Releases: TykTechnologies/tyk
Tyk Gateway v5.0.14, Tyk Dashboard v5.0.14
Tyk Gateway 5.0.14
Fixed
- We have introduced two new options in the Gateway configuration that will enforce prefix and/or suffix matching when Tyk performs checks on whether middleware or other logic should be applied to a request.
enable_path_prefix_matchingensures that the start of the request path must match the path defined in the API definition
enable_path_suffix_matchingensures that the end of the request path must match the path defined in the API definition
combiningenable_path_prefix_matchingandenable_path_suffix_matchingwill ensure an exact (explicit) match is performed
These configuration options provide control to avoid unintended matching of paths from Tyk's default wildcard match. Use of regex special characters when declaring the endpoint path in the API definition will automatically override these settings for that endpoint.
Tyk recommends that exact matching is employed, but both options default tofalseto avoid introducing a breaking change for existing users. - Fixed an issue when using granular Path-Based Permissions in access policies and keys that led to authorization incorrectly being granted to endpoints if an invalid regular expression was configured in the key/policy. Also fixed an issue where path-based parameters were not correctly handled by Path-Based Permissions. Now Tyk's authorization check correctly handles both of these scenarios granting access only to the expected resources.
- Fixed an issue where a parameterized endpoint URL (e.g. /user/{id}) would be invoked if a request is made that omits the parameter. For example, a request to /user/ will now be interpreted as a request to /user and not to /user/{id}.
- Enhanced Tyk Gateway synchronization with MDCB to ensure reliable policy and API loading. Implemented synchronous initialization process to prevent startup failures and potential service disruptions.
Tyk Dashboard 5.0.14
Fixed
- We fixed the issue with 429 status codes not being shown on the
Activity Overview page - We fixed the portal graphs when using Postgres This was done by adding
a default resolution to the query (grouping by “day” by default) - The Error Breakdown was having some issues regarding dates, it's been fixed by adjusting date parameters
v5.7.0-alpha4
More unused constants
Tyk Gateway 5.5.0 and Tyk Dashboard 5.5.0
Tyk Gateway v5.3.2, Tyk Dashboard v5.3.2
Fixed
-
Fixed Dashboard Analytics for PostgreSQL
Resolved an issue in the
api/usageendpoint where the Dashboard with PostgreSQL integration returned unfiltered results when one valid tag was used. Corrected the need for duplicating the same parameter as a workaround for filtering by multiple tags. Results are now properly filtered as expected, improving the accuracy and reliability of analytics data. -
Enhanced Password Reset security
Modified default OPA rules to prevent unauthorized admins from modifying other admins' passwords, mitigating potential 'rogue admin' behavior. Tyk Dashboard clients using custom OPA rules should update their rule set accordingly. Contact your assigned Tyk representative for assistance.
-
Fixed Universal Data Graph Schema Editor Import Issue
Resolved an issue in the GQL schema editor for Data Graphs, where users couldn't utilize the 'Import Schema' button. Now, it's possible to import files containing GQL schemas into the Dashboard.
-
Enhanced Dashboard UI language
Adjusted wording in Tyk's Dashboard UI to ensure inclusivity and clarity, removing any potentially oppressive language.
-
API Template not associated with Tyk Organization
Fixed an issue where API Templates were not correctly assigned to Tyk Organizations allowing the potential for accidental sharing of secret data between Organizations through use of the incorrect template.
-
Added control over access to context variables from middleware when using Tyk OAS APIs
Addressed a potential issue when working with Tyk OAS APIs where request context variables are automatically made available to relevant Tyk and custom middleware. We have introduced a control in the Tyk OAS API definition to disable this access if required.
-
Resolved PostgreSQL Dashboard Analytics issue
Fixed an issue in the api/usage endpoint where Dashboard+Postgres returned unfiltered results with one valid tag, requiring duplication of the parameter as a workaround for multiple tags. Analytics now correctly filter results as expected.
Tyk Gateway v5.3.4, Tyk Dashboard v5.3.4
Tyk Dashboard 5.3.4
Fixed
- Resolved an issue where Dashboard running on PostgreSQL setup didn't displayed logs for EDP users.
Tyk Gateway 5.3.4
No changes
Tyk Gateway v5.3.3, Tyk Dashboard v5.3.3
Tyk Gateway 5.3.3
Fixed
- Resolved an issue encountered in MDCB environments where changes to custom keys made via the Dashboard were not properly replicated to dataplanes.
- Resolved an issue, when a key was created or reset, the key creation sequence was erroneously repeated for every API in the access list.
- Resolved an issue where a Server Side Event (SSE) streaming response would be considered for caching. As caching needs to buffer the response, this also prevented SSE from correctly being proxied.
- Resolved an issue where Host and Latency fields (Total and Upstream) were not correctly reported for edge gateways in MDCB setups. The fix ensures accurate Host values and Latency measurements are now captured and displayed in analytics data.
Tyk Dashboard 5.3.3
Fixed
- Fixed bug where Dashboard UI would display blank page while creating Key with certificate
- Addressed an issue where the Dashboard displayed an empty page when accessing Activity by Endpoint information after upgrading to Tyk 5.3.1. Users can now see all necessary information.
- Fixed issue in SSO where user permissions were not applied, ensuring visibility of Save API button in Dashboard UI
Tyk Gateway 5.4.0 and Tyk Dashboard 5.4.0
Add RSA-PSS Support
v5.5.0-rc1 Add support for RSAPSS signed JWTs
Tyk Gateway 5.0.13 and Tyk Dashboard 5.0.13
Tyk Gateway 5.0.13
Fixed
- Resolved an issue encountered in MDCB environments where changes to custom keys made via the Dashboard were not properly replicated to dataplanes.
Tyk Dashboard 5.0.13
- No changes only version bump
Tyk Gateway 4.0.16 and Tyk Dashboard 4.0.16
Tyk Gateway 4.0.16
Fixed
- Fixed a bug where gateway logs were not honouring
enable_key_loggingsetting - Fixed a bug where enforced timeout values wouldn't be correct on a per-request basis. As we enforced timeouts only on the transport level, and created the transport only once within
max_conn_time, the timeout in effect was not deterministic. - Fixed a minor issue with Go Plugin virtual endpoints where a runtime log error was produced from a request, even if the response was successful. Thanks to @uddmorningsun for spotting this and proposing a fix.
- Fixed a bug where, when using MongoDB, Tyk could incorrectly grant access to an API using a key after that API had been deleted from a policy.
- Fixed a bug where Tyk could return the wrong error code when a websocket upstream responds with error
- Fixed a bug where keys linked to multiple policies become unusable if one of the policies is removed.
- Remove the extra chunked transfer encoding that was added to
rawResponseanalytics - Updated the default Hybrid Pump RPC pool size from 20 to 5 connections in order to reduce default CPU and memory footprint
- Fixed a bug where the Gateway did not correctly close idle upstream connections (sockets) when configured to generate a new connection after a configurable period of time (using the
max_conn_timeconfiguration option). - Fixed a bug where the URL Rewrite middleware did not correctly handle escaped characters in the URL.
- Fixed a potential performance issue related to high rates of Gateway reloads (when the Gateway is updated due to a change in APIs and/or policies)
- Fixed a memory leak that occurred when setting the strict routes option to change the routing to avoid nearest-neighbour requests on overlapping routes (
TYK_GW_HTTPSERVEROPTIONS_ENABLESTRICTROUTES) - Fixed one Critical and six High CVEs reported in the Plugin Compiler.
- Fixed automated token trimming in Redis, ensuring efficient management of OAuth tokens by implementing a new hourly job within the Gateway and providing a manual trigger endpoint.
- Fixed a bug that was introduced in the fix applied to the URL Rewrite middleware.
Tyk Dashboard 4.0.16
Fixed
- Fixed a bug where, if you created a Key which provided access to an inactive or draft API, you would be unable to subsequently modify that Key (via the Dashboard or directly via the Tyk Gateway API)
- Fixed a bug where Dashboard would take too long loading Policies to the Gateway
- Fixed a bug where the Dashboard could timeout while loading policies at startup. Added connection_timeout configuration option (defaults to 30 seconds)
- Adjusted the description for the Policy states, so that it reflects the actual behaviour of the policy, when attached to a key.
- Optimised the loading and re-loading of APIs and Policies for complex scenarios
- Fixed a bug where searching for a User in the Tyk Dashboard didn't match partial user names.
- Moved all HTML inline scripts to their own script files, to accommodate the Content security policies that have been enabled, to increase security.
