The release notes from version 1.1.0.0 of SpringBot.
Features
- A password strength meter to help users set a stronger password when they register.
Improvements
-
Security:
- User passwords must be at least 12 characters
-
Verify bot-written code allows passwords to:
- Contain spaces and truncation is not performed.
- Unicode characters are permitted in passwords.
- Improved error handling to conform to OWASP ASVS V7.4
- Validate HTTP Request Header Requirements conform to OWASP ASVS V14.5
- SpringBot CRUD component refactor
-
Improved validation
- Enum literal names for unsupported characters
- User behaviour, first name and phone number attribute names are now reserved
- Form behaviour, name attribute is now reserved
- ID and owner are now reserved attribute names
Resolved Defects
- Fixed CRUD submission always redirecting users to list view rather than the most recent page
- Fixed issue where enums were not appearing on the CRUD list page
- Resolved various issues with SpringBot CRUD list search
- Fixed several cases of failing selenium login tests
Migration Path
Testing
The test target directory structure has been updated since previous releases, the easiest method for updating it is to:
- Move your manual code from protected regions into a different directory
- Delete the
src
folder intesttarget
- Re-build with the bots
- Copy your protected region code back into the appropriate location(s)
Migration of CRUD tile
In version 1.1.0.0, we have done a heavy refactoring on the CRUD tile. This part will be the most important part you will need to focus on.
We split the CRUD tile into crud-edit
and crud-list
components so that it is easier to add custom code and easier to read the bot-written code. As a result, you might need to move the code out of the protected region in your current CRUD tile and move it back into the right place after doing a build.