42Crunch Platform release, April 6, 2020

This 42Crunch Platform release adds support for OpenAPI definitions in YAML format, a new check in API Security Audit, and improvements to documentation.

New features

The following are the new features and improvements to the existing ones in this release.

YAML support

In addition to JSON, 42Crunch Platform now also supports OpenAPI definitions in YAML format.

• Import and upload OpenAPI definitions as .yaml files.
• Convert API definitions already in the platform from JSON to YAML and back as needed.
• Download API definitions from the platform in YAML as well.
• Preview API definition in YAML in Security Editor.

Support for editing an API definition in YAML is coming in a future release.

For more details, see API definitions.

New check in Security Audit

A new check on server URL has been added to Security Audit. The audit now checks that the property url of the server object is an absolute URL.

This check applies only to the OpenAPI Specification (OAS) v3.

Improvements in documentation

There have been several smaller updates to the platform documentation:

• Information on navigating the platform has been added to make it clear which parts the documentation refers to.
• More information on Security Editor and our extension for Microsoft Visual Code has been added.
• More information has been added on fixing the issues that Security Audit found.
• A section on how to test API Firewall after deploying it has been added.

Compatibility

This release is compatible with the following API Firewall images:

• 42crunch/apifirewall:v0.16.3
• 42crunch/apifirewall:v0.16.4
• 42crunch/apifirewall:v0.16.5

All previous image versions have been deprecated and are not compatible with this version of the platform.

When you switch the version of the API Firewall image, you must reconfigure any existing protection configurations so that they work with the new version. For more details, see Reconfigure API Protection.

Known issues

This release has the following known issues.

Removing an API does not stop the API Firewall instance

If you delete an API from 42Crunch Platform and that API has an active API Firewall instance protecting it, API Firewall continues to run unless you specifically stop it. Same happens if the protection token that the API Firewall instance uses is deleted or otherwise becomes invalid.

This will be fixed in a future release.