2025.05.18 Release Note

May 18, 2025 · 4 min read

This release reinforces Spider security.

Upgrade risk

info

No compatibility issue 👍
No breaking changes 👍

Key changes

How to upgrade

Use Helm chart 4.8.0 from repository
Adjust global.version field value to 2025.05.18 in your values.yaml
Deploy

tip

See Reference documentation for details.

Versions

Spider

New versions of Spider components:

Component	Version	Docker tag
Helm chart	4.8.0	-
Analysis UI	12.2	2025.05.18
Controllers	2.0	2025.05.18
Gossipers	7.5	2025.05.18
Gociphers	1.6	2025.05.18
Back office	-	2025.05.18
Login UI	-	2025.05.18
Monitoring UI	-	2025.05.18

Dependencies

These components are set up in the correct versions by the Helm chart:

Dependency	Version	Docker tag
Elastic stack	7.17.28	7.17.28
Redis	7	7-alpine
Traefik	2.11	2.11

Compatibility

Spider has been successfully tested under these versions of dependencies:

3rd party software	Version
Helm	3.14 - 3.17
Kube	1.24 - 1.31

List of changes

Helm chart

✨ New features	Use refresh tokens to enhance security
⚙️ Improvements
🐞 Bug fixes

Analysis UI

✨ New features	Use refresh tokens to enhance security
⚙️ Improvements
🐞 Bug fixes

Controllers

✨ New features
⚙️ Improvements
🐞 Bug fixes

Gossipers (Whisperers)

✨ New features
⚙️ Improvements	Upgraded to Go 1.24, improved performance
🐞 Bug fixes

Gociphers

✨ New features
⚙️ Improvements	Upgraded to Go 1.24, improved performance Management of OpenSSL versions: 3.3.0 -> 3.3.3, 3.4.0 -> 3.4.2, 3.5.0 Management of Node OpenSSL embedded versions: 1.1.1a -> 3.0.16, included +quic versions
🐞 Bug fixes

Back office

✨ New features	Use refresh tokens to enhance security Use Kube projected tokens to secure first service call to `Config` service
⚙️ Improvements
🐞 Bug fixes

✨ New features	Use refresh tokens to enhance security
⚙️ Improvements
🐞 Bug fixes

Monitoring UI

✨ New features	Use refresh tokens to enhance security
⚙️ Improvements
🐞 Bug fixes

Online documentation

Main updated parts:

Setup.yaml reference - you may now set ttl for access and refresh tokens

Kube impacts

Config service has a new service account to allow calling tokenReview API
Each service now has its own service account, with default rights for most

API impacts

note

This section informs about any impact on Spider API, so you may adjust your scripts.

Customers service:
- Refresh tokens emission
- Access token renewal
- Refresh token discarding / deletion

Data impacts

note

The table below tells if there are data mapping changes in Elasticsearch indices, associated or not with migrations (Yes ✅ / No ❌).
Migration are automated at upgrade time, but they may leave unattended indices that you have to remove manually.

Index	Description	Migration

Upgrade risk​

Key changes​

How to upgrade​

Versions​

Spider​

Dependencies​

Compatibility​

List of changes​

Helm chart​

Analysis UI​

Controllers​

Gossipers (Whisperers)​

Gociphers​

Back office​

Login UI​

Monitoring UI​

Online documentation​

Kube impacts​

API impacts​

Data impacts​