Current StreamBase 10.6.2 Release Notes

These are the release notes for the TIBCO StreamBase® component of TIBCO® Streaming 10.6.2.

New Features

TIBCO® Streaming 10.6.2 adds the following updates and new features:

TIBCO® Streaming Now Bundles Java 11.0.11

Starting with release 10.6.2, TIBCO Streaming 10.6 runs only with and requires an installation of Oracle JDK 11.0.11 or a later JDK 11 version.

On all supported operating systems, the TIBCO Streaming installation kit provides the runtime components of Oracle JDK version 11.0.11 in a subdirectory of the StreamBase installation directory, for private use to run StreamBase program fragments and applications from within StreamBase Studio. As before, StreamBase detects and prefers a system-installed JDK, and uses the bundled JDK as a fallback. See further details about the JDK requirements of this release in the JDK entry of the Supported Configurations page.

New --exclude-supplied-checksums and --other-artifacts options for epdev deploy maven

Starting with release 10.6.2, the --exclude-supplied-checksums option can be used to allow Maven artifact deployment to certain artifact servers that do not ordinarily accept checksum files for artifacts. The --other-artifacts option for the install maven and deploy maven cases can be used to bring in other artifact sets to a Maven environment.

On a related note, Streaming artifact repositories no longer contain MD5 checksum files, which Sonatype Nexus Repository servers do not accept by default.

Changes in Functionality

This release includes no new changes in functionality.

Deprecated and Removed Features

The following features are deprecated as of StreamBase 10.6.2.

Some Legacy Database Support Is Deprecated

JDBC support for Oracle 11g, Microsoft SQL Server 2008, and all versions of Vertica is deprecated and will be removed in a future release.

Migration and Compatibility

Not applicable.

StreamBase Known Limitations

This section describes known limitations as of the current release of the TIBCO StreamBase® component of TIBCO® Streaming. Each item includes a tracking number, description, and workarounds when possible.

Known limitations for using the EventFlow debugger are described separately, in the Limitations, Tips, and Tricks section of the Using the EventFlow Debugger page.

SB‑51163 Alibaba Fastjson Mitigation of Vulnerability CWE-502
Description

Streaming 10.6 includes a version of Alibaba Fastjson with a vulnerability classified as CWE-502. In Streaming 10.6.2 and later, all Fastjson parser instances are put into a safe mode that mitigates the vulnerability. The safe mode turns off the Fastjson feature that is vulnerable to such attacks. However, the vulnerability will still be flagged in tools that report dependency vulnerabilities.

Workaround You can suppress the vulnerability in such tools as the OWASP Dependency Check Maven plugin.
SB‑49471 The epdev offline maven command shows benign errors.
Description

Running the epdev offline maven command can show a number or Maven errors. However, the process does complete and work as expected. The display of these errors is expected to be corrected in an upcoming release.

Workaround None.
SB‑49208 Project names with underlines cause problems for application projects with Docker and Kubernetes or Helm support.
Description

Studio-generated StreamBase Application projects that elect the Docker and Kubernetes options generate a Docker image without errors, but fail to deploy in Docker.

Workaround Start over with a new project name without underlines.

StreamBase Resolved Issues

This section provides a list of errors corrected in release 10.6.2 of the TIBCO StreamBase® component of TIBCO® Streaming.

Fixed in 10.6.2
Number Resolution
TIBCO StreamBase® 10.6.2 incorporates all fixes resolved in the release 10.0 series through 10.6.1 and all fixes resolved in the release 7.7 series through 7.7.8.
SB-50932

LiveView web could not be accessed from a default port value like 10080. It was blocked by all browsers.

This was resolved by running the application with a different port for discovered Kubernetes node services, like 8888.

SB-50773 The Apache Hadoop libraries used by several StreamBase adapters is version 3.2.1 and not 8.2.1.
SB-50205

'Public Key' property in Kubernetes discovery service for security has been added to support security.

This has enabled token-based authentication on the stopped nodes within cross clusters.All service properties now have explicit support for this.

SB-49809

A new property has been added to the TIBCO Spotfire Automation Services adapter to specify the MIME content type of the job's payload.

The value defaults to 'application/xml' and can be used to force a specific character set, for instance 'application/xml; charset=utf-8'.

SB-49219

Kerberos support requires that the user specify a configuration file (e.g., krb5.conf), and that this file gets copied to the builder container.

On Windows, the file may be named krb5.ini. It should be copied to the builder as krb5.conf.

The name of the copied file should be conveyed to the builder with the DataSource option:“kerberosConfPath” : <string>

SB-48380

TIBCO Streaming 10.6.2 now supports MS Visual Studio 2019, which TIBCO recommends for building C++ or .NET applications for Windows.

MS Visual Studio 2012 is no longer supported for Streaming clients on Windows.