Skip to content

Latest commit

 

History

History
483 lines (402 loc) · 27.3 KB

changelog.md

File metadata and controls

483 lines (402 loc) · 27.3 KB

Changelog

All notable and significant changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[Unreleased]

Added

  • support for custom TLS protocols such as TLSv1.2,TLSv1.3
  • better error messages when MockServerClient fails due to TLS or networking errors

Changed

  • removed implicit reliance on internal java-certificate-classes (thanks to @Arkinator)

Fixed

[5.15.0] - 2023-01-11

Added

  • an image tag that allows container to run as root
  • HTTP2 protocol support for mocking
  • ability to proxy multiple binary messages without waiting for response
  • support to disallow loading of specific class in javascript templates
  • support to disallow specific text in javascript templates
  • support to disallow loading of any class in velocity templates
  • support to disallow specific text in velocity templates
  • support to disallow specific text in mustache templates
  • support to velocity templates to load files via $import.read(...)

Changed

  • improved error message for not valid HTTP requests that are not being proxied
  • improved error message when client doesn't trust MockServer's CA

Fixed

  • references to globally-scoped values within Ingress template
  • fixed error passing configuration in MockServerClient
  • fixed handling of additional content-type parameter and special characters in the content-type such as '+'
  • removed invalid extra content-encoding header add when forwarding if content-encoding was not present

[5.14.0] - 2022-08-22

Added

  • added support for json serialisation and de-serialisation java date time
  • support for server urls in OpenAPI specification, by adding server url path as path prefix to operations
  • improved documentation of clear functionality and type parameter and added examples
  • local ip and port exposed to callbacks and log, useful when bound on multiple ports
  • ability to match on content-encoding header
  • added support for custom HTTP methods (via assumeAllRequestsAreHttp)

Changed

  • used helm release name in K8s resources to avoid conflicts for multiple deployments in same namespace (without extra values being set)
  • tlsMutualAuthenticationCertificateChain is used if configured, even if tlsMutualAuthenticationRequired is false, so clients can choose correct certificate for optional client auth

Fixed

  • error matching header or parameters using array schema
  • updated Ingress apiVersion in helm chart to non deprecated value
  • removed the jdk14 slf4j bindings from the shaded and no-dependencies jars
  • fixed NullPointerException and added more context information for match failures
  • fixed NullPointerException during matcher logging
  • fixed override logic for query and path parameters
  • fixed verification of path parameters with multiple path parameter expectations
  • fixed matching for array parameters using OpenAPI or a schema based parameter matcher
  • resolved errors matching path by regex against expectations with path parameters
  • resolved error with some deleted logs still appearing in the dashboard
  • Content-Length is not added if a mock response set Transfer-Encoding

[5.13.2] - 2022-04-05

Fixed

  • fixed artefact name in no-dependencies pom which caused issue with gradle builds
  • added support for yml in addition to yaml for yaml files

[5.13.1] - 2022-04-02

Added

  • simplified JSON format accepted for headers and other multi-value maps by allowing single values to be used as value list
  • added warning message when content-length in expectation response is shorter than the body length
  • improved log output for multimap failures, especially when using schema matcher (i.e. with OpenAPI) for parameters, headers, etc
  • added support for endpoints examples in addition to existing schemas examples in an OpenAPI specifications

Changed

  • improved error messages from main method
  • always serialise default fields for StringBody and JsonBody when retrieving recorded expectations for consistency even when the charset changes
  • allow (and ignore) additional timestamp field for expectation JSON to support record request and responses to be submitted as JSON expectations
  • upgraded JVM version in docker (and helm) to 17
  • reduced memory footprint from log and simplified calculation of maximum log size
  • use JVM trust store in addition to MockServer CA for MockServerClient to allow control plane requests to go via proxies or load balancers that terminate TLS

Fixed

  • allow callback which is nested inside initializer class for maven plugin initializer
  • fixed HttpClassCallback static builder signature
  • improved parsing of media type parameters to handle parameter values with equal symbol
  • fixed serialising certificate chain to dashboard UI
  • used absolute URI form for requests to an HTTP proxy as per rfc2068 section 5.1.2
  • removed content-length and other hop by hop response headers for forward actions
  • fixed handling of headers and parameters specified without any values
  • fixed logLevel in MockServer instance Configuration, so it now sets the SystemProperty read by the logging configuration
  • fixed parallel execution of MockServerExtension to prevent port bind errors
  • fixed error parsing body parameters containing '/'
  • removed external references to schema specification to remove required network connectivity
  • fixed docker latest tag by worked around bug in sonatype not updating the LATEST metadata for snapshots
  • fixed partial deletion of expectations from watched file initialiser
  • resolved small memory leak during proxy authentication
  • updated verify by expectation id so it uses expectation match log events instead of the request matcher from the expectation

[5.13.0] - 2022-03-17

Added

  • added support for configuring log level via properties file
  • allow proactively initialisation of TLS so dynamic TLS CA key pair is created at start up
  • added control plane authorisation using mTLS
  • added control plane authorisation using JWT
  • added support for control plane JWTs supplier to client
  • added support for control plane JWT authorisation to specify required audience, matching claims and required claims
  • added control plane authorisation using both JWT and mTLS
  • added property to control maximum number of requests to return in verification failure, defaults to 10
  • added field to verifications to control maximum number of requests to return in verification failure, defaults to configuration property - item above
  • added remote address field to http requests that can be used by class or method callbacks
  • exposed remote address (i.e. client address) to method and class callbacks, logs and dashboard
  • exposed client certificate chain to method and class callbacks, logs and dashboard
  • added simpler mustache style response templates (in addition to existing javascript and velocity support)
  • added response template variables and functions for date, uuid, random, xPath and jsonPath for mustache
  • added response template variables for date, uuid and random for velocity
  • added response template variables for date, uuid and random for javascript
  • added path parameters, remote address and client certificate chain to response template model
  • added support for EMCAScript 6 in JavaScript response templates for Java versions between 9 and 15
  • added support for numerous velocity tools for example for JSON and XML parsing to velocity response templates

Changed

  • included Bouncy Castle now used by default to resolve issues with modules in Java 16+ and backwards compatibility for Java 8
  • improved configuration for dynamically creating CA so the directory is defaulted if not set and log output is clearer
  • improved UI handling of match failures with a because section and more complex log events
  • improved log configuration during startup when loading of properties file
  • simplified support for multiline regex by allow . to match newlines
  • improved regex matching by support Unicode (instead of US-ASCII) and native case-insensitive matching
  • improved performance of negative matches by reducing the number of regex matches when not matching
  • disabled privilege escalation in helm chart
  • added setting of command line flags (i.e. serverPort) via system properties and properties file in addition to environment variables
  • improved log output for command line flags, environment variables and system properties
  • removed deprecated configuration properties for forward proxying
  • changed docker distroless base image to distroless image for nonroot user
  • changed docker distroless base image for snapshot to distroless image for debugging
  • changed client to launch dashboard in HTTP (not HTTPS) to avoid issues with self-signed certificates
  • simplified the body field for response template model
  • improved XML matching by ignoring element order
  • improved security by change CORS defaults to more secure values that prevent cross-site requests by default

Fixed

  • worked around JDK error 'flip()Ljava/nio/ByteBuffer; does not exist in class java.nio.ByteBuffer'
  • null pointer exception when serialising string bodies with non string content types (i.e. image/png)
  • disabled native TLS for netty to improve TLS resilience
  • fixed handling of circular references in OpenAPI specifications to be as gracefully as possible

[5.12.0] - 2022-02-12

Added

  • index.yaml to www.mock-server.com so it can be used as a helm chart repository
  • command line flags can now be set as environment variables simplifying some container deployment scenarios
  • glob support for initialisation files to allow multiple files to be specified
  • request and response modifiers to dynamically update path, query parameters, headers, and cookies
  • custom factory for key and certificates to provide more flexibility
  • support for Open API expectations in json initialisation file
  • improved @MockServerTest to support inheritance
  • more flexibility over semicolon parsing for query parameters
  • shaded jar for mockserver-netty and mockserver-client-java to reduce impact of dependency version mismatches with projects including these dependencies

Changed

  • ensured that TCP connections are closed immediately when shutting down to improved time before operating system frees the port
  • reduce noise from Netty INFO logs that were not correct or misleading
  • retrieveRecordedRequests now returns HttpRequest[]
  • made it easier to set priority and id both in Java and Node clients in multiple places
  • changed default charset for JSON and XML to UTF-8 from ISO 8859-1
  • error handling for Open API so only single operation is skipped on failure not the entire file
  • reduced over resolution of OpenAPI that triggered bugs in Swagger Parser V3 library
  • replaces JDK FileWatcher with custom solution for watch file changes to work around multiple JDK bugs
  • improved helm chart by supporting more configuration options
  • remove explicit calls to System.gc()

Fixed

  • resolved multiple issues with clearing by expectation id
  • resolved multiple issues with verifying by expectation id
  • resolved multiple NullPointerExceptions in backend for UI
  • ensure exact query parameter string is proxied allowing for empty values, leading ! or or other special scenarios
  • improved expectation updates from FileWatcher so only expectation from matching source are updated resolving multiple bugs
  • ensured socket protocol of HTTPS is honoured resulting in forwarded requests using TLS
  • fixed logging of exceptions such as port already bound at startup
  • fixed retrieval of active exceptions where expectations were no longer active but not yet removed from expectations list
  • no longer treat ndjson as json
  • accessing UI via a reverse proxy or load balancer

[5.11.2] - 2020-10-08

Added

  • clearing by expectation id
  • verifying by expectation id

Changed

  • improved reliability and performance around stopping especially when stop is called multiple times for the same instance
  • improved grouping of logs and stopped TRACE level logs from being grouped which caused inconsistency in the UI

Fixed

  • fixed recursive loop on stopAsync for ClientAndServer
  • header matching for subsets to ensure notted header keys don't exist

[5.11.1] - 2020-07-22

Added

  • port is now printed at start of each log line
  • shutdown log message specifying port
  • UI updated prior to stopping MockServer to ensure all pending log messages are sent over UI web socket
  • added listener for expectation modifications that can be used with ExpectationInitializer for custom expectation persistence

Changed

  • performance improvements of expectation sorting and comparisons
  • reduced creation of objects at WARN log level
  • ensured all threads are daemon threads (except port binding thread)
  • simplified and improve performance of matching for headers, query string parameters, path parameters, cookies and body parameters
  • only mark log events as deleted for log level of TRACE, DEBUG, or INFO so log can be view in UI
  • improved performance of handling large OpenAPI specifications
  • improved error message format for errors when loading OpenAPI specifications
  • changed name of optionalString static factory method to optional to improve consistency with not

Fixed

  • fixed field name error when serializing ParameterBody
  • error when log level DEBUG cleared log events were returned from the API

[5.11.0] - 2020-07-08

Added

  • added basic support to proxy binary requests that are not HTTP
  • dynamic maximum log events and maximum expectations based on available memory
  • added ability to switch between BouncyCastle and vanilla JDK for key and certificate generation
  • added support for TLS over SOCKS4 or SOCKS5
  • request matching and expectations using OpenAPI or Swagger specification
  • create expectation using OpenAPI or Swagger specification with automatic example responses
  • verifications of requests or request sequences using OpenAPI or Swagger specification
  • clear log, clear expectations, retrieve logs and retrieve requests using OpenAPI or Swagger specification
  • json schema matchers for method, path, headers, query string parameters and cookies
  • path variables matched by nottable string, regex or json schema (as per query string parameters)
  • support for optional query parameters, header and cookies
  • support for nullable keyword in JSON Schemas (part of Open API specification not JSON Schema specification)
  • matching xml bodies against JSON Schema matchers
  • matching parameter bodies against JSON Schema matchers
  • support to match path parameters, query parameters and header either by sub set or by matching key
  • grouping of log events in UI to simplify analysis of expectation matches / non matches for a request
  • added extra log messages to indicate progress for large json expectation initializers
  • added log messages for invalid control plane request to make control plane errors clearer in the UI
  • added support for easily mapping jar and config into the docker container
  • added support for easily mapping jar and config into the helm chart

Changed

  • reduced time range of CA certificates to increase likelihood they will be accepted by strict systems (i.e. VMWare vCenter Server)
  • improved error message when exception loading or reading certificates or keys (i.e. file not found)
  • certificate and private key are saved to directoryToSaveDynamicSSLCertificate when preventCertificateDynamicUpdate is enabled
  • returns created expectations from /mockserver/expectation so that it is possible to view the id for new (or updated) expectations
  • added ability to inherit @MockServerSettings for Junit5 tests
  • switched to distroless container base for security and size
  • added explicit gc suggestion after reset and clear
  • upgraded docker container to Java 11 to ensure JVM honours container memory constraints (i.e. inside kubernetes)
  • improved parsing of invalid content-type header parameters by handling error gracefully and outputting a clear error message
  • improved performance through multiple minor tweaks around handling of expectations
  • added version to log output to improve resolution of github issues with logs attached
  • improved logic around proxies to make HTTP CONNECT, SOCKS4 and SOCKS5 more reliable and faster
  • reduced object creation (and therefore GCs) for log especially during request matching
  • print logs timestamp with milliseconds
  • reduced expiry of certification to one year to avoid errors from modern systems that don't like long lived certificates (such as Chrome or VMWare)
  • defaulted charset for XML and JSON to UTF8 as per rfc3470 and rfc8259
  • version matching logic for client now only matches on major and minor version and not bug fix version
  • improved handling of body matching for control plane to clearly separate control plane and data plan matching
  • simplified and improved stability for UI by moving all data processing into back-end and other simplifications

Fixed

  • fixed but with environment variable configuration for long, integer and integer list values
  • removed call to ReflectionToStringBuilder.setDefaultStyle to avoid impacting toString globally for JVM
  • fixed destination port and ip in Socks5CommandResponse which prevented SOCKS5 proxied connections
  • fixed Subject Alternative Names with wildcards or other valid DNS name formats not supported by certain versions of the JDK (<= 1.8)
  • fixed json body responses by returning blank or null fields, objects and arrays
  • fixed generics for withCallbackClass to allow ExpectationResponseCallback to be specified as a Class (not only a string)

[5.10.0] - 2020-03-24

Added

  • closure / object callbacks uses local method invocation (instead of Web Socket) when both the client in same JVM (i.e. ClientAndServer, JUnit Rule, etc)
  • support to specify a fixed TLS X509 Certificate and Private Key for inbound TLS connections (HTTPS or SOCKS)
  • ability to prioritise expectations such that the matching happens according to the specified priority (highest first) then creation order
  • ability to create or update (if id matches) expectations from the client using upsert method
  • ability to return chunked responses where each chunk is a specific size by using response connection options
  • support for XmlUnit placeholders https://github.com/xmlunit/user-guide/wiki/Placeholders
  • added ability to control (via configuration) whether matches fail fast or show all mismatching fields
  • configuration to disable automatically attempted proxying of request that don't match an expectation and look like they should be proxied

Changed

  • improved X509 certificates by adding Subject Key Identifier and Authority Key Identifier
  • stopped delay being applied twice on response actions (#721)
  • improve support for clients making initial SOCKS or HTTP CONNECT requests over TLS
  • replaced JSONAssert with JsonUnit to improve JSON matching and remove problematic transitive dependencies
  • added more detail of cause of match failure

Fixed

  • fixed null point for expectation initialiser with file watcher in working directory specified with relative path
  • fixed error resulting in enum not found exception for log events
  • fixed error with parsing of json arrays for expectation responses with json body as json object not escaped string
  • fixed meaning of disableSystemOut property so that only system out is disabled not all logging
  • fixed key store type in key store factory to avoid issue with the JVM changing the defaults

[5.9.0] - 2020-02-01

Added

  • added stopAsync method to ClientAndServer to allow stop without waiting
  • log events for UPDATED_EXPECTATION and REMOVED_EXPECTATION
  • ability to update existing expectation by id
  • hot re-loading of expectation initialiser file
  • addition configuration for web socket client event loop size
  • addition configuration for action handler thread pool size
  • exposed request raw bytes to object callbacks (allows forwarded requests body parsing that is inconsistent with Content-Type header)
  • added support to delay socket closure using connection options
  • added support to control trusted certificate authorities (trust store) for proxied & forwarded requests
  • added support for two-way TLS (mTLS), also called client authentication
  • now sends TLS X509 certificate from proxy (i.e. support forward client authentication / mTLS)
  • added ability to dynamically create local unique Certificate Authority (CA) X.509 and Private Key to improve security of clients trusting the CA

Changed

  • performance improvements for header and cookie handling
  • improved JSON validation errors by adding link to OpenAPI Specification
  • removed duplicate packages between modules to prepare for java modules
  • caught Jackson configuration exception to improve resilience with other Jackson versions in classpath
  • moved Junit4 to separate module to reduce size of jar-with-dependencies, simplify code and increase build speed
  • enabled case insensitive matching for regex matches
  • improved documentation (i.e. on website)
  • switched from Bouncy Castle to JDK for certificate and private key generation

Fixed

  • fixed error where ClientAndServer does fully wait for client to stop
  • fixed ability to specific a log level of OFF
  • fixed bug with keystore type configuration not being used in all places
  • added file locking and jvm locking for expectation persistence file to avoid file corruption
  • fixed verification incorrectly matching verifier non-empty bodies against empty request bodies
  • stopped response callbacks for proxied requests blocking threads
  • fixed bug that caused JSON bodies in specified expectations as raw JSON to ignore empty arrays and empty strings

Security

  • updated tomcat (used in integration tests) to version without vulnerabilities

[5.8.1] - 2019-12-23

Added

  • changelog
  • added configuration for all CORS headers
  • added support for forward proxy authentication (via configuration)
  • added support for overriding forward responses by class or closure
  • requests sent to MockServerClient can be updated / enhanced i.e. to support proxies
  • dynamic creation of a unique (i.e. local) Certificate Authority X509 Certificate and Private Key instead of using the fixed Certificate Authority X509 Certificate and Private Key in the git repo.
  • configuration to require mTLS (also called client authentication or two-way TLS) for all TLS connections / HTTPS requests to MockServer
  • configuration of trust store and client X.509 used during forwarded and proxied requests to endpoints requiring mTLS
  • extended TLS documentation significantly

Changed

  • reduced default number of fail handles used by nio event loop
  • improved performance and scalability of logging ring buffer
  • improved performance of json serialisation
  • deprecated isRunning and replaced with hasStopped and hasStarted to make behaviour more explicit and faster
  • improved, simplified and unified handling of Content-Type for bodies
  • remove closure callback clients and connections for expectation that no longer exist
  • ensure WebSockets for closure callback auto re-connect for unreliable networks
  • simplified XML and JSON of bodies in the log and UI
  • improved logging for CORS
  • added support for TLS with closure / WebSocket callbacks
  • simplified handling of TLS and HTTP CONNECT (which is always TLS)
  • improved JSON format for expectation to support objects instead of escaped strings

Fixed

  • fixed reading logLevel from system property or environment variable
  • ensure all errors are printed to console
  • removed TLSv1.3 to avoid any issues with JVM version that do not support TLSv1.3
  • handle proxying requests without Content-Length header
  • added support for JSON array for raw JSON in requests or responses body

Security

  • updated jetty (used in code examples) to version without vulnerabilities

[5.8.0] - 2019-12-01

Added

  • added support for configuration via environment variables
  • added support for overriding responses which an forward overridden request
  • added persistence of expectations to file (as json)

Changed

  • ensured all Netty threads are marked as daemon to ensure MockServer does not prevent / delay JVM shutdown
  • improved docker-compose example
  • improved helm document & example to show how to provide configuration file or expectation initialiser
  • improved performance and throttled load for UI

Fixed

  • WARN and ERROR is logged even if logLevel not yet initialised
  • ensured exceptions thrown in Main method are always logged
  • separated control plane and data plane matching to avoid reverse regex matches and other similar strange behaviour
  • fixed handling of multiple parameters in Content-Type header
  • autodetect WS or WSS for UI update WebSocket depending on HTTP or HTTPS
  • stopped usage being printed multiple time under certain error scenarios

Removed

  • removed reentrant WebSocket prevention by creating WebSocket client per expectation to improve resilience

[5.7.2] - 2019-11-16

Added

  • added setting to control maximum size of event log

Changed

  • performance enhancements
  • improved matcher failure log messages to output detail at DEBUG level
  • made log level configuration more resilient
  • allowed exceptions to be thrown from all types of callback methods

Fixed

  • fixed duplicate logging or request when optimistic proxying
  • added missing exception on bind error
  • ensured client event bus is not static so it not shared across multiple client instances except were server port is identical

[5.7.1] - 2019-11-09

Added

  • added disruptor ring buffer in front of log to improve performance
  • added configuration to ensure MockServer certificate is not updated once created

Changed

  • improved performance with request matcher fast failure
  • refactored CPU or memory hot spots
  • switched logging to simpler more resilient approach without external dependencies

Fixed

  • fixed log levels to support disabling the log completely without impacting verifications
  • ensured clear, reset and verify guarantee all pending log events are completed
  • ensured all thread pools (i.e. added disruptor, etc) are stopped with stopping MockServer or Servlets
  • respond with not found response (instead of hanging) when failure during template rendering

[5.7.0] - 2019-11-01

Added

  • added support for retrieving requests and associated responses from log
  • added support for access-control-request-headers with CORS

Changed

  • updated to Java 8
  • made Jackson more relaxed when parsing JSON already validated by JSON Schema
  • improved resilience of request and response parsing, such as when Content-Type is blank string
  • improved proxy loop prevention to only break loops within a single instance of MockServer
  • increased length of TLS keys to RSA 2048
  • increased default request log size and maximum number of expectation

Fixed

  • added global thread-safety to javascript templates for local variables defined without keyword var

[5.6.1] - 2019-07-21

Changed

  • delayed creation of Nashorn JS engine

Fixed

  • fixed multi-threaded handling of javascript templates
  • fixed duplicate logging errors

[5.6.0] - 2019-06-21

Added

  • added delay to actions that did not already have it
  • added configuration for certificate authority private key and x509
  • added support for large HTTP headers

Changed

  • simplified the certificate generation
  • configured logback file appender programmatically

Fixed

  • ensure port binding exception are thrown and MockServer stops if port already allocated
  • fixed log configuration to ensure no class loading exception thrown
  • fixed control plane matching of expectations with notted entries