Skip to content

Tyk Gateway 4.0.16 and Tyk Dashboard 4.0.16
Compare
Choose a tag to compare
@ilijabojanovic ilijabojanovic released this 20 May 19:06
· 1615 commits to master since this release
v4.0.16
6b05675
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

Tyk Gateway 4.0.16

Fixed

  • Fixed a bug where gateway logs were not honouring enable_key_logging setting
  • Fixed a bug where enforced timeout values wouldn't be correct on a per-request basis. As we enforced timeouts only on the transport level, and created the transport only once within max_conn_time, the timeout in effect was not deterministic.
  • Fixed a minor issue with Go Plugin virtual endpoints where a runtime log error was produced from a request, even if the response was successful. Thanks to @uddmorningsun for spotting this and proposing a fix.
  • Fixed a bug where, when using MongoDB, Tyk could incorrectly grant access to an API using a key after that API had been deleted from a policy.
  • Fixed a bug where Tyk could return the wrong error code when a websocket upstream responds with error
  • Fixed a bug where keys linked to multiple policies become unusable if one of the policies is removed.
  • Remove the extra chunked transfer encoding that was added to rawResponse analytics
  • Updated the default Hybrid Pump RPC pool size from 20 to 5 connections in order to reduce default CPU and memory footprint
  • Fixed a bug where the Gateway did not correctly close idle upstream connections (sockets) when configured to generate a new connection after a configurable period of time (using the max_conn_time configuration option).
  • Fixed a bug where the URL Rewrite middleware did not correctly handle escaped characters in the URL.
  • Fixed a potential performance issue related to high rates of Gateway reloads (when the Gateway is updated due to a change in APIs and/or policies)
  • Fixed a memory leak that occurred when setting the strict routes option to change the routing to avoid nearest-neighbour requests on overlapping routes (TYK_GW_HTTPSERVEROPTIONS_ENABLESTRICTROUTES)
  • Fixed one Critical and six High CVEs reported in the Plugin Compiler.
  • Fixed automated token trimming in Redis, ensuring efficient management of OAuth tokens by implementing a new hourly job within the Gateway and providing a manual trigger endpoint.
  • Fixed a bug that was introduced in the fix applied to the URL Rewrite middleware.

Tyk Dashboard 4.0.16

Fixed

  • Fixed a bug where, if you created a Key which provided access to an inactive or draft API, you would be unable to subsequently modify that Key (via the Dashboard or directly via the Tyk Gateway API)
  • Fixed a bug where Dashboard would take too long loading Policies to the Gateway
  • Fixed a bug where the Dashboard could timeout while loading policies at startup. Added connection_timeout configuration option (defaults to 30 seconds)
  • Adjusted the description for the Policy states, so that it reflects the actual behaviour of the policy, when attached to a key.
  • Optimised the loading and re-loading of APIs and Policies for complex scenarios
  • Fixed a bug where searching for a User in the Tyk Dashboard didn't match partial user names.
  • Moved all HTML inline scripts to their own script files, to accommodate the Content security policies that have been enabled, to increase security.

Contributors

uddmorningsun
Assets 2
Loading