Today, we like to announce the new release v1.3.0 of base-repo. Besides regular dependency updates for security reasons, we’ve added some new nice features which will increase your productivity while using base-repo for managing your research data.

New Features

• Added CSRF and CORS configuration support to application.properties
• Added support for indexing and searching (new endpoint /api/v1/search if search is enabled) for DataResources via Elastic
• Added new endpoint at GET /api/v1/dataresources for content type ‘application/tabulator+json’ for direct support of listing in Tabulator

Bugfixes

• User role INACTIVE is now properly checked. If a user is marked inactive, all access attempts will be answered with HTTP 403 (FORBIDDEN)
• Attempts to write DataResources if repository is in readOnly mode now returns HTTP 403 (FORBIDDEN) instead of HTTP 503 (SERVICE_UNAVAILABLE)
• Attempts to write DataResources without permissions now returns HTTP 403 (FORBIDDEN) instead of HTTP 401 (UNAUTHORIZED)
• MediaType detection and providing mediaType by user now properly works for ContentInformation

Dependency Upgrades

• Bump spring-security-config from 5.5.2 to 5.7.3 by @dependabot in https://github.com/kit-data-manager/base-repo/pull/58
• Bump postgresql from 42.4.1 to 42.5.0 by @dependabot in https://github.com/kit-data-manager/base-repo/pull/68
• Bump spring-cloud-starter-netflix-eureka-client from 3.1.3 to 3.1.4 by @dependabot in https://github.com/kit-data-manager/base-repo/pull/69
• Bump io.freefair.maven-publish-java from 6.5.0.3 to 6.5.1 by @dependabot in https://github.com/kit-data-manager/base-repo/pull/70
• Bump io.freefair.lombok from 6.5.0.3 to 6.5.1 by @dependabot in https://github.com/kit-data-manager/base-repo/pull/71
• Bump spring-messaging from 5.3.22 to 5.3.23 by @dependabot in https://github.com/kit-data-manager/base-repo/pull/77
• Bump org.owasp.dependencycheck from 7.1.2 to 7.2.1 by @dependabot in https://github.com/kit-data-manager/base-repo/pull/80
• Bump net.researchgate.release from 3.0.1 to 3.0.2 by @dependabot in https://github.com/kit-data-manager/base-repo/pull/73
• Bump nimbus-jose-jwt from 9.24.3 to 9.25.6 by @dependabot in https://github.com/kit-data-manager/base-repo/pull/82
• Bump io.spring.dependency-management from 1.0.13.RELEASE to 1.0.14.RELEASE by @dependabot in https://github.com/kit-data-manager/base-repo/pull/84
• Bump spring-security-config from 5.7.4 to 5.7.5 by @dependabot in https://github.com/kit-data-manager/base-repo/pull/92
• Bump spring-security-web from 5.7.4 to 5.7.5 by @dependabot in https://github.com/kit-data-manager/base-repo/pull/91
• Bump spring-cloud-starter-config from 3.1.4 to 3.1.5 by @dependabot in https://github.com/kit-data-manager/base-repo/pull/93
• Bump mockito-inline from 4.8.1 to 4.9.0 by @dependabot in https://github.com/kit-data-manager/base-repo/pull/94
• Bump Gradle from 7.4.2 to 7.6 by @VolkerHartmann in https://github.com/kit-data-manager/base-repo/pull/110
• Bump org.springframework.boot from 2.7.3 to 2.7.5
• Bump javers from 6.6.5 to 6.8.0
• Bump service-base from 1.0.4 to 1.1.0
• Bump repo-core from 1.0.3 to 1.1.1

Removed

• Removed old configuration properties for indexing in application-default.properties