot in #1106
- Bump semver from 5.7.1 to 5.7.2 by @dependabot in #1109
- Bump mongoose from 5.13.17 to 5.13.20 by @dependabot in #1105
- Bump @babel/traverse from 7.21.5 to 7.23.2 by @dependabot in #1127
New Contributors
- @david-rocca made their first contribution in #1079
Full Changelog: v2.1.4...v2.2.0
Sprint-30
What's Changed
- Resolves #1058, #1060 Implements ADP role and AdpOnly middleware by @jdaigneau5 in #1071
- Resolves #1062 implementing Create ADP container endpoint (ADP implementation commit)
- Resolves #1061 and #1063 Added tests for creating/updating ADP containers and rejecting records w/ adp contain by @jdaigneau5 in #1073
- Resolves #1066 implemented ADP id_quota to be set to 0 and created tests by @jdaigneau5 in #1078
- Resolves #1072 Create ADP integration tests by @david-rocca in #1079
- Resolves #1080 - Adds integration test to check quota after CNA removal by @david-rocca in #1081
- Resolves #1059 Added basic user creation integration test by @jdaigneau5 in #1082
- updated version numbers to 2.2.0 by @jdaigneau5 in #1083
- Bump webpack from 5.74.0 to 5.76.1 by @dependabot in #1044
New Contributors
- @david-rocca made their first contribution in #1079
Full Changelog: v2.1.4...Sprint-30
Sprint-38
What's Changed
- Resolves issue #944 - Better filtering for invalid characters in query parameters by @david-rocca in #1144
- Resolves issues #962 #728 removed
decodeEntities
andescape
calls by @jdaigneau5 in #1148 - Resolves issue #836 - Update access management workflow in updateUser by @david-rocca in #1149
Full Changelog: Sprint-37...Sprint-38