diff --git a/CHANGELOG.md b/CHANGELOG.md index 5e5494df..495919cd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -19,6 +19,7 @@ # Table of Contents +- [1.3.0](#130) - [1.2.0](#120) - [1.1.0](#110) - [1.0.0](#100) @@ -27,6 +28,19 @@ - [0.7.0](#070) - [0.6.0](#060) +## 1.3.0 + +The 1.3 version is mainly for security update. + +### Security +- reject invalid header[#1462](https://github.com/apache/incubator-apisix/pull/1462) and uri safe encode[#1461](https://github.com/apache/incubator-apisix/pull/1461) +- only allow 127.0.0.1 access admin API and dashboard by default. [#1458](https://github.com/apache/incubator-apisix/pull/1458) + +### Plugin +- :sunrise: **add batch request plugin**. [#1388](https://github.com/apache/incubator-apisix/pull/1388) +- implemented plugin `sys logger`. [#1414](https://github.com/apache/incubator-apisix/pull/1414) + + ## 1.2.0 The 1.2 version brings many new features, including core and plugins. diff --git a/CHANGELOG_CN.md b/CHANGELOG_CN.md index 8e19e847..0683232f 100644 --- a/CHANGELOG_CN.md +++ b/CHANGELOG_CN.md @@ -19,6 +19,7 @@ # Table of Contents +- [1.3.0](#130) - [1.2.0](#120) - [1.1.0](#110) - [1.0.0](#100) @@ -27,6 +28,19 @@ - [0.7.0](#070) - [0.6.0](#060) +## 1.3.0 + +1.3 版本主要带来安全更新。 + +## Security +- 拒绝无效的 header [#1462](https://github.com/apache/incubator-apisix/pull/1462) 并对 uri 进行安全编码 [#1461](https://github.com/apache/incubator-apisix/pull/1461) +- 默认只允许本地环回地址 127.0.0.1 访问 admin API 和 dashboard. [#1458](https://github.com/apache/incubator-apisix/pull/1458) + +### Plugin +- :sunrise: **新增 batch request 插件**. [#1388](https://github.com/apache/incubator-apisix/pull/1388) +- 实现完成 `sys logger` 插件. [#1414](https://github.com/apache/incubator-apisix/pull/1414) + + ## 1.2.0 1.2 版本在内核以及插件上带来了非常多的更新。 diff --git a/apisix/core/version.lua b/apisix/core/version.lua index dfd10502..6197ea58 100644 --- a/apisix/core/version.lua +++ b/apisix/core/version.lua @@ -15,5 +15,5 @@ -- limitations under the License. -- return { - VERSION = "1.2" + VERSION = "1.3" } diff --git a/doc/how-to-build-cn.md b/doc/how-to-build-cn.md index d2d5dbcc..b8388833 100644 --- a/doc/how-to-build-cn.md +++ b/doc/how-to-build-cn.md @@ -34,20 +34,20 @@ Apache APISIX 的运行环境需要 Nginx 和 etcd, 你需要先下载 Apache Release 源码包: ```shell -wget http://www.apache.org/dist/incubator/apisix/1.2/apache-apisix-1.2-incubating-src.tar.gz -tar zxvf apache-apisix-1.2-incubating-src.tar.gz +wget http://www.apache.org/dist/incubator/apisix/1.3/apache-apisix-1.3-incubating-src.tar.gz +tar zxvf apache-apisix-1.3-incubating-src.tar.gz ``` 安装运行时依赖的 Lua 库: ``` -cd apache-apisix-1.2-incubating +cd apache-apisix-1.3-incubating make deps ``` ### 通过 RPM 包安装(CentOS 7) ```shell -sudo yum install -y https://github.com/apache/incubator-apisix/releases/download/1.2/apisix-1.2-0.el7.noarch.rpm +sudo yum install -y https://github.com/apache/incubator-apisix/releases/download/1.3/apisix-1.3-0.el7.noarch.rpm ``` ### 通过 Luarocks 安装 (不支持 macOS) @@ -63,11 +63,11 @@ sudo sh -c "$(curl -fsSL https://raw.githubusercontent.com/apache/incubator-apis > 通过 Luarocks 安装指定的版本: ```shell -# 安装 apisix 的 1.2 版本 -sudo luarocks install --lua-dir=/path/openresty/luajit apisix 1.2 +# 安装 apisix 的 1.3 版本 +sudo luarocks install --lua-dir=/path/openresty/luajit apisix 1.3 # 老版本 luarocks 可能不支持 `lua-dir` 参数,可以删除该选项 -sudo luarocks install apisix 1.2 +sudo luarocks install apisix 1.3 ``` ## 3. 管理(启动、关闭等)APISIX 服务 diff --git a/doc/how-to-build.md b/doc/how-to-build.md index e1b8d8b6..ccc581ae 100644 --- a/doc/how-to-build.md +++ b/doc/how-to-build.md @@ -34,21 +34,21 @@ You can install Apache APISIX in a variety of ways, including source code packag You need to download the Apache source release first: ```shell -wget http://www.apache.org/dist/incubator/apisix/1.2/apache-apisix-1.2-incubating-src.tar.gz -tar zxvf apache-apisix-1.2-incubating-src.tar.gz +wget http://www.apache.org/dist/incubator/apisix/1.3/apache-apisix-1.3-incubating-src.tar.gz +tar zxvf apache-apisix-1.3-incubating-src.tar.gz ``` Install the Lua libraries that the runtime depends on: ```shell -cd apache-apisix-1.2-incubating +cd apache-apisix-1.3-incubating make deps ``` ### Installation via RPM package (CentOS 7) ```shell -sudo yum install -y https://github.com/apache/incubator-apisix/releases/download/1.2/apisix-1.2-0.el7.noarch.rpm +sudo yum install -y https://github.com/apache/incubator-apisix/releases/download/1.3/apisix-1.3-0.el7.noarch.rpm ``` ### Installation via Luarocks (macOS not supported) @@ -64,11 +64,11 @@ sudo sh -c "$(curl -fsSL https://raw.githubusercontent.com/apache/incubator-apis > Install the specified version via Luarocks: ```shell -# Install version 1.2 -sudo luarocks install --lua-dir=/path/openresty/luajit apisix 1.2 +# Install version 1.3 +sudo luarocks install --lua-dir=/path/openresty/luajit apisix 1.3 # old luarocks not support the `lua-dir` parameter, you can remove this option -sudo luarocks install apisix 1.2 +sudo luarocks install apisix 1.3 ``` ## 3. Manage (start/stop) APISIX Server diff --git a/rockspec/apisix-1.3-0.rockspec b/rockspec/apisix-1.3-0.rockspec new file mode 100644 index 00000000..99dddc51 --- /dev/null +++ b/rockspec/apisix-1.3-0.rockspec @@ -0,0 +1,72 @@ +-- +-- Licensed to the Apache Software Foundation (ASF) under one or more +-- contributor license agreements. See the NOTICE file distributed with +-- this work for additional information regarding copyright ownership. +-- The ASF licenses this file to You under the Apache License, Version 2.0 +-- (the "License"); you may not use this file except in compliance with +-- the License. You may obtain a copy of the License at +-- +-- http://www.apache.org/licenses/LICENSE-2.0 +-- +-- Unless required by applicable law or agreed to in writing, software +-- distributed under the License is distributed on an "AS IS" BASIS, +-- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +-- See the License for the specific language governing permissions and +-- limitations under the License. +-- +package = "apisix" +version = "1.3-0" +supported_platforms = {"linux", "macosx"} + +source = { + url = "git://github.com/apache/incubator-apisix", + tag = "1.3", +} + +description = { + summary = "Apache APISIX(incubating) is a cloud-native microservices API gateway, delivering the ultimate performance, security, open source and scalable platform for all your APIs and microservices.", + homepage = "https://github.com/apache/incubator-apisix", + license = "Apache License 2.0", +} + +dependencies = { + "lua-resty-template = 1.9", + "lua-resty-etcd = 0.9", + "lua-resty-balancer = 0.02rc5", + "lua-resty-ngxvar = 0.5", + "lua-resty-jit-uuid = 0.0.7", + "lua-resty-healthcheck-api7 = 2.2.0", + "lua-resty-jwt = 0.2.0", + "lua-resty-cookie = 0.1.0", + "lua-resty-session = 2.24", + "opentracing-openresty = 0.1", + "lua-resty-radixtree = 1.8", + "lua-protobuf = 0.3.1", + "lua-resty-openidc = 1.7.2-1", + "luafilesystem = 1.7.0-2", + "lua-tinyyaml = 0.1", + "lua-resty-prometheus = 1.0", + "jsonschema = 0.8", + "lua-resty-ipmatcher = 0.6", + "lua-resty-kafka = 0.07", + "lua-resty-logger-socket = 2.0-0", +} + +build = { + type = "make", + build_variables = { + CFLAGS="$(CFLAGS)", + LIBFLAG="$(LIBFLAG)", + LUA_LIBDIR="$(LUA_LIBDIR)", + LUA_BINDIR="$(LUA_BINDIR)", + LUA_INCDIR="$(LUA_INCDIR)", + LUA="$(LUA)", + }, + install_variables = { + INST_PREFIX="$(PREFIX)", + INST_BINDIR="$(BINDIR)", + INST_LIBDIR="$(LIBDIR)", + INST_LUADIR="$(LUADIR)", + INST_CONFDIR="$(CONFDIR)", + }, +}