Skip to content

Release/2.8.1 #3234

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Limraj wants to merge 51 commits into
base: develop
Choose a base branch
from
Open

Release/2.8.1 #3234

Limraj wants to merge 51 commits into from

Conversation

@Limraj
Copy link
Collaborator

@Limraj Limraj commented Dec 23, 2025

No description provided.

Limraj and others added 30 commits July 31, 2025 15:38
@Limraj
#3174 Updated REST API with incoming data for XSS protection:
128eb4c 
- Updated use of @XssProtect annotation;
- Corrected definition tests in build.gradle for XssValidatorUtilsTestsSuite;
@Limraj
#3174 Updated REST API with incoming data for XSS protection:
e414ba9 
- Corrected UserProfilesAPI.java
@Limraj
#3174 Updated REST API with incoming data for XSS protection:
f263929 
- Corrected EventDetectorDTO.java;
@Limraj
#3174 Updated REST API with incoming data for XSS protection:
b2a33a9 
- Added support for List and Map for XssProtect annotations;
- Corrected protect in: FolderPointHierarchy, CompoundComponentDTO;
@Limraj
#3174 Updated REST API with incoming data for XSS protection:
ecdb80a 
- Added support array for XssProtect annotation;
- Corrected protect for JsonEventSearch;
@Limraj
#3178 Hide user information in DWR:
caa0954 
- Fixed select 'Add user' in MailingList;
- Added: UserIdentifier, AddressEntryJson, EmailRecipientJson, MailingListJson, UserEntryJson;
- Reduced data users in: ViewDwr, WatchListDwr, UsersDwr, ReportsDwr, MailingListsDwr, EventHandlersDwr, DataPointDetailsController;
@Limraj
Merge remote-tracking branch 'origin/release/2.8.0' into fix/#3178_Hi…
644c6e7 
…de_user_information_in_DWR
@Limraj
#3178 Hide user information in DWR:
a9ec1ba 
- Corrected MailingListsDwr.getMailingList(int id);
- ReportsDwr.init;
@Limraj
Merge remote-tracking branch 'origin/release/2.8.1' into feature/#317…
9ef92fa 
…4_Updated_REST_API_with_incoming_data_for_XSS_protection
@Limraj
Merge remote-tracking branch 'origin/release/2.8.1' into fix/#3178_Hi…
761d4cd 
…de_user_information_in_DWR
@Limraj
Merge pull request #3202 from SCADA-LTS/fix/#3178_Hide_user_informati…
acdad95 
…on_in_DWR

Fix/#3178 hide user information in dwr
@Limraj
Merge branch 'release/2.8.1' into feature/#3174_Updated_REST_API_with…
0e40e4a 
…_incoming_data_for_XSS_protection
@Limraj
Merge pull request #3201 from SCADA-LTS/feature/#3174_Updated_REST_AP…
ee78bfe 
…I_with_incoming_data_for_XSS_protection

Feature/#3174 updated rest api with incoming data for xss protection
@Limraj
#3214 Safe mode for scripting:
453b567 
- Added block packages:
java.lang.Process.*
java.lang.invoke..*
java.io..*
java.nio..*

- Added access packages:
org.scada_lts..*
com.serotonin..*
cc.radiuino.scadabr..*
br.org.scadabr..*

java.util..*
java.lang..*
org.springframework.jdbc.core..*

- Added tests to ScriptExecutorTest;
@Limraj
#3214 Safe mode for scripting:
0e0aa7e 
- Added block packages:
java.lang.Process.*
java.lang.invoke..*
java.io..*
java.nio..*

- Added access packages:
java.util..*

- Added tests to ScriptExecutorTest;
@Limraj
#3214 Safe mode for scripting:
2341445 
- Added block packages:
java.lang.Process.*
java.lang.invoke..*
java.io..*
java.nio..*

- Added access packages:
java.util..*

- Added tests to ScriptExecutorTest;
@Limraj
#3214 Safe mode for scripting:
f84286a 
- Refactor ScriptsAPI - using specially created exceptions for the REST API;
- Deprecated ScriptController and endpoint /script/execute/{xid} (use: /api/scripts/execute/{xid})
- Added or corrected name tests ScriptExecutorTestsSuite: JavaClassDeniedScriptExecutorTest,
JavaClassGrantedScriptExecutorTest,
JsScriptExecutorTest;
@Limraj
#3218 Synoptic panel file problem:
39e1e1c 
- Added migration: V2_8_1__SynopticPanelChangeDataTypeForColumnVectorImage
@Limraj
#3220 Fixed time shift between Return to Normal status and Reise even…
d66bf33 
…t time:

- Corrected time for return to normal for DifferenceDetectorRT(NoChangeDetectorRT, NoUpdateDetectorRT);
@Limraj
#3213 How Connect to Kepware OPC Server:
e3bfded 
- Corrected generate keystore added applicationUri, corrected other attributes;
- Set 20 for search depth limit;
@Limraj
#3213 How Connect to Kepware OPC Server:
42bae16 
- Fixed leak threads;
@Limraj
#3214 safe mode for scripting:
d10fdbb 
- Revert scadalts.security.js.access.granted.class.regexes
@Limraj
Merge pull request #3221 from SCADA-LTS/fix/#3220_Fixed_time_shift_be…
901ac2e 
…tween_Return_to_Normal_status_and_Reise_event_time

#3220 Fixed time shift between Return to Normal status and Reise even…
@Limraj
#3213 How Connect to Kepware OPC Server:
f7e9da6 
- change client alias;
@Limraj
#3213 How Connect to Kepware OPC Server:
5ee1007 
- Refactored OpcUaClientFactory and KeyStoreLoader;
- Created classes: CertificateDataImpl, ClientCertificate;
- Created interfaces: CertificateData, KeyStoreData;
@Limraj
#3213 How Connect to Kepware OPC Server:
7300b70 
- Created static factory method CertificateData.scadaLts
@Limraj
#3213 How Connect to Kepware OPC Server:
8b6791a 
- Fixed DataPointRT.isUnreliable;
- Corrected message for exception from constructor ClientCertificate;
@Limraj
#3218 Synoptic panel file problem:
7ed01bb 
- svg.validator.messages.ignore - Added ignore message with path-effect;
@Limraj
Merge pull request #3219 from SCADA-LTS/fix/#3218_Synoptic_panel_file…
ec8e185 
…_problem

#3218 Synoptic panel file problem:
@Limraj
#3218 Synoptic panel file problem:
d8d774f 
- Removed import org.scada_lts.utils.PathSecureUtils in SvgProcessingUtils;
Limraj and others added 20 commits December 1, 2025 15:45
@Limraj
#3218 Synoptic panel file problem:
1c5f9c7 
- Moved NettyTerminateUtils to impl package;
- Added PollingDataSourceUtils.terminateNetty;
@Limraj
Revert "#3218 Synoptic panel file problem:"
f65ddb7 
This reverts commit 1c5f9c7.
@Limraj
Revert "#3218 Synoptic panel file problem:"
7f16395 
This reverts commit d8d774f.
@Limraj
#3213 How Connect to Kepware OPC Server:
cca42cb 
- Moved NettyTerminateUtils to impl package;
- Added PollingDataSourceUtils.terminateNetty;
- Update docker-compose.yml, docker-compose-dev.yml;
@Patrykb0802
#3225 Wrong endpoint type in AuthenticationAPI
4ca7daa
@Patrykb0802
#3225 Wrong endpoint type in AuthenticationAPI
64d08ad
@Patrykb0802
#3228 Configure SameSite attribute for session cookie
1fa1306
@Limraj
#3214 safe mode for scripting:
157eda1 
- Created annotation java bean validation @scriptprotect: ScriptConstraintListValidator,ScriptValidator, ScriptValidatorUtils;
- Set @scriptprotect annotation: MetaPointLocatorJson, JsonScript,MetaPointLocatorVO, ScriptComponent, ScriptVO, PointLinkVO, ViewScriptComponentDTO;
- Set @XssProtect annotation: DataPointVO, UserComment, ImplDefinition, PointComponent, ScriptVO, ContextualizedScriptVO, ButtonComponent, ScriptButtonComponent, BinaryEventTextRenderer, MultistateEventValue, RangeEventValue, AlphanumericValue, PointEventDetectorVO, PointLinkVO;
- Added validation before execute script: ScriptExecutor, ContextualizedScriptRT;
- Added script validation before save: MetaPointLocatorVO, PointLinkVO, ScriptVO;
- Added classes: SandboxClassShutter,  ScriptContextUtils;
- Added exception: ScriptLocalizableException;
- Refactor ScriptsAPI.java;
- Removed deprecated classes: PointView.java,
AnalogImageSetRenderer.java
BaseGraphicRenderer.java
BasicImageRenderer.java
BasicRenderer.java
BinaryImageSetRenderer.java
DynamicImageRenderer.java
GraphicRenderer.java
ImageSetRenderer.java
MultistateImageSetRenderer.java
ScriptRenderer.java
ThumbnailRenderer.java;
@Patrykb0802
#3228 Configure SameSite attribute for session cookie
c9b49a0
@Limraj
#3214 safe mode for scripting:
ad811c7 
- Fixed endpoint to test script, added: ScriptsAPI.executeScriptTest
- Corrected exception handler for Java Bean Validation error;
@Limraj
#3214 safe mode for scripting:
10e987e 
- Fixed endpoint /api/scripts/execute-test returned String message.
@Limraj
#3214 safe mode for scripting:
ce070a8 
- Support deprecated endpoint /script;
- Added check isSecurityJsValidatorEnabled before validation;
@Limraj
#3214 safe mode for scripting:
9068e6f 
- Added property scadalts.security.js.filter.enabled in env.properties;
@Limraj
Merge pull request #3222 from SCADA-LTS/fix/#3213_How_Connect_to_Kepw…
f064943 
…are_OPC_Server

#3213 How Connect to Kepware OPC Server:
@Limraj
Merge branch 'release/2.8.1' into fix/#3214_Safe_mode_for_scripting
38cec7c
@Limraj
Merge pull request #3215 from SCADA-LTS/fix/#3214_Safe_mode_for_scrip…
dbc65c4 
…ting

Fix/#3214 safe mode for scripting
@Limraj
#3228 Configure SameSite attribute for session cookie:
6a4d676 
- Corrected HeadersFromSystemSettingsWriter, if a given parameter exists, it is updated;
@Limraj
Revert "#3228 Configure SameSite attribute for session cookie:"
94af4f8 
This reverts commit 6a4d676.
@Limraj
Merge pull request #3226 from SCADA-LTS/fix/#3225_Wrong_endpoint_type…
32b53e6 
…_in_AuthenticationAPI

#3225 Wrong endpoint type in AuthenticationAPI
@Limraj
Merge pull request #3229 from SCADA-LTS/feature/#3228_Configure_SameS…
b8a4caa 
…ite_attribute_for_session_cookie

#3228 Configure SameSite attribute for session cookie
@Limraj Limraj requested a review from SoftQ as a code owner December 23, 2025 13:27
@coderabbitai
Copy link

coderabbitai bot commented Dec 23, 2025
edited
Loading

Important

Review skipped

Too many files!

40 files out of 190 files are above the max files limit of 150.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions
Copy link

github-actions bot commented Dec 23, 2025
edited
Loading

Java Script Mocha Unit Test Results

268 tests  ±0   268 ✅ ±0   3s ⏱️ ±0s
 70 suites ±0     0 💤 ±0 
  1 files   ±0     0 ❌ ±0 

Results for commit 4943a13. ± Comparison against base commit 1cfaed4.

♻️ This comment has been updated with latest results.

@github-actions
Copy link

github-actions bot commented Dec 23, 2025
edited
Loading

Java JUnit Test Results

3 440 tests  +220   3 440 ✅ +220   52s ⏱️ -1s
  134 suites +  6       0 💤 ±  0 
  134 files   +  6       0 ❌ ±  0 

Results for commit 4943a13. ± Comparison against base commit 1cfaed4.

♻️ This comment has been updated with latest results.

@Limraj
Copy link
Collaborator Author

Limraj commented Dec 23, 2025

@coderabbitai review

@coderabbitai
Copy link

coderabbitai bot commented Dec 23, 2025

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

@Limraj
#3218 Synoptic panel file problem:
4943a13 
- Corrected V2_8_1__SynopticPanelChangeDataTypeForColumnVectorImage;
@Limraj Limraj added this to the 2.8.1 milestone Dec 31, 2025
@Limraj
Copy link
Collaborator Author

Limraj commented Dec 31, 2025

@coderabbitai review

@coderabbitai
Copy link

coderabbitai bot commented Dec 31, 2025

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@SoftQ SoftQ Awaiting requested review from SoftQ SoftQ is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

2.8.1

Development

Successfully merging this pull request may close these issues.

3 participants

@Limraj @Patrykb0802