Fides 2.16 Release notes

July 25, 2023

Fides for Business 2.16.0

Enhancements

• GPC indicators: All privacy experiences now include a GPC indicator to acknowledge the signal.
• Privacy center empty state: Empty state now exists for the case where there are no relevant privacy notices.
• Fixes/changes:
  • Moved GPC preferences slightly earlier in Fides.js lifecycle #3561 (opens in a new tab)
  • Allow Privacy Notices banner and modal to scroll as needed #3713 (opens in a new tab)
  • Add Systems Applicable Filter to Privacy Experience List #3654 (opens in a new tab)
  • Render linebreaks in the Fides.js overlay descriptions, etc. #3665 (opens in a new tab)
  • Privacy center and fides-js now pass in Unescape-Safestr as a header so that special characters can be rendered properly #3706 (opens in a new tab)
  • Fixed ValidationError for saving PrivacyPreferences #3719 (opens in a new tab)

Fides OSS 2.16.0

Enhancements

• Enable/disable integrations: a toggle has been added to system integrations to allow managers to disable system integrations for the purposes of DSR processing #3593 (opens in a new tab)

• Navigation update: Moved "Management" tab from nav into settings icon in top right #3701 (opens in a new tab)

• Integration form updates: Removed name and description fields from integration form #3684 (opens in a new tab)

• Fixes

  • Broken link to Fides docs site on the About Fides page in Admin UI #3643 (opens in a new tab)
  • Fixed issue preventing ConnectionConfigs with duplicate names from saving #3770 (opens in a new tab)
  • Fixed creating and editing manual integrations #3772 (opens in a new tab)
  • Fix lingering integration artifacts by cascading deletes from System #3771 (opens in a new tab)

• Developer experience Enhancements:

  • Reorganized some api.api.v1 code to avoid circular dependencies on quickstart #3692 (opens in a new tab)

  • Treat underscores as special characters in user passwords #3717 (opens in a new tab)

  • Make malicious URL test more robust to environmental differences #3748 (opens in a new tab)

  • Ignore type checker on click decorators to bypass known issue with click version 8.1.4 #3746 (opens in a new tab)

Security

• Resolved Zip bomb file upload vulnerability CVE-2023-37480 (opens in a new tab)
• Resolved SVG bomb (billion laughs) file upload vulnerability CVE-2023-37481 (opens in a new tab)