1.1.0

Changes

This release contains enhancements like a new auth page, RBAC and serde improvements, and various bug fixes.

Thanks to all contributors and sponsors for supporting this release.
A reminder: You can either contribute or sponsor the development.

🚩 Breaking Changes

• RBAC: Impl separate permissions for topic analysis @bachmanity1 (#513)
  Topic analysis now requires new permissions (ANALYSIS_VIEW, ANALYSIS_RUN) rather than MESSAGES_READ as before.

🪛Enhancements

• Auth: Impl custom auth page @Haarolean @Nilumilak @germanosin (#728)
• Auth: Support Azure Entra (Event Hub with Kafka Protocol) @tnewman-at-gm (#530)
• Auth: Support LDAP nested groups @RomainDubois (#391)
• Topics: Allow custom topic params upon creation @Nilumilak (#271)
• Messages: Allow searching in message headers @yeikel (#695)
• Messages: Support sending null headers @AkashDeepSinghJassal (#651)
• Messages: Filters: Add CEL extensions to support b64 decode @ƒHaarolean (#465)
• Messages: Filters: Display CEL help when editing filter @pisal-shubham (#646)
• Brokers: Improve accessibility for r/o clusters @hadisfr (#556)
• Consumers: Unsubscribe topics from consumer group @p-eye (#549)
• RBAC: Impl Active Directory populator @Haarolean (#717)
• RBAC: Impl separate permissions for topic analysis @bachmanity1 (#513)
• KC: Expose Kafka Connect validation errors in the UI @yeikel (#705)
• UX: Messages: Use "Newest" as default mode @polegkashti (#579)
• Implement a mechanism to skip SSL verification @Haarolean (#422)
• Make gh version check timeout configurable @wernerdv (#518)

🔨Bug Fixes

• Messages: Fix 'oldest' and 'newest' are mixed up @Mgrdich (#250)
• Messages: Fix datepicker time @Nilumilak (#605)
• Messages: Fix first offsets retrieval for compacted topic @iliax (#406)
• Messages: Fix refresh does pagination instead @Mgrdich (#417)
• Messages: Serde: Follow symlinks in proto files lookup @Haarolean (#262)
• Messages: Serde: Fix HTTP 500 on protobuf Any type @DimaVilda (#696)
• Messages: Serde: Fix avro schema serde for nullable enums @DimaVilda (#685)
• Messages: Filters: Cannot reuse filter display name @Leshe4ka (#321)
• RBAC: Ignore values for non-applicable resources @wernerdv (#503)
• RBAC: Wizard: Fix enums mapping @iliax (#278)
• RBAC: Fix connector permissions checks @Haarolean (#415)
• RBAC: Fix 403 when viewing audit topic messages @Haarolean (#267)
• RBAC: Actions granted for cluster A are mistakenly available for cluster B @Haarolean (#330)
• Auth: AD: Fix cyrillic in AD property name @Haarolean (#252)
• Wizard: Fix nullable cluster perms check @Haarolean (#678)
• Wizard: Fix sections collapsing @masonwoodford (#399)
• ACL: Consumers preset now include DESCRIBE permission for CG @polegkashti (#593)
• ACL: Fix display of ACLs with leading/trailing spaces in table @polegkashti (#591)
• ACL: Fix Idempotent_write ACL is not created @polegkashti (#425)
• Infra: SIGSEV in docker container on ARM64 @colesmith54 (#558)
• KC: Fix connector listing with STOPPED state @developster (#511)
• Topics: Fix "Show internal topics" switch @Nilumilak (#446)
• Clusters with spaces in names are not rendered @Nilumilak (#350)
• Consumers: Fix lag is displayed as 'N/A' in case of null value @K-Diger (#720)
• UX: Fix unnecessary full page re-rendering @Nilumilak (#594)
• UX: Allow searching inside code textareas @Nilumilak (#578)
• UX: Fix refetching data on window focus @masonwoodford (#380)
• UX: Fix header opacity @Nilumilak (#505)
• UX: Topics: Set num of partitions to 1 by default @LinusRichter (#334)
• Internal: Auth: Disabling LDAP auto-configuration to prevent LDAP health check failed @alexeyzavyalov (#314)
• Internal: Allow smart filters endpoint in r/o mode @Haarolean (#277)
• Internal: Add Restarting connector state enum @iliax (#405)

Security

• CVE fixes @wernerdv (#691)

Contributors

@AkashDeepSinghJassal, @DimaVilda, @Haarolean, @K-Diger, @Leshe4ka, @LinusRichter, @Mgrdich, @Nilumilak, @NoRuTnT, @RomainDubois, @Vixtir, @VladSenyuta, @alexeyzavyalov, @azatsafin, @bachmanity1, @busches, @colesmith54, @dependabot, @dependabot[bot], @developster, @gaurav7261, @germanosin, @giom-l, @hadisfr, @horw, @hugomiguelabreu, @iliax, @jeevikasirwani, @kis87988, @masonwoodford, @p-eye, @patsevanton, @pisal-shubham, @polegkashti, @rohit-satya, @sierikov, @sixdouglas, @svrmnk, @tnewman-at-gm, @wernerdv and @yeikel

1.0: Messages overhaul, editable ACLs

Project announcement: here

⚠️Noteworthy changes

• Messages API has been rewritten and all related frontend issues fixed @iliax @Mgrdich

⚙️Features

• Messages: Groovy smart filters are replaced with CEL @DementevNikita (#98)
• ACL: Implemented editing entries @Vixtir (#188)
• Metrics: Implemented messages polling metrics @iliax (#4069)

🪛Enhancements

• Wizard: Added an ability to delete clusters @Nilumilak (#154)
• Brokers: Configs: UX improvements @Leshe4ka (#179)
• RBAC: Implement roles by github teams @Haarolean (#4093)
• Serde: Implement Hex serde @iliax (#4074)
• API: Topic active producer's states retrieval @iliax (#4121)
• Broker: Config: Implement search by value @malavmevada (#3804)
• Audit: Implement audit log level @iliax (#4103)
• Serde: Add protobuf raw message deserializer @kostasdizas (#4041)
• Respect proxy settings in WebClient @Khrol (#4042)
• SR: Implement schema references support @iliax (#3747)

🔨Bug Fixes

• Brokers: Fixed online partition count being red @Leshe4ka (#137)
• Topics: Fixed fetching config for Azure EH @Haarolean (#105)
• KC: Fixed sorting connectors duplicates them @Nilumilak (#119)
• Brokers: Fixed broker not shown when disk usage is unknown @Vixtir (#97)
• RBAC: Fixed 404 for "Create connector" @Nilumilak (#136)
• Fixed cluster names are not being escaped @Nilumilak (#113)
• Fixed blocking gh release info call @Haarolean (#185)
• Audit: Fixed user mapping @Haarolean (#91)
• Auth: Consider context path in basic auth html @Haarolean (#4136)
• Auth: Use HTTP GET for basic auth @Haarolean (#4135)
• SR: Fix custom SR naming @iliax (#4116)
• RBAC: Fix cognito roles extractor regression @FreddyMcRay (#4171)
• UX: Fix active controller badge on invalid node @moremagic (#4085)
• Topics: Ignore params not defined explicitly @p-eye (#4097)
• Audit: Consider disabled RBAC @Haarolean (#4138)
• RBAC: Fix cluster config menu item is always enabled @Haarolean (#4130)
• RBAC: Skip checks in case of app config @Haarolean (#4078)
• UX: Logout button link is bound to a wrong div @Haarolean (#4045)
• RBAC: Fix unknown resource exception @Haarolean (#4033)
• ACL: Fix ACL enablement check @iliax (#4034)
• KC: Suppress unavailable connects @iliax (#4061)
• Messages: Fix "Keep contents" not re-generated @Haarolean (#4008)
• ODD: Skipping topic exporting if failed to load topic schema @iliax (#3980)

Security

• Bumped vulnerable transitive dependencies @Haarolean @alexeyzavyalov (#4003) (#174)
• Fixed CVE-2023-52251 via replacing Groovy filters with CEL (see features)
• Added robots.txt @Haarolean (#3995)

Contributors

@DementevNikita, @Vixtir, @Nilumilak, @Leshe4ka, @Haarolean, @Mgrdich, @iliax, @alexeyzavyalov

Special thanks to our folks who we rarely see in dev changelogs: @germanosin, @azatsafin, @Narekmat, @RustamGimadiev, @mrmoonl1ght94, @VladSenyuta, @agolosen, @snoorge

And everyone else who contributed to this release:

@FreddyMcRay, @HurSungYun, @Khrol, @MikeStrike101, @dshubhadeep, @freeformz, @kostasdizas, @malavmevada, @moremagic, @p-eye, @pradyumnad, @pvmsikrsna, @seono and @victoria-miltcheva