Releases: yetanalytics/lrsql
Releases · yetanalytics/lrsql
v0.2.5
Release Notes
- Update Postgres JDBC driver to v42.3.3 to address CVE-2022-21724.
- Update HugSql to v0.5.3.
v0.2.4
v0.2.3
What's Changed
- Update jackson-core to 2.13.2 to address CVE-2020-36518 by @milt in #216
Full Changelog: v0.2.2...v0.2.3
v0.2.2
Release Notes
- Minor changes to SQL syntax.
- Update LRS Admin UI to v0.1.5 to address GHSA-wg6g-ppvx-927h.
- Update xapi-schema dependency to v1.2.0.
- (Dev only) Update DATASIM dependency to v0.1.2.
v0.2.1
Release Notes
Update H2 to v2.1.210 in order to address CVE-2021-42392 and CVE-2022-23221. (#199)
v0.2.0
v0.1.9
Release Notes
- Added NVD dependency scanning support for Clojure libraries (#191)
- Updated potentially vulnerable libraries (#191)
- Redid documentation HTML publishing (#192)
- Updated java module list to fix SSL issue, and redid runtime build procedures to use re-usable workflow (#195)
Full Changelog: v0.1.8...v0.1.9
v0.1.8
Release Notes
- Verified that no existing dependency on log4j exists (re: CVE-2021-44228).
- Limit log file retention to 60 days and 1 GB. (#190)
- Redact passwords from config var maps before logging. (#189)
- Use the LRS library's error handling functionality instead of relying on that of Pedestal's servlet-interceptor. (#189, see yetanalytics/lrs#71)
- Return 400 Bad Request instead of 500 Internal Server Error response during a JSON parse failure. (#189)