Sourced from mockserver-client-java's changelog.

[5.13.0] - 2022-03-17

Added

• added support for configuring log level via properties file
• allow proactively initialisation of TLS so dynamic TLS CA key pair is created at start up
• added control plane authorisation using mTLS
• added control plane authorisation using JWT
• added support for control plane JWTs supplier to client
• added support for control plane JWT authorisation to specify required audience, matching claims and required claims
• added control plane authorisation using both JWT and mTLS
• added property to control maximum number of requests to return in verification failure, defaults to 10
• added field to verifications to control maximum number of requests to return in verification failure, defaults to configuration property - item above
• added remote address field to http requests that can be used by class or method callbacks
• exposed remote address (i.e. client address) to method and class callbacks, logs and dashboard
• exposed client certificate chain to method and class callbacks, logs and dashboard
• added simpler mustache style response templates (in addition to existing javascript and velocity support)
• added response template variables and functions for date, uuid, random, xPath and jsonPath for mustache
• added response template variables for date, uuid and random for velocity
• added response template variables for date, uuid and random for javascript
• added path parameters, remote address and client certificate chain to response template model
• added support for EMCAScript 6 in JavaScript response templates for Java versions between 9 and 15
• added support for numerous velocity tools for example for JSON and XML parsing to velocity response templates

Changed

• included Bouncy Castle now used by default to resolve issues with modules in Java 16+ and backwards compatibility for Java 8
• improved configuration for dynamically creating CA so the directory is defaulted if not set and log output is clearer
• improved UI handling of match failures with a because section and more complex log events
• improved log configuration during startup when loading of properties file
• simplified support for multiline regex by allow . to match newlines
• improved regex matching by support Unicode (instead of US-ASCII) and native case-insensitive matching
• improved performance of negative matches by reducing the number of regex matches when not matching
• disabled privilege escalation in helm chart
• added setting of command line flags (i.e. serverPort) via system properties and properties file in addition to environment variables
• improved log output for command line flags, environment variables and system properties
• removed deprecated configuration properties for forward proxying
• changed docker distroless base image to distroless image for nonroot user
• changed docker distroless base image for snapshot to distroless image for debugging
• changed client to launch dashboard in HTTP (not HTTPS) to avoid issues with self-signed certificates
• simplified the body field for response template model
• improved XML matching by ignoring element order
• improved security by change CORS defaults to more secure values that prevent cross-site requests by default

Fixed

• worked around JDK error 'flip()Ljava/nio/ByteBuffer; does not exist in class java.nio.ByteBuffer'
• null pointer exception when serialising string bodies with non string content types (i.e. image/png)
• disabled native TLS for netty to improve TLS resilience
• fixed handling of circular references in OpenAPI specifications to be as gracefully as possible

[5.12.0] - 2022-02-12

... (truncated)

• 604888c [maven-release-plugin] prepare release mockserver-5.13.0
• 905f004 #1052 added support for numerous velocity tools for example for JSON and XML ...
• 7e00b6c updated open api speficiation version
• a843db9 added documentation on API security and control plane authentication
• 7e547f9 improved security by change CORS defaults to more secure values that prevent ...
• 3fc1bb5 added documentation for instance (non-JVM global) configuration
• a8836ee extends the response template model to include remote address and client cert...
• b55ba94 completed response template documentation and improved javascript response te...
• ee294fa fixed issue with ES6 not being available for JDK 8
• 15798d1 added more documentation for velocity and javascript response templates and f...
• Additional commits viewable in compare view

Sourced from mockserver-core's changelog.

[5.13.0] - 2022-03-17

Added

• added support for configuring log level via properties file
• allow proactively initialisation of TLS so dynamic TLS CA key pair is created at start up
• added control plane authorisation using mTLS
• added control plane authorisation using JWT
• added support for control plane JWTs supplier to client
• added support for control plane JWT authorisation to specify required audience, matching claims and required claims
• added control plane authorisation using both JWT and mTLS
• added property to control maximum number of requests to return in verification failure, defaults to 10
• added field to verifications to control maximum number of requests to return in verification failure, defaults to configuration property - item above
• added remote address field to http requests that can be used by class or method callbacks
• exposed remote address (i.e. client address) to method and class callbacks, logs and dashboard
• exposed client certificate chain to method and class callbacks, logs and dashboard
• added simpler mustache style response templates (in addition to existing javascript and velocity support)
• added response template variables and functions for date, uuid, random, xPath and jsonPath for mustache
• added response template variables for date, uuid and random for velocity
• added response template variables for date, uuid and random for javascript
• added path parameters, remote address and client certificate chain to response template model
• added support for EMCAScript 6 in JavaScript response templates for Java versions between 9 and 15
• added support for numerous velocity tools for example for JSON and XML parsing to velocity response templates

Changed

• included Bouncy Castle now used by default to resolve issues with modules in Java 16+ and backwards compatibility for Java 8
• improved configuration for dynamically creating CA so the directory is defaulted if not set and log output is clearer
• improved UI handling of match failures with a because section and more complex log events
• improved log configuration during startup when loading of properties file
• simplified support for multiline regex by allow . to match newlines
• improved regex matching by support Unicode (instead of US-ASCII) and native case-insensitive matching
• improved performance of negative matches by reducing the number of regex matches when not matching
• disabled privilege escalation in helm chart
• added setting of command line flags (i.e. serverPort) via system properties and properties file in addition to environment variables
• improved log output for command line flags, environment variables and system properties
• removed deprecated configuration properties for forward proxying
• changed docker distroless base image to distroless image for nonroot user
• changed docker distroless base image for snapshot to distroless image for debugging
• changed client to launch dashboard in HTTP (not HTTPS) to avoid issues with self-signed certificates
• simplified the body field for response template model
• improved XML matching by ignoring element order
• improved security by change CORS defaults to more secure values that prevent cross-site requests by default

Fixed

• worked around JDK error 'flip()Ljava/nio/ByteBuffer; does not exist in class java.nio.ByteBuffer'
• null pointer exception when serialising string bodies with non string content types (i.e. image/png)
• disabled native TLS for netty to improve TLS resilience
• fixed handling of circular references in OpenAPI specifications to be as gracefully as possible

[5.12.0] - 2022-02-12

... (truncated)

• 604888c [maven-release-plugin] prepare release mockserver-5.13.0
• 905f004 #1052 added support for numerous velocity tools for example for JSON and XML ...
• 7e00b6c updated open api speficiation version
• a843db9 added documentation on API security and control plane authentication
• 7e547f9 improved security by change CORS defaults to more secure values that prevent ...
• 3fc1bb5 added documentation for instance (non-JVM global) configuration
• a8836ee extends the response template model to include remote address and client cert...
• b55ba94 completed response template documentation and improved javascript response te...
• ee294fa fixed issue with ES6 not being available for JDK 8
• 15798d1 added more documentation for velocity and javascript response templates and f...
• Additional commits viewable in compare view

• c1da40a [maven-release-plugin] prepare release mockserver-maven-plugin-5.13.0
• b9a7b33 updated prior to releasing 5.13.0
• 9d7ae2b Bump maven-plugin.version from 3.8.4 to 3.8.5
• a57ac93 keeping code inline with changes in main MockServer repository
• e82c8b3 Bump actions/checkout from 2.4.0 to 3
• abe6caa fix: upgrade com.google.guava:guava from 31.0.1-android to 31.0.1-jre
• 7bc968b fix: upgrade com.google.guava:guava from 31.0.1-android to 31.0.1-jre
• 81ea737 fix: upgrade com.google.guava:guava from 31.0.1-android to 31.0.1-jre
• 588b211 fix: upgrade com.google.guava:guava from 31.0.1-android to 31.0.1-jre
• e530077 fix: upgrade com.google.guava:guava from 31.0.1-android to 31.0.1-jre
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)