Changelog
@mssfoobar/iams-aas
1.3.5
Patch Changes
- d985a97: - Upgrade springboot 3.5.7 to fix CVE-2025-55752, CVE-2025-9230, CVE-2025-41249, CVE-2025-9231, CVE-2025-9232, CVE-2025-11226, CVE-2025-61795
1.3.4
Patch Changes
- 30ac4e8:
- Upgraded Spring Boot to 3.5.5
- Upgraded Springdoc to 2.8.10
- Remove non required POM override to fix CVE
1.3.3
Patch Changes
- 7b2dbac: Upgrade tomcat to 10.1.44 to fix CVE-2025-48989
1.3.2
Patch Changes
- de86c74: upgrade org.apache.commons:commons-lang3 to 3.18.0 to fix CVE-2025-48924
1.3.1
Patch Changes
- 0d6342a: Workaround Keycloak issue
- Clean up permission and policy when
- resource is deleted, or
- scope disassociated from resource.
- Clean up permission and policy when
1.3.0
Minor Changes
- b5ed799:
- Added API to retrieve password policy
- Upgrade to Sprint Boot 3.5.4
1.2.0
Minor Changes
- da8a5ef: Upgrade to Spring Boot 3.5.3
Patch Changes
- da8a5ef: Refactor StringListMapDeserializer from using deprecated JsonNode method.
- dc0706b: Fixed bug where admin right is required to invoke API to list all accessible resource of specified type for specified user.
1.1.3
Patch Changes
- 5f49911: Added method to get role by role id
1.1.2
Patch Changes
- bfe153a: Upgrade to Spring Boot 3.4.6 to fix CVE-2025-46701
1.1.1
Patch Changes
- 81f2961: Upgraded Keycloak to 26.2.4. Fixed the AAS OpenAPI Doc Version
- 53bfa1a: Fixed issue with roles in Tenant Membership not updated correctly.
1.1.0
Minor Changes
New APIs
- API to retrieve list of accessible resources and scopes for the specified user.
- API to retrieve list of accessible resources of specific type with the corresponding scopes for the specified user.
- API to evaluate whether the specified user with the specified role is able to access (Permit or Deny) specific resource and scope using resource Id and scope Id.
- API to evaluate whether the specified user with the specified role is able to access (Permit or Deny) specific resource and scope using resource name and scope name.
Enhanced APIs
- Enhanced group APIs to support creating/updating group with additional attributes.
- Enhanced role APIs to support creating/updating role with additional attributes.
Upgraded Dependent Libraries
- Upgraded Spring Boot to 3.4.4
1.0.0
Initial release - view the IAMS docs for more information.
@mssfoobar/iams-keycloak
1.4.5
Patch Changes
- 61b9046: - Upgrade keycloak version 26.4.2 to fix VA: CVE-2025-58056, CVE-2025-58057, CVE-2025-48924, CVE-2025-11429, CVE-2025-9162, CVE-2025-10044
- dbe13ed: - Upgrade keycloak.admin.client.version 26.0.7
- Upgrade vertx-core to 4.5.21
- Override commons-codec 1.17.1
- Remove tile.css from login theme
1.4.4
Patch Changes
- a9f599a:
- Fix bug in CustomUpdatePassword Required Action where null pointer exception is thrown when user's password is not set.
1.4.3
Patch Changes
- af35cfb:
- Upgraded Keycloak to 26.3.3 to fix CVE
- Override dependent library in POM to fix CVE
- Clean up unnecessary override in POM to fix CVE
- Change login screen title from 'AGIL Operational Hub' to 'AGIL Ops Hub'
1.4.2
Patch Changes
- 7b2dbac:
- Updated Update Password Required Action to only support validate current password in authenticate flow.
- Updated UserSecurityResource to return more info in the Retrieve User Security Information API.
1.4.1
Patch Changes
- d59d420: - Fix bug where attributes are not populated in the User within Membership Object.
1.4.0
Minor Changes
- de86c74: Added features to
- disable user account with password expired exceeded configured graced period days.
- disable user account after days of inactivity exceeded configured threshold.
- API to retrieve user security information:
- last login timestamp
- last password change timestamp
- days remaining to password expiry
Patch Changes
- de86c74:
- upgrade org.apache.commons:commons-lang3 to 3.18.0 to fix CVE-2025-48924
- upgrade io.vertx:vertx-core to 4.5.16 to fix CVE-2025-49574
- upgrade com.google.protobuf:protobuf-java to 3.25.8 to fix CVE-2024-7254
- upgrade commons-codec:commons-codec to 1.14 to fix CVE-2025-48924
1.3.0
Minor Changes
- b5ed799:
- Added APIs to
- generate TOTP secret and qrCode for registration.
- register TOTP credential
- verify TOTP code
- Fix bug where roles listed in tenant claims are not updated when roles are unassigned.
- Added APIs to
1.2.0
Minor Changes
- da8a5ef:
- Added method to validate user's current password
- Added method to allow update of new password only if current password is valid.
- Added custom Update Password Required Action that support
- force user to update password X days before expiry.
- required current password to be valid to change password.
- Added custom Password Expiry Reminder Required Action that only show between X and Y days before password expiry.
- da8a5ef: Upgraded keycloak to 26.3.2
1.1.1
Patch Changes
- 81f2961: Upgraded Keycloak to 26.2.4. Fixed the AAS OpenAPI Doc Version
- 53bfa1a: Fixed issue with roles in Tenant Membership not updated correctly.
1.1.0
Minor Changes
Upgraded Dependent Libraries
- Upgraded Keycloak to 26.1.4
- Upgraded Keycloak Admin Client to 26.0.4
1.0.0
Initial release - view the IAMS docs for more information.
@mssfoobar/iams-web
2.4.2
Patch Changes
- Migrate to latest web-base with SDS integration
2.4.1
What's Changed
- Update Node.js version in Docker build to resolve vulnerabilities
- Update pino dependency from 9.4.0 to 9.13.0 to address security vulnerabilities
- Add unit tests to improve code coverage and reliability
2.4.0
New Features:
- Name validation: Added validation for existing usernames when creating users and existing tenant names when creating tenants
- Form validation enhancement: Added name checking for group, scope, role and resource forms
UI/UX Enhancements:
- Sticky Header with Actions: Moved submit bar to title row in create/edit pages with sticky header for better accessibility
- Sheet-based Assignment Flows: Replaced modal dialogs with side drawers for all assignment dialogs (tenant assignment, user assignment) to improve user experience and provide more space
- Sheet component improvement: Added separator line below sheet title
Technical Improvements:
- Added scrollLockContent property to DataTable component allowing table height to expand based on content instead of using scroll containers
- Security: Upgraded Node.js from v22.15 to v24.4.1 to address high-severity vulnerability
- Made name checking API for tenant and user case-insensitive
- All cells with string content are now truncated on overflow
2.3.0
Features & Enhancements
- Added soft delete functionality with a feature flag for user management.
- Truncated excessively long text values to prevent layout issues.
- Added animation for showing and hiding the data table’s bulk actions bar.
- Added error handling and display for failed user soft deletions.
- Changed row selection behavior when clicking the checkbox cell.
2.2.0
Features & Enhancements
- Fetch password policies from the server and apply them during validation. Refer to this section for more information.
- Assignment Tables
- Automatically exclude already assigned entities.
- Rename the "Delete" action to "Remove".
- Add bulk actions for assigning and unassigning multiple items.
- Data Table v2 with a bulk actions toolbar for multi-selection operations.
- Permissions Management
- Improve the warning dialog when removing a scope from a resource.
- Display a success toast when assigning in edit mode.
- Add a confirmation dialog for bulk deleting sub-groups.
- Introduce a data table for managing scope permissions.
- Refresh color scheme for checkboxes and tabs.
- Update
headerbartov1.2.5andsidebartov1.3.4. - Add environment variables for configuring
Content-Security-PolicyandX-Frame-Optionsheaders.
2.1.1
What's Changed
- Fixed and revamped error page ("customize page..") in iams-web when an invalid route is specified, and removed "customize this page"
- Allow hyphen (-) and underscore (_) in role names.
- Make the password field optional in the user form and remove password validation from the reset password form.
- Fixed missing success toast message when creating a user.
- Fixed failure to update tenant assignment on the user detail page.
2.1.0
What's Changed
- Add filter by assigned/unassigned for tenant's user management table
2.0.1
What's Changed
- Add a response handler for BFF (Web API) to standardize API responses
- Fix issue where reselecting users while creating a tenant would exclude previously selected users from the created tenant
- Add "Required" column to resource permission assignment table
- Fix flashing light mode color when switching theme or when browser's preference is set to light
- Fix assignment dialog's data table being too short on small screens
- Fix grammar and wording errors
2.0.0
Major Changes
- Refactor: migrate UI/UX to new design system
This release introduces a full redesign of the application's user interface using a new design system. It includes significant layout and component structure changes. As a result, developers integrating this package may need to update usage patterns to align with the new markup and component API.
1.2.4
Patch Changes
- Fix container vulnerability
1.2.3
Patch Changes
- Remove line that flagged VAPT
1.2.2
Patch Changes
Urgent hotfix for:
- Adding more than 100 users to tenants (now capped to 1000, removed in v2)
- Adding more than 100 users to roles (now capped to 1000, removed in v2)
- Adding more than 100 groups (now capped to 1000, removed in v2)
- Fix fetched datagrid being truncated
1.2.1
- Fix the issue where datagrid is truncated
1.2.0
Minor Changes
- Update to Svelte 5 and shadcn-svelte 5 components, add Storybook, and update openid-client to v6
- Update to web-base with improved colors and new sidebar + headerbar
- Adjust configuration parameters to be simpler and support more deployment configurations, including backchannel communication for Keycloak
Patch Changes
- Add extra environment variables
PUBLIC_COOKIE_ACCESS_TOKEN&PUBLIC_COOKIE_REFRESH_TOKENto allow configuring cookie names, and improve .env.template - Fix wrong Tailwind configuration for shadcn-svelte 5
- Add @changesets/cli to dev dependency
- Change default favicon from Svelte to the AGIL Ops Hub logo