OpenSSO 2.1.0 Release Notes.
What's new in this 2.1.0:
1. Add new security flow to change user email
Today OpenSSO has new security flow about changing our old email in my profile page. If any user wants to change their email, system will sending an otp to their old email. This is the way to reduce spammer registered on your system.
2. Changing the sso login page theme or form directly
Now you can flexible to activate dark theme or not, directly by using url parameter.
For example:
# set theme
https://sso.yourdomain.com/sso/login/xxxx?theme=light
# set form register
https://sso.yourdomain.com/sso/login/xxxx?form=register&theme=dark
# set form login
https://sso.yourdomain.com/sso/login/xxxx?form=login&theme=dark
Issues that have been resolved ?
1. Fixed bug that caused memory leaks
We noticed the cursor pagination in data user is leaking memory in server side. This happened on our website with 10K++ users.
2. Fixed bug update user data
We noticed on some other website is failing to update data with json string.
3. Fixed hidden crashes
We noticed that OpenSSO got undici crashed. This happened on redis client which is hung up or lost connection.
4. Update Security Patch
We notice there is many security patch from fastify and their plugins. So in this release we did hard update some dependencies.
Should I Upgrade ?
Yes, because this release has been fixed for memory leaks and crashes issue.
How to Upgrade ?
Here is the Guide about How to Upgrade from 2.0.0 to 2.1.0.