This is an automated email from the ASF dual-hosted git repository.
lmccay pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/knox.git
The following commit(s) were added to refs/heads/master by this push:
new 6976ece Update CHANGES for both 1.4.0 and 1.5.0 releases
6976ece is described below
commit 6976ecec199c8fe13d0f69170f447fc839fc324a
Author: lmccay <lmc...@apache.org>
AuthorDate: Sun Dec 6 16:26:54 2020 -0500
Update CHANGES for both 1.4.0 and 1.5.0 releases
---
CHANGES | 503 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 503 insertions(+)
diff --git a/CHANGES b/CHANGES
index 32a09f3..0c6efd2 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,4 +1,507 @@
------------------------------------------------------------------------------
+Release Notes - Apache Knox - Version 1.5.0
+------------------------------------------------------------------------------
+** New Features
+ * [KNOX-843] - Load Balancing to Proxied Services for HA (disabled by
default) (#380)
+ * [KNOX-2412] - Add Logout Link to Home Page for Select Authentication
Providers and KNOXSESSION service (#372)
+ * [KNOX-2392] - Simple file-based TokenStateService implementation (#350)
+ * [KNOX-2386] - Added CM service discovery support for Apache Flink (#344)
+ * [KNOX-2385] - Flink Dashboard (History Server) Support (#343)
+ * [KNOX-2354] - An HBASEJARS service which can proxy HBase jars hosted by
t… (#325)
+** Improvements
+ * [KNOX-2469] - Fixing Knox keystore path directory creation for symlinks
(#383)
+ * [KNOX-2468] - Improve ConfigurableDispatch set cookies (#385)
+ * [KNOX-2401] - Extend ClientCert Authentication Provider for CN as
PrimaryPrincipal (#384)
+ * [KNOX-2462] - Make credential store type configurable (#381)
+ * [KNOX-2467] - Enable Jetty's X-Forwarded Header Support (#382)
+ * [KNOX-2461] - Move JWT token display utility to module shared by server
and client modules (#379)
+ * [KNOX-2459] - KNOX-METADATA, KNOXSSOUT and KNOX-SESSION services do not
need any URL or param to be added in the generated topology (#377)
+ * [KNOX-2453] - Fix Host header handling in websockets (#374)
+ * [KNOX-2437] - The request url does not have to be coded (#370)
+ * [KNOX-2408] - Improved AliasBasedTokenState service and house-keeping
(#371)
+ * [KNOX-2402] - Adding Gateway performance testing (#365)
+ * [KNOX-2413] - Added JWT support in HadoopAuth provider (#367)
+ * [KNOX-2436] - Add new service for replacing resourceManager property
during Oozie usage (#369)
+ * [KNOX-2435] - Fix NiFi and NiFi Registry UI links in Knox UI (#368)
+ * [KNOX-2434] - Knox should fallback to JDK default keystore/truststore
type instead of hardcoding JKS (#366)
+ * [KNOX-2397] - knox failed to start with error
"java.lang.NoSuchMethodError:
org.eclipse.persistence.internal.oxm.mappings.Field.setNestedArray(Z)V" (#357)
+ * [KNOX-2410] - Handling the new 'RestartWaitingForStalenessSuccess' CM
audit event (#364)
+ * [KNOX-2406] - Use dependency bom for dependency management (#363)
+ * [KNOX-2399] - Implemented ZookeeperTokenStateService (#361)
+ * [KNOX-2395] - Make Gateway Services Pluggable (#358)
+ * [KNOX-2343] - Enhanced API services' display on the Knox Home page
(#355)
+ * [KNOX-2255] - Setting HTTP client connection/socket timeout to 5m for
certain services as well as replayBufferSize to 65 bytes for RANGER and
useTwoWaySsl to true for NIFI/NIFI-REGISTRY by default (#354)
+ * [KNOX-2344] - Rename gateway-cm-integration module and related
resources (#353)
+ * [KNOX-2382] - Logging token identifier for easier error debugging (#352)
+ * [KNOX-2393] - Update the property name to
'sso.unauthenticated.path.list' to be in-line with other property names (#351)
+ * [KNOX-2393] - Add a configurable list of paths that SSOCookieProvider
can ignore (#349)
+ * [KNOX-2390] - Let end-users configure SAML2 client configuration using
Pac4J provider parameters (#348)
+ * [KNOX-2387] - SameSite fix for hadoop-jwt cookie (#347)
+ * [KNOX-2389] - AliasBasedTokenStateService stops processing persisted
journal entries if one is malformed (#346)
+ * [KNOX-2377] - Address potential loss of token state (#345)
+ * [KNOX-2381] - racking UI of flink session is broken in YARNUIV2 (#340)
+ * [KNOX-2383] - Checking token expiration in cache should not depend on
the validate flag (#341)
+ * [KNOX-2384] - Token Service should return expiration from token when
renewal disabled (#342)
+ * [KNOX-2378] - AliasBasedTokenStateService log message is misleading
(#339)
+ * [KNOX-2376] - Ensure all HBASEJARS IN rules are for /hbase/jars and not
/hbase/maven (#338)
+ * [KNOX-2375] - Token state eviction should access the keystore file less
frequently (#337)
+ * [KNOX-2371] - DefaultTopologyService may skip cluster config change
processing of valid descriptors (#336)
+ * [KNOX-2366] - Pinned topologies are expanded and general proxy
information section is collapsed on HomePage by default (#335)
+ * [KNOX-2369] - Fix IllegalStateException in case of expired or invalid
token (#334)
+ * [KNOX-2368] - CM Cluster Configuration Monitor Does Not Support Rolling
Restart Events
+ * [KNOX-2367] - Fix rewrite rules for HDFS UI fonts and
bootstrap.min.css.map (#332)
+ * [KNOX-2348] - Fix knoxcli when kerberos auth is used (#331)
+ * [KNOX-2365] - Knox parses shared provider configuration from Hadoop XML
type configuration files (#330)
+ * [KNOX-2356] - Added a 50px high div before the footer to prevent
overflow from resource detail panel (#329)
+ * [KNOX-2360] - Add .asf.yaml to link Jira and Github
+ * [KNOX-2357] - Descriptor handler should not default discovery type to
Ambari unless there is discovery configuration (#326)
+ * [KNOX-2359] - Knox src zip should not include node_modules folder (#328)
+ * [KNOX-2351] - Catching any errors while monitoring CM configuration
changes (#324)
+ * [KNOX-2355] - Update Atlas rewrite.xml/service.xml for new Atlas UI
changes (#323)
+ * [KNOX-2352] - Knox Token State Eviction Should Be Based on Expiration
and Extended Default Grace Period (#321)
+ * [KNOX-2353] - Disabled CM descriptor monitoring and advanced service
discovery changes monitoring by default (#322)
+ * [KNOX-2350] - Handling event types w/o COMMAND and/or COMMAND_STATUS
attributes when polling CM events (#318)
+ * [KNOX-2346] - Remove unused maxRetryAttempts and retrySleep (#316)
+ * [KNOX-2347] - Disable shellcheck for github actions (#317)
+ * [KNOX-2345] - KnoxShellTable must handle NULL cols
+ * [KNOX-2342] - CommonIdentityAssertionFilter calling mapGroupPrincipals
Twice - add testing
+ * [KNOX-2342] - CommonIdentityAssertionFilter calling mapGroupPrincipals
Twice
+** Upgrades
+ * [KNOX-2431] - Upgrade rest-assured to 4.3.1
+ * [KNOX-2424] - Upgrade protobuf-java to 3.12.4
+ * [KNOX-2426] - Upgrade groovy to 3.0.5
+ * [KNOX-2425] - Upgrade checkstyle to 8.35
+ * [KNOX-2430] - Upgrade caffeine to 2.8.5
+ * [KNOX-2429] - Upgrade bcprov-jdk15on to 1.66
+ * [KNOX-2427] - Upgrade aspectj to 1.9.6
+ * [KNOX-2423] - Upgrade commons-io to 2.7
+ * [KNOX-2417] - Upgrade log4j to 2.13.3
+ * [KNOX-2415] - Upgrade joda-time to 2.01.6
+ * [KNOX-2418] - Upgrade jetty to 9.4.30.v20200611
+ * [KNOX-2419] - Upgrade jackson to 2.11.1
+ * [KNOX-2416] - Upgrade frontend-maven-plugin to 1.10.0
+ * [KNOX-2414] - Upgrade dom4j to 2.1.3
+ * [KNOX-2422] - Upgrade commons-text to 1.9
+ * [KNOX-2421] - Upgrade commons-lang3 to 3.11
+ * [KNOX-2221] - Upgrade shiro to 1.5.3 (#360)
+ * [KNOX-2404] - Update AdminUI and Homepage NodeJS dependencies (#359)
+ * [KNOX-2454] - Upgrade jetty to 9.4.31.v20200723
+ * [KNOX-2447] - Upgrade testcontainers to 1.14.3
+ * [KNOX-2452] - Upgrade netty to 4.1.52.Final
+ * [KNOX-2451] - Upgrade protobuf-java to 3.13.0
+ * [KNOX-2450] - Upgrade maven-bundle-plugin to 5.1.1
+ * [KNOX-2449] - Upgrade jna to 5.6.0
+ * [KNOX-2448] - Upgrade exec-maven-plugin to 3.0.0
+ * [KNOX-2446] - Upgrade jackson to 2.11.2
+ * [KNOX-2445] - Upgrade spring to 5.2.8.RELEASE
+ * [KNOX-2443] - Upgrade spotbugs to 4.1.2
+ * [KNOX-2428] - Upgrade metrics to 4.1.12.1
+ * [KNOX-2440] - Upgrade dependency-check-maven to 6.0.0
+ * [KNOX-2444] - Upgrade commons-net to 3.7
+ * [KNOX-2441] - Upgrade commons-codec to 1.15
+ * [KNOX-2442] - Upgrade checkstyle to 8.36
+ * [KNOX-2439] - Upgrade commons-io to 2.8.0 and forbiddenapis to 3.1
+ * [KNOX-2472] - Upgrade jetty to 9.4.34.v2020110
+ * [KNOX-2471] - Upgrade Shiro to 1.7.0
+ * [KNOX-2405] - Upgrade transitive Netty to 4.1.51.Final (#362)
+ * [KNOX-2432] - and KNOX-2433 - Upgrade spotbugs to 4.0.6 and
spotbugs-maven-plugin to 4.0.4
+ * [KNOX-2455] - Upgrade Shiro to 1.6.0 (#378)
+ * [KNOX-2458] - KnoxAuth - Upgrade to JQuery 3.5.1 (#376)
+ * [KNOX-2337] - Upgrade pac4j to 4.0.3 and opensaml to 3.4.5 (#308)
+
+------------------------------------------------------------------------------
+Release Notes - Apache Knox - Version 1.4.0
+------------------------------------------------------------------------------
+** New Feature
+ * [KNOX-2153] - CM discovery - Monitor Cloudera Manager (#239)
+ * [KNOX-2002] - Add a KnoxShellTable to Represent and Render Output in
Tabular Format
+ * [KNOX-2224] - KnoxLine and KnoxShell DataSource and Select Command
Alignment (#255)
+ * [KNOX-2341] - KnoxShell Custom Commands need Description and Usage
Details (#313)
+ * [KNOX-2310] - Add aggregate method to KnoxShellTable (#302)
+ * [KNOX-2308] - Add sortNumeric to KnoxShellTable for Cols that are
numeric but values are String (#300)
+ * [KNOX-2307] - CSVKnoxShellTableBuilder must support quoted strings and
embedded commas (#301)
+ * [KNOX-2240] - KnoxShell Custom Command for WEBHDFS Use (#296)
+ * [KNOX-2299] - Fixed Hive JDBC URL on Knox Home page (#293)
+ * [KNOX-2296] - Passing down the service URL field when building up a
service model (#290)
+ * [KNOX-2298] - ClouderaManager cluster config monitor should stop
monitoring unreferenced clusters (#291)
+ * [KNOX-2295] - UI services improvement on Knox Home page (#289)
+ * [KNOX-2269] - The Knox Home page is available as a regular app via the
homepage topology (#281)
+ * [KNOX-2066] - Composite Authz Provider
+ * [KNOX-2067] - KnoxToken service support for renewal and revocation
+ * [KNOX-2024] - KnoxShellTable - Case Insensitive Operations with Col
Names (#160)
+ * [KNOX-2018] - KnoxShellTable Filtering needs greaterThan and lessThan,
equals Methods (#158)
+ * [KNOX-2027] - Need a reverse order sort on a table based on a column.
(#159)
+ * [KNOX-2060] - Extend KnoxShellTable statistics methods to work with
columns of Strings (#168)
+ * [KNOX-2057] - Unique ID is set when creating a new instance of
KnoxShellTable instead of setting it in the builder/filter (#165)
+ * [KNOX-2063] - KnoxShellTable javadoc failures (#167)
+ * [KNOX-2052] - KnoxShellTable mean, median, and mode methods (#163)
+ * [KNOX-2023] - Recording KnoxShellTable builder/filter chain and
providing rollback/replay capabilities using the call history as well as
allowing end-users to export JSON without data (in this case only the call
history will be serialized) (#162)
+ * [KNOX-2022] - KnoxShellTable contains Comparables instead of Strings
+ * [KNOX-2022] - Splitting up KnoxShellTable and do minor cleanup
+ * [KNOX-1740] - Add Trusted Proxy Support to Knox (#106)
+ * [KNOX-2056] - Adding Service Definitions management into Admin UI (#169)
+ * [KNOX-2053] - New REST API to create/read/update/delete service
definitions (#164)
+ * [KNOX-2226] - Add home page to Knox (#263)
+ * [KNOX-1742] - add knoxline to knoxshell usage rendering
+ * [KNOX-1410] - Knox Shell support for remote Alias management (#210)
+ * [KNOX-2210] - Gateway-level configuration for server-managed Knox token
state (#259)
+** Improvement
+ * [KNOX-2339] - Add Github Actions for CI (#311)
+ * [KNOX-2321]. /LogLevel with knox not working for Hdfs web ui endpoints.
(#314)
+ * [KNOX-2340] - Fix DefaultTokenStateServiceTest timeouts (#312)
+ * [KNOX-2338] - Upgrade apacheds.directory.server.version to 2.0.0.AM26
(#309)
+ * [KNOX-2332] - Upgrade spotbugs-maven-plugin to 4.0.0
+ * [KNOX-2331] - Upgrade spotbugs to 4.0.1
+ * [KNOX-2330] - Upgrade spring-core to 5.2.5.RELEASE
+ * [KNOX-2333] - Upgrade rest-assured to 4.3.0
+ * [KNOX-2322] - Upgrade nimbus-jose-jwt to 8.14.1
+ * [KNOX-2324] - Upgrade metrics to 4.1.6
+ * [KNOX-2334] - Upgrade maven-dependency-plugin to 3.1.2
+ * [KNOX-2335] - Upgrade java-support to 8.0.0
+ * [KNOX-2336] - Upgrade httpclient to 4.5.12
+ * [KNOX-2323] - Upgrade groovy to 3.0.3
+ * [KNOX-2329] - Upgrade dependency-check-maven to 5.3.2
+ * [KNOX-2327] - Upgrade commons-lang3 to 3.10
+ * [KNOX-2328] - Upgrade checkstyle to 8.31
+ * [KNOX-2326] - Upgrade bcprov-jdk15on to 1.65
+ * [KNOX-2325] - Upgrade asm to 8.0.1
+ * [KNOX-2304] - CM discovery cluster config monitor needs to be aware of …
(#307)
+ * [KNOX-2320] - Upgrade xmlsec to 2.1.5
+ * [KNOX-2319] - Upgrade commons-compress to 1.20
+ * [KNOX-2315] - Fix zookeeper Kerberos Auth (#304)
+ * [KNOX-2316] - Knox Token State Eviction Must Consider Maximum Token
Lifetime (#306)
+ * [KNOX-2317] - Open UI services from Knox Home page on new tabs (#305)
+ * [KNOX-2287] - KnoxCLI convert topology to provider and descriptor (#292)
+ * [KNOX-2305] - Blacklist Maven 3.6.2 and move cloudera repository to
child pom (#295)
+ * [KNOX-2300] - Livy and Solr handled as both API and UI services (#294)
+ * [KNOX-2289] - Passing GatewayServer.getGatewayServices() to
SimpleDescriptorHandler.handle() as it needs it to provision encryption query
string password (#288)
+ * [KNOX-2286] - Cleaner log messages about monitoring
topologies/providers/descriptors (#287)
+ * [KNOX-2285] - Change gateway.server.header.enabled default to false
+ * [KNOX-2284] - Handling CM descriptors after Knox
shared-provider/descriptor/topology monitors are started (#285)
+ * [KNOX-2266] - Tokens Should Include a Unique Identifier (#284)
+ * [KNOX-2267] - Ambari/CM discovery - Needs to point to configured
truststore
+ * [KNOX-2282] - Upgrade curator to 4.3.0
+ * [KNOX-2275] - Upgrade woodstox-core to 6.1.1
+ * [KNOX-2270] - Upgrade testcontainers to 1.13.0
+ * [KNOX-2277] - Upgrade spring-vault to 2.2.2.RELEASE
+ * [KNOX-2279] - Upgrade spring-core to 5.2.4.RELEASE
+ * [KNOX-2274] - Upgrade log4j2 to 2.13.1
+ * [KNOX-2276] - Upgrade metrics to 4.1.4
+ * [KNOX-2271] - Upgrade nimbus-jose-jwt to 8.9
+ * [KNOX-2278] - Upgrade jetty to 9.4.27.v20200227
+ * [KNOX-2272] - Upgrade jackson to 2.10.3
+ * [KNOX-2281] - Upgrade eclipselink to 2.7.6
+ * [KNOX-2280] - Upgrade cors-filter to 2.9
+ * [KNOX-2273] - Upgrade checkstyle to 8.30
+ * [KNOX-2243] - Upgrade groovy to 3.0.1
+ * [KNOX-2247] - Upgrade zookeeper to 3.5.7
+ * [KNOX-2244] - Upgrade spotbugs to 4.0.0
+ * [KNOX-2246] - Upgrade protobuf-java to 3.11.4
+ * [KNOX-2241] - Upgrade nimbus-jose-jwt to 8.8
+ * [KNOX-2242] - Upgrade metrics to 4.1.3
+ * [KNOX-2245] - Upgrade maven-checkstyle-plugin to 3.1.1
+ * [KNOX-2248] - Upgrade cryptacular to 1.2.4
+ * [KNOX-2220] - Upgrade nimbus-jose-jwt to 8.5
+ * [KNOX-2218] - Upgrade easymock to 4.2
+ * [KNOX-2219] - Upgrade checkstyle to 8.29
+ * [KNOX-2217] - Upgrade apache pom to 23
+ * [KNOX-2191] - Upgrade testcontainers to 1.12.5
+ * [KNOX-2194] - Upgrade spring-vault to 2.2.1.RELEASE
+ * [KNOX-2199] - Upgrade spring-core to 5.2.3.RELEASE
+ * [KNOX-2193] - Upgrade rest-assured to 4.2.0
+ * [KNOX-2195] - Upgrade jetty to 9.4.26.v20200117
+ * [KNOX-2192] - Upgrade httpclient to 4.5.11
+ * [KNOX-2198] - Upgrade groovy to 2.5.9
+ * [KNOX-2197] - Upgrade dependency-check-maven to 5.3.0
+ * [KNOX-2196] - Upgrade caffeine to 2.8.1
+ * [KNOX-2178] - Upgrade woodstox-core to 6.0.3
+ * [KNOX-2181] - Upgrade testcontainers to 1.12.4
+ * [KNOX-2183] - Upgrade spring-core to 5.2.2.RELEASE
+ * [KNOX-2175] - Upgrade slf4j to 1.7.30
+ * [KNOX-2180] - Upgrade protobuf-java to 3.11.1
+ * [KNOX-2173] - Upgrade nimbus-jose-jwt to 8.4
+ * [KNOX-2179] - Upgrade metrics to 4.1.2
+ * [KNOX-2184] - Upgrade maven-enforcer-plugin to 3.0.0-M3
+ * [KNOX-2177] - Upgrade log4j to 2.13.0
+ * [KNOX-2170] - Upgrade junit to 1.14
+ * [KNOX-2174] - Upgrade jetty to 9.4.25.v20191220
+ * [KNOX-2169] - Upgrade jackson to 2.10.2
+ * [KNOX-2165] - Upgrade httpcore to 4.4.13
+ * [KNOX-2172] - Upgrade guava to 28.2-jre
+ * [KNOX-2167] - Upgrade frontend-maven-plugin to 1.9.1
+ * [KNOX-2185] - Upgrade dependency-check-maven to 5.2.4
+ * [KNOX-2168] - Upgrade commons-codec to 1.14
+ * [KNOX-2176] - Upgrade cloudera-manager-api to 7.0.3
+ * [KNOX-2171] - Upgrade checkstyle to 8.28
+ * [KNOX-2182] - Upgrade aspectj to 1.9.5
+ * [KNOX-2164] - Upgrade asm to 7.3.1
+ * [KNOX-2166] - Upgrade apache pom to 22
+ * [KNOX-2143] - Upgrade shiro to 1.4.2 (#209)
+ * [KNOX-2135] - Fix YARNUIV2 RM Logs sub-links (#204)
+ * [KNOX-2142] - Upgrade jetty to 9.4.24.v20191120 (#208)
+ * [KNOX-2140] - RequestUpdateHandler.ForwardedRequest#getRequestURL needs
to return a valid URL (#206)
+ * [KNOX-2074]: Tracking UI of flink session is broken in YARNUI (#174)
+ * [KNOX-2004] - Adding changes for handling Ping/Pong message from backend
server on websocket connection (#200)
+ * [KNOX-2133] - Ensure that Knox always validates TLS (#203)
+ * [KNOX-2238] - CM discovery - Add TLS support to Phoenix auto discovery
(#267)
+ * [KNOX-2120] - Upgrade easymock to 4.1
+ * [KNOX-2119] - Upgrade jackson to 2.10.1
+ * [KNOX-2118] - Upgrade checkstyle to 8.26
+ * [KNOX-2117] - Upgrade testcontainers to 1.12.3
+ * [KNOX-2116] - com.nimbusds:lang-tag needs a fixed version
+ * [KNOX-2115] - Improve .travis.yml (#187)
+ * [KNOX-2113] - Upgrade mina-core to 2.0.21 (#185)
+ * [KNOX-2114] - Add OWASP suppression for cas-client-core
+ * [KNOX-2098] - OWASP Add Nov 2019 suppressions for false positives (#184)
+ * [KNOX-2100] - Make sure knoxshell initializes logging by using the
'launcher' framework like other products (gateway, cli, ldap) do (#181)
+ * [KNOX-2112] - Upgrade dom4j to 2.1.1 (#183)
+ * [KNOX-2111] - Upgrade java-support to 7.5.1
+ * [KNOX-2110] - Upgrade xmlsec to 2.1.4
+ * [KNOX-2109] - Upgrade nimbus-jose-jwt to 8.2.1
+ * [KNOX-2108] - Upgrade pac4j to 3.8.3
+ * [KNOX-2107] - Upgrade spring-vault to 2.2.0.RELEASE
+ * [KNOX-2106] - Upgrade spring-core to 5.2.1.RELEASE
+ * [KNOX-1842] - Upgrade httpclient to 4.5.10 (#176)
+ * [KNOX-2075] - Druid coordinator ui is broken (#175)
+ * [KNOX-2094] - Upgrade httpcore to 4.4.12
+ * [KNOX-2081] - Upgrade zookeeper to 3.5.6
+ * [KNOX-2088] - Upgrade spring-vault to 2.1.4.RELEASE
+ * [KNOX-2077] - Upgrade spring-core to 5.2.0.RELEASE
+ * [KNOX-2093] - Upgrade slf4j to 1.7.29
+ * [KNOX-2078] - Upgrade rest-assured to 4.1.2
+ * [KNOX-2084] - Upgrade nimbus-jose-jwt to 8.2
+ * [KNOX-2085] - Upgrade metrics to 4.1.1
+ * [KNOX-2089] - Upgrade joda-time to 2.10.5
+ * [KNOX-2092] - Upgrade jna to 5.5.0
+ * [KNOX-2087] - Upgrade jetty to 9.4.22.v20191022
+ * [KNOX-2090] - Upgrade javax.inject to 2.4.0
+ * [KNOX-2079] - Upgrade jacoco-maven-plugin to 0.8.5
+ * [KNOX-2083] - Upgrade hamcrest to 2.2
+ * [KNOX-2080] - Upgrade forbiddenapis to 2.7
+ * [KNOX-2091] - Upgrade findsecbugs to 1.10.1
+ * [KNOX-2086] - Upgrade eclipselink to 2.7.5
+ * [KNOX-2082] - Upgrade dockerfile-maven-plugin to 1.4.13
+ * [KNOX-2064] - KnoxSSO knoxsso.token.ttl should not default to -1
+ * [KNOX-1981] - Upgrade spring-core to 5.1.9.RELEASE
+ * [KNOX-1977] - Upgrade spotbugs-maven-plugin to 3.1.12.2
+ * [KNOX-1974] - Upgrade protobuf-java to 3.9.1
+ * [KNOX-1979] - Upgrade dockerfile-maven-plugin to 1.4.12
+ * [KNOX-1983] - Upgrade commons-codec to 1.13
+ * [KNOX-1982] - Upgrade testcontainers to 1.12.0
+ * [KNOX-1975] - Upgrade slf4j to 1.7.27
+ * [KNOX-1978] - Upgrade nimbus-jose-jwt to 7.7
+ * [KNOX-1984] - Upgrade jna to 5.4.0
+ * [KNOX-1985] - Upgrade javax.annotation-api to 1.3.2
+ * [KNOX-1972] - Upgrade groovy to 2.5.8
+ * [KNOX-1976] - Upgrade dependency-check-maven to 5.2.1
+ * [KNOX-1973] - Upgrade cloudera-manager-api 6.2.0 to 6.3.0
+ * [KNOX-1980] - Upgrade checkstyle to 8.23
+ * [KNOX-1971] - Upgrade Hashicorp Vault test to vault:1.2.1
+ * [KNOX-2065] - Upgrade nimbus-jose-jwt to 8.1
+ * [KNOX-2061] - ConfigurableHADispatch needs to be wired up
+ * [KNOX-2059] - Upgrade bcprov-jdk15on to 1.64
+ * [KNOX-2058] - Upgrade commons-compress to 1.19
+ * [KNOX-2026] - Accept Impala's authentication cookies (#161)
+ * [KNOX-2051] - Upgrade asm to 7.2
+ * [KNOX-2050] - Upgrade jackson to 2.10.0
+ * [KNOX-2015] - Allow end-users to exclude only certain directives of the
SET-COOKIE HTTP header (#154)
+ * [KNOX-2024] - Fix testNameMethod test
+ * [KNOX-1996] - Adding changes to remove extra / while generating backedn
… (#142)
+ * [KNOX-2048] - Upgrade pac4j to 3.8.2
+ * [KNOX-2047] - Upgrade dependency-check-maven to 5.2.2
+ * [KNOX-2046] - Upgrade hadoop to 3.2.1
+ * [KNOX-2045] - Upgrade joda-time to 2.10.4
+ * [KNOX-2044] - Upgrade protobuf-java to 3.10.0
+ * [KNOX-2043] - Upgrade bcprov-jdk15on to 1.63
+ * [KNOX-2042] - Upgrade testcontainers to 1.12.1
+ * [KNOX-2041] - Upgrade rest-assured to 4.1.1
+ * [KNOX-2040] - Upgrade commons-text to 1.8
+ * [KNOX-2039] - Upgrade checkstyle to 8.24
+ * [KNOX-2038] - Upgrade guava to 28.1-jre
+ * [KNOX-2037] - Upgrade nimbus-jose-jwt to 7.8
+ * [KNOX-2029] - Upgrade log4j2 to 2.12.1
+ * [KNOX-2030] - Upgrade frontend-maven-plugin to 1.8.0
+ * [KNOX-2031] - Upgrade slf4j to 1.7.28
+ * [KNOX-2032] - Upgrade cglib to 3.3.0
+ * [KNOX-2033] - Upgrade commons-beanutils to 1.9.4
+ * [KNOX-2034] - Upgrade jetty to 9.4.20.v20190813
+ * [KNOX-2035] - Upgrade maven-bundle-plugin to 4.2.1
+ * [KNOX-2036] - Upgrade cors-filter to 2.8
+ * [KNOX-2028] - Upgrade jackson to 2.9.10
+ * [KNOX-1939] - Upgrade jackson-databind to 2.9.9.1
+ * [KNOX-1950] - YARN v2 UI - Tools - Yarn Daemon Logs - /logs/stacks link
broken
+ * [KNOX-1949] - CM discovery - Improve efficiency of discovery
+ * [KNOX-1938] - Upgrade nimbus-jose-jwt to 7.5.1
+ * [KNOX-1945] - Upgrade spring-vault to 2.1.3.RELEASE
+ * [KNOX-1944] - Upgrade protobuf-java to 3.9.0
+ * [KNOX-1942] - Upgrade spotbugs-maven-plugin to 3.1.12.1
+ * [KNOX-1937] - Upgrade testcontainers to 1.11.4
+ * [KNOX-1936] - Upgrade log4j2 to 2.12.0
+ * [KNOX-1941] - Upgrade joda-time to 2.10.3
+ * [KNOX-1943] - Upgrade dependency-check-maven to 5.2.0
+ * [KNOX-1940] - Upgrade commons-text to 1.7
+ * [KNOX-1924] - Upgrade org.abstractj.libpam4j 1.9.1 to
org.kohsuke.libpam4j 1.11 (#116)
+ * [KNOX-1923] - Upgrade nodejs to latest LTS v10.16.0 (#117)
+ * [KNOX-2010] - Upgrade zookeeper to 3.5.5 (#152)
+ * [KNOX-2203] - Upgrade admin-ui npm dependencies (#245)
+ * [KNOX-1969] - Upgrade jackson-databind to 2.9.9.3
+ * [KNOX-1966] - Upgrade jackson-databind to 2.9.9.2
+ * [KNOX-1885] - Upgrade jetty to 9.4.19.v20190610
+ * [KNOX-2301] - Trigger discovery for descriptors at gateway start time
+ * [KNOX-2302] - Skip re-deployment of generated topology if the topology
has not changed (#297)
+ * [KNOX-2265] - Checking CM configs by their related names and read
hive.server2.use.SSL from the service configuration (#280)
+ * [KNOX-2263] - Docker - make sure not to put anything except version in
the tag (#279)
+ * [KNOX-2258] - Add filter for Location header (#277)
+ * [KNOX-2258] - Add new rewrite rule in Livy service for handling redirect
requests to /ui (#276)
+ * [KNOX-2212] - Token permissiveness (#274)
+ * [KNOX-2249] - Add Spark 3 History Server definition (#270)
+ * [KNOX-2250] - maven-antrun-plugin use target instead of tasks (#273)
+ * [KNOX-2239] - Websocket use the configured truststore in gateway-site
config file (#269)
+ * [KNOX-2230] - Token State Service should throw UnknownTokenException
instead of IllegalArgumentException (#268)
+ * [KNOX-2237] - CM service discovery should default the http path of Hive
URLs when the associated property is not set (#266)
+ * [KNOX-2161] - CM generated descriptors are read-only on Admin UI (#265)
+ * [KNOX-2233] - DefaultKeystoreService getCredentialForCluster uses cache
without synchronization (#264)
+ * [KNOX-2189] - KnoxShellTable.select() must handle whitespace (#256)
+ * [KNOX-2214] - Periodic job to evict expired tokens (#257)
+ * [KNOX-2228] - JWTFilter should handle unknown token exception from token
state service (#260)
+ * [KNOX-2227] - Strip Leading and Trailing Whitespace from Headers in
KnoxShellTable (#258)
+ * [KNOX-2222] - Fix HBase UI Proxying for HBCK Report page (#254)
+ * [KNOX-2207] - TokenStateService revocation should remove persisted token
state (#252)
+ * [KNOX-2215] - Token service should return a 403 response when the
renewer is not white-listed (#251)
+ * [KNOX-2213] - Service Discovery Support for CM UI, API (#249)
+ * [KNOX-2209] - Improve logging for Knox token handling (#250)
+ * [KNOX-2206] - Log exclusion of a discovered service due to configuration
issues (#248)
+ * [KNOX-2208] - AclsAuthorizationFilter should log access at DEBUG level
(#247)
+ * [KNOX-2204] - KnoxLine NPE list datasources when directories don't exist
(#246)
+ * [KNOX-2202] - Knox should use UTF-8 as default encoding instead of
ISO-8859-1 (#244)
+ * [KNOX-2190] - Processing advanced service discovery configuration on
topology level (#242)
+ * [KNOX-2188] - Handling discovery details via advanced configuration
(#240)
+ * [KNOX-1742] - Simple SQL Client in KnoxShell for access to JDBC sources
(#241)
+ * [KNOX-2186] - Advanced service discovery configuration handling (#238)
+ * [KNOX-2128] - fix javadoc warnings/errors
+ * [KNOX-2128] - Custom DataSource and SQL Commands for KnoxShell and
KnoxShellTable (#231)
+ * [KNOX-2160] - Introducing Hadoop XML type descriptor format (#236)
+ * [KNOX-2162] - Log no rewrite rule found at DEBUG level
+ * [KNOX-1951] - Service Discovery Support for NiFi and NiFi Registry UI
(#235)
+ * [KNOX-718 ] - KnoxSSO login page doesn't display any feedback on error
(#234)
+ * [KNOX-2157] - Verifying the server's state in addition to PID check at
gateway start and registering shutdown hook in order to stop the server
gracefully. (#230)
+ * [KNOX-2149] - Added JWT OIDC Verification based on JWKS Urls and extract
custom claim
+ * [KNOX-2101] - knoxshell doesn't handle invalid TLS well (#232)
+ * [KNOX-2148] - ZEPPELINUI service definition should pass query parameters
for API
+ * [KNOX-2156] - CM discovery - KUDUUI discovery (#228)
+ * [KNOX-2155] - KnoxSSO should handle multiple cookies with the same name
+ * [KNOX-2154] - Allow KNOX service during topology generation without URLs
and parameters (#226)
+ * [KNOX-2147] - Mask username/password in case we display call history and
keep them safely (by setting proper file permissions) in JSON file (#217)
+ * [KNOX-2152] - Disable Ambari cluster configuration monitoring by default
(#225)
+ * [KNOX-2151] - HIVE_ON_TEZ HS2 Discovery doesn't work (#224)
+ * [KNOX-1970] - CM discovery - Add Impala HS2 to auto discovery (#223)
+ * [KNOX-2134] - Checking if password/alias is available via local alias
service before going to fetch it from remote ZK server (#218)
+ * [KNOX-1932] - CM discovery - WEBHCAT URLs not discovered (#222)
+ * [KNOX-1921] - CM discovery - Hue Load balancer HTTP/HTTPS scheme (#221)
+ * [KNOX-2123] - Setting requestURI using the given servletRequest in case
the service is unavailable and logging it with the appropriate action outcome
(#219)
+ * [KNOX-1935] - CM discovery - Hue should not have both LB and non LB
(#220)
+ * [KNOX-2136] - Caching credentials in DefaultKeystoreService when an
alias is being added or loaded from keystore and using a different cache
implementation (#213)
+ * [KNOX-1962] - CM discovery - Avoid reading krb5 login config multiple t…
(#215)
+ * [KNOX-2132] - JDBCKnoxShellTableBuilder should have optional username
and password fields
+ * [KNOX-2144] - Alias API KnoxShell support should provide response types
better than raw JSON (#211)
+ * [KNOX-2145] - WhitelistUtils should have an HTTPS_ONLY template (#212)
+ * [KNOX-2131] - Fixed sonarcloud bugs (#201)
+ * [KNOX-2127] - ZooKeeperAliasService mishandles mixed-case alias keys
properly (#202)
+ * [KNOX-2053] - Ensure secure XML processing
+ * [KNOX-2122] - Use static base class constants
+ * [KNOX-2130] - Handle InterruptedException better (#199)
+ * [KNOX-2122] - Misc code cleanup (#198)
+ * [KNOX-2129] - Improve deprecated javadoc (#197)
+ * [KNOX-1997] - Fix diamond operator compiliation error
+ * [KNOX-1997] - Adding changes to buffer messages from backend in
onMessag… (#143)
+ * [KNOX-2122] - Remove deprecated API usages (#194)
+ * [KNOX-2103] - Fix javadoc errors
+ * [KNOX-1718] - Hide org.apache.directory.api.ldap.model.entry.Value
errors (#193)
+ * [KNOX-2122] - Use ThreadLocalRandom
+ * [KNOX-2103] - Make responseExcludeHeaders parameter in
ConfigurableDispatch case insensitive (#192)
+ * [KNOX-2122] - Code cleanup from static code analysis (#191)
+ * [KNOX-2121] - Zookeeper - Reduce amount of resources required to run
tests (#190)
+ * [KNOX-2099] - Using the default port of the protocol when no port is
declared in the URL when building truststore. (#189)
+ * [KNOX-2104] - Removing redundant resource cleanup so that data table can
keep track of its activePage/rowsOnTable attributes (#179)
+ * [KNOX-2105] - KnoxShell support for token renewal and revocation (#180)
+ * [KNOX-1878] - Enforce single version of dependencies (#102)
+ * [KNOX-2071] - Configurable maximum token lifetime for TokenStateService
(#178)
+ * [KNOX-2025] - KnoxShellTable - Join Builder on Method should accept Col
Names (#172)
+ * [KNOX-2068] - Let end-users add a new service definition from scratch
(#173)
+ * [KNOX-2072] - Kudu web UI service definition (#171)
+ * [KNOX-2070] - SSOCookieFederationFilter NPE (#170)
+ * [KNOX-2066] - pom clean up
+ * [KNOX-2014] - Make sure ATLASSESSIONID cookie is set (#150)
+ * [KNOX-2013] - CM discovery - Add Phoenix to auto discovery (#148)
+ * [KNOX-1914] - New admin API to be used by the UI to fetch available
service discovery types (#147)
+ * [KNOX-2017] - Making Cloudera repository available in Knox's parent POM
so that Cloudera dependencies are available in every children project (#149)
+ * [KNOX-2016] - KnoxShellTable SQL Builder, Col Select, Sort
+ * [KNOX-1998] - WebHDFS rewrite.xml does not have rewrite rule for
Location field in json (#138)
+ * [KNOX-1994] - Update Ranger API service definition to allow separate URL
patterns
+ * [KNOX-2007] - Ensure wait for vault to start on exposed port
+ * [KNOX-1788] - New XSS Provider is added to Web Application Security
Provider List (#141)
+ * [KNOX-2005] - Improvements to KnoxShellTable
+ * [KNOX-2001] - KnoxSession should log a warning message when
useSubjectCredsOnly is false
+ * [KNOX-2000] - KnoxSession should not set
javax.security.auth.useSubjectCredsOnly
+ * [KNOX-1999] - Make WEBHDFS rule that rewrites hdfs:// local (#139)
+ * [KNOX-1992] - Add a service definition for Impala's debug web pages
(#137)
+ * [KNOX-1994] - Update Ranger API service definition to allow separate URL
patterns (#136)
+ * [KNOX-1934] - Setting the default value of knoxsso.cookie.secure.only
based on ssl.enabled flag in gateway-site.xml (#134)
+ * [KNOX-1990] - Testing non-existing/non-parsable JAAS configuration in
sequential order even if parallel test execution is enabled (#133)
+ * [KNOX-1957] - Optional APP_JAVA_OPTS are handled properly (#131)
+ * [KNOX-1952] - Add NiFi Registry service definition (#128)
+ * [KNOX-1988] - In Spark History Server UI, make links for Executor logs
point to YARN UI v2 (#132)
+ * [KNOX-1986] - Do not attempt to rewrite empty payload (#129)
+ * [KNOX-1967] - Add a service definition for Impala Hiveserver2 (#127)
+ * [KNOX-1694] - Prevent port mapped topologies from being exposed to
gateway port (#126)
+ * [KNOX-1963] - Ranger API service should proxy xusers/users and and
xusers/groups
+ * [KNOX-1959] - HadoopAuthCookieStore should not read krb5 login config
each time
+ * [KNOX-1956] - Improve AdminUI development by using angular proxy conf
(#122)
+ * [KNOX-1948] - If no rules are defined don't rewrite (#121)
+ * [KNOX-1588] - YARN v2 UI - Make sure that Spark and MR Job history links
are handled
+ * [KNOX-1927] - CM discovery - ZEPPELINUI / ZEPPELINWS urls are not
discovered
+ * [KNOX-1928] - CM discovery - Multiple of same url are added to descriptor
+ * [KNOX-1593] - YARN v2 UI - Application - View logs for running
application
+ * [KNOX-1925] - KnoxPamRealm code cleanup
+ * [KNOX-1922] - Processing a DNSName only if the hostname starts with a
letter (#115)
+ * [KNOX-1816] - Added shellcheck validation to our build optionally and
fixed issues shellcheck already found (#114)
+ * [KNOX-1919] - Taking gateway.path into consideration when processing
redirectToUrl provider param with the OOTB knoxsso.xml sample (#113)
+ * [KNOX-1917] - DefaultKeystoreService should use a shared read lock (#110)
+ * [KNOX-1916] - Provide default configuration for Hue in topology (#109)
+ * [KNOX-1911] - Support ClouderaManager Service Discovery in Admin UI
+** Bug
+ * [KNOX-2262] - Accessing hbase logs through knox exposes hbase endpoint
url instead of routing through knox
+ * [KNOX-2314] - NPE from topology Service equals implementation when no
URLs (#303)
+ * [KNOX-2008] - Fix Broken RM Home Link in YARN UI.
+ * [KNOX-2007] - TestHashicorpVaultAliasService fails if a process is
already bound to port 8200
+ * [KNOX-1590] - YARN v2 UI - Application - ApplicationMaster link is broken
+ * [KNOX-1915] - X509CertificateUtil SAN should contain fully qualified
hostname
+ * [KNOX-1918] - Atlas API - prevent global HDFS rules from triggering
(#111)
+ * [KNOX-1933] - Add rewrite rules to fix Yarn RM application and logs URL
(#119)
+ * [KNOX-1744] - Add rewrite rules to fix executor stdout/stderr links in
Spark History Server UI (#120)
+ * [KNOX-1929] - CM discovery - HIVE URLs not discovered when HIVE_ON_TEZ
is deployed
+ * [KNOX-1930] - CM discovery - JOBTRACKER URLs not discovered
+ * [KNOX-1964] - YARN v1 UI - ContainerLogs link broken for Running Jobs
+ * [KNOX-1955] - Admin UI should handle gateway.path change (#123)
+ * [KNOX-1968] - YARN UI V2 proxied via Knox does not rewrite Spark
stderr/stdout links
+ * [KNOX-1995] - If a rule doesn't match, shouldn't error. Need to handle
null case
+ * [KNOX-2259] - KNOX-2260 KNOX-2261 - Fixed Impala/Kudu/HBase UI context
path in service metadata (#282)
+ * [KNOX-1958] - YARN v2 UI - internal links of History and
ApplicationMaster Pages.
+ * [KNOX-2021] - Fix typo in gateway-docker/README.md (#155)
+ * [KNOX-2012] - Fix an issue where multiple sessions are created during
Ranger login (#146)
+ * [KNOX-2011] - Don't block SET-COOKIE response header for Ranger UI (#144)
+ * [KNOX-1987] - knox failed to start because knoxcli failed with
"java.lan…g.NoSuchFieldError: DEFAULT_XML_TYPE_ATTRIBUTE" (#130)
+ * [KNOX-2231] - Fix KnoxSSO OIDC integration (#262)
+ * [KNOX-2229] - Knox shouldn't exclude Kerby since it is used by Hadoop
+ * [KNOX-2200] - DefaultKeystoreService can lose entries under concurrent
access (#243)
+ * [KNOX-2002] - Fix KnoxShellTableTest build errors
+ * [KNOX-1742] - Fix javadoc warning
+ * [KNOX-2350] - Handling event types w/o COMMAND and/or COMMAND_STATUS
attributes when polling CM events (#318) (#319)
+ * [KNOX-2353] - Disabled CM descriptor monitoring and advanced service
discovery changes monitoring by default (#320)
+ * [KNOX-2347] - Disable shellcheck for github actions (#317)
+ * [KNOX-2345] - KnoxShellTable must handle NULL cols
+
+------------------------------------------------------------------------------
Release Notes - Apache Knox - Version 1.3.0
------------------------------------------------------------------------------
** New Feature
