Skyve 9.4.2 released

This release of Skyve introduces improvements to web error handling and enhanced security auditing for concurrent user sessions.

Improved Web Error Handling

Skyve 9.4.2 introduces a centralised approach to web error handling. Error responses now present user-friendly messages that include a unique reference code, making it easier for users to report issues and for support teams to trace them in the logs.

A new WebErrorUtil utility class has been introduced to generate these user-safe error messages and to provide consistent, structured logging across all major web error handling points, including servlets and JSF views.

Concurrent Session Auditing

A SecurityLog event is now raised when a user opens a new session from a different browser or device (as distinct from opening a new tab within the same browser). This supports enhanced auditing and detection of concurrent sessions across different clients.

This behaviour can be toggled on or off per Skyve instance using the following settings in your application's JSON configuration file, or using the Configuration Startup tab in the admin module:

// Security Settings
"security": {
    // Log a security event when a user opens another session on a different browser/device
    "concurrentSessionWarnings": true,
    "concurrentSessionNotifications": true,
}

Notes for Upgrading

To upgrade your Skyve project to this version, change the Skyve version in your pom.xml to 9.4.2 and perform an assemble.

If you are upgrading from a version older than 9.4.1, please see the previous release notes and also apply those changes.

See the complete upgrade instructions on GitHub.