This file summarizes notable changes introduced in aktualizr version. It roughly follows the guidelines from Keep a Changelog.

Our versioning scheme is YEAR.N where N is incremented whenever a new release is issued. Thus N does not necessarily map to months of the year.

[??? (unreleased)]

[2020.5] - 2020-04-01

Changed

Fetch garage-sign from new AWS bucket via CNAME: PR #1619 and PR #1622

Fixed

Abort update immediately if Secondary metadata verification fails: PR

[2020.4] - 2020-03-24

Added

aktualizr-secondary can now reboot automatically after triggering an update: PR
Reports are now stored in the SQL database so they persist through unexpected shutdown: PR

Changed

garage-push now always pushes the OSTree ref to Treehub: PR
Consistently follow the Uptane standard's style guide when using Uptane concepts, including the metadata output options of aktualizr-info: PR
Public contributions now are tested with Github Actions instead of Travis CI: PR
Default/recommended Yocto branch is zeus (3.0): PR
Improved logging for aktualizr-secondary: PR

Fixed

Abort initialization if ECUs are already registered: PR
Always use 64-bit integers for disk space arithmetic: PR
Reject Director Targets metadata with delegations or repeated ECU IDs: PR

[2020.3] - 2020-02-27

Added

Pluggable package managers for the Primary: PR
Log basic device information when starting aktualizr: PR

Changed

Wait for Secondaries to come online before attempting installation: PR #1533 and PR #1562
Renamed shared libraries to remove the extraneous "\_lib": PR

Fixed

Apply pending updates even if their metadata expired if the installation was initiated before the expiration: PR
Add a mising include to fix building libaktualizr out-of-tree: PR
Restore interrupted downloads correctly: PR
Use uintmax_t for storing file length to support files greater than 4 GB: PR

[2020.2] - 2020-01-30

Changed

Require OpenSSL >= 1.0.2 explicitly: PR

Fixed

Catch the disk space availability exception: PR
Correct secondary target name/filepath in a manifest: PR

[2020.1] - 2020-01-17

Added

Basic file update on IP Secondaries: PR

Changed

Increased Targets metadata file size limit: PR
Check and fetch Root metadata according to the Uptane standard: PR
Don't fetch Snapshot or Targets metadata if we already have the latest: PR
Dynamically link aktualizr and the tests with libaktualizr as shared library: PR
Reject all targets if one doesn't match: PR

Fixed

Do not provision if the Primary times out while connecting to Secondaries: PR
Use a bool type instead of a string in the virtual secondary config: PR
Correctly read blob data with null terminators from the SQL database: PR
Report installation failure if download or target matching fails: PR
Disk space is now checked before downloading binary files to ensure sufficient available disk space: PR
Fixed several issues with OSTree updates on IP Secondaries: PR

[2019.11] - 2019-12-12

Added

Allow logger to use stderr: PR
Full metadata verification on IP Secondaries: PR
Log when connectivity is restored after an interruption: PR
Aktualizr now sends its configuration to the backend at boot, for audit purposes: PR

Changed

The jsoncpp library is now included as a submodule and was updated to v1.8.4: PR
PKCS11 engine paths auto-detection is not done at runtime anymore, but at configure time when possible: PR

Fixed

Removed bogus warning at boot when using OSTree: PR
Updated the docker-app package manager to work with docker-app v0.8: PR
Overriding of log level when using the docker-app package manager: PR
Report correct hash of the currently installed version on IP Secondary:: PR

[2019.10] - 2019-11-15

Added

Option to send Android repo manifest via garage-push: PR
Expanded C API: PR #1387 and PR #1429

Changed

Hardware information is only sent if it has changed: PR
Builds without OSTree now default to using the binary package manager: PR
New endpoint for reporting hardware information: PR

Removed

libsystemd dependency and socket activation support: PR

Fixed

Enforce a limit of 10 HTTP redirects: PR
Reject malformed root.json: PR
Fall back on full file download if byte range requests are not supported: PR

[2019.9] - 2019-10-16

Added

Handle POSIX signals: PR
Store target custom metadata when installing: PR

Fixed

Incorrect installation status reported if installation interrupted: PR
Binary updates of secondaries from an OSTree primary is again possible: PR
Applications built from release tarballs now report a valid version: PR

[2019.8] - 2019-09-12

Fixed

garage-deploy logic with checking for keys and verifying successful push: PR

[2019.7] - 2019-09-10

Added

GetInstallationLog API method: PR
The aktualizr daemon will now automatically remove old downloaded targets to free up disk space: PR
CA path is now always supplied to curl and can be overwritten: PR

Changed

garage-push and garage-deploy can now stream OSTree objects to S3 via Treehub (instead of getting copied): PR

Removed

hmi-stub (replaced by libaktualizr-demo-app): PR

Fixed

Uptane metadata is now rechecked (offline) before downloading and installing: PR
Downloaded target hashes are rechecked before installation: PR
Failed downloads are now reported to the backend in the installation report: PR
Binary targets for an OSTree-based primary are now rejected immediately: PR

[2019.6] - 2019-08-21

Added

garage-sign metadata expiration parameters: PR
aktualizr-info –wait-until-provisioned flag: PR
Target object equality requires that hardware IDs match: PR
aktualizr-repo image command now requires a hardware ID: PR
GetStoredTargets and DeleteStoredTarget aktualizr API methods: PR
aktualizr-get debugging tool: PR
Automatic reboot command is now customizable: PR
Basic C API: PR
Ability to pass custom headers in HTTP requests: PR
Mutual TLS support in garage tools: PR #1243 and PR #1288

Changed

Renamed GetStoredTarget to OpenStoredTarget in aktualizr API: PR
Renamed aktualizr-repo to uptane-generator: PR
Documentation substantially restructed: PR
Target matching between the Director and Image repositories is now done as early as possible during the check for updates: PR
Target matching requires the hardware IDs to match: PR
Custom URL logic now prefers the Director and if it is empty, only then checks the Image repository value: PR

[2019.5] - 2019-07-12

Added

TLS support by aktualizr-lite: PR
automatic garage-check usage at the end of garage-push/deploy: PR
ccache support: PR
doc on Primary and Secondary bitbaking for RPi: PR

Changed

Stripping of executables in release mode: PR
VirtualSecondary configuration: PR

Removed

Jenkins pipeline and a few references: PR
Test repo meta: PR
SecondaryFactory and VirtualSecondary out of libaktualizr: PR
Fallback on clang-{tidy,format}: PR

Fixed

Logic of finding the latest version by aktualizr-lite: PR
Test regression in docker-app-mgr: PR
Some more lintian fixes: PR

[2019.4] - 2019-06-14

Added

Campaigns can be declined and postponed via the API: PR
Warn when running two libaktualizr instances simultaneously: PR #1217 and PR #1229
aktualizr-info can output the Snapshot and Timestamp metadata from the Image repository: PR
aktualizr-info can output the current and pending image versions for secondaries: PR
Support for docker-app package management on top of OSTree: PR

Changed

Provisioning methods have been renamed. "Autoprovisioning" or "automatic provisioning" is now known as "shared credential provisioning". "Implicit provisioning" is now known as "device credential provisioning". "HSM provisioning" was always a misnomer, so it is now refered to as "device credential provisioning with an HSM". PR# 1208 and PR #1220
aktualizr-cert-provider is now included in the garage_deploy.deb releases: PR
aktualizr-info metadata and key output is now printed without additional text for easier machine parsing (and piping to jq): PR
The IP secondary implementation has been substantially refactored and improved with support for POSIX sockets and easier configuration: PR #1183 and PR #1198

Removed

aktualizr-check-discovery (due to obsolescence): PR

[2019.3] - 2019-04-29

Added

New tool aktualizr-lite for anonymous TUF-only updates: PR
Abort() API call: PR
Option to print delegation metadata with aktualizr-info: PR
Support for custom URIs for downloading targets: PR
SendManifest() API call: PR
Support for Android package management: PR

Changed

Device installation failure result codes are deduced as concatenation of ECU failure result codes: PR
No longer require hashes and sizes of Tagets objects in Snapshot metadata: PR
Updated documentation: PR

Removed

example.com is no longer set as the default URL when using garage-sign via garage-deploy: PR
OPC-UA secondary support: PR

Fixed

Check for updates even if sending the manifest fails: PR
Correctly handle empty Targets metadata: PR #1186 and PR #1192
Various OSTree-related memory leaks and suppressions: PR #1114, PR #1120, and PR #1179
Various spurious and/or confusing log messages, e.g.: PR #1112, PR #1137, and PR #1180

[2019.2] - 2019-02-21

Added

A new configuration parameter force_install_completion that triggers a system reboot at the end of the installation process for update mechanisms that need one to complete (e.g. OSTree package manager)
Support for delegations: PR #1074 and PR #1089
Backward migrations of the SQL storage is now supported. It should allow rollbacking updates up to versions containing the feature: PR

Changed

Image files are now stored on the filesystem instead of SQL. This was necessitated by blob size limits in SQLite. PR
The Pause and Resume can now be called at any time and will also pause the internal event queue. API calls during the pause period will be queued up and resumed in order at the end. PR
Boost libraries are now linked dynamically (as with all other dependencies): PR

[2019.1] - 2019-01-10

Changed

Most API calls refactored to return immediately with a future
With an OSTree primary, an installation is now considered successful when the device reboots with the new file system version. Before that, the installation is still considered in progress.
Running modes in libaktualizr have been replaced by simpler logic in the aktualizr wrapper: PR
Tests now use ed25519 as the default key type: PR
Improved performance of garage-deploy: PR

Added

Auto retry for more robust download: PR
Expanded functionality of aktualizr-repo: PR #1028 and PR #1035
Option to run garage-push and garage-check to walk the full repository tree: PR
Ability to pause and resume OSTree update downloads: PR

Removed

Downloads are no longer done in parallel, as this substantially impacted the download speed: PR

Fixed

Correctly download targets with characters disallowed in URI in their name: PR

[2018.13] - 2018-11-05

Added

Ability to pause and resume binary update downloads
Expose download binary targets in API

Changed

Secondaries configuration files must now lie in a common directory and specified in command line arguments or in static configuration: documentation
API has been upgraded: FetchMeta has been merged with CheckUpdates and most functions now have meaningful return values.

Removed

implicit_writer has been removed as it was no longer being used.

Fixed

Now trim whitespaces in some of our configuration and provisioning files (from meta-updater #420)

[2018.12] - 2018-10-10

Changed

Various updates in API
sota_implicit_prov is deprecated
All the imported data should be under /var/sota/import

Fixed

HSM provisioning should not import certificate and private key, they belong to HSM, not to storage
Make cert provider respect path to import directory

[2018.11] - 2018-09-05

Fixed

Really remove the local tuf repo before and after garage-sign.

[2018.10] - 2018-09-04

Added

garage-deploy and aktualizr releases for Ubuntu 18.04

Fixed

Prevent re-use of existing tuf repos

[2018.9] - 2018-08-30

Fixed

Fixes to garage-deploy to improve reliability and logging

[2018.8] - 2018-08-16

Fixed

Bug with path concatenation in garage-deploy

[2018.7] - 2018-05-31

Changed

garage-deploy package is now built against Ubuntu 16.04

[2018.6] - 2018-05-28

Fixed

Expiration in garage-sign