Skip to content

Latest commit

 

History

History
580 lines (346 loc) · 14 KB

CHANGELOG.md

File metadata and controls

580 lines (346 loc) · 14 KB
Raw

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

[Unreleased]

Added

  • OTP 27.1 to CI

[2.3.10] - 2024-07-24

Fixed

  • use of binary string in database_cache_file option

[2.3.9] - 2024-07-20

Added

[2.3.8] - 2024-05-04

Fixed

  • wrong root in MMDB tree parser, failing IPv4 lookups in IPv6 databases that don't include IPv4-mapped IPv6 addresses [wrong since 1.0.0]

[2.3.7] - 2024-03-16

Added

  • OTP 25.3 to CI
  • OTP 26.0 to CI
  • OTP 26.1 to CI
  • OTP 26.2 to CI

Changed

  • README
  • CI to use latest rebar3 version that's compatible with each covered OTP release

[2.3.6] - 2022-09-20

Fixed

  • failed load of .tgz database when its mime type is listed as "application/x-tar"

[2.3.5] - 2022-09-20

Fixed

  • broken CLI check when loading database from a HTTP(S) URL

[2.3.4] - 2022-09-12

Fixed

  • broken compilation under Elixir's Mix (introduced in 2.3.3)

[2.3.3] - 2022-09-12

Fixed

  • unwarranted compilation warning on OTP 25

[2.3.2] - 2022-08-07

Added

  • OTP 25 to CI

Fixed

  • a few wrong specs
  • rebar3_lint warnings on OTP 25
  • rebar3_hank warnings on OTP 25
  • Dialyzer warnings on OTP 25
  • a few eqWAlizer warnings

[2.3.1] - 2022-04-19

Fixed

  • spelling mistakes in CHANGELOG [Kian-Meng Ang]

[2.3.0] - 2022-01-25

Added

  • the ability to customize database cache path [Bartosz Szafran]

[2.2.2] - 2021-12-01

Fixed

  • wrong reference to custom database fetcher in README [Bartosz Szafran]

[2.2.1] - 2021-09-22

Fixed

  • decoding of negative integers [made wrong in 2.0.0]

[2.2.0] - 2021-09-03

Changed

  • documentation from edoc to ExDoc
  • imported version of tls_certificate_check to '~> 1.9'

[2.1.0] - 2021-08-30

Added

  • locus_mmdb:unpack_tree_data_and_data_section/2 to the API
  • locus_mmdb_data_codec:parse_on_index/3 to the API
  • CI on Windows

Removed

  • no longer warranted run time dependency (public_key)

Fixed

  • wrong return of errors during :check/1 for maps containing maps or arrays which had been checked previously
  • wrong paths in :check/1 errors or warnings concerning maps
  • no longer warranted type definition

[2.0.0] - 2021-08-30

Added

  • support for retrieving databases using consumer-defined locus_custom_fetchers
  • support for decoding IEEE-754 infinities in MMDB data
  • locus:check/1 to API (which replaces locus:analyze/1 and can be up to 3200% faster 🏎️)
  • details to MMDB unpacking errors
  • linting checks with rebar3_lint
  • dead code checks with rebar3_hank

Changed

  • ⚠️ return type of locus:lookup/2 (see MIGRATION.md)
  • database loader to use persistent_term instead of ETS
  • MMDB decoder to perform stricter metadata validations
  • MMDB decoder to not crash upon maps containing duplicate keys
  • databases downloaded through HTTP(S) without a last-modified response header to no longer be cached
  • imported version of tls_certificate_check to '~> 1.7'
  • single CT suite covering both filesystem and HTTP sources into one for each
  • test coverage for the better

Removed

  • ⚠️ locus:wait_for_loader/1 from API (deprecated in 1.10.0 - see MIGRATION.md)
  • ⚠️ locus:wait_for_loader/2 from API (deprecated in 1.10.0 - see MIGRATION.md)
  • ⚠️ locus:wait_for_loaders/2 from API (deprecated in 1.10.0 - see MIGRATION.md)
  • ⚠️ locus:get_version/1 from API (deprecated in 1.4.0 - see MIGRATION.md)
  • ⚠️ locus:analyze/1 from API (locus:check/1 now fulfills this role - see MIGRATION.md)
  • deprecated loader options pre_readiness_update_period and post_readiness_update_period (see MIGRATION.md)
  • warnings on the use of discontinued GeoLite2 HTTP URLs

[1.16.1] - 2021-07-12

Fixed

  • erroneous decoding of 32-bit signed integers as signed when they're less than 4 bytes in length
  • small risk of API functions :await_loader and :await_loaders blocking indefinitely longer than they should

[1.16.0] - 2021-05-13

Added

  • OTP 24 to CI targets

Changed

  • minimum Erlang/OTP version to 22
  • imported version of tls_certificate_check to '~> 1.5'

[1.15.0] - 2021-04-02

Changed

  • imported version of tls_certificate_check to '~> 1.3'
  • minimum Erlang/OTP version to 21.2

Removed

  • stacktrace_compat dependency
  • (now-)dead code that dealt with pre- OTP 21.2 differences in stdlib and such
  • unmaintained compatibility with rebar 2

Fixed

  • import of MaxMind test data in a way that works both locally and on GHA

[1.14.1] - 2021-03-16

Fixed

  • Hex documentation

[1.14.0] - 2021-03-12

Changed

  • imported version of tls_certificate_check to 1.2.0

Fixed

  • broken tls_certificate_checks when using rebar3 3.14.4

[1.13.2] - 2020-12-10

Changed

  • CI from Travis to GitHub actions

Fixed

  • documentation unavailability in hexdocs.pm (hopefully)

[1.13.1] - 2020-12-08

Fixed

  • tls_certificate_check compilation errors on OTP 20.1+, when on top of macOS Big Sur

[1.13.0] - 2020-12-05

Changed

  • CA bundles, based on the latest mkcert.org full CA list as of Nov 13, 2020
  • imported stacktrace_compat version to benefit from its latest improvements

[1.12.2] - 2020-10-29

Fixed

  • erroneous execution of the optional "remote HTTP" test group when a license key is lacking

[1.12.1] - 2020-10-16

Fixed

  • misdetection of Mix as being rebar 2 and the erroneous compilation warnings that followed it

[1.12.0] - 2020-05-21

Added

  • support for OTP 23

Changed

  • checksum verification algorithm of MaxMind downloads from MD5 to SHA-256

[1.11.0] - 2020-05-11

Added

  • support for HTTPS redirections across distinct hostnames
  • support for not censoring license keys from MaxMind URLs mentioned in logs
  • support for censorship of arbitrary query arguments from HTTP URLs mentioned in logs
  • truncation of large HTTP URLs mentioned in logs
  • download_redirected events to HTTP downloads
  • too_many_redirections and invalid_redirection reasons to HTTP download failures
  • mention of compatibility with other providers

Changed

  • consumer-subscribed events as to follow the same URL censorship rules as the built-in logger
  • documented MaxMind database edition format from atoms to tuples while keeping retrocompatibility

[1.10.2] - 2020-03-13

Added

  • unmaintained compatibility with rebar 2

[1.10.1] - 2020-03-11

Changed

  • CA bundles, based on the latest Mozilla Included CA Certificate List [Paulo Oliveira]

Fixed

  • misformatted log warning
  • use of deprecated function in README example of how to use the library
  • display of private function in generated function reference

[1.10.0] - 2020-02-12

Added

  • :await_loader API function which, contrary to :wait_for_loader, will await readiness up to the entire specified interval (rather than return upon the first encountered failure)
  • checksum verification of databases downloaded directly from MaxMind
  • rejection of successful HTTP downloads if body size doesn't match content-length
  • censorship of license key from database URLs mentioned in logs
  • purging of very large binaries from internally caught exceptions which are known error cases, as to lower the risk of the VM getting OOM-killed when logging formatters get their hands on those very large chunks of data

Changed

  • default behaviour upon failing to load a database, as to retry loading while exponentially backing off (using very short intervals at first)

Deprecated

  • :wait_for_loader and :wait_for_loaders API functions (use :await_loader and :await_loaders instead)

Fixed

  • incomplete spec for locus_loader:event() type
  • wrong spec for locus_maxmind_download:msg() and locus_maxmind_download:event() types

[1.9.0] - 2020-02-03

Changed

  • documentation as to reflect the recent changes to MaxMind licensing requirements

[1.9.0-beta] - 2020-01-02

Added

  • support for loading databases with full awareness of license keys (now mandatory)

Deprecated

[1.8.0] - 2019-11-05

Added

  • support for returning types other than map upon successful lookups

Changed

  • MMDB decoder, which was split into separate tree, data section and analysis modules
  • imported stacktrace_compat version [1.0.2 => 1.1.1]

Removed

  • support for OTP 18

Fixed

  • incidents of locus managerial processes keeping references to old binaries, upon a database update, for a potentially unlimited time (OTP 20+ only)
  • broken logging of playground shell on OTP 21.1+

[1.7.0] - 2019-08-12

Added

  • ability of loading databases from uncompressed tarballs (.tar files)
  • ability of loading unpacked databases (.mmdb and .mmdb.gz files)
  • stacktrace of caught exceptions to event reporting (including custom logger)
  • ability of launching database loaders under library consumers' own supervisors
  • wait_for_loaders/2 API method for concurrently awaiting multiple database loaders

Changed

  • log level of HTTP and filesystem database loading failures from warning to error
  • HTTP and filesystem loaders into a common loader codebase
  • caching of HTTP databases as to store and load compressed .mmdb files rather than tarballs
  • supervision structure as to launch database loaders as transient processes under a new simple_one_for_one supervisor
  • dependency versions:
    • certifi [2.4.2 => 2.5.1]
    • ssl_verify_fun [1.1.4 => 1.1.5]

Removed

  • support for OTP 17.4 and 17.5
  • undocumented support for rebar 2
  • half-baked and unwarranted support for file://-prefixed URLs

Fixed

  • case-sensitive patterning of .mmdb file extensions within tarballs
  • overly verbose logger messages on OTP 21.1+
  • HTTPS certificate validation test cases on OTP 22

[1.6.2] - 2019-03-16

Fixed

  • Dialyzer warning on OTP 21.3

[1.6.1] - 2019-02-04

Fixed

  • crash in HTTP loader when database URL scheme is not in lower case (introduced in 1.6.0)

[1.6.0] - 2019-01-27

Added

  • new API method for validating loaded databases (locus:analyze/1)
  • new command line tool supporting database validation
  • new dependencies:
    • certifi 2.4.2
    • ssl_verify_fun 1.1.4
    • stacktrace_transform 1.0.2

Changed

  • test coverage using MaxMind's test data was greatly extended
  • database decoder was thoroughly optimized
  • documentation was mildly improved

Fixed

  • misguided rejection of UTF-8 strings with non-printable (but valid) codepoints
  • unnecessarily strict refusal to load 2.x database formats succeeding 2.0

Security

  • safety of database HTTPS downloads was substantially improved by now rejecting expired certificates, mismatched hostnames, self-signed certificates or unknown certificate authorities
  • infinite recursion in maliciously crafted databases due to circular paths is now prevented

[1.5.1] - 2019-01-19

Fixed

  • unwarranted import of rebar3_hex plugin in library consumers

[1.5.0] - 2018-11-25

Added

  • ability of tweaking pre- and post-readiness database update periods
  • test coverage of HTTP-loaded database updates

Fixed

  • undeterministic test cases which sometimes broke

[1.4.0] - 2018-06-20

Added

Changed

  • string and binary IP address parsing to handle ranges and shortened addresses

Deprecated

  • :get_version/1 (use :get_info/2)

[1.3.1] - 2018-05-04

Fixed

  • incompatibility with OTP 20.3.1 due to gen_statem bug (issue with init actions)

[1.2.3] - 2018-05-04

Fixed

  • incompatibility with OTP 20.3.1 due to gen_statem bug (issue with init actions)

[1.1.5] - 2018-05-04

Fixed

  • incompatibility with OTP 20.3.1 due to gen_statem bug (issue with init actions)

[1.0.2] - 2018-05-04

Fixed

  • incompatibility with OTP 20.3.1 due to gen_statem bug (issue with init actions)

[1.3.0] - 2018-03-28

Added

  • ability of loading databases from local file system
  • type spec of database entries

Fixed

  • wrong handling of timezones on cached tarballs
  • wrong handling of daylight saving time on conditional HTTP requests

[1.2.2] - 2018-03-28

Fixed

  • wrong handling of timezones on cached tarballs
  • wrong handling of daylight saving time on conditional HTTP requests

[1.1.4] - 2018-03-28

Fixed

  • wrong handling of timezones on cached tarballs
  • wrong handling of daylight saving time on conditional HTTP requests

[1.0.1] - 2018-03-28

Fixed

  • wrong handling of timezones on cached tarballs
  • wrong handling of daylight saving time on conditional HTTP requests

[1.2.1] - 2018-02-15

Fixed

  • undesirable inlining

[1.2.0] - 2018-02-15

Added

  • OTP 17.4 and 17.5 support

[1.1.3] - 2018-02-13

Fixed

  • matched IP address prefix not being returned on successful lookups

[1.1.2] - 2018-02-13

Fixed

  • documentation external links not opening in parent frame

[1.1.1] - 2018-02-12

Fixed

  • internal functions showing up as public in documentation
  • documented description of locus_logger:set_loglevel/2

[1.1.0] - 2018-02-11

Added

  • OTP 18 support
  • OTP 19.0, 19.1 and 19.2 support
  • ability of consulting database metadata, source and version through :get_info
  • ability of subscribing database loader events
  • ability of specifying connect, download start and idle download timeouts
  • ability of turning off cache

[1.0.0] - 2017-12-31

Added

  • ability of downloading .mmdb databases using HTTP
  • ability of querying those databases
  • ability of caching said databases on the local filesystem
  • ability of conditioning said downloads based on cache content and 'if-modified-since' headers
  • ability of regularly performing database update attempts
  • OTP 19.3 and 20.x for all of the above