Release Notes¶

Improvements¶

• Deployment and Operations Improvements

To address the latest security vulnerabilities found in dependent libraries, the following library versions have been updated:

• Updated Spring Boot to 2.7.15
• Updated Tomcat Service to 9.0.80

• Semantic Objects

The release of Semantic Objects includes a bug fix related to RDF4J connection management. The issue was causing an excessive memory usage, ultimately causing the service to run out of memory. This problem has been identified in versions 4.0.0, 4.0.1, and 4.0.2. We highly recommend upgrading to the most recent version available.

Improvements¶

• Deployment and Operations Improvements

To address the latest security vulnerabilities found in dependent libraries, the following library versions have been updated:

• Updated GraphQL Java to 20.4
• Updated RDF4j API to 4.2.4
• Updated Spring Boot to 2.7.13
• Updated Spring Boot Starter Security to 2.7.10
• Updated Spring Core to 5.3.29
• Updated Spring Web to 5.3.29
• Updated Spring Hateos to 1.5.5
• Updated Json Smart to 2.4.11
• Updated Tomcat Service to 9.0.78
• Updated Micrometer Registry to 1.9.10
• Updated Kryo to 5.5.0
• Updated fastutil to 8.5.12
• Updated Eclipse Collections to 11.1.0
• Updated guava to 32.1.1-jre
• Updated jjwt to 0.11.5. Note that this change may be a breaking in some deployments. For more information check below.

• Semantic Objects

In this release of Semantic Objects, there are no functional changes. However, noteworthy updates are related to the dependency upgrades for GraphQL Java and Json Web Token (JWT) handling.

Regarding GraphQL Java, version 20.0 initially introduced stricter argument validation, which was later reverted in version 20.3 . The current version included in Semantic Objects, 20.4 , also addresses the Guava vulnerability CVE-2023-2976

Regarding Java Json Web Token (JJWT) handling library, the update brings in more stringent handling of secret keys used for decrypting token information. The previous implementation lacked sufficient enforcement of keys for the decryption algorithms. For additional details about the minimum key lengths, please refer to the Signature Algorithms Keys section on the Java JWT library page.

• Workbench
  • Improved integration with different OpenID/OAuth2 identity providers like Auth0 by changing the authentication flow to send the request parameters in a HTTP POST body instead of URL parameters.

Improvements¶

• Deployment and Operations Improvements

To address the latest security vulnerabilities found in dependent Docker images, the following image versions have been updated:

• Updated Elasticsearch to 7.17.9
• Updated Kibana to 7.17.9
• Updated Postgres to 11.19-alpine

To address the latest security vulnerabilities found in dependent libraries, the following library versions have been updated:

• Updated GraphDB Cluster client to 10.1.5
• Updated rdf4j API to 4.2.2
• Updated Spring Boot to 2.7.9
• Updated Spring Boot Starter Security to 2.7.9
• Updated Spring Core to 5.3.25
• Updated Spring Web to 5.3.25
• Updated Spring Hateos to 1.5.3
• Updated Jackson databind to 2.13.5
• Updated SnakeYaml to 2.0
• Updated jsonld-java to 0.13.4
• Updated Json to 20230227
• Updated Json Smart to 2.4.8
• Updated Tomcat Service to 9.0.70
• Updated GraphQL Java to 20.0
• Updated Micrometer Registry to 1.9.8

Semantic Objects now fully supports GraphDB 10 and the new cluster implementation. This version also drops the support for GraphDB 9.x due to incompatibility of rdf4j 4 with previous versions.

• Semantic Objects
  • Added support for GraphDB 10 cluster and removed the support for GraphDB 9. This also includes changes to configurations. The new configurations could be found in the cluster config section.
  • Added support for passing HTTP request headers to GraphDB. This includes the Authorization header so requests could authenticate at GraphDB. More information about the supported authentication mechanisms could be found at Docker Compose section.
  • Added support for xsd:duration, xsd:dayTimeDuration, xsd:yearMonthDuration and xsd:dateTimeStamp literals and improved the overall temporal types support. This includes handling fraction seconds up to 9 positions and proper time zone offset handling for the types: xsd:time, xsd:dateTime and xsd:dateTimeStamp. More information about the supported types could be found at Datatypes section.
  • Optimized GraphQL schema generation to no longer includes scalars and other related inputs for types that are not used in the GraphQL schema. For schemas that do not use great variety of types it will greatly reduce the schema and the service memory requirement.
  • Updated mutation validators to properly report evaluation errors like insufficient security permissions or lack of network connectivity for example.
  • Enforced mutation argument validation to properly terminate the request in case of invalid input data for example xsd:dateTimeStamp field missing a time zone offset.
  • Improved extensions and plugin loading. Spring beans could also be loaded as plugins. All plugins now could benefit from injection of defined extensions.
  • Reorganized loggers so that SPARQL queries and mutations are logged in separate loggers sparql.query and sparql.update respectively. Also consolidated several GraphQL related loggers in a single one named graphql.
  • Updated query and mutation preloading to properly work with enabled security.
  • Removed support for MongoDB as SOML schema store option and all related configurations.
  • Removed the migration support from Mongo to rdf4j schema store and related configurations. If you are using older version of Semantic Objects migrate your schemas using the latest 3.x version and then deploy the 4.x version.

Bug Fixes¶

• Changed AffectedCount.count type from PositiveInteger to NonNegativeInteger
• Updated query and mutation preloading to properly work with enabled security

• Workbench
  • Improve security configuration by adding additional options for setting up security with more Identity providers. More information could be found in the Workbench Administration section.

Improvements¶

• Deployment and Operations Improvements

To address the latest security vulnerabilities found in dependent Docker images, the following image versions have been updated:

• Updated Elasticsearch to 7.17.9
• Updated Kibana to 7.17.9
• Updated Postgres to 11.19-alpine

To address the latest security vulnerabilities found in dependent libraries, the following library versions have been updated:

• Updated Spring Boot to 2.7.9
• Updated Spring Boot Starter Security to 2.7.9
• Updated Spring Core to 5.3.25
• Updated Spring Web to 5.3.25
• Updated Spring Hateos to 1.5.3
• Updated Jackson databind to 2.13.5
• Updated SnakeYaml to 2.0
• Updated jsonld-java to 0.13.4
• Updated Json to 20230227
• Updated Json Smart to 2.4.8
• Updated Tomcat Service to 9.0.70
• Updated GraphQL Java to 20.0
• Updated Micrometer Registry to 1.9.8

• Semantic Objects
  • Added support for xsd:dateTimeStamp literals and improved the overall temporal types support. This includes handling fraction seconds up to 9 positions and proper time zone offset handling for the types: xsd:time, xsd:dateTime and xsd:dateTimeStamp.
  • Added support for new types xsd:duration, xsd:dayTimeDuration and xsd:yearMonthDuration.
  • Optimized GraphQL schema generation to no longer includes scalars and other related inputs for types that are not used in the GraphQL schema. For schemas that do not use great variety of types it will greatly reduce the schema and the service memory requirement.
  • Updated mutation validators to properly report evaluation errors like insufficient security permissions or lack of network connectivity for example.
  • Enforced mutation argument validation to properly terminate the request in case of invalid input data for example xsd:dateTimeStamp field missing a time zone offset.
  • Reorganized loggers so that SPARQL queries and mutations are logged in separate loggers sparql.query and sparql.update respectively. Also consolidated several GraphQL related loggers in a single one named graphql.
  • Updated query and mutation preloading to properly work with enabled security.

Bug Fixes¶

• Changed AffectedCount.count type from PositiveInteger to NonNegativeInteger
• Updated query and mutation preloading to properly work with enabled security

Improvements¶

• Deployment and Operations Improvements

To address the latest security vulnerabilities found in dependent libraries, the following library versions have been updated:

• Updated Spring Boot to 2.7.5
• Updated Spring Boot Starter Security to 2.7.5
• Updated Spring Security to 5.7.5
• Updated Jackson databind to 2.13.4.1
• Updated Apache Commons Text to 1.10.0

There is limited support for GraphDB 10.0.x and 10.1. The limitations include:

• GraphDB 10.x
  • Only single address needs to be provided for GraphDB cluster deployments. Specifying multiple addresses will use the ‘old’ GraphDB enterprise client that is not compatible with the cluster architecture of GraphDB 10.
  • The configuration sparql.endpoint.cluster.forceClusterClient should not be set to true.
• GraphDB 10.0.3
  • SHACL validations are not supported
  • The configuration sparql.endpoint.enableStatistics must be set to false as negatively affects some of the filtering optimizations
• GraphDB 10.1
  • SHACL validations are not supported

• Semantic Objects
  • Fixed the support for filters of multi-valued literal properties.
  • Improved the performance of the SPARQL value escape operation.
  • Added option to preload mutations during service startup. The new functionality is controlled by the configurations: graphql.preload.enabled and graphql.preload.location. Failures in the request will be ignored.

Improvements¶

• Deployment and Operations Improvements

To address the latest security vulnerabilities found in dependent libraries, the following library versions have been updated:

• Updated Micrometer to 1.9.3
• Updated Spring Boot to 2.7.4
• Updated Spring Boot Starter Security to 2.7.3
• Updated Spring Framework to 5.3.23
• Updated Spring Security to 5.7.3
• Updated Spring Hateoas to 1.5.2
• Updated Hydra Java to 0.4.4-onto
• Updated Jackson libraries to 2.13.4
• Updated SnakeYaml to 1.33
• Updated Embedded Mongo to 3.4.8
• Updated Mockito to 4.7.0
• Updated GraphQl Java to 17.4
• Updated GraphQl Java External Scalars to 17.1

New Features¶

• Semantic Objects
  • Added support to allow changing the accessed repository per request.
  • Added support to control the query inference and owl:sameAs expansion per request.
  • Added support to control the query dataset selection using FROM.
  • Added support to control the mutation dataset selection with USING and WITH.
  • Added support for JSON Web Key Set used to verify JSON Web Tokens (JWT) and asymmetric signing keys.

Improvements¶

• Semantic Objects

• Improved SPARQL query builder for SPARQL federated queries for treating abstract, non-federated types as federated if all sub-types are also federated. This greatly improves the queries that rely on such a type.

Bug Fixes¶

• Semantic Objects

• PLATFORM-4601: SPARQL query variable like text should not be escaped in SPARQL fragments
• PLATFORM-4599: SPARQL fragments do not process prefixes in query paths

Improvements¶

• Deployment and Operations Improvements

To address the latest security vulnerabilities found in dependent libraries, the following library versions have been updated:

• Updated Tomcat to 9.0.64
• Updated Micrometer to 1.9.1
• Updated Spring Boot 2.5.14
• Updated Spring Framework 5.3.21
• Updated Spring Security 5.6.6

To address the latest security vulnerabilities found in dependent Docker images, the following image versions have been updated:

• Replaced the Adopt Open JDK Alpine Docker image with Eclipse Temurin Alpine JRE image
• Updated Kong to 2.6.1
• Updated Node.js to 12.22.12-alpine3.15
• Updated Postgres to 11.16-alpine

Improvements¶

• Deployment and Operations Improvements

To address the latest security vulnerabilities found in dependent libraries, the following library versions have been updated:

• Updated Spring Boot to 2.5.13
• Updated Spring Security to 5.6.4
• Updated Spring Web MVC to 5.3.20

• Semantic Objects
  • Improved memory footprint during response processing.

Bug Fixes¶

• PLATFORM-4562 Improve query parsing
• PLATFORM-4535 Semantic Objects generated addresses do not work when behind proxy context path
• PLATFORM-4557 Update GraphQL generation to properly escape Type.name
• OMDS-587 Fix inline fragment merging
• OMDS-525 Allow custom jwt processing

Improvements¶

• Deployment and Operations Improvements

To address the latest security vulnerabilities found in dependent libraries, the following library versions have been updated:

• Upgraded to GraphDB 9.11.1
• Updated Spring Boot to 2.5.12
• Updated Spring Security to 5.6.2
• Updated Spring Web MVC to 5.3.18
• Updated Jackson Core, Jackson Annotations, and Jackson Dataformat YAML to 2.12.6
• Updated Jackson Databind to 2.12.6.1
• Updated Micrometer Registry StatsD to 1.8.4

• Semantic Objects
  • Updated the default value for objects and properties label to be more human-friendly
  • Removed default suffix from descriptions in the GraphDL schema @descr directive
  • Allowed overriding of the JWT claim mappings. The new configurations can be found here.

Bug Fixes¶

• PLATFORM-4553 Improve handling of invalid type values
• PLATFORM-4535 Semantic Objects generated addresses do not work when behind proxy context path

New Features¶

• Semantic Objects
  • Added support for Enumeration types in SOML and GraphQL.

Improvements¶

• Deployment and Operations Improvements
  • Upgraded to GraphDB 9.10.3
  • Updated Spring Boot to 2.5.9
  • Updated Spring Security to 5.5.4
  • Updated Spring Web MVC to 5.3.15
• Semantic Objects
  • Semantic Objects capability for Elasticsearch connector management has been moved to the Semantic Search:
    • Removed the Elasticsearch connector management
    • Removed the Elasticsearch health check
    • Removed the Elasticsearch libraries from the deployment
    • Moved the Elasticsearch related configurations to Semantic Search
  • Added support for GraphQL Mesh
  • Allow child class to overwrite parent’s template property

Bug Fixes¶

• PLATFORM-4471 Schema notifications do not detect schema removal
• PLATFORM-4454 SHACL cluster: different error message for type constraints
• PLATFORM-4453 Default values in variable definitions are not processed
• PLATFORM-4448 ‘hasRole’ directive is missing from introspection with security
• PLATFORM-4421 Meta directive’s value is not properly serialized
• PLATFORM-4400 Nested create fails if property range is with a prefix
• PLATFORM-4250 lang characteristics is not applied on Delete mutation response