leshan-2.0.0-M18

leshan-2.0.0-M18

Build artifacts are available on maven central.

Library Noteworthy

• Ensure that client use same endpoint for a given registration (GH-1655)
• Strongly tie a observation to a server endpoint (GH-1656)
• Correctly handle object id in test Category. (GH-1666)
• Check if LwM2M version is supported at registration time. (GH-1279)
• Add OSCORE support to RedisSecurityStore. (GH-1707)
• Limit to DER encoding usage but add a way to support PEM and cert chain with custom code. (GH-1710)
• Enable usage of OSCORE Appendix B.2 context re-derivation. (GH-1257)
• Rename ApplicationData in CustomRegistrationData. (GH-1440)
• Ensure there is no precision loss on Number conversion (GH-1692)
• Integration of Californium 4.0.0-M6

Many thanks to @JaroslawLegierski and @jakubsobolewskisag for their contributions🙏 !

Demo Noteworthy

• Migration to Jetty 12: Demos now use Jetty 12 (Jakarta 10).
• Migration to Vue/Vuetify 3 : Demo UI migrated from Vue/Vuetify 2 to 3.

Project Noteworthy

• Build requires Java 17 is now.
• Migration from Yarn to Npm: Demo frontend now uses Npm instead of Yarn.
• CI migration from OSSRH to Maven Central.
• Use otterdog to manage github config
• Add scorecard integration and improve score.
• Get OpenSSF badge.
• Add SonarCloud and get Sonar Quality Gate badge.

API Breaks

• Integration of Californium 4.0.0-M6 which contains API breaks
• Rename ApplicationData in CustomRegistrationData (GH-1440)
• Rename getLastEndpointUsed() into getEndpointUri() in Registration.

Change logs

5b809f2: [ui-demo] fix bsserver demo regression in bootstrap server config step
cbb8c37: [ci] fix leshan-bot email address in release jenkins job
43eb0e1: Add support of "picocli quotedString" to all demo CLI.
6e113d8: [ui-demo] Upgrade demo servers dependencies
9221e63: [ui-demo] Upgrade from nodejs 18.19.0 to 20.19.5
8617b2c: [ui-demo] reactivate notif about delayed request caused by queue mode
d0e8396: [ui-demo] fix GH-1736 Execute with arguments which doesn't open dialog.
09a6bd4: [ui-demo]No need to escape msg with vuetify3-dialog for vue3
e6a466f: [ui-demo] fix client error response should display a notify toast
6325631: [ui-demo] fix button badge in always succeed state (green color)
1b8c3f2: [ci] Migration from OSSRH to Maven Central
657de42: [ci] create dedicate parent POM for module which must be published
89679af: [ui-demo] GH-1727 use TEXT as default content format for single value
4cbf769: [ui-demo] show resource name in create/write instance dialog
5843001: [ui-demo] Upgrade demo servers dependencies
f645bcf: GH-1707: Add OSCORE support to RedisSecurityStore
35ebec2: Add OSCORE test in SecurityStoreTest
94acbaa: Use RedisSecurityStore in Redis Tests
72e2eac: Upgrade logback from 1.3.15 to 1.3.16
e9ce354: Fix regression in server-demo from dba2456 : EC key pair is not valid!
29e5d40: Upgrade dependencies
152dbb9: Integration of Californium 4.0.0-M6 (API Break)
501b733: [code cleaning] Fix some sonar maintainability issues.
d9cb39b: Fix bad object initialization in LwM2mObjectTree.addObjectEnabler
6f5642e: Split ServersInfoExtractor class in an interface+ObjectTreeReader class
a379f16: Client should only support der encoding for certificate by default
4c13f08: Make ServersInfoExtractor class dynamic and allow custom implementation
dba2456: Bootstrap ConfigurationChecker should only allow Der encoding by default
7a448fe: Add Test for DER/PEM certificate Reader
d52681d: Add DER and PEM certificate reader
350cf2c: Make Bootstrap ConfigurationChecker customizable.
39e394c: Added support for device certificate chain in leshan-lwm2m-client module
25992c7: Upgrade to Californium from 4.0.0-M3 to 4.0.0-M5
5429f3f: [demo] frontend upgrade dependencies
c29c3a0: [demo] Upgrade from apache commons lang2 to lang3
97bb4b6: [ui-demo] Upgrade front-end dependencies
0ac6221: Upgrade scorecard-action from 2.4.0.to 2.4.2
bae25ea: [ui-demo] Upgrade front-end dependencies (again ...)
85506b8: [ui-demo] Upgrade front-end dependencies
a461bff: [ui-demo] Upgrade front-end dependencies
92d4043: Fix HTML README issue added by 1b905c5
ccf60ae: [code cleaning] fix blocker "maintainability" issues reported by sonar
7f38434: [eclipse] Ignore "Unhandled token in @SuppressWarnings annotations"
1b905c5: Add Sonar Quality Gate badge to README
7578c7b: fix java 8 obsolete warning at maven compilationt time.
409ef18: [code cleaning] Fix issues reported by sonar.
49cc9f6: GH-1440: Rename ApplicationData in CustomRegistrationData
6f9a12f: [ui-demo] Upgrade front-end dependencies
54b5078: [code cleaning] fix or ignore some "reliability" sonar issues.
1828737: [code cleaning] enhance "reliability" of Node checks
6026569: [code cleaning] enhance "reliability" of Attributes code
bea1572: [code cleaning] fix more sonarcloud issue
f5470ff: Remove deprecated RedisLock (SingleInstanceJedisLock should be used)
b934314: [code cleaning] improve Servlet code quality in demo servers
37b7225: [code cleaning] Mainly limit duplicated code
3cc0213: [ui-demo] Upgrade front-end dependencies
7139d13: Integration of Californium 4.0.0-M3 (API Break)
36c4921: Add OpenSSF badges to README
6b31475: [OpenSSF Best Practices] Activate Compiler Warnings and fix warnings
a5515b2: [OpenSSF Best Practices] Add some contacts informations in README
76edbaf: Pin GitHub-owned GitHubAction dependencies.
af14ffc: Follow the principle of least privilege for github workflows.
780eb56: Upgrade Netty dependency. (4.1.115.Final => 4.1.118.Final)
52956d4: GH-1257: Enable usage of OSCORE Appendix B.2 context re-derivation
5a26160: chore(otterdog): adding scorecard analysis workflow due to blueprint scorecard-integration (#1693)
d652da5: Gh-1677: Rename maven artifacts to clearly see difference with ID
0217944: [ui-demo] Upgrade front-end dependencies
e1cfcc2: Ensure there is no precision loss on Number conversion
9fc2e3c: With this modification, Leshan successfully finish the build process on Windows.
c923e35: Using the cross-env npm plugin in sbom_maven generation
62b1de9: Enhance client demo factory bootstrap: create dummy object if needed
f173b80: DummyInstanceEnabler should generate value for Uint, objlnk and corelink
7aeac15: GH-1658: Use Custom Prefix for Redis Tests
388a4d0: GH-1279 : check if lwm2m version is supported at registration time
8cdd24b: GH-1673 : Fix undefined bootstrap server port in bootstrap demo UI.
70fb56e: GH-1666: Correctly handle object id in test Category.
9eec2be: Integration of Californium 4.0.0-M2
3478efd: GH-1504: Make SenMLPack,SenMLRecord,JsonArrayEntry,JsonRootObject final
f954615: [ui-demo] Upgrade some dependencies
546a355: [ui-demo] add vite-plugin-csp-guard to check CSP during development
8b91dd4: [ui-demo] use vite-plugin-webfont-dl instead of unplugin-fonts
bb08abf: [demo-ui] remove usage of legacy plugin
9591616: Update SECURITY.md about logback and demo v1.x
d4456ad: Upgrade to logback 1.3.15
4db01a9: [demo-ui] fix vite config which prevent demo to work on sandbox
813ef69: Migration from vue/vuetify 2 to vue/vuetify 3
a260d07: [demo-ui] call cyclonedx-npm from frontend-maven-plugin
cbf9173: [demo-ui] add cyclonedx-npm to generate frontend sbom
621ae8b: [demo-ui] add npm-check-updates as dev dependencies
62e4ce3: [demo-ui] Move from Yarn to Npm
14fc20e: integration test to ensure that 1 observation use same endpoint
b9201e3: Use Authorizer for updateRegistrationOnNotification
63f0f6b: Add server endpoint uri to ObservationIdentifier
c0cc705: Add some integration to ensure that 1 registration use same endpoint
71a4a86: Use Authorizer in SendHandler
d7ff9d8: Authorizer checks client do not change endpoint during same registration
3f38671: Rename getLastEndpointUsed() into getEndpointUri() in Registration.
aed8f6f: Remove trivyignore content about Jetty 9.x
4984137: Add documentation about minimal requirement
c8b6ee2: Remove WARNING about usage of deprecated API
1a36009: Move from Jetty based on jakarta 9 to jakarta 10
1c23d5c: Move to jetty 12
c998575: Clean java doc remove empty <p> tag
7485790: Move to Java 17 as minimal version required to build.

leshan-2.0.0-M17

Build artifacts are available on maven central.

Noteworthy

• Use BigDecimal instead of double for decimal LWM2M Attribute. (GH-1583)
• Add some timestamp support to Read/Observe Composite operation (GH-1637)
• Cleaning and Testing custom equals() and hashcode() method(GH-1504)
• Integrate Californium 3.13.0
• Use Alternate path in SenML payload. (GH-1438)
• Replace Java URI usage by EndpointUri (GH-1582)
• Add Optional Endpoint Name support. (GH-1457)

Many thanks to @nkrzykala and @JaroslawLegierski for its contribution 🙏 !

Change logs

8bd4416: GH-1674: Fix NPE when creating Composite failure Response
5f0d210: Upgrade to netty 4.1.115
096e594: Update SECURITY.md with Jetty 9.x EOL information
40038da: [ci] update .trivyignore
0735507: [ci] Use HACK to get vulnerabilies db of trivy.
6f2f834: [ci] Add .trivyignore
314880e: [ci] always use latest version of trivy to check vulnerabilities
8dab3f7: Upgrade to most recent version of jetty 9.x for demo
2db3498: Integration of Californium 3.13.0
95fbcf4: Add API to add several server endpoints to LeshanTestServerBuilder
c6972d8: Return Code/exception onWaitFor**Failure method of LeshanTestClient
7db3aec: Add support of several endpoint address to ReverseProxy test utility
812726a: Add default toString to AbstractLwM2mResponse
7dd230c: Clean TestServerBuilder use argument instead of attribute
1a3f280: Fix tests about Dynamic IP using ReverseProxy...
88f161a: Add CLI Option to client demo to control if endpoint name should be sent
8e5e952: GH-1457: Add Optional Endpoint Name support.
a878c18: GH-1654: improve SenMLCborPackSerDes error message.
2229014: Update demo webapp dependencies.
6f3b564: Fix missing '[ ]' when convert IPv6 address to URI.
0f936f2: Remove static EndpointUriUtil by dynamic EndpointUriHandler interface.
174939b: Add EndpointUriParser interface and default implementation
9ef75aa: Replace Java URI usage by EndpointUri
30dbe5e: Use BigDecimal instead of double for decimal LWM2M Attribute
ec57648: Use Alternate path in SenML payload.
02b7538: GH-1637: Add some timestamp support to Read/Observe Composite operation
ccd7bc9: Merge VersionTest in LwM2mTest
6293523: Change maven import for junit5
47890dd: Add virtualHost attribute to equals/hashcode of IpPeer.
70eec7d: GH-1504: Clean and Test custom equals() and hashcode() method
18b8147: GH-1649: Fix NPE, log warn message when no registration on notification.
7a52fbf: GH-1650: Fix demo-server about unexpected "Device is not awake" message
baa124f: GH-1645: Add very simple Queue mode support to Leshan Server Demo.
ecf87f3: Update demo webapp dependencies (again)
3218946: Update demo webapp dependencies.
8281f23: SendRequest constructor should send InvalidRequestException
583807b: Make SenMLCBOR decoding customizable.
3d03a8e: GH-1634: change log level from ERROR to WARN in ServerEndpointsProvider

leshan-2.0.0-M16

Build artifacts are available on maven central.

Noteworthy

• Maven Module refactoring about Transport Layer Abstraction. (GH-989)
• Integrate Californium 3.12.1 which fixes GH-1627.
• Fix TlvEncoder about date (TIME). (GH-1630)

Many thanks to @jakubsobolewskisag for its contribution 🙏 !

Module Name and API Break

⚠️ This release is mainly about Maven Module Refactoring.
New maven modules was created and almost all modules was renamed. See GH-1295#issuecomment-2211032195 for more details.

To make transition to new module names more smooth, this release contains very few more changes : only 1 bug fixes and a bug fix release integration of Californium 3.12.1, so you should not face any behavior changes.

Change logs

1b11956: GH-1630: Fix TlvEncoder - date (TIME) should be encoded like integer.
e673ac7: [ci] Add build artifacts to test jobs.
1377e52: Integration of Californium 3.12.1
f9137bb: Clean revapi configuration.
3f9b3f7: Change module to avoid them to be too long (ugly mvn output)
8d434d4: Refactoring add oscore module - edit file content
d5c81f1: Refactoring add oscore module - no file content changes [dont build]
bc90314: Separate DeviceManagement and Bootstrap Request class hierarchy.
ab4f9a4: Refactoring add bsserver module - edit file content
2869625: Refactoring add bsserver module - no file content changes [dont build]
6d2ff69: Refactoring rename module/package - edit file content
34caf24: Refactoring rename module/package - no file content changes [dont build]

leshan-2.0.0-M15

Build artifacts are available on maven central.

Noteworthy

• Add support to "/" for Observe-Composite (GH-989)
• Add very experimental CoAP over TCP(and TLS) endpoint provider for client and server based on java-coap. (GH-1528, GH-1594)
• Add support of timestamped value for Observe-Composite. (GH-1089)
• Add some SNI support at client side (GH-1447)
• Add support of Dimention attribute at client side at client side.
• Add Timestamp support for Read/Observe Operation (GH-1553)

Many thanks to @JaroslawLegierski, @mgdlkundera, @sconvent for their contributions 🙏 !

Behavior Break

• A bug fix in ObserveListener change behavior of Notification with Error code handling. (see #1625 for more details)

Change logs

517cab0: Raise exception for unexpected timestamp for OldJSON and SenML
e687c08: Fix ObserveResponse.getTimestampedLwM2mNode(s) behavior
6a17d53: Allow LwM2mNodeSenMLEncoder to encode null-timestamped value.
78a4964: Upgrade server demo front-ends dependencies.
75c17ba: GH-1622: Fix decode empty response for object instance
f0825b5: Integration of Californium 3.12.0
1615d53: Hide some aggressive logs during integration tests
d876b69: GH-1619: fix Precision loss with SenMLJSON and Old JSON content Format.
a7fb3d6: GH-1618: Fix ResourcesChange Event in SimpleInstanceEnabler
dceda02: GH-1553: Add Timestamp support for Read/Observe Operation
61017df: GH-1605: Add a way to provide custom UplinkRequestReceiver
5a5714c: Integration of Californium 3.11.0
007202d: github-actions: upgrade some actions to recent version to remove warning
6ad45a6: github-actions: upgrade to upload/download v4 (v3 is deprecated)
89244ff: [ci]: increase nightly build timeout (we add lot of tests recently)
b2c4755: Integration of java-coap 6.21.0.
99b94e7: Add coaps+tcp support based on java-coap to server-demo and client-demo.
8d208a0: Refactor URL validation in client-demo
9c97f50: Add Integrations tests for coaps+tcp.
bcb2423: Add coaps+tcp support for server and client based on java-coap.
baa3d22: Add coap+tcp support based on java-coap to server-demo.
cca3325: Add coap+tcp support based on java-coap to client-demo.
3dbde22: Add Integrations tests for coap+tcp.
dd19cf3: Add coap+tcp support for server and client based on java-coap.
2199f9e: Add AbstractJavaCoap[Client/Server]EndpointsProvider.
5c8afbd: Certificate: add authentication usage check.
9feae9e: Refactoring: Move CertificateVerifier from cf to core module.
35cbd1e: Refactoring: clean/merge security utility classes
d53b7af: [integration tests] Split SecurityTest in several class
74ba7bd: [integration tests] Move Security tests in dedicated package
688dc50: [integration tests] Move oscore tests in a dedicated package
fd7ecb6: [integration tests] Move Bootstrap tests in a dedicated package
63d3159: [integration tests] Move BootstrapConfigTestBuilder in util package
089f2da: Upgrade demo front-end dependencies
ae49f53: Add JacksonRegistrationUpdateSerializer to fix serialization issue
d8ef31a: GH-534:Add support of pmin,pmax,lt,gt,st for simple observe to client.
afeb712: Observation must notify on object and object instance deletion.
6c03a3d: GH-1588: Remove Assignation Level to Attribute Model.
a7e591c: Change LeshanTestClient.getServerIdForRegistrationId to not provide /rd/
9649084: Add toMaxDescendant/ToParentPath methods to LwM2mPath.
bc62ef8: Enhance resource change event on SimpleInstanceEnabler.
3b43776: Do not use scientific notation when serialize Double attributes.
b1c912b: Add function to "serialize to query param" in LwM2mAttribute
dc57460: Add new constuctor to make test more readable
c93f774: GH-1580: ipv6 zone id in URI should be prefixed by %25.
3388cf8: Add logs when we don't find endpoint to use for a given client.
f23254c: Add support of Dimention attribute at client side.
777d2ed: GH-1554: Add SENML JSON test with timestamped resources with several bn
3a1adfe: Upgrade build frontend demo dependencies (vite, rollup)
9693a3d: GH-1575: fix ObserveCompositeTimestampTests to make it works on JDK 17+
1cdb0db: Fix Licenses pom metadata
a596fea: Add Integration test about bootstrap using SNI with X509
2b25fab: Use SNI value from Security object (id:0) to validate certificate.
b6a7d98: Add Integration tests using SNI with X509
3234c6d: Use SNI information from Security object (id:0).
c1527f6: Add Integration Test using SNI with RPK
d5f7e6d: Add SNI support to Client Security object (id:0).
b303aa4: GH-1089: Support of ObserveComposite for timestamped data on server side
4689260: Fix getInvalidPathForNodeCause for LwM2mRoot
50d940c: Make TimestampeLwM2mNodes supporting null value
b201cde: CoapNotificationReceiver should raise InvalidResponseException
e7d0774: Integration of Californium 3.10.0
831b4ba: Upgrade frontend demos dependencies.
6c664a4: Add Weekly Jenkins Build to check dependencies vulnerabilites with trivy
677e4f0: Add cyclonedx-maven-plugin to generate cycloneDx SBOM
a5012de: Add Eclipse code of conduct.
5c609f9: SECURITY.md udpate : make clearer demos state relating to security
d15d6fb: Fix unplugin-vue-components name in package.json
5bf2cd7: Fix code about resource instance deletion notification.
82045e2: Add test to check notification well support resource instance deletion
c520c83: Fix some WriteSingleValueTest about on object link
004344d: Fix SimpleInstanceEnabler to support resource instance deletion event
0805884: Test against all LTS JDK during nightly build.
edaa063: Add Manual test job to jenkins
fe019a4: Add maven profile to be able to execute tests using toolchain.
ab645dd: Add support to "/" for Observe-Composite
caf3f35: Add Read and Observe support at Object level to server-demo UI.
fbd9d32: GH-1538:Add Active Cancel Observation support in server-demo UI.
2f8cca4: Upgrate logback from 1.3.11 to 1.3.12.
16b016d: GH-1542: Enhance LWM2M attributes null value handling.
4614ebb: GH-1544: Update LeshanServerBuilder.setUpdateRegistrationOnSend javadoc.
aab18a4: GH-1548: Fix DefaultBase64Decoder rejecting payload finishing by 'W'
e786543: Remove useless code in LeshanServerDemo
c3cfe33: Fix -c which is ignored if Californium3.client.properties file exists.
657e686: Replace vue-moment (too fat) by dayjs in frontend demos.
7ff4445: Add yarn report to vizualize frontend module size dependencies
76e94a4: Minify Leshan logo.
6f2cd1e: Add meta.description to web demo to increase SEO lighthouse score.
822dc72: Add aria-label to improve accessibility score in lighthouse.
06fe0dc: GH-1240: Add cache and gzip compression for static demo resources.
6ad3aa0: GH-1239: Use dynamic import in router to reduce chunk size.
d78d952: Move common web ui code in leshan-server-core-demo
fa6f7d2: GH-1545: make all base relative "./" instead of absolute "/"
dacf2ab: migrate from vue-cli to vite to build front-end demo

leshan-2.0.0-M14

Build artifacts are available on maven central.

Noteworthy

• Add support of Multiple Endpoints provider for cliient, server and bootstrap server. (GH-1525)
• Add CoAP endpoint provider for client and server based on java-coap. (GH-1373)
• Add support to "/" for Read-Composite (GH-989)
• Add --factory-bootstrap command to client-demo (GH-1482)
• Support Negative value for GT and LT attributes (GH-1451)

Many thanks to @JaroslawLegierski, @mgdlkundera, @gcx-seb and @SeppoTakalo for their contributions 🙏 !

Known Issue 🐛 :

GH-1548 : DefaultBase64Decoder should not reject payload finishing by 'W'. (workaround)

Change logs

d9a0688: GH-1542: Fix regression about creating attributes with null value.
2afadfc: GH-1538: Add server demo API for Observe Active Cancel
6a43882: Enhance error display message in server-demo
bbb38fb: remove unwanted log in CompositeObjectControl in server demo
8bea9e7: fix icon size of observe composite indicator in server-demo
e78b2ec: Fix some InvalidLwM2mException/InvalidRequestException error message
481f17b: Update maven plugins dependencies
2fe97d3: Update leshan-bsserver-demos front-end dependencies
7595c7e: Update leshan-server-demos front-end dependencies
c2f8232: Integration of java-coap 6.19.0
bcfae94: Update Java libraries dependencies
897fa08: github-actions: Add transitive dependency to dependabot analysis
ae1d7d7: github-actions: Do not launch actions on fork
09f87e7: Add support of "/" for Read-Composite to server-demo.
b56287c: Add integration tests about Read-Composite on "/"
a9aeb89: Add support to "/" for Read-Composite
83dca91: Add LwM2mRoot class and corresponding visit method in visitors
4fa2c80: Add LwM2mChildNode class to prepare addition of LwM2mRootNode
fb44989: Fix exception message typo in LwM2mIncompletePath.toObjectInstancePath()
faca3bc: Enhance servers demos frontend error handling.
b0ef051: Most attributes are assignable to Resource Instance since LWM2M v1.1
5b5aa70: Add test about CoreLink SingleResource and ResourceInstance equals
c87d1e0: Fix CoreLink SingleResource and ResourceInstance hashcode/equals
73916b7: GH-1533: server-demo REST API should return bad_request for invalid path
2bf99b6: Add more tests about Attribute Parsing.
3c0a5e4: GH-1451: Support Negative value for GT and LT attributes
2e2d767: Fix some bug in DefaultLwM2mAttributeParser which was too permissive
2efb924: Fix Version constructor from string
cb204b2: GH-1532: Some Fix/Enhancement about Version class
7829f0a: GH-1482: Add --factory-bootstrap command to client-demo.
082e05c: Move register_with_invalid_request from RegistrationTest to LockStepTest
d3cd591: Use java-coap provider in DeleteClientOnlyTest
4fb816e: Fix -jh(--java-coap-host) option behavior of server-demo.
a8d4af1: Some cleaning about x509 integations tests.
088d6da: Add test about bootstrap with x509
60e8fa8: Rename SecureBootstrapTest method to use snake case
85cfde9: Add option to use java-coap for COAP protocol with leshan-client-demo.
a15a513: Test Client CoAP endpoint based on java-coap in integration tests.
4daab47: Add CoAP endpoint provider based on java-coap at client side
119a2bf: Move log from Cali...ClientEndpointsProvider to DefaultEndpointsManager
27605c6: Fix JavaCoapServerEndpoint description.
edc4edf: Add CoAP endpoint based on java-coap to leshan-server-demo
7322032: Test Server CoAP endpoint based on java-coap in integration tests.
624ad25: Add CoAP endpoint provider based on java-coap at Server side
7e6ea6f: Add ErrorHandler to XML Parser in DDFFileParser
a8824a7: GH-1461: Fix X.509 tests issue happening on some execution environment.
71cb086: Fix possible NPE in client BootstrapHandler.
35af53d: Move some integration tests in Server/Client Only class.
960e4f9: Add some test combinations in ReadCompositeTest.
38b3d91: Fix DynamicIPObserveTest name.
8be094d: UI demos get (bootstrap) server endpoints dynamically.
05ff45c: Add description to LwM2mBootstrapServerEndpoint
d561e9e: Add description to LwM2mClientEndpoint
89efce7: Add description to LwM2mServerEndpoint
cd722fa: Add support of multiple endpoint provider at bootstrap server side.
73b6c86: Add support of multiple endpoint provider at client side.
3c4651d: Add support of multiple endpoint provider at server side.
a3244c4: GH-1524: Error handling improvement in SendHandler.
401a204: Upgrade slf4j from 2.0.7 to 2.0.9.
13e78c0: validate object are registered in Send Request.
9a095b9: Integration of Californium 3.9.1
d8fee63: Add a way to access to CoapServer of Californium endpoint provider
a4e574a: DefaultObjectModelValidator should accept object in Test Category.
6e62e54: GH-1421: Add leshanServerBuilder.setUpdateRegistrationOnSend
2281443: Fix LwM2mPath hashcode NPE.
feca749: Add test about equals/hashcode for LwM2mPath (using EqualsVerifier)
7db37f4: Fix typo : LwM2mParhTest => LwM2mPathTest
749d698: Fix No serializer found for class Version in EventServlet.
9e14443: Fix ClientServlet which doesn't parse write attributes correctly.
93a4e09: Update Security.md

leshan-2.0.0-M13

Build artifacts are available on maven central.

This is mainly a security release of 2.0.0-M12 fixing GHSA-wc9j-gc65-3cm7 / CVE-2023-41034.

If you already use M11 or M12, this is strongly recommended to update to M13.

If you are using M9 or M10 :

• you should read warning about M12 before to upgrade.
• if you can not upgrade to M13 now, verify if you are really affected by the security issue or use the workaround.

Noteworthy

• Make DDFFileParser and DefaultDDFFileValidator safer fixing GHSA-wc9j-gc65-3cm7 / CVE-2023-41034.
• Integration of Californium 3.9.0. (eclipse-californium/californium#2160)
• Artifacts are now built with Java11 using -release option to target java 8 as minimal compatible version. (#1412)

Change logs

29577d2: Make DDFFileParser and DefaultDDFFileValidator safer.
547eb0e: Add test to ensure that XXE injection is not possible with DDFFileParser
15fc34d: Update README.md to use new jenkins job URL
0542e41: Use Temurin JDK 11 instead of AdoptOpenJdk / OracleJdk
de09432: Upgrade some maven plugins version.
3adbd53: use JVM --release option to build.
eb1e7b0: Fix some minor javadoc issue
71756db: Upgrade to nodejs v18.13.0 and do not use parallel build.
5dcd7f9: update yarn dependencies (fixing dependabot issue)
b3d3ba1: Fix reserveProxy start()
e74d613: Fix some warning in build.
ad7fb88: GH-1484: cache yarn and node to download.eclipse.org for jenkins build.
e93d6c6: Migration from Freestyle Job to Jenkins Pipeline
743fa8f: Fix "Resource not accessible by integration" for Delete Workflow
f4e7c0f: Integration of Californium 3.9.0

leshan-1.5.0

Build artifacts are available on maven central.

Noteworthy

• Make DDFFileParser and DefaultDDFFileValidator safer fixing GHSA-wc9j-gc65-3cm7 / CVE-2023-41034.
• Integration of Californium 2.8.0. (eclipse-californium/californium#2150)
• Artifacts are now built with Java11 using -release option to target java 7 as minimal compatible version. (#1412)
• Some minor fixes.

Change logs

4d3e63a: Make DDFFileParser and DefaultDDFFileValidator safer.
2d0ae8e: Bump version to 1.5.0-SNAPSHOT
16ff25a: Add test to ensure that XXE injection is not possible with DDFFileParser
1843d2f: Update some obsolete information in README
aa0f517: Update README.md to use new jenkins job URL
1dde5ac: Use Temurin JDK 11 instead of AdoptOpenJdk / OracleJdk
c496019: Upgrade some maven plugins version.
3f70d19: use JVM --release option to build.
56ed7b9: Fix some minor javadoc issue
cddd9da: Migration from Freestyle Job to Jenkins Pipeline
69334eb: Upgrade demo dependencies (logback, jetty, gson, common-io)
7114294: Integration of Californium 2.8.0
22edbed: Make SecurityInfo Constructor protected to allow inheritance
c77cee9: GH-1446: Fix bad supported algorithm exception message in SecurityUtil
c1123be: GH-1374: fix NPE on server.destroy() when queue mode is disabled
938e43d: GH-1352: Fix invalid default value of resources 120, 1120 of 3441 object

leshan-2.0.0-M12

❗☠️❗ Affected by security issue❗☠️❗

Build artifacts are available on maven central.

⚠️ This is second Milestone Release containing new Transport Layer Abstraction (GH-1025). This is massive changes and maybe not yet fully mature.

So we are still encouraging you to test this Milestone Release to provide feedback but maybe not to use it in production yet OR at least not before reading this :

1. Transport Layer Abstraction is probably not yet fully mature.
2. Redis store backward compatibility, see #1418.

Noteworthy

• Refactoring Identity Class (#1436 : which break Redis backward compatibility, #1418 (comment))
• Handle Default version of core object is correctly. (#1434)

Many thanks to @JaroslawLegierski and @Warmek for their contributions 🙏 !

Change logs

21631ab: Upgrade frontend-maven-plugin to v1.13.4
7459ed3: NOT_FOUND for send means: Reported Object was not registered to Server
42bda55: Make sure that ReverseProxy is started at the end of start method.
b57049a: GH-1421: Fix leshanServerBuilder.setUpdateRegistrationOnNotification
b825100: -Dsurefire.failIfNoSpecifiedTests=false since version 3.0.0-M6.
7e50b83: Update yarn dependencies.
c2b09a8: Upgrade to maven plugin dependencies (especially surefire)
2a842d9: Remove deprecated usage of JsonNodeFactory.withExactBigDecimals(true)
acf1fb6: Upgrade lib dependencies (jackson 2.15.2, jedis 4.4.3, ...)
cf1a212: create Maven variable for some dependency versions (junit, mockito ...)
6a05894: Add tests about dynamic IP for observer and send operation
330617f: Expose CoapEndpoint instead of Endpoint at client side
c8606bc: Add ReserverProxy to be able to test client IP address changes.
2066961: Make LwM2mIdentitySerDes / LwM2mPeerSerDes customizable in Redis store
ec90257: ClientProfileProvider returns Profile only when registration is found
1186c01: Rename ServerIdentity in LwM2mServer at client side.
f994bc1: GH-1436: Refactoring about Identity class
a3d0931: Remove useless class which should not have been committed in 6091fc3
a356488: GH-1439: Update SECURITY.md to recommend usage of Security Advisories.
3c25bdf: Make SecurityInfo Constructor protected to allow inheritance
b620141: GH-1434: Use LWM2M v1.1 default object version way at client side.
3786149: Make LinkFormatHelper Dynamic.
d3a6f46: Remove old Backward Compatibility code about RedisRegistrationStore
cd22391: GH-1434: Use LWM2M v1.1 default object version way at server side.
332d487: Move registration data extraction from link in a dedicated class.
b7e8a2d: Update Security.md with new eclipse policy.
8af670c: Add some "common maintenance tasks" to webapp demo README.
edcdc92: Upgrade yarn.lock for web demo.
1776acf: Update Browserslist in web demo
14b6f5c: GH-1446: Fix bad supported algorithm exception message in SecurityUtil
d47e000: Add TODO about Checking ContentFormat on notification
1008306: Add RequestCanceledException without constructor
ab21e24: Upgrade to slf4j 2.0.7
ab207af: Refactor integration tests to be able to test several transports
25e1aca: Add AssertJ 3.24.2 test dependency.
1b1d23b: Add Mockito 4.11.0 test dependency.
868f8b3: Add setTaskProvider to LeshanBootstrapServerBuilder
be79632: GH-1441: Do not show "EXE" Button for resources with NONE operations.
d5052f1: ci: use actions/setup-java temurin distribution
1ee287f: GH-1393: Added resources 13-20 in to ServerConfig
989f4e7: GH-1427 : Fix Float Attribute Parsing.
37bfbe0: Add profile to not download yarn on sourceforge by default.
10edf13: GH-1428 Upgrade to yarn 1.22.19
ca1e6bc: Fix release nightly build issue.

leshan-2.0.0-M11

❗☠️❗ Affected by security issue❗☠️❗

Build artifacts are available on maven central.

⚠️ This is first Milestone Release containing new Transport Layer Abstraction (GH-1025). This is massive changes and maybe not yet fully mature. More details about why we release the M11: GH-1401.

So we are still encouraging you to test this Milestone Release to provide feedback but maybe not to use it in production yet OR at least not before reading this :

1. Transport Layer Abstraction is probably not yet fully mature.
2. Redis store backward compatibility break, see GH-1418.
3. There is already known bug see below 👇

Known Issue 🐛 :

GH-1421 : Unable to handle notification after device IP changes
GH-1427 : Floating point Attribute are not parsed correctly

Noteworthy

• New Transport Layer Abstraction (GH-1025)
• Integration of Californium 3.8.0. (Behavior break see : GH-1422)
• Redis Store API Enhancement (GH-1249 which break backward compatibility : GH-1418)
• Fix BootstrapConfig issue about resource /0/?/16 (GH-1402)

Many thanks to @aliakseiz @Warmek for their contributions 🙏 !

Change logs

9709ac3: Add javadoc to Registration.getLastEndpointUsed()
959af9c: README: Add link to new LWM2M specification wiki page.
cc9f41d: Use new endpoints provider API in BS server and server demos/tests
95b344d: GH-1395: Add a way to customize DTLS Config at ProtocolProvider level
0d0b57c: GH-1395: Add Builder to Server/BootstrapServer EndpointFactory.
f89cd16: GH-1395: Add a way set Configuration with lambda in Endpoints Provider
3e6b0a5: Fix getLoggingTag in EndpointFactory
5dec807: Enhance error message form EndpointUriUtil.validateURI()
a7e4a5e: GH-1249: Allow to use custom KEYS in RedisRegistrationStore
b8d817b: GH-1410: Fix github action issue with impsort-maven-plugin.
8f0db24: GH-1402:Fix Invalid datatype of Ciphersuite resource in BootstrapConfig
fd5c9c0: Allow to use custom KEYS in RedisSecurityStore
b7dc3cf: Fix typo in CONTRIBUTING.md guide
d7ed1cf: Remove usage of deprecated API of Californium 3.8.0
3c4668b: Integration of Californium 3.8.0
bee5153: Migration from Junit4 to Junit5.
dbe5aa2: Add some test about LwM2mObservationStore.remove()
233c209: GH-1384: Fix issue in LwM2mObservationStore.remove(Token)
346223b: Add method RegistrationStore.getObservation(ObservationIdentifier)
96fcbde: Remove redundant validation in Registration constructor
0f0464a: Add lastEndpointUsed URI validation in Registration Builder.
c31ec78: lastEndpointUsed in Registration should me mandatory
bdc1d72: Fix NPE in RedisRegistrationStoreTest
250c8e2: GH-1387: Fix BootstrapDeleteRequest always delete all instances
a6e55d7: Add some Object Enabler validation at client creation.
73fd995: Fix Registration Update triggered by SUPPORTED_BINDING changes.
6a1ff2d: GH-1376: Better to raise CodecException in LwM2mNodeSenMLDecoder.
a963d77: Remove no more used classes (since transport layer refactoring is done)
6091fc3: Add Transport Layer abstraction at Bootstrap server side.
9859a33: Add Transport Layer abstraction at Client side.
fa38111: Add Transport Layer abstraction at Server side.
2a2a8a7: GH-1374: fix NPE on server.destroy() when queue mode is disabled
5b0ccd1: Fix Typo in RegistrationHandlerTest (givenIdenity => givenIdentity)
a851b81: Add MdcConnectionListener to all Demo.

leshan-2.0.0-M10

❗☠️❗ Affected by security issue❗☠️❗

Build artifacts are available on maven central.

A development release targeting LWM2M 1.1, see LWM2M 1.1 supported features.
⚠️ As a milestone release keep in mind API could/will be broken in next milestone.

If you are interested in LWM2M 1.1 support in Leshan, we strongly advice to :

• use/test this milestone release,
• report us any bug or feebacks,
• share what part of LWM2M 1.1 missing you more,
• contribute code.

This is the best way to get a final 2.0.0 release which fits your needs.

Noteworthy

• New Enhanced Base64 encoder/decoder.(GH-678)
• Change SenML-JSON Base64 encoding to url safe without padding (bug fix : GH-1325)
• New Authorizer API with Application Data support.(GH-1293)
• Add Authorizer to Bootstrap server. (GH-1359)
• Fix some Redis store issue (GH-1333, GH-1350)

Many thanks to @adamsero, @Warmek, @JaroslawLegierski and @davidahoward for their contributions 🙏 !

Change logs

924da18: GH-1348: Add new constructor to SenMLJsonJacksonEncoderDecoder
ce98924: GH-678: Enhance Base64 support & GH-1325: Fix Base64 from SenML-JSON.
e7f1ac4: Enhance SenMLTestUtil to display byte[] value in Hexa.
3a9d48c: GH-1359: Add Application Data support to Bootstrap Server Authorizer
05dbddb: GH-1359: Create Authorizer for Bootstrap server
7547de5: GH-1293: Enhance ApplicationData support (new Authorizer API)
008cdb8: Delete old Github Workflow on the 1st day of the month.
e644ae3: "Comment PR" workflow should not be run if "Check PR" is skipped
3afc638: Add github issue template.
116633a: Add github pull request template.
07d867c: Update some demo front end dependency (dependatbot security issue)
1a2025f: Add Social Preview for Leshan
5877f57: GH-1352: Fix invalid default value of resources 120, 1120 of 3442 object
0aae053: GH-1350: Update Identity key in Redis when client IP address has changed
c13c504: Rename EPL license to make github detect it.
fdef220: GH-1314: Fix Github action issue about adding comment on PR.
07b7473: Add a new Write Integration tests.
76dc370: Fix regression in toString() of LWM2M Value introduced in GH_1321
3bb6ac4: Activate can_write_multi_instance_objlnk_resource test for all format.
fbdaa96: Upgrade to jetty 9.4.49.v20220914
403ef5b: GH-1339: Upgrade to slf4j 2.x
90eb405: Update LICENSE files.
746c43b: Update SECURITY.md to add CVE-2022-39368
f27b49d: Update Web Demo dependencies
7b0efd3: Update Jackson to 2.14.0.
c8c661f: Add minimal Java version to README.md
a314ff2: GH-1333: Prevent NPE in RedisStore Registration Cleaner
122a1a8: Typo: boostrap/bootstap => bootstrap
2cafa2c: GH-1320: Improve toString for core link resources
45cbe1b: GH-1322: Add Checkstyle rule to ensure Java files get right header
8cf38b3: Fix Java File Header