8.12.1

What's Changed

Other Changes

• Lookup version from openvox group namespace by @austb in #184

Full Changelog: 8.12.0...8.12.1

8.12.0

This version represents a significant change in how openvoxdb is built. Most of this is under the hood, but should lower the bar to development and allow us to make changes more easily and rapidly.

In addition to the standard GitHub release notes, these are the important changes in this version.

• Platform support
  • Removed: EL 7
  • Added: Amazon Linux 2, Fedora 42, Fedora 43, Redhatfips 8, Redhatfips 9
  • Note that Amazon Linux 2 support will be removed when it goes EOL in June of 2026
  • Note that the platform name redhatfips is used since Puppet uses this nomenclature, but it should work on any FIPS-enabled Enterprise Linux-based platform.
• Java 11 support has been removed, and either Java 17 or Java 21 must be used.
• Removes Janino support. Logback removed support for it due to CVEs. This means that logbook evaluator filters are no longer supported. These were not commonly used so unless you specifically included tags in your logback config, you should not be affected.
• Also due to the removal of Janino, Trapperkeeper’s ‘post-config-script’ option for injecting Java code directly into Jetty for controlling low-level Jetty settings that are not exposed by Trapperkeeper is no longer supported. This is also a feature not commonly used, and was a potential security risk in itself.
• This version of openvoxdb and all related components have now been migrated to the org.openvoxproject namespace and are available on Clojars, with fixed up testing and release workflows.
• The systemd service now sets PrivateTmp=true. This improves security by eliminating a common target for malicious activity.
• Lots and lots of dependency updates that you should not notice, but brings the code up to a more maintainable standard.
• The following third-party components were updated to address CVEs:
  • Jetty 10.0.20 -> 10.0.26: CVE-2025-5115, CVE-2024-8184
  • jackson-databind 2.14.0 -> 2.21.0: CVE-2025-52999
  • logback 1.3.14 -> 1.3.16: CVE-2024-12798, CVE-2024-12801, CVE-2025-11226
  • commons-beanutils 1.9.4 -> 1.11.0: CVE-2025-48734
  • Bouncy Castle non-FIPS 1.78.1 -> 1.83: CVE-2025-8916
• Additionally, this is the first FIPS release of OpenVox server, but compared to the baseline FIPS config from before the fork:
  • bcpkix-fips 1.0.7 -> 1.0.8: CVE-2025-8916
  • bc-fips 1.0.2.5 -> 1.0.2.6: CVE-2025-8885

What's Changed

New Features 🎉

• Add postgresql 18 testing by @austb in #83
• Update Dockerfile for Java 17 and Ruby 3.2.9 by @bastelfreak in #97

Dependency Updates ⬆️

• chore(deps): update dependency clj-http:clj-http to v3.13.1 by @renovate[bot] in #61
• chore(deps): update dependency org.clojure:core.match to v0.3.0 by @renovate[bot] in #60
• chore(deps): update dependency digest:digest to v1.4.10 by @renovate[bot] in #58
• chore(deps): update dependency org.clojure:core.match to v1 by @renovate[bot] in #55
• chore(deps): update dependency org.clojure:math.combinatorics to v0.3.0 by @renovate[bot] in #64
• chore(deps): update dependency com.github.seancorfield:next.jdbc to v1.3.1070 by @renovate[bot] in #57
• chore(deps): update dependency murphy:murphy to v0.5.3 by @renovate[bot] in #85
• chore(deps): update dependency com.rpl:specter to v1.1.6 by @renovate[bot] in #78
• chore(deps): update dependency com.github.seancorfield:next.jdbc to v1.3.1086 by @renovate[bot] in #92
• Update dependency org.clojure:data.generators to v1.1.1 by @renovate[bot] in #94
• Update dependency org.clojure:core.match to v1.1.1 by @renovate[bot] in #93
• Update dependency ring:ring-codec to v1.3.0 by @renovate[bot] in #133
• Update dependency org.clojure:tools.macro to v0.2.2 by @renovate[bot] in #129
• Update dependency commons-io:commons-io to v2.21.0 by @renovate[bot] in #122
• Update dependency instaparse:instaparse to v1.5.0 by @renovate[bot] in #123
• Update dependency commons-codec:commons-codec to v1.20.0 by @renovate[bot] in #121
• Update dependency org.clojure:math.combinatorics to v0.3.2 by @renovate[bot] in #112
• Update dependency com.gfredericks:test.chuck to v0.2.15 by @renovate[bot] in #161
• Update dependency org.clojure:test.check to v1.1.3 by @renovate[bot] in #162
• Update dependency org.postgresql:postgresql to v42.7.9 by @renovate[bot] in #156
• Update dependency compojure:compojure to v1.7.2 by @renovate[bot] in #113
• Update dependency org.openvoxproject:i18n to v1.0.3 by @renovate[bot] in #144
• Update dependency clj-commons:clj-yaml to v1.0.29 by @renovate[bot] in #160
• Update dependency cheshire:cheshire to v5.13.0 by @renovate[bot] in #114
• Update dependency clj-time:clj-time to v0.15.2 by @renovate[bot] in #116
• Update dependency com.zaxxer:HikariCP to v5.1.0 by @renovate[bot] in #120
• Update dependency com.taoensso:nippy to v3.6.0 by @renovate[bot] in #119
• Update dependency net.logstash.logback:logstash-logback-encoder to v7.4 by @renovate[bot] in #125
• Update dependency org.clojure:core.memoize to v1.2.273 by @renovate[bot] in #127
• Update dependency joda-time:joda-time to v2.14.0 by @renovate[bot] in #124
• Update dependency org.yaml:snakeyaml to v2.5 by @renovate[bot] in #132
• Update dependency org.clojure:tools.logging to v1.3.1 by @renovate[bot] in #128
• Update dependency org.clojure:core.async to v1.8.741 by @renovate[bot] in #126
• Update dependency org.clojure:tools.reader to v1.6.0 by @renovate[bot] in #131
• Update dependency org.clojure:tools.namespace to v0.3.1 by @renovate[bot] in #130
• Update dependency clj-kondo:clj-kondo to v2026 by @renovate[bot] in #157
• Update dependency ring:ring-mock to v0.6.2 by @renovate[bot] in #163
• Update dependency com.github.seancorfield:honeysql to v2.7.1364 by @renovate[bot] in #117
• Update dependency clj-kondo:clj-kondo to v2026.01.19 by @renovate[bot] in #172
• Update dependency ring:ring-core to v1.15.3 by @renovate[bot] in #134
• Update jackson-version to v2.21.0 by @renovate[bot] in #171
• Update dependency com.fasterxml.jackson.core:jackson-annotations to v2.21 by @renovate[bot] in #170
• Update dependency org.openvoxproject:trapperkeeper-webserver-jetty10 to v1.1.4 by @renovate[bot] in #179
• Update dependency org.openvoxproject:trapperkeeper-authorization to v2.1.6 by @renovate[bot] in #147
• Update dependency org.openvoxproject:trapperkeeper-metrics to v2.1.7 by @renovate[bot] in #148
• Update dependency org.openvoxproject:trapperkeeper-status to v1.3.2 by @renovate[bot] in #155

Other Changes

• (maint) Drop beaker parameters from beaker_acceptance.yml call by @jpartlow in #79
• Update report update condition to use report ID by @nmburgan in #80
• ezbake: Migrate from puppetlabs to openvoxproject & drop EL7 / Ubuntu 18.04 builds by @bastelfreak in #99
• Remove Java 11 by @bastelfreak in #98
• Use shared release action by @bastelfreak in #101
• CI: Add support for checking PR branches by @bastelfreak in #103
• Update dependencies and namespace by @nmburgan in #96
• Fix transient failure in touch-parameters-test by @austb in #106
• CI: comment download link to PR by @bastelfreak in #109
• Refactor lein profiles by @nmburgan in https://github.com/OpenVoxP...

8.11.0

What's Changed

• chore(deps): update dependency jonase:eastwood to v1.4.3 by @renovate[bot] in #59
• clj-parent: Switch from puppetlabs to our fork by @bastelfreak in #70
• Bump actions/setup-java from 4 to 5 by @dependabot[bot] in #72
• Bump actions/checkout from 4 to 5 by @dependabot[bot] in #71
• Allow override of ezbake version and fix ezbake ref passthrough by @nmburgan in #73
• Fix for tag rake task by @nmburgan in #74

New Contributors

• @renovate[bot] made their first contribution in #59

Full Changelog: 8.10.0...8.11.0

8.10.0

What's Changed

• Standardize rake tasks by @nmburgan in #11
• Add warning about JMX by @nmburgan in #12
• Add JMX warning by @nmburgan in #13
• dependabot: check for github actions, Dockerfile and bundler by @bastelfreak in #14
• Bump actions/upload-artifact from 3 to 4 by @dependabot[bot] in #17
• Bump actions/checkout from 2 to 4 by @dependabot[bot] in #18
• Bump aws-actions/configure-aws-credentials from 1 to 4 by @dependabot[bot] in #19
• Bump actions/cache from 3 to 4 by @dependabot[bot] in #20
• Remove legacy CODEOWNERS by @smortex in #22
• Rework CI config to match current standards by @bastelfreak in #27
• CI: Add dummy job we can depend on by @bastelfreak in #30
• Switch from facter to openfact by @bastelfreak in #23
• Gemfile: provide a fallback if puppet-ref files arent readable by @bastelfreak in #25
• CI: use minimal permissions in main.yml & disable jira export by @bastelfreak in #32
• CI: move doc validation job to main by @bastelfreak in #33
• Rework CI config to match current standards by @bastelfreak in #15
• Remove the update link from the dashboard by @corporate-gadfly in #36
• CI: configure explicit token permissions for all workflows by @bastelfreak in #34
• CI: Add Ruby 3.3 & 3.4 by @bastelfreak in #29
• Add CI step to build openvoxdb by @bastelfreak in #39
• Remove update checking code by @smortex in #37
• Switch from puppet to openvox gem by @bastelfreak in #26
• CI: Set better job names by @bastelfreak in #42
• Dev Setup: Switch from facter to openfact by @bastelfreak in #41
• CI: Delete unused docs_publish workflow by @bastelfreak in #43
• CI: Add job for termini tests by @bastelfreak in #45
• packaging: Switch from Perforce to OpenVoxProject fork by @bastelfreak in #44
• Delete legacy jenkins scripts by @bastelfreak in #46
• ezbake: Update 2.6.3-SNAPSHOT-openvox->3.0.1-SNAPSHOT by @bastelfreak in #48
• (gh-21) Enable acceptance testing by @jpartlow in #40
• feat: add initial Renovate configuration file by @rwaffen in #50
• project.clj: Cleanup perforce leftovers by @bastelfreak in #51
• feat: do single prs for updates, to better see what breaks atm by @rwaffen in #56
• CI: Switch tests puppetlabs/puppetserver->OpenVoxProject/openvox-server by @bastelfreak in #67
• Add JDK21 to CI by @bastelfreak in #35
• puppetdb-terminus: migrate to openvoxdb-terminus by @bastelfreak in #24
• Release 8.10.0 by @bastelfreak in #68

New Contributors

• @bastelfreak made their first contribution in #14
• @dependabot[bot] made their first contribution in #17
• @smortex made their first contribution in #22
• @corporate-gadfly made their first contribution in #36
• @rwaffen made their first contribution in #50

Full Changelog: 8.9.1...8.10.0