v5.28.156

📦 Uncategorized

• Use latest version for version_number
  • PR: #517

What's Changed

• Use latest version for version_number by @thomasm-ttd in #517

Full Changelog: v5.28.152-20c315dfc7...v5.28.156

v5.28.152-20c315dfc7

📦 Uncategorized

• UID2-2071 Enable log redirect
  • PR: #486
• UID2-3216 Set core and optout base url based on var.uid_deployment_env
  • PR: #504
• Install and configure syslog-ng on both the host and enclave
  • PR: #502

v5.26.19-56899dc0d7

2024 Q1 Operator Release

Update to all Private Operators on all cloud providers.

Integration Guides

AWS Marketplace
GCP Confidential Space
Microsoft Azure

Installation

docker pull us-docker.pkg.dev/uid2-prod-project/iabtechlab/uid2-operator:5.26.19-56899dc0d7-gcp-oidc
docker pull ghcr.io/iabtechlab/uid2-operator:5.26.19-56899dc0d7-azure-cc

Release Notes

UID2 Sharing:

• In UID2, sharing is a process for distributing raw UID2s securely between UID2 participants.
• With this round of updates, UID2 sharing is now supported for Private Operators.
• For more details, please visit: https://unifiedid.com/docs/sharing/sharing-overview.

Attestation:

• The attestation token has been replaced with an industry-standard JWT token.
• The attestation process has changed to randomize the time between attestation requests to reduce the load spikes on the UID2 Core service. This has no impact on participants running Private Operators.

Logging:

• To protect confidential data, logging has been reduced and logs are redacted where necessary.

Improvements:

• The vsock proxy used by AWS Private Operators has been updated to fix a small memory leak issue.
• Client API keys are now stored as salted hashes instead of in plaintext, for better security.

Other changes:

• The POST /token/generate and POST /token/refresh responses no longer contain user_token.

Full Changelog: v5.25.56-5cb84da6f1...v5.26.19-56899dc0d7

v5.25.56-5cb84da6f1

What's Changed

• UID2-2283 - Fixed draft release creation by @gmsdelmundo in #320
• Add ENFORCE_HTTPS environment variable by @cYKatherine in #321
• Change allowed env override to enforce_https by @cYKatherine in #323
• Only add env override for ENABLE_HTTPS by @cYKatherine in #324
• UID2-2339 create test pipeline for gcp by @cYKatherine in #315
• Add E2E test as a part of the gcp publish pipeline by @cYKatherine in #326
• Enable CSTG domain name check for E2E public operators by @mcollins-ttd in #330
• UID2-2340 Add test pipeline for Azure by @cYKatherine in #328
• Set ad token v4 percentage to 0 for private operators by @mcollins-ttd in #336
• Update shared to allow enforce jwt by @thomasm-ttd in #338

Full Changelog: v5.25.24-84ab4e3a86...v5.25.56-5cb84da6f1

5.25.24-84ab4e3a86

v5.25.24-84ab4e3a86

Released Patch version: 5.25.24-84ab4e3a86

UID2 Operator 5.21.5-68a47aec9f-azure-cc

UID2 Operator for deployment on Azure Confidential Container environment.

UID2 Operator 2.1.0

Release Note
Changes from 1.13.0 to 2.1.0

All Changes

• #79 - Update dependencies to remove vulnerabilities
• #81 - Integrated with localstack
• #85 - Updated config JSONs
• #83 - Remove v1 and unversioned endpoints
• #87 - Revert config changes relating to v1 endpoints
• #90 - Set optout_s3_path_compat to false everywhere
• #91 - Uid2 669 aws optout s3 path fix
• #88 - Updated the deploy docs
• #89 - Added local Docker E2E config
• #93 - Aul UI d2 646 upgrade operator
• #95 - Add site ID to metrics
• #86 - Fix stats collection for unauthenticated non-existing static endpoints.
• #94 - Added a workflow to do a daily scan for vulnerabilities
• #96 - Added needs statements to require jobs to run serially to stop port contention
• #82 - New token-generate parameter to respect earlier optout records
• #98 - create version 1.13.0
• #84 - Cbc UI d2 550 new sharing endpoint
• #97 - Replace io.vertx.core.logging with org.slf4j
• #102 - Fix LOGGER.error argument missing error
• #100 - Set default log level to info instead of debug
• #99 - Metrics improvements
• #104 - Cbc UI d2 705 sharing endpoint for id readers
• #103 - Upgraded Vert.x to 4.3.8
• #106 - Updated operator version to 2.0.0
• #107 - Removed query string from URL for metrics
• #109 - Updated promise
• #108 - Cbc UI d2 787 fix optout bug
• #110 - Moved expiry
• #111 - drop useless 'body' from optout response
• #105 - New identityMap API with micro benchmark
• #92 - Responsible exception handling
• #113 - Added failure handler
• #115 - Revert PR #105 Identity Map Policy
• #116 - add invalid & unmapped telemetry
• #117 - Updated logging and exception handlers
• #119 - Updated failure handler
• #118 - uid2-776 identity map policy
• #120 - create release 2.1.0

1.13.0

Changes

• Added an optional parameter "policy" to customize how to respect existing opt-out records
• Added new sharing endpoint

Note

This is a manual release but we should have it automated real soon.