SpringBot 1.1.0.0

Features

• A password strength meter to help users set a stronger password when they register.

Improvements

• Security:

  • User passwords must be at least 12 characters

  • Verify bot-written code allows passwords to:

    • Contain spaces and truncation is not performed.
    • Unicode characters are permitted in passwords.
  • Improved error handling to conform to OWASP ASVS V7.4
  • Validate HTTP Request Header Requirements conform to OWASP ASVS V14.5
• SpringBot CRUD component refactor

• Improved validation

  • Enum literal names for unsupported characters
  • User behaviour, first name and phone number attribute names are now reserved
  • Form behaviour, name attribute is now reserved
  • ID and owner are now reserved attribute names

Resolved Defects

• Fixed CRUD submission always redirecting users to list view rather than the most recent page
• Fixed issue where enums were not appearing on the CRUD list page
• Resolved various issues with SpringBot CRUD list search
• Fixed several cases of failing selenium login tests

Migration Path

Testing

The test target directory structure has been updated since previous releases, the easiest method for updating it is to:

1. Move your manual code from protected regions into a different directory
2. Delete the src folder in testtarget
3. Re-build with the bots
4. Copy your protected region code back into the appropriate location(s)

Migration of CRUD tile

In version 1.1.0.0, we have done a heavy refactoring on the CRUD tile. This part will be the most important part you will need to focus on.

We split the CRUD tile into crud-edit and crud-list components so that it is easier to add custom code and easier to read the bot-written code. As a result, you might need to move the code out of the protected region in your current CRUD tile and move it back into the right place after doing a build.