Pre release (#546)

* update changelog * update version and configs
cossacklabs · May 27, 2022 · 89f6bdd · 89f6bdd
1 parent 665d654
commit 89f6bdd
Show file tree

Hide file tree

Showing 13 changed files with 47 additions and 13 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,40 @@
 # Acra ChangeLog
 
-## [0.92.0](https://github.com/cossacklabs/acra/releases/tag/0.92.0), March 01th 2021
+## [0.93.0](https://github.com/cossacklabs/acra/releases/tag/0.93.0), May 27th 2021
+This release brings type awareness which improves transparent encryption on AcraServer. Type awareness means that it's possible to tell AcraServer what are the original data types for fields. During decryption, AcraServer will convert decrypted fields to their original data types. No need to change client application code to work with "binary data".
+
+It's also possible to choose a default value for each data field if its decryption failed. AcraServer can send a a default value like "<encrypted data>" instead of decryption errors, making developers' and users' life easier.
+
+_Core_:
+
+- **AcraServer**:
+  - Added type awareness and ability to map binary data to a certain data type when sending decrypted data back to the application. Extended encryptor_config which allow configure mapping application data type to proper database's type. [#515](https://github.com/cossacklabs/acra/pull/515), [#517](https://github.com/cossacklabs/acra/pull/517), [#523](https://github.com/cossacklabs/acra/pull/523), [#519](https://github.com/cossacklabs/acra/pull/519), [#520](https://github.com/cossacklabs/acra/pull/520)
+  - Extended `encryptor_config` with new parameters:
+    - `data_type` - specify data type expected by application. Accept `str`, `bytes`, `int64`, `int32` values. [#515](https://github.com/cossacklabs/acra/pull/515), [#517](https://github.com/cossacklabs/acra/pull/517)
+    - `default_data_value` - specify a placeholder (default value) to replace data that couldn't be decrypted. [#515](https://github.com/cossacklabs/acra/pull/515), [#517](https://github.com/cossacklabs/acra/pull/517)
+    - `response_on_fail` - specify action on decryption failure. Accepts `ciphertext` (returns encrypted data as is), `default_value` (returns values from `default_data_value` parameter), `error` (returns error as DB error with message like `encoding error in column {column_name}`). [#521](https://github.com/cossacklabs/acra/pull/521), [#533](https://github.com/cossacklabs/acra/pull/533)
+  -  Deprecated `tokenize` parameter in `encryptor_config` and changed focus on `token_type` parameter. Now is enough to specify `token_type` parameter without `tokenize: true` to turn on tokenization. [Read more](https://docs.cossacklabs.com/acra/configuring-maintaining/general-configuration/acra-server/encryptor-config/#tokenized-deprecated-since-0930) in the documentation. [#527](https://github.com/cossacklabs/acra/pull/527)
+  - Removed auto-generation poison record's keys but leaved for `acra-poisonrecordmaker`. It improves decryption due to omitting extra key generation and poison record recognition. [#516](https://github.com/cossacklabs/acra/pull/516)
+  - Improvements in handling error cases on DB protocol layer. [#511](https://github.com/cossacklabs/acra/pull/511), [#515](https://github.com/cossacklabs/acra/pull/515), [#517](https://github.com/cossacklabs/acra/pull/517), [#520](https://github.com/cossacklabs/acra/pull/520), [#528](https://github.com/cossacklabs/acra/pull/528), [#535](https://github.com/cossacklabs/acra/pull/535), [#537](https://github.com/cossacklabs/acra/pull/537)
+  - Improved sql parser and support of `set` command. [#534](https://github.com/cossacklabs/acra/pull/534)
+  - Ignored legacy keys on startup loading to cache. [#510](https://github.com/cossacklabs/acra/pull/510), [#522](https://github.com/cossacklabs/acra/pull/522)
+  - Improved PostgreSQL/MySQL protocol support. [#525](https://github.com/cossacklabs/acra/pull/525), [#526](https://github.com/cossacklabs/acra/pull/526), [#539](https://github.com/cossacklabs/acra/pull/539), [#540](https://github.com/cossacklabs/acra/pull/540), [#541](https://github.com/cossacklabs/acra/pull/541), [#542](https://github.com/cossacklabs/acra/pull/542), [#543](https://github.com/cossacklabs/acra/pull/543), [#544](https://github.com/cossacklabs/acra/pull/544)
+- **AcraCensor**:
+  - Removed legacy `IsForbidden` field from acra-censor’s logs. [Read more here](https://docs.cossacklabs.com/acra/security-controls/sql-firewall/#logging-unique-queries) in notes. [#508](https://github.com/cossacklabs/acra/pull/508)
+- **AcraKeys**:
+  - Removed duplicate entries in `list` command. [#530](https://github.com/cossacklabs/acra/pull/530)
+- **Other**:
+  - Makefile target `install_dev_deps` install required golang's dependencies for development and code generation. [#531](https://github.com/cossacklabs/acra/pull/531)
+
+_Documentation_:
+- Improved description of AcraServer's [encryptor_config](https://docs.cossacklabs.com/acra/configuring-maintaining/general-configuration/acra-server/encryptor-config/), adding details and examples about data processing options: encryption, searchable encryption, masking, tokenization, type awareness, etc.
+- Updated ["Debugging and troubleshooting"](https://docs.cossacklabs.com/acra/configuring-maintaining/debugging-and-troubleshooting/) section with more tips and tricks. 
+
+_Example projects and demos_:
+- [Python examples](https://github.com/cossacklabs/acra/tree/0.93.0/examples/python): updated to show type masking feature. [#524](https://github.com/cossacklabs/acra/pull/524), [#529](https://github.com/cossacklabs/acra/pull/529)
+- [acra-engineering-demo](https://github.com/cossacklabs/acra-engineering-demo/tree/0.93.0) updated to show data type masking support. [#46](https://github.com/cossacklabs/acra-engineering-demo/pull/46), [#47](https://github.com/cossacklabs/acra-engineering-demo/pull/47), [#48](https://github.com/cossacklabs/acra-engineering-demo/pull/48), [#49](https://github.com/cossacklabs/acra-engineering-demo/pull/49), [#50](https://github.com/cossacklabs/acra-engineering-demo/pull/50), [#51](https://github.com/cossacklabs/acra-engineering-demo/pull/51).
+
+## [0.92.0](https://github.com/cossacklabs/acra/releases/tag/0.92.0), March 01th 2022
 
 This release brings stability and performance fixes to AcraServer and AcraTranslator. It officially deprecates usage 
 of AcraConnector in favour of TLS everywhere. Some default configuration params are changed in favour of more secure & 

diff --git a/benchmarks/config/acra-server.yaml b/benchmarks/config/acra-server.yaml
@@ -1,4 +1,4 @@
-version: 0.92.0
+version: 0.93.0
 encryptor_config_file: /config/encryptor_config.yaml
 tls_ca: /ssl.ca/example.cossacklabs.com.crt
 tls_cert: /ssl.server/acra-server.crt

diff --git a/configs/acra-addzone.yaml b/configs/acra-addzone.yaml
@@ -1,4 +1,4 @@
-version: 0.92.0
+version: 0.93.0
 # path to config
 config_file: 
 

diff --git a/configs/acra-backup.yaml b/configs/acra-backup.yaml
@@ -1,4 +1,4 @@
-version: 0.92.0
+version: 0.93.0
 # import|export values are accepted
 action: 
 

diff --git a/configs/acra-keymaker.yaml b/configs/acra-keymaker.yaml
@@ -1,4 +1,4 @@
-version: 0.92.0
+version: 0.93.0
 # Client ID
 client_id: client
 

diff --git a/configs/acra-keys.yaml b/configs/acra-keys.yaml
@@ -1,4 +1,4 @@
-version: 0.92.0
+version: 0.93.0
 # path to config
 config_file: 
 

diff --git a/configs/acra-poisonrecordmaker.yaml b/configs/acra-poisonrecordmaker.yaml
@@ -1,4 +1,4 @@
-version: 0.92.0
+version: 0.93.0
 # path to config
 config_file: 
 

diff --git a/configs/acra-rollback.yaml b/configs/acra-rollback.yaml
@@ -1,4 +1,4 @@
-version: 0.92.0
+version: 0.93.0
 # Client ID should be name of file with private key
 client_id: 
 

diff --git a/configs/acra-rotate.yaml b/configs/acra-rotate.yaml
@@ -1,4 +1,4 @@
-version: 0.92.0
+version: 0.93.0
 # path to config
 config_file: 
 

diff --git a/configs/acra-server.yaml b/configs/acra-server.yaml
@@ -1,4 +1,4 @@
-version: 0.92.0
+version: 0.93.0
 # Path to AcraCensor configuration file
 acracensor_config_file: 
 

diff --git a/configs/acra-tokens.yaml b/configs/acra-tokens.yaml
@@ -1,4 +1,4 @@
-version: 0.92.0
+version: 0.93.0
 # path to config
 config_file: 
 

diff --git a/configs/acra-translator.yaml b/configs/acra-translator.yaml
@@ -1,4 +1,4 @@
-version: 0.92.0
+version: 0.93.0
 # Use clientID from TLS certificates or secure session handshake instead directly passed values in gRPC methods
 acratranslator_client_id_from_connection_enable: false
 

diff --git a/utils/version.go b/utils/version.go
@@ -26,7 +26,7 @@ import (
 // VERSION is current Acra suite version
 // store it as string instead initialized struct value to easy change/grep/sed/replace value via scripts or with
 // -ldflags "-X github.com/cossacklabs/acra/utils.VERSION=X.X.X"
-var VERSION = "0.92.0"
+var VERSION = "0.93.0"
 
 // Version store version info
 type Version struct {