The Lagom team has released Lagom 1.3.10. For a list of the specific changes in Lagom 1.3.10, see the change log.
This release provides a few bug fixes, minor improvements and dependency updates. As an overview, this release contains the following:
- Play updated to 2.5.18, fixing a security issue (see Security Advisory below)
- Akka Persistence Cassandra updated to 0.30, fixing an issue where events can be skipped in a read-side processor
- You can now use collection-value path parameters (for example, http://localhost:9000/users?username=alice&username=bob&username=carlos)
- Fixes a compatibility issue with Firefox and streaming service calls
We’ve continued to get great pull requests from the Lagom community. Special thanks to GitHub users Jirka Kremser, Micho, Jules Ivanic, Olivier Nouguier, Saniya Tech, Julien Jean Paul Sirocchi and HSalaila for your contributions to Lagom 1.3.10!
Security Advisory
The Play 2.5.18 update contains a fix for Improper Vary header handling in CORS filter. While this issue does not affect Lagom directly, some Lagom users might use Play’s CORS filter in their services. If this applies to you, please read the Play security advisory carefully.
The Lagom team recommends that all users of Lagom read the Play Security Vulnerabilities page and subscribe to the Play security announcements mailing list.
Updating a Lagom project to version 1.3.10
To update an sbt project, change the version of lagom-sbt-plugin in your project/plugins.sbt file.
To update a Maven project, change the lagom.version property in your top-level pom.xml.
After updating, it is recommended to fix any new deprecation warnings you see when compiling or running your services.
Cookies are required for this functionality.Allow Cookies