forked from RIPE-NCC/whois
-
Notifications
You must be signed in to change notification settings - Fork 0
/
changes.txt
1052 lines (853 loc) · 42.2 KB
/
changes.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
# next
# 1.104
[api] Allow Grouping (-G) flag in Whois Search API (#1077)
[rdap] cidr0 notation for rdap response (#1068)
[query] Remove whois tags (#1059)
[api] Added text/plain to Search and REST APIs (#1054)
[update] Add comment not NOOP (#1052)
[update] Do not allow comments in managed attributes (#1045)
[all] Use documentation prefix 192.0.2.0/24 (#1044)
[update] Organisation country: is modifiable for end-user orgs without RIPE NCC resources (#1041)
[api] Do not return deleted versions (#1015)
[api] Redirect empty requests to syncupdates help (#1011)
# 1.103
[update] Fixed "goefeed:" validation when reading object containing multiple remarks: attributes (#975)
[all] Removed WHITEPAGES org type. (#1003)
[update] Better Error Message when Changing "mnt-by:" on Allocations (#988)
[update] Allow user "mnt-by:" when creating inet6num allocations (already allowed for inetnums) (#982)
[update] Disallow weak keys and hash algorithms (#642, #974)
[update] Abuse-c is Required for End User Organisations With Resources (#955, #969)
[update] Domain overlap validator (#956)
[api] Increase HTTP idle timeout from 30s to 60s (#998)
[grs] Lacnic GRS import was incorrectly treated as UTF-8 (should have been latin-1). (#958)
[update] Updated Zonemaster client to match API Changes (#1005)
[query] Implemented Elasticsearch (#944, #989, #993, #997)
[all] Updated dependencies
# 1.102.2
[all] Update log4j to 2.17.0 from 2.15.0 (#965)
# 1.102.1
[all] Update log4j to 2.15.0 to address CVE-2021-44228 (#959)
# 1.102
[all] NWI-13: Added support for the "geofeed:" attribute (#937)
[Update] Support base64 encoded signed update messages (sent by Thunderbird 78+) (#942)
[all] Updated "geoloc:" help text (#929)
[api] Log client IP correctly in HTTP request log (#908)
[api] Filter passwords in HTTP request log (#919)
[update] Support IDN in outgoing mail update notifications (#888)
[all] Added graceful shutdown to healthcheck (#896)
[grs] Fixed APNIC GRS mirror HTTPS download (#871)
[all] Removed AWS-specific changes
[all] Require UTC timezone at startup (#857)
[all] Updated dependencies
# 1.101
[all] Switch RIPE database to UTC timezone
[nrtm] Display an error on NRTM if client is blocked by ACL limit (#812)
[api] Added rewrite rules to embedded Jetty (#801)
[rdap] RDAP nameserver queries always return Not Implemented (#811)
[update] Don't use sso as reply-to when override was used. (#818)
[all] Updated dependencies
# 1.100
[query] Use AWS instance name (#781)
[update] Use status index during validation (#725)
[api] Fixed aut-num attribute managed flag (#749)
[api] Added client flag to API for proxying requests (#728)
[all] Java 11 support (#673)
[rdap] nameserver not implemented (#711)
[update] Delete object bug (#723)
[all] Removed Travis integration (#724)
[all] Updated dependencies
[all] Merged AWS profile (#721)
[update] Separate email address and leading/trailing space during Punycode conversion (#782)
# 1.99
[update] Require -mnt suffix when creating an MNTNER object (#667)
[nrtm] Enable TCP_NODELAY in NRTM and query connections (#693)
[api] Filter out sensitive information in API response on exception (#664)
[query] Return 'invalid option supplied' on invalid version number given to --diff-version (#662)
[rdap] Allow *any* CORS origin on RDAP GET requests by default (as recommended by RFC7480). (#661)
[all] New dummifier for RC environment
[all] Updated dependent libraries
[all] Java 11 support
# 1.98
[update] NWI-11 Punycode Internationalized Domain Names in email addresses. (#643)
[all] Prevent race condition when updating authoritative resources. (#652)
[rdap] Return remark in rdap response when abuse mailbox validation has failed. (#651)
[rdap] Rdap CORS changes (#648)
[rdap] Rdap invalid syntax exception (#647)
[rdap] An deleted object may be matched by an RDAP lookup (#645)
[api] An deleted object may not be removed from the fulltextsearch index and matched in a search (#644)
[all] Refresh legacy autnums list every 15 minutes (#641)
# 1.97.2
[api] Client cert authentication (#637)
[query] ignore case in RDAP query (#638)
[query] Optimised finding first managed resource. (#635)
[update] Cleanup status hierarchy (#633)
[update] Fixed 500 internal error on domain object update (#636)
[api] Fulltext search optimize (#631)
[all] Add daily scheduled job for reloading legacy autnums. (#634)
[all] More frequent ripe authoritative resource refresh (#627)
[update] Poetic form should be maintained by RIPE-DBM-MNT (#629)
# 1.97.1
[query] Detect a CTRL-C and interrupt (interpret as a delimiter) (#442)
[update] Fix support for Signed messages with Elliptic Curve Algorithm (#605)
[all] Updated dependencies
# 1.97
[all] Use CI build for releases (#610)
[nrtm] Apply ACL limit in NRTM (#612)
[api] Added rate-limiting filter (#609)
[nrtm] NRTM connection limit (#594)
[update] Don't allow inconsistent "org-name:" values on create (#607)
[api] Include build timestamp and commit id in Whois lookup and search responses (#598)
[nrtm] Open NRTM to non-members (#596)
[update] Restrict maximum size of object (#601)
[query] Related irt objects are not returned by default
[api] Use https in URLs (#604)
[query] Use local datasource for abuse-c finder (#600)
# 1.96.3
[all] Also use grs.import.enabled to disable authoritative resource downloading. (#597)
[query] Increase maximum pool size per datasource, to allow for spikes in long-running queries.
# 1.96.2
[rdap] Rdap fixes to output UTC time and to support additional roles.
# 1.96.1
# 1.96
[all] Refactor SSO auth pattern matching (#588)
[all] Rebuild index status sponsoring org (#590)
[all] Added country code to organisation. (#589)
[all] Fixed bug in Ipv6Resource.parseFromStrings() (#593)
# 1.95.6
[all] Deprecate mnt-lower in autnum (#585)
[query] Abuse-c validation comment must refer to the LIR organisation (#573)
[query] Don't allow more than maximum result rows in fulltextsearch request (#580)
[update] Use trusted ip instead of override for changing mntner sso attribute (#576)
[all] Update Mariadb JDBC dependency to latest. (#583)
[all] Update Jetty Dependency to Latest (#579)
[all] Update Jackson Dependency to Latest (#578)
[all] Gitlab (#582)
# 1.95.5
# 1.95.4
[all] Updated commons-compress to 1.19 to mitigate CVE-2019-12402.
[all] Replace Guava methods with (built-in) Java 8 Alternatives (#577)
[query] Use slave datasource for query (#581)
[all] Create status index (#586)
# 1.95.3
[api] Jetty request log
[all] Support optional milliseconds in Crowd response. (#571)
# 1.95.2
[all] Refactored refreshing main and grs sources. (#574)
[api] Apply ACL for version queries (#572)
# 1.95.1
[update] Don't perform SSO auth translation in Batch API
[all] Use a Timestamp class (#569)
# 1.95
[update] Don't allow inet6nums smaller than a /64 to be created. (#562)
[query] Normalise query input. (#565)
[all] Separate integration from unit tests (#564)
[scheduler] Removed custom DailyScheduler, use standard Spring scheduler and ShedLock (#563)
[update] NWI-8: don't allow SSO credentials to be updated by the user, if the maintainer is synchronised with the LIR Portal (#568)
[all] Replaced Joda Time with Java Time (#566)
# 1.94.2
[query] Filter personal data (address, email and notify attributes) from historical object versions (#556)
[query] Filter personal data from historic versions (#553)
[update] Support custom delete reason in Batch API. (#558)
[rdap] Return IP parent handle as pkey (#554)
[rdap] Return org contact (#557)
[rdap] Return correct entity (muliple objects of different type have same pkey) (#552)
[all] Upgrade to Spring 5 (#560)
[all] Replace Joda Time with Java Time (#559)
# 1.94.1
[update] Character Substitutions (#536)
[update] Do not write UTF8 into Index Tables (#547)
[rdap] Support multiple country codes in RDAP response, always return first. (#538)
[rdap] Don't return start/end address in RDAP response in cidr notation. (#539)
[rdap] Return as-block in case autnum is not found (#542)
[rdap] RDAP mntner entity query (#543)
[rdap] Support multiple languages (#544)
[rdap] RDAP help response (#549)
[rdap] jCard adr text correction (#550)
[rdap] Include abuse mailbox (#551)
[query] Reaching ACL limit in Fulltext search will return 429 Too Many Requests.
[api] Return "500 internal server error" from the REST API on unexpected error.
[rpsl] Leave the specification of an actual logging-impl to the user. (#545)
# 1.94
[api] Full text search acl (#529)
[all] Suspect abuse-c validation (#530)
[update] Abuse-c reference can also be from a resource (#531)
[api] Do not return null elements in Full text search response. (#533)
[update] Validate email address (do not allow local-only addresses, i.e. missing @domain part). (#532)
# 1.93.2
[api] Impose a limit on the maximum number of concurrent fulltext searches to prevent memory exhaustion.
[all] Increase limit in sanity check during GRS import.
# 1.93.1
[all] Rebuilt release to fix JavaMail dependency.
# 1.93
[all] Updated to Bouncy Castle 1.60 (supports Curve 25519)
[all] Updated dependencies
[update] Bogons (#519)
[update] Warn the user if the resource abuse-c is identical to the organisation abuse-c (#520)
[query] Filter out comment in Autocomplete response (#518)
# 1.92.15
[all] Abuse-c Validation schema changes.
# 1.92.14
[all] Test elliptic curve algorithms.
[all] Updated inetnum placeholder for transfers (#516)
# 1.92.13
[all] Abuse-c Validation schema changes.
[update] Only validate reserved words on create, so existing objects can be updated.
# 1.92.12
[all] Abuse-c Validation schema changes.
# 1.92.11
[all] Abuse-c Validation schema changes.
# 1.92.10
[all] Abuse-c Validation schema changes.
# 1.92.9
[all] Updated Spring version (#513)
[all] Updated JavaMail version.
[all] Improved Email address validation (#481)
# 1.92.8
[all] Schema changes for 2017-02 Abuse-c validation.
# 1.92.7
[all] Removed remaining pending update code (NWI-5)
[all] Schema changes for 2017-02 Abuse-c validation.
[api] Upgrades to libraries (#505)
# 1.92.6
[api] Make source comparison case-insensitive (fixes lookup bug for object with lowercase source value).
[query] Make source attribute comparison case-insensitive.
# 1.92.5
[all] Removed references to the RPSL maintainer.
# 1.92.4
[api] Refactored redirect for objects with nonauth source.
[query] Added nonauth source to "--list-sources" response.
[nrtm] Removed empty line between sources in "-q sources" response.
# 1.92.3
[api] Fixed URL path in REST API redirect for objects with nonauth source.
# 1.92.2
[all] Added nonauth source to database dump and split files for NWI-5.
# 1.92.1
[nrtm] Added separate sources for NWI-5.
[update] Replace short-format attribute names on update (#501)
[all] Fixed rtr-set members and mp-members syntax (#499)
# 1.92
[all] Initial NWI-5 release
# 1.91.6
[all] Updated Spring framework to 4.3.18.
[update] Validate reserved words and prefixes.
# 1.91.5
[all] Specify database latin1 character set and collation for testing.
# 1.91.4
[update] Non-break spaces not handled properly by REST API and Syncupdates.
[rdap] RDAP related contact information is filtered.
[all] Added wait loop to Database dummifier task.
# 1.91.3
[update] Don't return internal Zonemaster errors.
[update] Fixed Syncupdates compressed response.
[all] Updated Apache Velocity from 1.7 to 2.0.
# 1.91.2
[all] Jackson 2.9.5
# 1.91.1
[nrtm] Only write NRTM end of stream comment in keepalive mode
[update] Add dry-run for batch updates
[all] Updated SSO API
# 1.91
[update] Added clearer message for which LIR organisation attributes the user can update in the LIR portal
[update] Don't allow multiple spaces, any tabs, or multiple lines, in the organisation org-name attribute.
[update] Exclude certain email addresses in abuse-mailbox,e-mail,irt-nfy,mnt-nfy,notify,ref-nfy,upd-to attributes
[update] Convert non-break spaces in mailupdates to regular spaces
[nrtm] Added "end of stream" comment to NRTM responses in keepalive mode
[query] Fixed inconsistent newlines in --list-versions response
[update] Remove the "changed:" attribute from the database on update
[all] Updated dependencies
# 1.90.1
[api] Renamed Whois Search comaintained to managed.
[all] Removed "abuse-mailbox:" attribute from person,mntner,organisation,irt object types.
[update] Added Batch API
# 1.90
[update] Make org-name validation case-sensitive
[update] only allow assignment-size attribute on inet6num objects with AGGREGATED-BY-LIR status
[api] Improved REST API response if an attribute value is omitted
[all] Remove generated autnum remarks regarding legacy status
[api] Check if attribute not in object template, when deleting an object with references.
[rdap] Set "parentHandle" field on RDAP ip responses, using the parent netname. (#440)
[update] Allow whitespace in dsrdata digest (#439)
[api] Refactored transfer code (#426)
[api] Improved Search API (#441)
[update] Removed dnscheck data source
[grs] Set connect and read timeouts when downloading GRS mirror dumps
[update] Allow adding an "abuse-c:" attribute to INET(6)NUM and AUT-NUM objects
[update] Disallow adding "abuse-c:" to object types other than ORGANISATION, INET(6)NUM and AUT-NUM
[update] Disallow adding "abuse-mailbox:" to any object type other than ROLE
# 1.89.2
[update] Fix Zonemaster configuration
# 1.89.1
[api] Fix Abuse Contact lookup with matching as-block (filter by object type using key argument).
# 1.89
[update] Include who changed information in update responses for SSO and PGPKEY authentication
[update] Replaced dnscheck with Zonemaster service for domain updates
[api] Added abuse-c nic-hdl as key attribute in abuse-contact API response
[nrtm] Fixed NRTM client bugs #279 and #294
[grs] Fixed Lacnic GRS mirror download
[all] Mis-match between resource mask and value no longer possible
[api] Set worst-case timeouts for Whois REST client
[api] Merged RDAP feature
[api] Added JSON response to Fulltext Search
[update] Updated notification text to https://www.ripe.net/s/notify
# 1.88.1
[update] Handle "missing crc check" in PGP signed update message. (#423)
# 1.88
[api] DBF-71 delete syntactically incorrect objects with delete referenced objects call
[api] DBF-70 fixed substitution for multiple identical references in delete referenced objects call
# 1.87.6
[all] increased ARIN mirror sanity check to 30M objects
[all] removed legacy Unreferenced Cleanup job
[api] added reason to delete referenced objects call
[all] Bouncycastle 1.55
# 1.87.5
[all] separate the RPSL parsing in a separate module.
[update] apply an transform pipepline to unify RPSL object processing before the actual update
[all] add 'default_maintainer_history' table
[all] delete power mntners and use alloc mntners instead
[update] allow NOT-SET status to be changed or deleted
[update] catch database errors when calling dnscheck
[api] support override in delete referenced objects call
[all] fixed mntner reference in mnt-routes attribute
[all] Jetty 9.3.10
[all] Spring Framework 4.3.2
# 1.87.4
[update] bugfix allow adding mnt-lower attribute for inet(6)nums
[update] bugfix allow updates to netname attribute for inet(6)nums, unless it has the RIPE-NCC-HM-MNT
# 1.87.3
[update] Allow first description line to be editable in inet(6)num and aut-num objects
[update] bugfix allow ASSIGNED-PIs to updated netname attribute for inet(6)num and aut-num
# 1.87.2
[update] Restrict changing mnt-by,org,org-type,abuse-mailbox attributes by user maintainer
[update] Restrict adding, changing, removing first descr: attribute on allocations
[update] Added tests
[nrtm] Increased thread pool size for NRTM server
# 1.87.1
[update] Do not allow LIR edits to the netname attribute on top-level allocations
[update] Do not allow LIR edits to the organisation object mnt-by attribute(s)
[update] Allow RS maintainer to update LIR organisation user attributes with a password
# 1.87
[api] Restrict LIR edits to the organisation object
[api] 'mp-import:' attribute parsing (github bug: #305)
[api] validation of nserver attribute glue record for ENUM (e164.arpa) domains.
[api] improve error responses for invalid REST requests.
[api] special case for signed multipart/mixed parts (generated by Thunderbird)
[api] remove timestamps when rpsl has double generated attribute
# 1.86
[all] The descr-attribute is now optional for all object types
[update] prevent RIPE-NCC-RPSL-MNT to be used as mnt-by, because it is used for hierarchical authorisation
[api] improved auto-complete api
# 1.85
[all] changed phase 3 (changed attribute is configurable: either optional or invalid)
## 1.84.1
[update] Fixed database went away bug
## 1.84
[all] upgrade to MariaDB
[nrtm] removed new (unused) dummifier
## 1.83.1
[update] Fixed database went away bug
## 1.83
[all] better error message for syntax error in organisation attribute
[update] fixed bug where SyncUpdates POST without content type header results in an Internal Server Error
[api] removed unnecessary logging during full text search indexing
[api] fixed bug in delete with references to return the deleted objects.
[api] fixed bug in REST delete for unsuccessful response.
## 1.82
[update] necessary changes to accommodate inter-RIR transfer requests.
## 1.81
[api] Added Autocomplete API
[api] Added References API to allow creation and deletion of related objects
[all] The sponsoring-org attribute is now optional and not generated
[all] The mnt-by attribute is now multiple not single in as-block
[update] Fixed email validation in auth sso attribute
[all] Corrected mp-peering attribute syntax text
[update] Fixed #275, delete does not fail with object mismatch if the difference is in generated attributes
[update] Fixed bug where created and last-modified attributes are re-ordered on modify.
[update] Fixed loading objects using bootstrap
## 1.80.1
[update] Add warning if update fails, and password(s) were removed from mntner due to insecure hashes
## 1.80
[update] remove passwords from audit log
[all] removed referral-by attribute
[all] changed attribute is optional (phase 2)
## 1.79.2
[update] Fixed issue with updates with no changes marked as MODIFY instead of NOOP
## 1.79.1
[all] allow sponsoring-org on inetnums of status legacy
[all] bugfix allow delete object in old mode with database in new mode
[all] dependency updates
## 1.79
[all] dependency updates
[all] added attributes created and last-modified
[all] added switch for recognising created/last-modified
[all] batch script to add created/last-modified for all current db objects
[update] added flag for override to prevent updating last-modified
[update] #275 Some key-cert objects with multiple owners cannot be deleted
[all] made attribute referral-by optional
## 1.78
[update] Fixed concurrency issue with LoggerContext (log REST API)
[update] Added dry-run query parameter to REST API
[update] #286 Pending Create Route requests are not Removed when the Route is Created
[update] Improved error message when creating organisation without AUTO primary key
[all] Added maintenance mode to scheduler
[all] Fixed concurrency issue with REST client
[all] Improved lex/yacc compilation
## 1.77
[update] policy 2012-07: Legacy holder organisations cannot change their organisation name in their org object
if it is referenced by an INETNUM or AUTNUM that is maintained by RIPE-NCC-LEGACY-MNT.
[update] #285 warning if conversion to latin-1 (ISO-8859-1) causes attribute value to change.
[web] A banner is displayed if user is in a non-production environment (RC, Ripe Academy)
[web] Support for RIPE Academy training environment
[web] #274 Full Text Search - Advanced Search - OR Operator
[nrtm] #267 AUTO_INCREMENT in whois_schema.sql causes out-of-range serials
[nrtm] #265 Missing reference breaks NRTM
[nrtm] added end to end comparison testing for NRTM
[query] Stockholm resiliency project: performed load tests targeting the query server in Stockholm
- Performed an average load test
- Performed an stress test with about 10x more than average load.
Apache Jmeter was used to perform the load testing and Logstash, Elasticsearch and Kibana to visualise results.
Configuration files for the above tooling can be found in the whois source code.
[update] REST API Delete on a nonexistent object isn't logged correctly
## 1.76.1
[update] #284 If a blank line (containing only spaces and/or tabs) is found in an attribute, convert to a '+' continuation character.
## 1.76
[all] #271 RipeGrsSource: uses APNIC value for download instead of RIPE
[api] #269 Syncupdates does not return 403 Forbidden on Failed Authorisation
[rc] #268 Not all maintainers in RC have a dummified password
[all] #266 Undefined SERVICE in whois.init prevents Jetty to start
[api] #264 REST Client gets stuck on Error from Streaming Search
[web] #262 passwords with '%'
[api] #261 WHOIS public REST API truncates long URL encoded parameters
[all] #260 'ASSIGNED ANYCAST' and "sponsoring-org:"
[api] #259 REST API - Unformatted Flag adds whitespace padding to response
[web] #256 Abuse Contact information not displayed on web lookups
[update] #254 PGP signed mailupdate with non-latin1 encoding fails
[query] #253 Query with too many parameters
[update] #252 Unexpected Error when Updating Domain Object
[api] #243 Returning 404 on rest api is misleading
## 1.75
[update] Suballocations smaller than /24 is now allowed
[update] Reverse domain objects with single IP address now allowed
## 1.74
[all] Fixed issues listed in GitHub: https://github.com/RIPE-NCC/whois/issues?milestone=12&state=closed
[update] Users can now remove the remarks about status in an aut-num object
[update] Users cannot remove abuse-c from an organisation if it's referenced from RIPE resources
[all] Role attribute now has a more permissive syntax
## 1.73.1
[all] Fixed issues listed in GitHub: https://github.com/RIPE-NCC/whois/issues?milestone=11&state=closed
[all] Created script to remove references to reserved AS numbers
[all] Created script to find emails for legacy resources
[all] Created script to turn multiple abuse-mailbox attributes into remarks
[all] Auth table cleanup patch (whois-1.73-3.sql) - fixes case-sensitivity regression in 1.73
[all] Crowd connect/read timeout decrease
## 1.73
[all] Implemented policy 2012-07: added "legacy" status to inetnum, and added (generated) status attribute to autnum
[all] Implemented policy 2012-08: attribute "sponsoring-org" added to inetnum, inet6num and aut-num
[all] Fixed issues listed in GitHub: https://github.com/RIPE-NCC/whois/issues?milestone=10&page=1&state=closed
[DEPLOY] merge and deploy web application feature-1.73 branch
[DEPLOY] run the following scripts for this release:
- internals-1.73-1.sql
- whois-1.73-1.sql
- whois-1.73-2.sql
- legacy_autnums.sql
Also run whois scripts in all MIRROR datasources.
[DEPLOY] when deploying the web application, change access.hostname to access.url.
## 1.72
[web, api] Better integration with other Ripe services:
Introduced Single Sign On (SSO) for Ripe Database web interface.
Objects can be created/modified when appropriate using the SSO account.
[api] #158 source element
[api] #152 Improve logging
[api] #150 restclient streamSearch returns url as an errormessage when no object is found
[api] #140 --no-personal does not work on web queries
[api] #130 JSON output is weird
[api] #114 REST API JSON response duplicate declaration for 'object' property
[api] #119 in case of noop, rest update returns the new object instead of the one in database.
[api] #148 primary-key element incorrect for route(6)
[api] #145 Empty/unused element in JAXB objects
[query] #121 The built-in help message (-v) contains outdated information about syntax rules of person and role object names
[update] #149 Cannot Update Maintainer with Multiple Passwords
[update] #141 Undelete JMX command unreliable
[web] #179 inverse web query does not find some objects
[web] #177 update a PERSON from result list selects wrong object
[web] #172 After sign out in webupdates, user is not redirected to webupdates.
[web] #164 RIPE # Filtered not shown on filtered objects
[web] #161 web query start page needs some more '?' text
[web] #160 web query 'General Info' text change
[web] #125 no error with wrong type on lookup
[web] #123 dbweb - search results should be streamed
[web] #122 Person objects have incorrect lookup links in search form results
[web] #124 dbweb does not pass on the X-Forwarded-for header to whois backend
[web] #144 Lookup page is missing RIPEStat link
[web] #138 syntax error in link to aut-num in route object in web query
[web] #132 selecting Types on web query returns wrong types
[web] #131 inverse web query does not find aut-num objects
## 1.71
[all] byacc, flex and generator files are not part of deployable whois.jar
[update] No attribute sanitation of object on delete
[api] All RestClient lookups are unfiltered
[oneshot] Dummification for database on RC environment
[update] Call Dnschecker once for all objects before beginning the per-object update cycle
[api] allow for delete reason in rest client
[all] allow for multiple owner attributes in keycert object
[web] #102 webupdates permanent link
[web] #99 webupdates new organisation startup existing maintainer
[web] #98 webupdates create page error formatting
[web] #93 webupdates doesn't display non-ASCII characters correctly
[web] #16 webupdates mixes up extracting errors from acknowledgement message
[api] #112 - return a user friendly message when creating an inetnum with invalid parent.
[api] #110 SQL statements and results are not logged in audit log
[api] #109 A mntner object is returned filtered in look up, if the password for the mnt_by mntners is supplied
[api] #108 RestClient does not return comments in the attributes of an rpsl object
[api] #97 REST calls should return error messages
[api] #95 REST /search should not accept query flags in 'query-string'
[api] #92 Uniform use to flag names in error messages
[api] #91 REST API /search puts flags in <Parameters> section in the same format as they were received in the request
[api] #87 Fixed error on NOOP update via REST API
[api] #86 Fixed email address filtering
[api] #89 Maintenance mode should return error on Syncupdates and REST API
[api] Created REST Client module
[api] Added authentication support for REST lookups
[api] log HTTP headers in update audit log
[update] Allow import-via/export-via rpsl attributes - Job Snijders <[email protected]>
[commons] Fixed logging of daily scheduled jobs
[oneshot] Added Default Abuse Contact script
[deploy] remove logger=... from whois.properties/master datasource definition
## 1.70.1 (deployed on 2013-11-21)
[all] Fixed MySQL replication issue
## 1.70 (deployed on 2013-11-14)
[update] DIFF keyword no longer supported
[api] added service element in responses
[api] added GETter for the abuse contact creation service
[update] mail updates not processed if they have an invalid email address, notifications failing loggingly for the same reason
[logsearch] switched to lucene 4.4 from 4.1.
[query] added option --valid-syntax and --no-valid-syntax
[query] added comment if no abuse contact registered.
[oneshot] added autnum cleanup
[api] renamed abuse-finder to abuse-contact (also changed references on DbWebWar abusefinder branch)
[api] added abuse contact creation helper rest call
[api] moved apikeys from properties to acl database
[api] Updated to Lucene 4.4
[api] removed xml-related 'xlink:' prefix from locators in JSON output
[api] normalize ip addresses
[api] dropped external/internal notion of servers; config port.api replaces port.api.*
[all] removed useless thread_id, prev_serial, serial fields and dropped unused tables from SQL schema
[all] merged pending and scheduler databases into internals
[all] added table authoritative_data to interals database
[all] dailyscheduledtasks now runs distributed in the cluster
[all] sanitize source attribute into uppercase letters
[all] specifying type filter is now allowed with version queries
[DEPLOY] remove leftover wsearch.* from properties file
[DEPLOY] change api.rest.lookup.baseurl to api.rest.baseurl
[DEPLOY] specify port.api instead of port.api.* in properties
[DEPLOY] run internals-1.70.sql on master
[DEPLOY] adjust properties to reflect new internals database
[DEPLOY] run whois-1.70.sql and whois-1.70-2.sql on master (warning: blocks updates & takes a long time!) (65 mins on pre-production)
[DEPLOY] run acl-1.70.sql on master (to normalise all ACL prefixes).
[DEPLOY] delete var/idx before starting 1.70 (to rebuild Lucene index @ v4.4, will take 20 mins to complete)
[DEPLOY] execute JMX call DailyScheduler.runDailyScheduledTask net.ripe.db.whois.common.grs.AuthoritativeResourceImportTask, on the first server only
[DEPLOY] run JMX call AuthoritativeResources.refreshCache on all servers (after import finished)
[DEPLOY] deploy DbWebWar abusefinder branch
[DEPLOY] run whois-1.70.sql on all GRS databases, too
[DEPLOY] add /abuse-contact to mod_proxy config
## 1.69 (deployed on 2013-09-23)
[update] enable dry-run
[api] changed rest API create: POST supports '/ripe/person' format only
[api] adjust mod_proxy config for POST accordingly
[api] added unfiltered queryparam to lookup (adjust documentation on deployment!)
[grs] dummifier comments are now per-source (massive update expected on deployment)
[grs] expand AS Number ranges in ARIN GRS delegated stats
[query] adjusted hierarchical lookup of direct route object keys
[query] fixed search on mixed-case domain postfix
## 1.68.1 (deployed on 2013-08-29)
[api] revamped API to follow the REST paradigm more closely
## 1.67.7
[api] added api.rest.lookup.baseurl to properties
[query] added option to directly lookup route object by specifying search key '10.0.0.0/24AS123'
[api] fully revamped REST API
## 1.67.5
[update] Allow 2-10 letters in nic-hdl suffix.
[update] Allow SHA384 hashes in ds-rdata attribute in domain objects.
[update] Improved update logging.
[api] Create JAXB marshaller instance per thread.
[api] Updated embedded Jetty server from 8.1.8 to 8.1.12.
## 1.67.4 (deployed on 2013-08-07)
[update] removed unused and incorrect text aliases for specifying ds-rdata digest/algorithm
[query] fixed verbose help for route-set member: attribute
[update] ds-rdata: attribute is now sanitized before persisting in database
[update] fixed incorrect syntax rules for as-block
[api] removed {source} pathparam where not needed
## 1.67.3
[all] Added support for graceful shutdown for layer 2 load balancers
[query] Configure a list of default sources to query (contributed by APNIC)
[all] Whois REST API has /whois root URI
## 1.67.2
[api] /grs-search and /grs-lookup removed
[api] tags included in /search
[api] completing rest api documentation
[update] disable diff keyword for this release
[update] disable pending updates for this release
[update] generated changed attribute value shown in notification and dry-run
## 1.67.1
[api] support for long options
[update] reserved words for mntner attributes no longer allowed
[query] --show-version and -B cannot be used together
[query] filter auth and email attributes from --diff-versions output
[all] added maintenance mode (-Dmaintenance=none,none)
[all] fixes for index regeneration (pre-production tests)
[query] All GRS sources are now filtered on AuthoritativeResource regardless of --resource flag
[query] --resource now enables --no-referenced by default
## 1.67
[update] added pending auth support for route(6) creation
[update] added dry-run support for a single object update via the 'dry-run: reason' pseudo-attribute
[update] display diff instead of original object in update notifications
[query] added svn-style diff support option '--diff-versions n:m'
[all] added JMX call for online regeneration of index tables
[all] dropped fallbacks in failed index lookup; need to regenerate indexes on deployment!
## 1.66.3 (deployed on 2013-06-05)
[query] --all-sources now correctly returns results from RIPE + (all GRS except RIPE-GRS)
## 1.66.2
[update] added validation for incoming email addresses
[api] moved api doc root from / to /api-doc
## 1.66
[nrtm] added nrtm client to allow users run a local copy of the RIPE DB
[query] fix bug that resulted in 'no results found' when -K or -b were used
## 1.65.10
[query] Change "--no-taginfo" to "--no-tag-info" and "--show-taginfo" to "--show-tag-info"
[grs] Tag resources for sources with {SOURCE}-REGISTRY-RESOURCE and {SOURCE}-USER-RESOURCE
## 1.65.9
[wsearch] Improve log file indexing
[update] Do not fail unreferenced object cleanup on invalid object in history
[grs] Interpret sources correctly when loading authoritative resource data
## 1.65.8
[query] Make sources to dummify configurable
[query] --resource added for global authoritative internet resources
## 1.65.3
[wsearch] Improve import logging
## 1.65.2
[grs] Fix JPIRR GRS import
## 1.65.1
[query] Fix response object type order
## 1.65
[update] Add syntax check before calling dnscheck
[wsearch] Separate domain part of email addresses to make it searchable
[wsearch] Handle ipv6 addresses with prefix length correctly
[rest api] Report tags at object level (rather than global)
[rest api] Stream search query results
[rest api] Update documentation to replace labs article
## 1.64
[nrtm] added property port.nrtm.legacy
[nrtm] implemented new dummification alongside the legacy one
[dump] added new-style export in dbase_new directory
[dump] added properties dir.rpsl.export.* to control export directories
## 1.63
[update] End of line comment on source attribute is no longer allowed
[rest api] Tags supported
[rest api] Version (history) supported
[query] Long option --filter-types renamed to --select-types
[grs] data is now dummified on-the-fly (existing databases will need to be regenerated)
## 1.62
[query] Invalid combination of query flags only reported once
[query] Log api in query log
[all] Test data anonymised
## 1.61
[all] Easy-whois phase 1
[update] Disallow too large route and route6 object creations
## 1.60.2
[update] Log exceptions when verifying PGP-signed messages
[update] Fixed issue verifying signed message with DSA key and RIPEMD160 hash
[query] Also filter CRYPT-PW auth: lines in the historical objects
[query] Blocked users can still perform non-search queries like help
[all] Merged into single jar
## 1.59.5
[query] Store IPv4 ACL entries in standard format (including prefix length)
[update] More verbose error messages for abuse-c attributes.
## 1.59.4
[all] JMX callable operations should not throw Exceptions.
## 1.59.3
[query] Fixed grs base url in whois.properties
[all] Fixed startup locking slowness
## 1.59.2
[all] Added rpsl.export.enabled option
## 1.59.1
[all] delegate java.util.logging to SLF4J
## 1.59
[all] Allow running query, nrtm and updates in a single JVM
[update] Filter override password in logfile search
[query] Enable long option spec
[update] Simplified update re-attempt logic
[update] Use more verbose error messages for abuse-c attributes
## 1.58.1
[all] Run all whois services in a single JVM
[all] Tagging of objects
[all] Do not use Hazelcast for scheduling
[all] Less verbose logging for known issues
[query] Show message
[query] Support --types query
[query] Only allow --long options with double dashes
[update] Do not check order for changed attributes
[search] Fix exception on some queries
[wsearch] Fix indexing problem due to different file ordering on production systems
[wsearch] Filter override password
## 1.58.1
[all] Improved logging
## 1.58
[update] No longer forward to legacy
[update] No longer use redirect.prefixes, but rely on IpRange (redirect.prefixes can be dropped)
## 1.57.2
[query] Generate help message based on actual query options
[query] Support long query --options
[query] Fixes for --version-list
[query] Do not display abuse-c comment for query with brief output flag
## 1.57.1
[query] Do not show "no abuse contacts found" message when querying
## 1.57
[update] WSearch indexes all update folders after daily log rollover
[update] Only show warning when abuse-mailbox is added
[update] Allow removal of abuse-c on all organisations
[update] Role attributes admin-c and tech-c are optional
[update] Role attributes admin-c and tech-c can no longer be self references
[update] Option to load addition text dumps in test database
[query] Roles with abuse-mailbox are excluded from ACL
[all] Abuse roles are not excluded in dummify process
## 1.56.2
[update] Properly index tarred logs
## 1.56.1
[query] Disable Latest versions of objects shown message
## 1.56
[query] Version info in queries
[query] Abuse-c and abuse-mailbox documentation
[query] Change output for abuse-c contact info
[query] When encountering an object maintained by rs, show abuse contacts for that one if available and stop looking in hierarchy
[query] Look only for referenced organisations that have the abuse-c attribute
[query] Do not show warning if inetnum range is entered which can be written in CIDR notation
[update] Creating or modifying organisation, role adding abuse-c or abuse-mailbox renders warnings
[update] Free-text search does not return duplicates
[update] Free-text search uses AND logic for multiple search terms
[update] Added WSearch
## 1.55.5
[update] Free-text search: Also index the object-type field (required for filtering by object-type).
[update] Removed redundant Full Text Search integration test, added tests for facet search and subwords.
[update] Don't return a stack trace on an invalid parameter value when calling the REST API.
## 1.55.4
[update] Free-text search
## 1.55.3
[update] Only validate adding/deleting/updating an inetnum mnt-lower attribute with an 'ASSIGNED ANYCAST' status.
## 1.55.2
[update] Perform update database operation based on objectId, rather than type and pkey
[update] Don't support octet-streams for now
## 1.55.1
[update] Also sanitize object when override id is used, fixes comparison object with override options.
## 1.55
[update] For now allow all first description changes because current implementation breaks compatibility
[update] Allow override options to allow fixing some corrupted objects in the database
## 1.54.2
[update] Index with mntRoutes writes in mnt_routes table only
## 1.54.1
[update] Fail on circular AUTO-nnn references
[update] Fallback to index lookup if pkey cannot be found fixes duplicate inet6num issue
[update] Fix logging of sync updates
[update] Verify PGP signed message using subkeys (check the subkey has been signed by the master key, and that the subkey is a signing key).
[query] RIPE-GRS uses RIPE datasource and radix trees and is dummified on the fly
## 1.54
[all] Warn about unapplied database patched on startup
[query] Generate verbose RPSL documentation
[update] Warn on invalid existing key-cert objects used for authentication
[update] Convert multipart pgp-signed data into canonical (CRLF) format, according to RFC2015
[update] AUTO-nnnABC placeholders are considered to refer the same object when nnn is equal
[update] Internal software errors on individual object update does not cause entire update to fail
## 1.53
[update] ACL REST API for CS
[update] Deploy route 6
[query] Cleanup ACL events after 3 months
## 1.52.11
[query] Only show abuse-c message when abuse contact found
## 1.52.10
[update] Concurrently perform DNS check for all updates
[query] Other sources than ripe or test will not show abuse-c information + no abuse-c information for root objects
## 1.52.9
[query] JmxSupport bugfix.
## 1.52.8
[update] Business rules for abuse-c
[query] Brief output shows abuse-c information
[query] Queries for autnums and inet(6)num shows abuse-c information
## 1.52.7
[update] When sending raw update to legacy, remove LGC keyword
## 1.52.6
[update] Abort unref cleanup when there are too many errors
[update] Pass update to legacy when LGC appears in mail subject
## 1.52.5
[update] INETNUM SUB-ALLOCATED PA status, object cannot be smaller than /24
## 1.52.4
[update] Wrap up aut-num and enable in production
## 1.52.3
[update] GRS import performs syntax checks on type attribute when importing
## 1.52.2
[update] Wrap up inet6num and enable in production
[update] Resolve ASSIGNED_PA validation issues for inetnum
## 1.52.1
[update] Fail update when keyword DIFF is used
[update] Fail update when no updates are found in request
[update] Unreferenced object cleanup for irt, keycert, maintainer, organisation, person, role
## 1.52
[update] Inetnum fixes and enabling on production
## 1.51
[update] GRS import
## 1.50.9
[update] Unreferenced object cleanup for person, role
## 1.50.2
[update] Fix exception when checking PGP credential with a X09 key-cert
[update] Update log with authentication info
## 1.50.1
[update] Update log
## 1.50
[update] Handle multipart, including X509 and PGP support
## 1.49
[update] Filter auth lines when sending notifications
[query] Filter auth lines even when no filtering behaviour option (-B) is specified
## 1.48
[update] JMX command to load text dumps ("split files")
## 1.47.3