Build 2025-10-12

This release contains major updates and new features. Make sure to test this release appropriately before approving it for production.

New major features of note include:

It is now possible to double-encrypt sensitive fields in the (already) encrypted database. This permits protection of sensitive information (such as passwords) from access, even from Administrators. If reading the objects as generic objects, values will be returned in encrypted form. Typed readout (i.e. via their corresponding class implementations) is required to access the decrypted values. The classes can protect their sensitive properties using Security.CallStack to ensure access is only granted from certain parts of the code, and not elsewhere.
- Classes affected: Account, MucRoom, RelayConfiguration, MqttBrokerNode, XmppBrokerNode, ScriptPasswordParameter, MongoDBSettings, DomainConfiguration and XmppConfiguration.
- Encrypted properties are encrypted in ledger blocks to avoid distribution of sensitive information via ledgers.
- A property becomes encrypted by annotating it with the [Encrypted] attribute. You can use the [Encrypted(MinLength)] overload to instruct the database to encrypt the value with a minimum length of MinLength to mask the size of smaller properties.
- A new IEncryptedProperties interface exists to simplify the conversion of legacy unencrypted variants.

Other new features in this release:

The Account Admin page has been updated: The Password field is now empty: You can only set new passwords, not access existing passwords.
The Neuron now runs under Linux.
Configuration (Gateway.config): HTTP sniffers can be stored in separate subfolders based on remote endpoint, to simplify debugging.
Call-stack checks have been refactored. Call-stack checks now implement a specific ICallStackCheck interface, making the library extensible. Explicitly prohibited source checks have been added.

A list of fixes in this release include:

GATEWAY_THEME_ID environment variable caused an error: ConfigError: Environment Variable contains an invalid value: Theme not found. This has been fixed.
GATEWAY_HR_NAME environment variable caused an error: ConfigError: Environment Variable contains an invalid value: Value missing. This has been fixed.
Deleting old logs and sniffers recursively where appropriate, including sub-folders.
Ability to disable Content-Encoding in a web resource.
Ability to debug into dynamically generated object serializers in the persistence libraries.
Color of printed output.
CallStack fix disabling protection if including the same assembly in approved sources as makes the call.

peter@waher.se
10/13/2025, 12:27:01 PM

Build 2025-09-26

This release contains the following fixes:

Allowing local access to broker from local area network if not configured and running inside a container.
Markdown Master references (for example the Community menu).
Catching disposal errors during shutdown or suspension blocking a successful restart after service is resumed.

peter@waher.se
9/26/2025, 9:51:29 AM9/26/2025, 11:28:31 AM

Alternative content folder can now be specified using -a switch in Utility.Install.
File copy option IfNotExists in manifest files.

This release contains the following fixex:

peter@waher.se
9/25/2025, 2:45:39 PM

This release contains the following fix:

peter@waher.se
9/24/2025, 10:05:49 AM

This release contains the following new features:

Adding From, Volume, Port, Environment Variable, command and entry-point information to manifest files.
- The Utility.Install has been updated updated to support this new meta-data information: When docker files are generated, the corresponding FROM, VOLUME, EXPOSE, ARG, ENV, LABEL, RUN and ENTRYPOINT commands are issued based on meta-data available in referenced manifest files.

This release contains the following fixes:

peter@waher.se
9/23/2025, 6:47:15 PM9/23/2025, 7:25:28 PM