v2.0.0

• Added support for macOS ARM64.
• Upgraded to Node.js 22.
• Deprecated proxy support due to its complexity and maintenance burden (breaking).
• Removed preCache configuration parameter and online RPKI validation, for improved reliability (breaking).
• Converted deprecated resource_templates and threshold to errors; bumped config version to 3 (breaking).
• Fixed incorrect peer threshold calculation that gave some collector peers extra weight.
• Fixed misclassification of neighbors when a collector’s peer occasionally appeared as an upstream.
• Fixed ROA event hashing that caused duplicate alerts.
• Fixed Telegram integration bot URL.
• Fixed Microsoft Teams integration example.
• Migrated from Restify (no longer maintained) to Express.js.
• Switched packaging to yao-pkg/pkg.
• Applied several security patches.

v1.33.0

(what it is? how to install? read here)

[minor]

• included Trust Anchor specific tolerance on malfunctions (more tolerance for AFRINIC, see issue #1204)
• updated node version (previous version EOL)
• build debian packages on release (thanks @jbond)
• introduced auto-submitted header to reportEmail to avoid auto-responders replying to alert emails (thanks @XioNoX)
• introduced blacklistSources parameter in connectorRIS to ignore specific collectors' peers (thanks @tomsiewert)
• introduced skipPrefixMatch, which allows to send all the AS-related alerts to the AS monitoring rule instead of giving priority to prefix rules
• introduced specs check at boot
• enriched RPKI metadata payload to all RPKI events, to troubleshoot issues on vrp files

[patch]

• fixed memory usage spikes and reduced overall memory usage
• updated and patched dependencies (including security patches)
• improved CPU usage
• fixed RIPEstat connector timeouts while generating neighbor configurations of ASes with large customer cones
• fixed RIS connector to prevent triggering RIS flooding protections
• automatically create volume directories if not yet available at boot
• more robust AS number validation
• fixed update script erroneously wiping log files on software update (thanks @davemidd)
• reduced stack usage on match filtering
• fixed rare situation in which RPKI alerts were missing information about the expiring parent component
• fixed occasional duplicated alert about ROA diff due to unstable hashing

v1.32.0

[minor]

• introduced reportMatrix (thanks @NickBouwhuis)
• introduced Jira integration (thanks @momorientes and @PacketVis)
• introduced safety threshold to avoid alerting on stale rpki data
• introduced possibility to specify notificationIntervalSeconds per reporting module
• default to enableAdvancedRpkiStats to false to reduce memory usage
• migrated to node 18

[patch]

• fixed memory usage peaks that was causing occasional crashes on low-spec VMs
• reduced data usage for rpki data downloads based on http headers
• updated dependencies, including security patches (#801, #1010)
• improved wording of misconfiguration alert (#940)
• improved documentation
• fixed alert text including multiple origin ASes that was provoking weird comma-separated listing
• fixed ambiguous reporting of expiring roa components in case of advanced stats out of sync with vrp file
• fixed rpki parsing util not accepting "api" as valid provider (#1005)

v1.31.1

[patch]

• fixed a bug that was impacting the sensitivity of withdrawal detection for ipv6 prefixes (thanks @mfld-pub for reporting and helping with the debugging)
• fixed event context for path monitoring
• updated dependencies

v1.31.0

[minor]

• Introduced Debian packaging (thanks @b4ldr)
• Enrich alert data with covering vrps at the time, for easier debugging (reported by @PacketVis)
• Add relevant data bits of path monitoring to context/email templates to be able to provide actionable alerts (reported by @PacketVis)

[patch]

• Fixed navigation of rpki chain (and improved performance), when ROAs were expiring due to a manifest, this was not reported correctly making the alert ambiguous (thanks @PacketVis)
• More reliable detection of silent sockets not based only on ws ping
• Added github-actions and docker to dependabot monitoring (thanks @GoliathLabs)
• Updated and patched dependencies

v1.30.1

This is a patch on version 1.30.0, which introduced many improvements. Including, better RPKI monitoring able to self-debug some RPKI issues (thanks to rpki-client metadata, @job). E.g.,

The following ROAs will become invalid in less than 2 hours: <193.0.0.0/21, 3333, 21, ripe>; 
<193.0.10.0/23, 3333, 23, ripe>. The reason is the expiration of the following 
parent components: rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer

--> See v1.30.0 for complete changelog.

[patch]

• Fixed missing metadata in some roa alerts.
• Allow disabling rpki stats to reduce memory usage and introduced memory requirements in documentation

v1.30.0

[minor]

• Improved RPKI alerting to include more detailed information about the exact expiring/malfunctioning components. It will tell you whether your ROAs are expiring or something else in the validation chain (thanks to rpki-client metadata, @job). E.g.,

  The following ROAs will become invalid in less than 2 hours: <193.0.0.0/21, 3333, 21, ripe>; 
  <193.0.10.0/23, 3333, 23, ripe>. The reason is the expiration of the following 
  parent components: rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
  

• Improved alert metadata to include info about the exact ROAs covering the prefix at the time of the reporting, the validator used, the host used for the validation, the time of the last validation cycle, and more.
• Improved logs to inform when and where alerts are sent (to which email/ip/channel), in addition to the usual log in case of failure. This helps in discovering silent failures (e.g., a fw between BGPalerter and your syslog instance).
• Split channels between monitorRPKI and monitorROAs in the default configuration, to easily dispatch the alerts in different reports.
• Added support for docker-compose (thanks @GoliathLabs).

[patch]

• Updated dependencies and improved security.
• Fixed error in generating context when showPath is active but no paths are reported.
• Fixed error on neighbor auto-config on configurations when generating configurations based only on prefixes (reported by @donwito).
• Improved performance on watching prefix list.
• Fixed canary feature not recovering after multiple failures.
• Improved documentation about installation and ROA alerting.
• Updated version of supported Kafka.
• Improved linux doc on how to automatically run upgrades (thanks @herbetom).
• Reduced memory usage of prefix-generation phase.
• Many minor fixes...

v1.29.0

[minor]

• Introduced authentication header for websocket connections 006eb64
• Introduced timeout verification in case of missing open message from RIS 0125b17
• Introduced OpsGenie HTTP configuration example d1761bb (thanks @trickv)
• Introduced RocketChat HTTP configuration example 0f52fb2 (thanks @cadirol)
• Binaries are now compiled against node 14 006eb64

[patch]

• Updated dependencies
• Fixed traling slash bug on ws parameters e4f19d3
• Improved documentation about volume parameter 2bb199a
• Update Kafka version in automated tests environment 53203ba
• Adopted semver nomenclature in documentation 4491f4e
• Filter out RIS beacons when these are used only as a health check of the socket (preventing #732 for some RIS feeders) 4301b2b
• Improved TA malfunction alert fdce01d

v1.28.4

[patch]

• fixed bug in which monitoring rules were overwriting each other (#648);

This bug may have affected your auto-generated prefixes.yml file (delete prefixes.yml and generate it again)

• pointed RIPE's vrp api to the new api powered by routinator;
• updated dependencies.

v1.28.3

[patch]

• fixed colors in reportSlack (#626, thanks @L0wbyte)
• fixed crashes in case of websocket stuck in connecting state while a beacon check is performed (#632)
• fixed reportEmail not sending emails in case of missing user group declaration (#634)