23 Pull requests merged by 11 people

• [Backport 2.x] Fixed test failures in FlsAndFieldMaskingTests (#4548)

  #4552 merged Jul 12, 2024

• [Backport 2.x] Add support for PBKDF2 for password hashing & add support for configuring BCrypt and PBKDF2

  #4551 merged Jul 11, 2024

• Add support for PBKDF2 for password hashing & add support for configuring BCrypt and PBKDF2

  #4524 merged Jul 11, 2024

• Bump jose to address CVE

  #4549 merged Jul 11, 2024

• [Backport 2.x] Use SystemIndexRegistry from core to determine if request contains system indices

  #4550 merged Jul 11, 2024

• Use SystemIndexRegistry from core to determine if request contains system indices

  #4471 merged Jul 11, 2024

• [Backport 2.x] [Enhancement] Replace JUnit assertEquals() with Hamcrest matchers assertThat()

  #4545 merged Jul 11, 2024

• Fixed test failures in FlsAndFieldMaskingTests

  #4548 merged Jul 11, 2024

• [Enhancement] Replace JUnit assertEquals() with Hamcrest matchers assertThat()

  #4544 merged Jul 10, 2024

• [Backport 2.x] Separated DLS/FLS privilege evaluation from action privilege evaluation

  #4539 merged Jul 10, 2024

• [Backport 1.x] Add release notes for 1.3.18 release

  #4542 merged Jul 9, 2024

• [Backport 1.3] Add release notes for 1.3.18 release

  #4543 merged Jul 9, 2024

• Add release notes for 1.3.18 release

  #4541 merged Jul 9, 2024

• Separated DLS/FLS privilege evaluation from action privilege evaluation

  #4490 merged Jul 9, 2024

• [Backport 2.x] Update PULL_REQUEST_TEMPLATE to include an API spec change in the checklist. (#4533)

  #4536 merged Jul 9, 2024

• [Backport 2.x] Update PATCH API to fail validation if nothing changes

  #4537 merged Jul 9, 2024

• Update PATCH API to fail validation if nothing changes

  #4530 merged Jul 9, 2024

• Update PULL_REQUEST_TEMPLATE to include an API spec change in the checklist.

  #4533 merged Jul 9, 2024

• [Backport 2.x] Refactor InternalUsers REST API test (#4481)

  #4527 merged Jul 8, 2024

• [Backport 2.x] Bump org.checkerframework:checker-qual from 3.44.0 to 3.45.0

  #4532 merged Jul 8, 2024

• Bump org.checkerframework:checker-qual from 3.44.0 to 3.45.0

  #4531 merged Jul 8, 2024

• [Backport 2.x] [BUG] Typo in securityadmin.sh hint

  #4529 merged Jul 5, 2024

• [BUG] Typo in securityadmin.sh hint

  #4526 merged Jul 5, 2024

3 Pull requests opened by 3 people

• Add `ignore_hosts` config option for auth failure listener

  #4538 opened Jul 9, 2024

• [DO NOT REVIEW] Add initial kerberos testing

  #4540 opened Jul 9, 2024

• Auto-convert V6 configuration instances into V7 configuration instances

  #4546 opened Jul 11, 2024

5 Issues closed by 1 person

• [BUG] It is possible to create a user via REST API with restricted characters encoded using URL encoding.

  #4513 closed Jul 8, 2024

• [BUG] PATCH method for the internal user REST API does not validate security roles

  #4514 closed Jul 8, 2024

• [BUG] Concurrent roles/users creation causes conflict

  #4522 closed Jul 8, 2024

• [BUG] "java.lang.IllegalArgumentException: -84 is not a valid id"

  #4521 closed Jul 8, 2024

• [HELP] How can I add an external CA to the OpenSearch truststore?

  #4520 closed Jul 8, 2024

3 Issues opened by 3 people

• Test failure: InternalUsersScoreBasedPasswordRulesRestApiIntegrationTest > canNotCreateUsersWithPassword

  #4547 opened Jul 11, 2024

• [Enhancement] Use System index registry from the core to determine if a request matches system indices

  #4535 opened Jul 9, 2024

• [BUG] Flag log_request_body is not honored when logging compliance diff for document updates

  #4534 opened Jul 9, 2024

12 Unresolved conversations

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

• [FEATURE] Remove hard coded action names, pull from core instead

  #4515 commented on Jul 8, 2024 • 0 new comments

• [BUG] Exception when hot-reloading Let's Encrypt certs issued by alternate intermediate CAs

  #4509 commented on Jul 8, 2024 • 0 new comments

• [BUG] Updating Security config in a mixed cluster can result in Unrecognized field "<new_security_config_value>"

  #4491 commented on Jul 8, 2024 • 0 new comments

• [BUG] Unexpected failure while sending request, -84 is not a valid id

  #4494 commented on Jul 9, 2024 • 0 new comments

• [BUG] Cluster status YELLOW after configuring Security Plugin in single-node clusters

  #3130 commented on Jul 11, 2024 • 0 new comments

• [RFC] Optimized Privilege Evaluation

  #3870 commented on Jul 11, 2024 • 0 new comments

• [RFC] Retire support for V6 configuration

  #4493 commented on Jul 11, 2024 • 0 new comments

• Protected indices are marked for deprecation--they should no longer be marked this way.

  #3190 commented on Jul 11, 2024 • 0 new comments

• [FEATURE] Add tests for Kerberos Auth

  #4447 commented on Jul 11, 2024 • 0 new comments

• [BUG] Exception when reloading self signed certs via REST API

  #4480 commented on Jul 12, 2024 • 0 new comments

• [FEATURE] Add support for PBKDF2 and Scrypt/yescrypt for passwords hashing

  #4079 commented on Jul 12, 2024 • 0 new comments

• Optimized Privilege Evaluation [DRAFT]

  #4380 commented on Jul 10, 2024 • 0 new comments