v2.7.5

What's Changed

• Resolves issue #1748, Adds quota bounds to Org JSON schemas to prevent MongoDB constraint errors. by @david-rocca in #1750
• Resolves issue #1697, Ensures that the registry origin endpoint consistently returns pagination metadata on its responses. by @david-rocca in #1752
• Resolves issues #1756, #1757, #1758, #1712, Enhances user/org update safety and conversation visibility boundaries. by @david-rocca in #1759
• Resolves issue #1754, Fixes an issue where updating a user incorrectly clears the user's time.created timestamp. by @david-rocca in #1760
• V2.7.5 feature by @david-rocca in #1761
• Updating Staging to v2.7.5 by @david-rocca in #1762

Full Changelog: v2.7.4...v2.7.5

v2.7.4

What's Changed

• Resolves issue #1737, Stopped a user from passing in secret in update user. by @david-rocca in #1741
• Resolves issue #1731, #1733 Fixes Mongoose document replacement failures during user updates and appropriately routes inactive users as unauthenticated. by @david-rocca in #1743
• V2.7.4 Bug Fixes by @david-rocca in #1742
• Updating Test to v2.7.4 by @david-rocca in #1746

Full Changelog: v2.7.3...v2.7.4

v2.7.3

What's Changed

• Update Staging with version 2.7.3 - getAllOrgs DocumentDb bug fix. by @david-rocca in #1726

Full Changelog: v2.7.2...v2.7.3

v2.7.2

What's Changed

• Resolves issue #1717 , Replace old CNA fields with new generic partner fields across organization APIs. by @david-rocca in #1718
• v2.7.2 - Renaming some fields & Reports_to and Oversees updates by @david-rocca in #1725

Full Changelog: v2.7.1...v2.7.2

v2.7.1

What's Changed

• Fixing read after write in baseOrgRepository by @david-rocca in #1675
• If the user is a secretariat, they will be able to see the visibility by @david-rocca in #1693
• locks down coversations by @david-rocca in #1695
• #1677 - Fixing an issue were ADMIN was not fully removed by @david-rocca in #1686
• Closes: #1685 and #1687 by @david-rocca in #1689
• Causal Consistency clean up by @david-rocca in #1676
• #1683 hard_quota is now a Joint Approval by @david-rocca in #1691
• Resolves issues #1669 and #1668 by @emathew5 in #1696
• #1679 - Fix incorrect spelling of charter_or_scope by @david-rocca in #1698
• resolves #1664 by @david-rocca in #1703
• Resolves #1680 and #1681 by @david-rocca in #1701
• Fixing all NPM flagged issues by @david-rocca in #1702
• Conversation Edits by @cberger8 in #1692
• Removing the extra fields, fixing populate.js by @david-rocca in #1710

Full Changelog: v2.6.2...v2.7.1

v2.6.2

What's Changed

• Resolves #1629: Prevents ambiguous timestamps in ADP containers
• Upgrades to node v24

Full Changelog: v2.6.1...v2.6.2

v2.6.1

What's Changed

• Resolves #1626 Formats timeline.time values to yyyy-MM-ddTHH:mm:ss.sssZ (ISO-8601, UTC)
• Resolves #1623 Prevents invalid timeline.time values by @jdaigneau5 in #1625

Full Changelog: v2.6.0...v2.6.1

v2.6.0

What's Changed

• Changed DataVersion for CVE records from 5.2.0 to 5.2 by @jdaigneau5 in #1550
• Resolves issues #1554, #1555, #1556, #1557 Various purl validation fixes by @jdaigneau5 in #1560
• Implemented CVE Record Schema version 5.2.0 5.2.0 Schema Release Candidate
• Added syntactic PURL validation to CVE-Services
• Added PURL validation unit tests

Full Changelog: v2.5.4...v2.6.0

ur-v0.2.0-beta.3

What's Changed

• Aug 21 - Release by @david-rocca in #1477
• Closes #1495 - Fixes onlyOrgwithPartner role, and an issue in the migrate / populate… by @david-rocca in #1508
• Resolves #1496 - user validation middleware fixes by @david-rocca in #1509
• ORG_CREATE_SINGLE tests and ADP Schema Validation by @david-rocca in #1510
• Removing .only. by @david-rocca in #1511
• Resolves issue #1503, Fix the userCreateTest.js unittest by @emathew5 in #1514
• Resolves #1504, Fix userGetAllTest.js unittest by @emathew5 in #1515
• Fixing tests and update user bug fixes by @david-rocca in #1513
• Resolves issue 1501, fix orgGetSingleTest.js by @emathew5 in #1516
• Fixed idQuota tests by @david-rocca in #1517
• Resolves issue #1499 - fix GET /org unit tests by @cberger8 in #1518
• Resolves #1506 - Fixed tests for resetting secret by @david-rocca in #1519
• Closes #1502 and #1505 by @david-rocca in #1521
• Resolves #1481, #1484 - Added swagger docs for registry org GET endpoints by @cberger8 in #1523
• Resolves issues #1489, #1488, #1485, OpenAPI comments for /registry/org/user endpoints by @emathew5 in #1524
• Closes #1483 - id_quota documentation by @david-rocca in #1522
• Closes - #1482 #1487 #1486 by @david-rocca in #1525

Full Changelog: ur-v0.2.0-beta.1...ur-v0.2.0-beta.3

ur-v0.2.0-beta.1

Release Notes:

• This is an incremental release of proposals 1 through 3 discussed at the the AWG.
• This is NOT the intended to PR to go to production. There are known issues and work still to be done.
• We originally intended to deploy this to test on Thursday, August 21st. However, due to some pipeline issues and failing tests we decided to take Thursday to ensure we were stable enough. Deploying on Fridays is bad karma, so as of right now we will plan to deploy this PR to the staging (test) branch on Monday, August 25th.

What is this release

1. Migration from using query parameter api/org/x/y?registry=true to url path parameter format api/registry/org/x/y/z to signal the opt in usage of the new registry options
2. Iteration of the User and Org Model for user Registry
   • Removed bi-directional relationships, Orgs now own all relationships.
   • Simplified some field values (removing items that were nested for no reason) and field names.
3. Implementation of JSON Schema Validation for Users and Organizations
   • Includes new Schema files!
   • Implements Mongoose Automatic Validation on writes.
4. Repository updates, to handle the "Discriminator" Mongoose paradigm
5. Repositories, now handle "backwards compatibility" instead of the controllers themselves.
   • Reduced Controller complexity. Controllers Now only call the repository to check for known errors to return to the user OR to perform the actual CRUD Action. The controllers are agnostic of if you are dealing in "Legacy or Registry" formats.
   • Allowed more streamline usage with the Mongoose ORM instead of raw Mongo Based Queries
   • Allows for multiple routes to call the same endpoint, with flags set to control repository functions

Known Issues

• Only Secretariat and CNA org types are implemented. Bulkdownload and ADP are not completed.
• The active flag on users is not disabling access correctly when set to false
• In an effort to work incrementally, the "BaseOrg" and "BaseUser" models have been made to replace "registry-org" and "registry-user" models. However, these will eventually be named to keep the "registry" name.
• Black box tests still need to be migrated
• Unit tests still need to be migrated.

PRs Closed

• User registry initial Implementation. by @david-rocca in #1392
• Resolves issue 1412 Create Registry Tests - createUserTest.js by @afoote-mitre in #1420
• Resolves issue 1413 Create Registry Tests - updateUserTest.js by @afoote-mitre in #1422
• Resolves issue #1414, Creating node registry tests replacing the ones in org_as_org_admin.py by @david-rocca in #1421
• Add integration test for regularUser trying to make Org and User requests with registry=true by @emathew5 in #1424
• Resolves issue #1410 - registry tests for postOrgTest, and issue #1426 - improper handling of contact_info for registry org by @cberger8 in #1429
• Resolves issue #1411 - integration tests for creating org users with registry enabled by @cberger8 in #1430
• Resolves issue 1417, Testing User Get Request for /api/org with the registry=true flag by @emathew5 in #1431
• Closes: 1415 / Bug 1425 / Bug 1427 - Org.py New tests for Registry by @david-rocca in #1428
• Resolves issue 1401, Validates the request body for registryOrg POST request by @emathew5 in #1432
• Resolves issue #1402 - updated swagger docs for registry endpoints by @cberger8 in #1439
• Fixed line endings for swagger doc by @cberger8 in #1440
• Resolves Issue #1399 - Update getOrg in registry-org controller to allow for uuid or shortname by @david-rocca in #1438
• Resolves issue #1408 and #1407 - Fixes Session Closures by @david-rocca in #1437
• Resolves issue #1409, Make Argon2 calls consistant by @david-rocca in #1436
• Resolves issue #1406 - fixed error handling when UUID provided for registry org/user creation by @cberger8 in #1443
• Resolves issue 1400, Add createUserByOrg registryOrg/ endpoint by @emathew5 in #1441
• Resolves issue #1447, Create Registry User Schema by @emathew5 in #1475

New Contributors

• @afoote-mitre made their first contribution in #1420

Full Changelog: ur-v0.1.1...ur-v0.2.0-beta.1