- Change some terminology to new OpenConext defaults.
- Update for libraries.
- Deal with invite roles not having a description field.
- Updates for various libraries.
- Ensure the Invite roles overview logo is displayed nice #297
- Add optional OpenConext-Invite roles overview #294
- Use support.surfconext.nl to link documentation #295 (thanks @FlorisFokkinga)
- Security updates
- Centralized services in cerntal services.yaml
- Replaced guzzle with symfony native
- Moved some extension config to yaml values
- Upgraded dependencies to their latest compatible version
- Fixed all direct deprececations (SF 7.0 ready)
- Routes are migrated to attributes
- Using new security authentication system
- legacy moved to openconext
- removed .env and using all parameters
- simplified kernel (using MicroKernelTrait)
- Using property promotion as much as possible
- strict typing everywhere
- typed variables where detected by rector or manual changes if detected
Fixes
- Add missing oid for SAML eduPersonAssurance attribute.
- Update dependencies for security fixes
Fixes
- Fix translation overrides.
Fixes
- Fix translation in connection disconnect dialog
- Fix translation overrides for a subset of keys of a nested array
- Update dependencies for security fixes
Improvements
- Add translation for SAML subjectId attribute.
Fixes
- Add translation for Organizational Unit attribute
- Update dependencies for security fixes
Fixes
- Update dependencies for security fixes
Fixes
- Fix Symfony 4.4 compatibility issue
Features
- Profile SP metadata now includes signing certificate
Improvements
- Make the cache path var/cache/prod again instead of var/prod/cache
- Show aggregated attributes even if SP has no IdP-attributes
- Translate two more attributes
- Fix translation of information-request email
Features
- Show attribute aggregation attributes on the my-services page #235
- Add the option to store sessions in the database #227
Improvements
- Log which user authenticated to the application. #229
- Remove SURFisms from translation files #233
- Prevent unsafe-inline CSP errors on SVG images #234
- Expose info and health on /internal by updating the Monitor bundle #236
- Replace deprecated Swiftmailer with Symfony mailer #241
- Install Mailcatcher and document the change #239
- Show the organization name on the my-services page #238
Maintenance
- Install periodic security upgrades #226
Bugfix
- Enable test-integration runs on develop #240
- Create release artifacts when project is tagged #225
- Fix IdP logo display in My Services overview #224
- Downgrade 'normal operation' log messages to info #223
Bugfixes
- Ensure something incorrect disclosure is shown.
- Ensure support icons have the right colour
- Use correct institution data
Features
- Translations are now overrideable. This is a BC breaking change compared to pre v3 releases.
Bugfixes and chores
- Company rebranding
- Add ansi-regex resolution adressing GitHub advisory #209
- Update Swiftmailer configuration #218
Bugfixes
- Ensure givenName is not required for using Profile #205
- Repair infomation request and attribute support pages #208
- Support-mail and EULA trouble, where faulty data was used to show the links #211
- Pinch missing translation from my services page #213
- Docker: OpenConext prep script moved to /usr/local/sbin #215
- Show delete description when feature flag is ON #212
Feature
- NL language improvements #490407db
- Order the consent list alphabetically #216
- Show custom error pages #210
- Add entity Id to my services #214
Chores
- Remove global_view_parameters.yaml from VCS #207
- Move makeRelease to bin folder #206
- Temporarily disable AA aatributes in my services #217
Changes
- Redesign every screen for a better user experience, accessibility and to improve the look/feel
- Allow users to remove consent per service
- Add cypress tests for accessibility
- Add docker for development / deploys
- Improve documentation
Security
- Upgrade symfony version to 4.4 so we have LTS again
- Upgrade several packages (over 777 vulnerabilities fixed)
- Add the secure flag to the lang cookie
This is a security release that will harden the application against CVE 2019-3465
Changes
- Optimize ORCiD button placement for all devices #136
- Add ECK ID saml attribute translation #133
- Fix the data retention translation #134
Changes
- Add /build to asset paths #131
- Bump Stepup SAML bundle to 4.1.5 #132
Version 2.0 drops PHP 5.6 support. And more important Symfony was updated to version 3.4
The major changes of this version:
Improvements
- Upgrade to Symfony 3.4 and fix deprecation issues while at it #126
- Added Portuguese translations #121
- Update ORCiD ID styling on the my connections page #128
- Install and configure Webpack Encore #130
Maintenance
- Bump Stepup SAML bundle to version 4.1.4 #125
- Install PHP 7.2 and update Composer dependencies #124
- Address security issues #127
Further removes the SURFconextId usages in the project. The AA Api client still used the attribute, causing issues on the My connections page. Thanks @domgon for raising the issue!
Bugfix
- Stop using SurfConextId in the AA client #118
- Add Portuguese language support #119 (Thanks @domgon!) #120
Maintenance
- Install Symfony and Twig security updates #119
- Removed RMT from the project
- Updated documentation links
- Upgraded Security Checker to version 5
In order to be compatible with EngineBlock 5.9, Profile needed to stop using the SURFconextId. As Engine no longer releases it.
Bugfix
- Stop using SURFconextId as user identifier #114
Maintenance
- Security updates #113