Skip to content

v5.14.0
Compare
Choose a tag to compare
@bjagg bjagg released this 20 Jan 21:02
· 407 commits to master since this release
v5.14.0
72c924a
This commit was signed with the committer’s verified signature.
bjagg Benito Gonzalez
GPG key ID: 73B71777CA7F628A
Learn about vigilant mode.

Changes Affecting Deployments

  • new properties, HTTP Security Headers in security.properties 
    ##
## Tomcat HTTP Security Headers
##

# antiClickJackingEnabled:  X-Frame-Options header
sec.anti.click.jacking.enabled=false
# X-Frame-Options: deny, sameorigin, allow-from
sec.anti.click.jacking.options=sameorigin
# If allow-from is selected above, add URI
sec.anti.click.jacking.uri=

# Content-Security-Policy: default-src, script-src, style-src, img-src
# See more details at: https://content-security-policy.com/
sec.content.sec.policy.enabled=false
sec.content.sec.policy=default-src 'self'

# Strict-Transport-Security: max-age=###; includeSubDomains; preload
sec.hsts.enabled=false
sec.hsts.maxage.seconds=31536000
sec.hsts.include.subdomains=true
sec.hsts.preload=false

# X-Content-Type-Options: "nosniff" will be used if enabled is set to true
sec.x.content.type.enabled=false

# Referrer-Policy available directives to pass include:
# See more details at: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
sec.referrer.policy.enabled=false
sec.referrer.policy=no-referrer

What's Changed

  • fix: correct some Less entries by @bjagg in #2609
  • fix(deps): update groovy to v3.0.14 by @renovate in #2611
  • fix(deps): update dependency com.amazonaws:aws-java-sdk-s3 to v1.12.382 by @renovate in #2613
  • chore(deps): update plugin com.github.node-gradle.node to v3.5.1 by @renovate in #2614
  • fix(deps): update dependency org.xmlunit:xmlunit-legacy to v2.9.1 by @renovate in #2616
  • chore(deps): update plugin nebula.lint to v17.8.0 by @renovate in #2617
  • fix(deps): update dependency org.easymock:easymock to v5.1.0 by @renovate in #2618
  • fix(deps): update mockito to v4.11.0 by @renovate in #2619
  • fix(deps): update dependency org.apache.ant:ant to v1.10.13 by @renovate in #2615
  • fix(deps): update dependency com.thoughtworks.xstream:xstream to v1.4.20 by @renovate in #2610
  • fix(deps): update dependency spotbugs to v4.7.3 by @renovate in #2602
  • Feat/security header properties by @loulou2u in #2620
  • Gradle upgrade by @mgillian in #2612
  • fix(deps): update dependency com.amazonaws:aws-java-sdk-s3 to v1.12.385 by @renovate in #2623
  • fix(deps): update dependency codenarc to v3.2.0 by @renovate in #2625
  • Feat/portal analytics frontend (#2588) by @bjagg in #2627

Full Changelog: v5.13.1...v5.14.0

Contributors

bjagg, mgillian, and 2 other contributors
Assets 2
Loading