Marvin Oßwald filed a really interesting issue:
In short, if we imagine a policy chain like this:
[CORS, PolicyA, PolicyB]
Even if PolicyB emits a failure, then the CORS policy would likely
still want to be able to process the PolicyFailure to add the relevant
headers (otherwise a SPA type app like Angular would break).
This seems like a valid use-case.
Ideally I'd like to tackle this without breaking any existing interfaces.
A couple of quick ideas:
* Add a new interface that policies like CORS could implement that
indicates it wants to do this kind of processing. E.g.
IFailureProcessor or similar with a simple method signature like
* An annotation: essentially the same as above, but with a
@WhateverWeCallIt annotation on the method that does the processing.
A community user trying out 1.3.3.Final has found another UI issue
which will likely require another release. It is in the create
contract dialogue and can result in unexpectedly being redirected back
to the home screen.
It's unfortunate it wasn't caught before release, but it only happens
on a particular pathway and is a side-effect of the recent
security-related dependency updates.
The fix is only a couple of lines.
Please try out the latest master of Apiman, and I'll try to do a
1.3.4.Final release shortly.
In other news: the ES 1.5.x support is coming along nicely and should
be available shortly.
Thanks again to the community for helping out.
As discussed previously, we plan to upgrade Apiman's ES support to 5.x.
1.3.3.Final is the final (planned) release to support ES 1.x. We don't
anticipate doing another 1.3.x release unless serious regressions are
Is ES 2.x support important to folk? We didn't upgrade previously
because ES 2.x didn't support bulk delete queries - however, they
added that back latterly with a plugin.
Any other requests or feedback welcome.
We've done a 1.3.3.Final release of Apiman to fix a regression with
swagger-ui in 1.3.2.Final.
An upside of the fixes is that OpenAPI 3.x documentation is now also
supported (in addition to Swagger/OAI 2.x).
Thanks to the community for the feedback that went into this release.
After battling with the JS ecosystem's dep nightmare for much of
today, I've managed to get update several UI dependencies on master --
things *seem* to be working as anticipated (after juggling a few
This was necessary because some deps are quite significantly outdated
and we need to move to more modern ones to ensure maintainability,
However, there's still a high risk of breakage, so if anyone can try
things out it would be greatly appreciated.
1. Check out the main apiman repo.
2. Run Apiman in your usual way.
3. cd to manager/ui/war
4. yarn install
4.5 you may need to modify apiman/config.js for your setup
6. Navigate to http://localhost:2772
Maven 3.5.0 users deploying snapshots beware: I hit this bug earlier
this week - https://issues.sonatype.org/browse/OSSRH-37292 In short,
the metadata produced is incorrect which may result in unresolvable
If you're using Maven 3.5.0 for your Apiman-related projects and
experiencing issues (such as unexpected 404s after deploying, outdated
snapshots, etc), then try upgrading to 3.5.3 which seems to work.
For the upcoming release I've had to back out a small contribution
(Prevents the root cause for storage exceptions being swallowed PR
#649 ) because it had an unanticipated side-effect of breaking some
I'll try to reintroduce it later. Hopefully nobody will have directly
been affected as it isn't in any releases yet.