v0.4.23

CHANGELOG

FEATURE: New CLI commands have been implemented for working with the drive share backend mode (part of the "zrok Drives" functionality). These commands include zrok cp, zrok mkdir zrok mv, zrok ls, and zrok rm. These are initial, minimal versions of these commands and very likely contain bugs and ergonomic annoyances. There is a guide available at https://docs.zrok.io/docs/guides/drives/cli/ that explains how to work with these tools in detail (#438)

FEATURE: Python SDK now has a decorator for integrating with various server side frameworks. See the http-server example.

FEATURE: Python SDK share and access handling now supports context management.

FEATURE: TLS for zrok controller and frontends. Add the tls: stanza to your controller configuration (see etc/ctrl.yml) to enable TLS support for the controller API. Add the tls: stanza to your frontend configuration (see etc/frontend.yml) to enable TLS support for frontends (be sure to check your public frontend template) (#24)

CHANGE: Improved OpenZiti resource cleanup resilience. Previous resource cleanup would stop when an error was encountered at any stage of the cleanup process (serps, sps, config, service). New cleanup implementation logs errors but continues to clean up anything that it can (#533)

CHANGE: Instead of setting the ListenOptions.MaxConnections property to 64, use the default value of 3. This property actually controls the number of terminators created on the underlying OpenZiti network. This property is actually getting renamed to ListenOptions.MaxTerminators in an upcoming release of github.com/openziti/sdk-golang (#535)

CHANGE: Versioning for the Python SDK has been updated to use versioneer for management.

CHANGE: Python SDK package name has been renamed to zrok, dropping the -sdk postfix. pypi.

v0.4.22

CHANGELOG

NOTE v0.4.22 is a re-run of the v0.4.21 release. There was a hiccup with the release management process that required us to burn a version number to correct. Here are the changes since v0.4.20:

FEATURE: The web console now supports deleting zrok access frontends (#504)

CHANGE: The web console now displays the frontend token as the label for any zrok access frontends throughout the user interface (#504)

CHANGE: Updated github.com/rubenv/sql-migrate to v1.6.0

CHANGE: Updated github.com/openziti/sdk-golang to v0.22.6

FIX: The migration sqlite3/015_v0_4_19_share_unique_name_constraint.sql has been adjusted to delete the old shares_old table as the last step of the migration process. Not sure exactly why, but SQLite is unhappy otherwise (#504)

FIX: Email addresses have been made case-insensitive. Please note that there is a migration included in this release (016_v0_4_21_lowercase_email.sql) which will attempt to ensure that all email addresses in your existing database are stored in lowercase; if this migration fails you will need to manually remediate the duplicate account entries (#517)

FIX: Stop sending authentication cookies to non-authenticated shares (#512)

FIX: The goreleaser action is not updated to work with the latest golang build. Modifed go.mod to comply with what goreleaser expects

v0.4.20

CHANGELOG

CHANGE: OpenZiti SDK updated to v0.21.2. All ziti.ListenOptions listener options configured to use WaitForNEstablishedListeners: 1. When a zrok share client or an sdk.Share client are connected to an OpenZiti router that supports "listener established" events, then listen calls will not return until the listener is fully established on the OpenZiti network. Previously a zrok share client could report that it is fully operational and listening before the listener is fully established on the OpenZiti network; in practice this produced a very small window of time when the share would not be ready to accept requests. This change eliminates this window of time (#490)

FIX: Require the JWT in a zrok OAuth cookie to have an audience claim that matches the public share hostname. This prevents a cookie from one share from being use to log in to another share.

v0.4.19

CHANGELOG

FEATURE: Reserved shares now support unique names ("vanity tokens"). This allows for the creation of reserved shares with identifiable names rather than generated share tokens. Includes basic support for profanity checking (#401)

CHANGE: The publicProxy endpoint implementation used in the zrok access public frontend has been updated to use the new RefreshService(serviceName) call instead of RefreshServices(). This should greatly improve the performance of requests against missing or non-responsive zrok shares (#487)

CHANGE: The Python SDK has been updated to properly support the "reserved" flag on the ShareRequest passed to CreateShare

CHANGE: Dependency updates; github.com/openziti/sdk-golang@v0.20.145; github.com/caddyserver/caddy/v2@2.7.6; indirect dependencies

v0.4.18

FEATURE: Python SDK added. Can be found on pypi. pastebin example illustrates basic SDK usage (see sdk/python/examples/README.md for details) (#401)

CHANGE: Moved the golang zrok SDK into sdk/golang/sdk to normalize location for future SDK's.

CHANGE: add restart policies to docker compose samples used by the guide docs, e.g., reserved public share should auto-start on boot, temp public share should not.

v0.4.17

CHANGE: Replaced most in-line shell scripts in Docker Compose projects with installed scripts that are shared between the Docker and Linux service. This normalizes the operational configuration of both Docker shares and Linux service, i.e., to use the same env vars.

CHANGE: Upgrade to Docusaurus v3 for documentation.

FIX: Some Docker shares had broken env mountpoi

v0.4.16

FEATURE: Publish Linux packages for zrok CLI and a systemd service for running a reserved public share (zrok-share).

v0.4.15

CHANGE: Updated the code signing and notarization process for macos binaries. The previous release process used the gon utility to handle both code signing and notarization. Apple changed the requirements and the gon utility no longer properly functions as of 2023-11-01. The goreleaser process has been adjusted to use the notarytool utility that ships with XCode to sign and notarize the binary (#435)

v0.4.14

FEATURE: zrok Drives "Phase 1" (p1) functionality included in this release. This includes new --backend-mode drive, which accepts a folder path as a target. A drive share can be mounted as a network drive on Windows, macOS, and Linux, allowing full read/write access from all applications on those systems (#218) Subsequent releases will address CLI use cases and provide further refinements to the overall approach.

FEATURE: Docker Compose project for a reserved public share in docker/compose/zrok-public-share-reserved/compose.yml is described in the public share guide.

v0.4.13

FIX: The zrok reserve command was not properly recording the reserved share status of the shares that it created, preventing the zrok release command from properly releasing them (#427) If a user encounters reserved shares that cannot be released with the zrok release command, they can be deleted through the web console.