Changelog

See our buildlog for relationships between specific docker hashes and version tags. The most recent releases are at the bottom of the file. There will only ever be multiple hashes for a single version tag if the underlying image was rebuilt to fix a security vulnerability.

v2.1.2

Changed

• Improved error message when failing to parse the TSP response.

v2.1.1

Changed

• Moved log messages for unsupported parameters from warn to trace.
• Update dependencies.

v2.1.0

Added

• Added field mapping option index_phrases to provide phrase search functionality.

Changed

• Improved compatibility with Java High Level Rest Client.
• Fixed a bug that caused some protected fields to contain an extra token.

v2.0.0

This release marks a major overhaul to the functionality of Cloaked Search.

Added

• Bulk index API
• JSON query syntax
  • Includes explicit support for bool, dis_max, function_score, match, match_phrase, multi_match, prefix, query_string, and term. Other queries types may be supported implicitly.
• Index groups - multiple indices that share a search salt and can be queried together
• Index/search of derived multi-fields
• Index/search of JSON objects in documents

Changed

• Redesigned the configuration file to more closely match Elasticsearch structures
  • File format changed from YAML to JSON.
  • Index configurations should now be located in indices folder adjacent to the global configuration file.
  • Various analyzers, filters, and tokenizers have been reworked/renamed. See our documentation for details.
  • Added field mapping option index_prefixes to provide prefix search functionality.
• Changes to Query String search
  • Returns an exception on suffix searches. This can be accomplished with prefix searches on a field with the reverse filter.

v1.1.3

• Removed ability to search over multiple indices to avoid exposing blind index tokens

v1.1.2

• Relaxed top level search object parsing to support _type deprecation

v1.1.1

• added multi arch builds. amd64 and arm64 docker containers are both published to gcr.

v1.1.0

• Added support for PUT endpoints on the index api.
• Dependency updates.

v1.0.0

• _icl_ prefix for protected fields instead of protected_
• _encrypted_source only contains protected fields
• Disallow directly querying protected fields
• Reduce likelihood of collision on trigrams
• Allow tenant_id to be fixed per index

v0.6.1

• Few miscellaneous bug fixes.

v0.6.0

• Fix issue with wildcard parsing
• Add extra validation for standalone keys
• Support Bool, Number, and String fields on index
• Fix multi-language detection on substring search
• Only try to replace hits source on successful requests
• Error when given an unexpected body type
• Error for substring queries that do not include enough characters
• Require tenant ID for search and index
• Improve error messages for queries using disabled filters

v0.5.0

• Add accept_invalid_certs configuration
• Update es_url to search_service_url.
• Add _cloaked_search/health and _cloaked_search/live endpoints to aid in real deployments.
• Make tenant_id_field configurable per index.
• TSC integration.
• Add link to 5M wikipedia set from tantivy.
• Allow tenant ids to be String, Number or Boolean instead of just String.
• Improve tenant detection.

v0.4.0

• Moved standalone secrets to files, config points to them.
• Add support for +/- substring, phrase and term queries.

v0.3.0

• Sign over the edek protobuf when we create it and verify it on deserialization.
• Add prefix/suffix substring (trigram) support.

v0.2.0

• Automatically select the best filter on query
• Add a check to make sure the requesting tenant matches resulting document
• Add phonetic filter to analyzer
• Allow changing analyzers in config file
• Upgrade to alpine-3.14, and rust-1.54
• Dependency updates

v0.1.48

• Initial version of CSP

Versioning Policy

See our container versioning policy documentation.