These are release notes for API portal for VMware Tanzu.
v1.4.7
Release Date: January 16, 2024
Included in This Release
- Resolved OAuth2 authorization flow within the API viewer page (swagger-ui component)
v1.4.6
Release Date: 20 December, 2023
Included in This Release
- Resolved security vulnerabilities: CVE-2022-48522, CVE-2023-47038, CVE-2023-34053, GHSA-vmq6-5m68-f53m, and GHSA-xjhv-p3fv-x24r.
v1.4.5
Release Date: 29 November, 2023
Included in This Release
- Updated Reactor Netty
- Updated buildpack base images
v1.4.4
Release Date: 10 October, 2023
Included in This Release
- Fix: update base images for CVE-2023-4911
v1.4.3
Release Date: 5 October, 2023
Included in This Release
- Fixed SSO logout bug for identity providers that support
end_session_endpoint
v1.4.2
Release Date: 22 September, 2023
Included in This Release
- Added support for OpenAPI specification defining API group ID using
x-tanzu-api-portal-group-id
along withgroupId
to ensure meeting specification validation - Fixed issue with disabling “Try it Out” on API portal instances
- Fixed installation issue to support Pod Security Admission controller set to restricted in specific clusters (https://kubernetes.io/docs/concepts/security/pod-security-admission/#pod-security-levels)
- Resolved CVE-2023-34035
v1.4.1
Release Date: 19 July, 2023
Included in This Release
- Resolve CVE-2023-31484 by updating paketo base images: Build to 0.4.168 and Run to 0.1.64
v1.4.0
Release Date: 19 July, 2023
Included in This Release
- Improve error messages for when no APIs are found
- Improve visual elements and accessibility of UI
- Dependency upgrades:
- Bump org.springframework.boot from 3.0.5 to 3.1.0
- Bump io.swagger:swagger-parser from 1.0.65 to 1.0.67
- Bump io.swagger.parser.v3:swagger-parser from 2.1.13 to 2.1.15
- Bump io.pivotal.cfenv:java-cfenv-boot-pivotal-sso from 2.4.1 to 2.4.2
Content feedback and comments