The latest version of the release notes can be found on the website.
- add support for app parameters such that the user must select some (arbitrary) parameters before starting an app (see docs).
- add support for running multiple ShinyProxy replicas providing scaling and high availability (see docs)
- add option to automatically pull Docker image when using Docker engine
- add support for Shiny bookmarking
- add option to track the URL of the app in the browser. This ensures the URL in the browser changes together with the (active) URL of the iframe.
- add Prometheus metrics for the duration of the individual steps of starting an app (e.g. scheduling, pulling image, starting of application) see docs)
- support using multiple usage statistics plugins at the same time, ( see docs). - add
My Apps
modal that shows the current (active) applications of the user. This can also be shown inline on the main page. - add
App Details
modal to the app page, theSwitch Instance
modal and the ( new)My Apps
modal. In addition to showing basic information about an app, it also shows when an app will be stopped by ShinyProxy (e.g. because of heartbeat timeout or max-lifetime). - show a message when the user has access to zero apps (instead of an empty page) - add support for additional port mappings. For example proxying the path
/mypath
to a different port on the same container, see docs - inject a javascript file into the iframe on the server (instead of on the client). The previous method did not work all the time on all browsers. - improve admin page
- add option to show the
Switch Instance
modal before opening an app such that the user can re-open an existing app or choose the name for a new app, see docs. - add support for secrets when using Docker Swarm, see docs - add support for memory and cpu requests and limits when using Docker Swarm
- add support for private registries when using Docker and Docker Swarm, see docs
- the duration of the API call to start an app is now limited at 10 seconds, therefore there is no need to increase request timeouts of proxies or loadbalancers
- do not show internal errors and stack traces to users for improved security (errors are still logged)
- improve error reporting when app fails to start on Kubernetes: warnings reported by Kubernetes are now logged in ShinyProxy logs (e.g. issues with the image, issues with the nodes or scaling etc.)
- add option to output logs as (structured) JSON (using logstash format) (see docs)
- logged stack traces are now more concise (when using the JSON format)
- improve collecting applications logs on Kubernetes by ensuring that logs are always flushed
- improve application log writing to S3: logs are now send to S3 every 10 seconds and every 1MB (previously the Docker backend would write the logs to S3 on every write)
- improve App Recovery by not using the application spec when recovering applications. Therefore, the spec of running applications can be changed or removed, after which the ShinyProxy can be restarted ( see updated docs)
- add support for setting an annotation to
kubernetes-additional-manifests
that allows to specify how existing Kubernetes resources must be updated (see docs) - when
proxy.kubernetes.debug-patches
is enabled additional manifests are now logged as well - add support for using auth related objects in SPeL expressions in the
kubernetes-additional-manifests
andkubernetes-additional-persistent-manifests
properties - change the way
kubernetes-additional-manifests
are deleted such that the SPeL expressions in these properties are not evaluated when the manifests are deleted. Therefore, ShinyProxy can now delete resources of which the name is dynamic (using SpEL) or when the spec is unknown (e.g. when using the operator or App Recovery). - make it possible to use SpEL in
max-instances
,heartbeat-timeout
,max-lifetime
andtarget-path
properties (see docs) - the API no longer returns security-sensitive runtime values
- the API no longer includes the spec when returning information about an app, such that the API does not return security-sensitive information
- the API now returns only a limited set of properties when querying for specs ( also to improve security), this can optionally be reverted (see docs)
- add option to configure CORS (see docs)
- add option to add custom headers to HTTP responses (see docs)
- add option to disable default security headers (see docs)
- add OpenAPI specification and swagger API docs
- drop kerberos support
- OIDC access tokens are now automatically refreshed, such that a new container always has a non-expired access tokens. ShinyProxy now also respects the max session lifetime of the OIDC Identity Provider.
- make it possible to use PKCE when using OIDC (see docs)
- make it possible to use the
userinfo-url
endpoint when using OIDC (see docs) - Fix: properly handle when user reloads the page while starting or stopping an app
- Fix: ensure height of apps is correct when using custom navbar
- Fix: restore ShinyProxy acting as an OAuth Resource Server
- Fix: memory leak in
ActiveProxiesService
- Fix: prevent the user from ending on the
/auth-error
page when their session expires when using OIDC - Fix: always redirect to the main page after logging in. Otherwise, users might end up on internal API endpoints or on pages that no longer exist (e.g. removed app or instances).
- Fix: replace the SAML implementation using the new Spring implementation for improved security
- Fix: do no return internal errors (e.g.
app_stopped_or_non_existent
) on/app_direct
endpoint - Fix: correctly parse
emails
claim when using OIDC