Notes
JWT validation now supports enforcing the iss (issuer) and aud (audience) claims. It is strongly recommended to set the OPENID_PROVIDER_ISSUER and OPENID_AUDIENCE environment variables to prevent tokens minted for other applications from being accepted by Blaze.
Survey
Please take one minute to fill out the short Blaze Usage Survey — your feedback helps us prioritize future development.
Security
- Fix JWT Validation to Enforce iss and aud Claims (#3552)
Enhancements
- Implement CQL ValueSet Retrieve (#3279)
- Implement the in Modifier for Token Search Params (#1970)
- Implement $versions Operation (#3594)
- Implement filter parameter on ValueSet/$expand (#3570)
- Add OIDC Auth for External Terminology Service (#3537)
- Periodically Log JVM Memory and GC Usage (#3522)
Performance
- Add Write-Through Cache Support to Local Page Store (#3548)
Bugfixes
- Fix Paging on Type Search with Non-existing Patient References (#3601)
- Fix HTTP Status 500 when Searching Resources in a Transaction (#3584)
- Escalate Cassandra Read Consistency from ONE to QUORUM on Not-Found Retry (#3561)
Documentation
- Fix Missing Favicon in Docs (#3524)
The full changelog can be found here.