v5.0.7

What's Changed

• Update jetty version. resolves #411 by @cmhdave in #516
• Feature/http proxy support by @mightymax in #553
• UCLA updates by @glenrobson in #668
• Upgrade maven-assembly-plugin to 3.7.1 - CVE-2023-37460 (replaces #674) by @camille-hdl in #675
• Be explicit about the usage of the properties file by @jcoyne in #660
• Fix gray turbo by @glenrobson in #657
• ISSUE-682: Update ci.yml for docker compose on ubuntu-latest by @DiegoPino in #683
• Attempt moving over to the newer docker compose. by @adam-vessey in #685
• Fix/wrapped reads by @adam-vessey in #681
• ISSUE-593: Fix Virtual Cropping detection condition to take both Y and X in account by @DiegoPino in #655
• Bump org.bouncycastle:bcprov-jdk18on from 1.76 to 1.78 by @dependabot in #688
• Bump org.eclipse.jetty.http2:http2-server from 11.0.5 to 11.0.17 by @dependabot in #691
• Adding failing test to check if the fix for PDF is working by @glenrobson in #686
• Adjust settings for ci builds by @jcoyne in #690
• Avoid communicating with S3 unless necessary by @garyttierney in #616
• Upgrade to actions/checkout@v4 by @jcoyne in #687
• Test with OpenJDK 17 & 21 (LTS) by @jcoyne in #689
• Update base Linux image to ubuntu 24.04 (Noble Numbat) by @jcoyne in #694
• Move image_files to a top level directory by @jcoyne in #693
• Standardize on compose.yaml by @jcoyne in #696
• Adding 5 retries for purge by @glenrobson in #699
• Upgrade to the newest non-LTS openjdk by @jcoyne in #692
• Include S3 object content type in attributes by @glenrobson in #700
• Stop testing on JDK11 by @jcoyne in #698
• Bugfix/xhr allow authorization header by @ksclarke in #670
• Fix exception when parsing EXIF data with LONG Orientation by @janhoy in #684
• ISSUE-680: proper /MAX handling under pre-cropped and un-cropped scenarios by @DiegoPino in #709
• Prevent file handle leak during individual purge by @bbpennel in #707
• Fix HTTP 302 redirects via delegate for identifiers with slashes by @markmatney in #585
• Updating ubuntu by @glenrobson in #713
• Update GraalVM to use JDK 21 by @jcoyne in #720
• Update jruby to 9.4.9.0 by @jcoyne in #718
• disable JRuby's Variable Sharing feature by @matthias-fratz-bsz in #715
• Set source and target to Java 17 by @jcoyne in #717
• Update Kakadu license by @glenrobson in #721
• Remove deprecated version in compose.yaml by @jcoyne in #719
• Bump org.eclipse.jetty:jetty-server from 11.0.17 to 11.0.24 by @dependabot in #716
• ISSUE-724: Fixes access to frames other than 1 for Video by @DiegoPino in #738
• Upgrade Kakadu to 8.4.1 by @glenrobson in #735
• Updating security issues versions by @glenrobson in #739
• Release 5.0.7 by @glenrobson in #743
• Update release.yml by @glenrobson in #745

New Contributors

• @mightymax made their first contribution in #553
• @camille-hdl made their first contribution in #675
• @jcoyne made their first contribution in #660
• @DiegoPino made their first contribution in #683
• @dependabot made their first contribution in #688
• @garyttierney made their first contribution in #616
• @janhoy made their first contribution in #684
• @bbpennel made their first contribution in #707
• @markmatney made their first contribution in #585
• @matthias-fratz-bsz made their first contribution in #715

Full Changelog: v5.0.6...v5.0.7

v5.0.6

• IIIF information endpoints always return JSON in HTTP 4xx responses.
• Fixed a bug whereby the values of the operations and page_count keys
  in the delegate context were not set.
• TurboJpegProcessor is able to generate non-JPEG derivative images, which
  fixes an HTTP 415 error that would occur when trying to do that.
• Fixed a crop-offset bug that could occur when using PdfBoxProcessor to
  generate JPEGs with libjpeg-turbo active.
• Updating libraries to fix security issues. Full details in #634
• Update of Jena to 4.8 requires RDF to have a populated rdf:about field. May impact some XMP header processing.

v5.0.5

• Fixed an uncaught exception when returning HTTP 401 status from the pre_authorize() or authorize() delegate methods.
• Updated the Logback dependency to version 1.2.8.

v4.1.11

• Fixed an issue with the 4.1.10 build whereby the logback-classic dependency had been updated to version 1.2.8 but not logback-core.

v4.1.10

• Fixed a Link header not being sent in response to requests for cached images.
• Suppressed an error-level log message from OpenJpegProcessor when reading an image without a recognized filename extension on a read-only filesystem.
• Updated the Logback dependency to version 1.2.8.

v5.0.4

• Fixed a bug involving deserialization of BYTE-type EXIF fields containing numeric values.
• Fixed a bug in S3Cache that could cause source content to be purged when sharing a bucket with S3Source with the cache worker enabled.

v5.0.3

• The full_size and metadata keys are available in the delegate context in response to information requests as well as image requests.
• The application exits when it fails to bind to a port at startup.
• Improved recovery from corrupt cached infos.
• Suppressed an error-level log message from OpenJpegProcessor when reading an image without a recognized filename extension on a read-only filesystem.
• Improved the resiliency of the built-in EXIF reader.
• Fixed IIIF Image API image and information endpoints not respecting scale constraints.
• Fixed the IIIF Image API v2 and v3 image endpoints not sending a Link header in response to requests for cached images.
• Fixed HttpSource failing to use HTTP Basic credentials when chunking is enabled.
• Fixed a potential ConcurrentModificationException when using the delegate script.
• Updated JRuby to version 9.2.17.0.

v5.0.2

• Fixed a bug introduced in 5.0.1 that broke static asset serving.

v5.0.1

• Fixed several issues related to serving static assets from within the JAR.
• Added several keys to the status endpoint response (/status).
• Fixed a bug in the IIIF Image API 2 & 3 endpoints that caused the profile.formats key to be missing from the information responses of cached images.
• Fixed the page_count key not being set in the delegate context when returning a cached info.
• Fixed several issues related to EXIF metadata parsing.
• Fixed a floating-point rounding bug that could cause an excessively large TIFF pyramid level to be selected, resulting in unnecessary scaling.
• Fixed a bug in TurboJpegProcessor that could cause incorrect cropping.
• Fixed a bug in S3Cache that could cause hits against expired content.
• Fixed a bug that could cause S3 credentials from the configuration file to be erroneously used even when not set.
• Fixed a bug that could cause corrupt images to be written to a derivative cache.
• Updated the PDFBox dependency to address the following security vulnerabilities: CVE-2021-27807, CVE-2021-27906.

v4.1.9

• The identifier scale constraint suffix syntax is configurable via new scale_constraint_suffix.format and scale_constraint_suffix.pattern keys. (These are a stopgap addition that are not relevant in version 5.0.)
• Fixed a floating-point rounding bug that could cause an excessively large TIFF pyramid level to be selected, resulting in unnecessary scaling.
• Fixed a bug whereby corrupt image data could be written to a derivative cache.
• Updated the PDFBox dependency to address the following security vulnerabilities: CVE-2021-27807, CVE-2021-27906.