7.0.0

Release Notes

For: uc-cdis/fence

Notes since tag: 6.1.1

Notes to tag/commit: 7.0.0

Generated: 2022-12-02

New Features

• Add --expires-in parameter to the fence-create client-create and
  client-modify commands to specify the number of days in which in a client
  expires (#1057)
• Add the fence-create client-delete-expired command to remove expired OIDC
  clients and optionally post warnings in Slack (#1057)
• Allow specifying the bucket to upload to (endpoints /data/upload and
  /data/upload/<GUID>) (#1051)

Breaking Changes

• Default session expiration changed from 30 minutes to 15 minutes to comply
  with FedRAMP (#1040)

Bug Fixes

• sort expired tokens so all expired ones get deleted and valid one gets used
  (#1058)

Improvements

• ensure deletion of expired tokens from the database (#1050)
• Update users' _last_auth at login (#1027)
• Use blue Gen3 logo (#1054)
• Removing Veracode scanning pipeline (#1052, #1053)
• Return a 500 error instead of a 401 error when an S3 bucket is not
  configured properly (#1051)
• Update the default filename generated by the GET /data/upload/<GUID>
  endpoint (#1042)
• Raise errors so usersync does not fail silently (#1042)
• temporarily do not block on security flags until we update to Python 3.9
  (#1044)
• Switches to using Github Actions for CI (#1043)
• Adds Superlint vs. Wool (#1043)
• Adds Secrets Detection in line for additional coverage (#1043)
• Adds Poetry Vuln Coverage (#1043)

Deployment Changes

• Configure the ALLOWED_DATA_UPLOAD_BUCKETS setting to allow users to
  upload to buckets other than DATA_UPLOAD_BUCKET (#1051)
• B/c the default session expiration changed from 30 minutes to 15 minutes to
  comply with FedRAMP, you MUST ensure that an instance that should comply
  with FedRAMP does NOT override this fence configuration (e.g. it should be
  15 minutes) SESSION_TIMEOUT: 900 (#1040)