runtime-rn.html.md.erb

---
title: TAS for VMs v4.0 Release Notes
owner: Release Engineering
---

<% current_page.data.title = vars.app_runtime_full + " " + vars.v_major_version + " Release Notes" %>

This topic contains release notes for <%= vars.app_runtime_first %> <%= vars.v_major_version %>.

<%= vars.app_runtime_abbr %> is certified by the Cloud Foundry Foundation for <%= Date.today.year %>.

For more information about the Cloud Foundry Certified Provider Program, see [How Do I Become a Certified
Provider?](https://www.cloudfoundry.org/certified-platforms-how-to/) on the Cloud Foundry website.

Because VMware uses the Percona Distribution for MySQL, expect a time lag between Oracle releasing a MySQL patch and VMware releasing
<%= vars.app_runtime_abbr %> containing that patch.

<hr>

## <a id='releases'></a> Releases

<%# DO NOT DELETE THIS LINE - robots use this to add new release notes %>

### <a id='4-0-0'></a> v4.0.0

**Release Date:** TBD

#### Known Issue

**WARNING**  

This version of TAS includes java-offline-buildpack version 4.52, which changes the default behavior of Spring Auto Reconfiguration.
This:
1: breaks TAS’s compatibility with some service tiles, including Spring Cloud Data Flow (SCDF)
2: breaks the service binding behavior of the platform for applications using this feature.

We consider this inclusion an operator-impacting disruptive change,
and this disruption will be addressed in a fast-follow release as soon as practicable,
as required by our commitment to operational stability.
This fast-follow release will likely arrive during the week of November 7th.

This issue doesn’t affect apps until they are re-staged.

It is possible to (temporarily) recover the previous behavior on a per app basis by setting an environment variable:

```
cf set-env example-appname JBP_CONFIG_SPRING_AUTO_RECONFIGURATION '{enabled: true}'
```

It can also be recovered platform wide:

```
cf set-staging-environment-variable-group '{"JBP_CONFIG_SPRING_AUTO_RECONFIGURATION ":"{enabled: true}"}'
```

VMware does intend to deprecate and remove this behavior from the platform in the future.

A Knowledge Base article on this topic can be found here:
https://community.pivotal.io/s/article/Java-Buildpack-Deprecation-of-Spring-Cloud-Connectors-Spring-Auto-Reconfiguration

#### Features and Component Versions

* **[Feature]** Allow operators to specify isolation segments that should be routable through <%= vars.app_runtime_abbr %> routers
* **[Feature]** Bump CAPI and add default app log rate limit configuration
* **[Feature]** Developers can quickly find specific org members in Apps Manager
* **[Feature]** Dynamic ASGs are now allowed by default. If you wish to keep them off, you must manually disallow them through the
<%= vars.app_runtime_abbr %> tile before deploying.
* **[Feature Improvement]** Add Java Buildpack for `cflinuxfs4`
* **[Feature Improvement]** Bump component releases in time for <%= vars.app_runtime_abbr %> <%= vars.v_major_version %>
* **[Feature Improvement]** The `diego`, `routing`, `cf-networking`, and `silk` components use Golang v1.18.
* **[Feature Improvement]** Bump to latest `pxc-release` with Percona XtraDB Cluster 8.0.29
* **[Feature Improvement]** Gorouter Metrics Toggle
* **[Breaking Change]** HAProxy is removed from <%= vars.app_runtime_abbr %> <%= vars.v_major_version %>. For more information, see [HAProxy is
Removed](#haproxy-removed) below.
* Bump capi to version `1.139.0`
* Bump cf-cli to version `1.41.0`
* Bump garden-runc to version `1.22.2`
* Bump java-offline-buildpack to version `4.52`
* Bump metrics-discovery to version `3.2.0`
* Bump nodejs-offline-buildpack to version `1.8.0`
* Bump push-apps-manager-release to version `677.0.7`
* Bump pxc to version `1.0.1`
* Bump smoke-tests to version `4.7.0`
* Bump uaa to version `76.0.0`

<table border="1" class="nice">
  <thead>
    <tr>
      <th>Component</th>
      <th>Version</th>
      <th>Release Notes</th>
    </tr>
  </thead>
  <tbody>
    <tr><td>ubuntu-jammy stemcell</td><td>1.8</td><td></td></tr>
    <tr><td>backup-and-restore-sdk</td><td>1.18.52</td><td></td></tr>
    <tr><td>binary-offline-buildpack</td><td>1.0.45</td><td></td></tr>
    <tr><td>bosh-dns-aliases</td><td>0.0.4</td><td></td></tr>
    <tr><td>bpm</td><td>1.1.19</td><td></td></tr>
    <tr><td>capi</td><td>1.139.0</td><td></td></tr>
    <tr><td>cf-autoscaling</td><td>249.0.17</td><td></td></tr>
    <tr><td>cf-cli</td><td>1.41.0</td>
      <td>
        <details>
          <summary>v1.41.0</summary>
          <pre style="max-width: 30em">
  ### This release contains the following versions of the CF CLI
  | Major version  | Prior version | Current version |
  | ------------- | ------------- | ------------- |
  | **v8** | **8.4.0** | [8.5.0](https://github.com/cloudfoundry/cli/releases/tag/v8.5.0) |
  | **v7**  | **7.5.0** | [7.5.0](https://github.com/cloudfoundry/cli/releases/tag/v7.5.0) |
  | **v6**  | **6.53.0**  | **[6.53.0](https://github.com/cloudfoundry/cli/releases/tag/v6.53.0)** |

  Version 8.5.0 of the cf CLI uses Go 1.18.
          </pre>
        </details>
      </td>
    </tr>
    <tr><td>cf-networking</td><td>3.12.0</td><td></td></tr>
    <tr><td>cflinuxfs3</td><td>0.321.0</td><td></td></tr>
    <tr><td>cflinuxfs4</td><td>0.28.0</td><td></td></tr>
    <tr><td>credhub</td><td>2.12.8</td><td></td></tr>
    <tr><td>diego</td><td>2.66.3</td><td></td></tr>
    <tr><td>dotnet-core-offline-buildpack</td><td>2.4.0</td><td></td></tr>
    <tr><td>garden-runc</td><td>1.22.2</td><td></td></tr>
    <tr><td>go-offline-buildpack</td><td>1.9.49</td><td></td></tr>
    <tr><td>java-offline-buildpack</td><td>4.52</td><td></td></tr>
    <tr><td>log-cache</td><td>2.12.0</td><td></td></tr>
    <tr><td>loggregator</td><td>106.6.9</td><td></td></tr>
    <tr><td>loggregator-agent</td><td>6.5.0</td><td></td></tr>
    <tr><td>mapfs</td><td>1.2.11</td><td></td></tr>
    <tr><td>metric-registrar</td><td>1.2.10</td><td></td></tr>
    <tr><td>metrics-discovery</td><td>3.2.0</td><td></td></tr>
    <tr><td>mysql-monitoring</td><td>9.18.0</td><td></td></tr>
    <tr><td>nats</td><td>50</td><td></td></tr>
    <tr><td>nfs-volume</td><td>7.1.6</td><td></td></tr>
    <tr><td>nginx-offline-buildpack</td><td>1.1.42</td><td></td></tr>
    <tr><td>nodejs-offline-buildpack</td><td>1.8.0</td>
      <td>
        <details>
          <summary>1.8.0</summary>
          <pre style="max-width: 30em">
  * Add support for cflinuxfs4 stack
  Packaged binaries:
  | name | version | cf_stacks |
  |-|-|-|
  | node | 14.19.3 | cflinuxfs3 |
  | node | 14.20.0 | cflinuxfs3 |
  | node | 14.20.0 | cflinuxfs4 |
  | node | 16.16.0 | cflinuxfs3 |
  | node | 16.17.0 | cflinuxfs3 |
  | node | 16.17.0 | cflinuxfs4 |
  | node | 18.7.0 | cflinuxfs3 |
  | node | 18.9.0 | cflinuxfs3 |
  | node | 18.9.0 | cflinuxfs4 |
  | yarn | 1.22.19 | cflinuxfs3, cflinuxfs4 |
  Default binary versions:
  | name | version |
  |-|-|
  | node | 16.x |
  * Uncached buildpack SHA256: 9c916f1475c3ebfa8cb1531a31a6b70829b29e36380d3496dd105c2d8109c5de
  * Uncached buildpack SHA256: 7b59d44895ad526dd3f87bf176a5fd7a08f55f0cf4f91dcb8b2c1fa474292385
          </pre>
        </details>
      </td>
    </tr>
    <tr><td>notifications</td><td>62</td><td></td></tr>
    <tr><td>notifications-ui</td><td>40</td><td></td></tr>
    <tr><td>php-offline-buildpack</td><td>4.4.65</td><td></td></tr>
    <tr><td>push-apps-manager-release</td><td>677.0.7</td>
      <td>
        <details>
          <summary>677.0.6</summary>
          <pre style="max-width: 30em">
  Fixed deploy.sh
  **Full Changelog**: https://github.com/pivotal-cf/apps-manager-release/compare/677.0.5...677.0.6
          </pre>
        </details>
      </td>
    </tr>
    <tr><td>push-offline-docs-release</td><td>1.0.94</td><td></td></tr>
    <tr><td>push-usage-service-release</td><td>674.0.24</td><td></td></tr>
    <tr><td>pxc</td><td>1.0.1</td>
      <td>
        <details>
          <summary>v1.0.1</summary>
          <pre style="max-width: 30em">
  **Important** pxc-release v1.0 is a major database upgrade from Percona XtraDB Cluster 5.7 to Percona XtraDB Cluster 8.0
  **Version Bumps**
  - Bumped Percona XtraDB Cluster to 8.0.29-21
  - Bumped Percona XtraBackup to 8.0.29-22
  **New Features**
  - The database server default character set and collation have been changed to
  the Percona XtraDB Cluster 8.0 default of utf8mb4 and utf8mb4_0900_ai_ci
  respectively.
  The new defaults will only affect newly created databases created after
  pxc-release v1.0.1. For more information about the default database character
  set and collation see this MySQL documentation:
  https://dev.mysql.com/doc/refman/8.0/en/charset-server.html
  The database server's default character set and collation may be configured
  explicitly via the pxc-mysql job's "engine_config.character_set_server" and
  "engine_config.collation_server" properties, respectively.
  - galera-agent and cluster-health logger users no longer need to be explicitly
  specified in the pxc-mysql job's seeded_users property.
  pxc-mysql will automatically generate these users when the galera-agent or
  cluster-health-logger jobs are deployed. This removes the breaking change
  from the previous release.
  - Percona XtraDB Cluster 5.7 packages are now included in deployments to aid in
  upgrades. In the previous release, only the Percona XtraDB Cluster 8.0
  package was included on pxc/1.0 VMs.
  - Percona XtraDB Cluster 8.0 packages have been renamed from
  "/var/vcap/packages/pxc" to "/var/vcap/packages/percona-xtradb-cluster-8.0"
  in an effort to distinguish from the percona-xtradb-cluster-5.7 package
  - In the previous release, upgrades from pxc-release prior to 1.0 running
  Percona XtraDB Cluster 5.7 where the v5.7 instance was not cleanly shutdown
  or had crashed would fail.
  As of pxc-release v1.0.1, the pxc-mysql job will run crash recovery with
  Percona XtraDB Cluster 5.7 prior to the upgrade to Percona XtraDB Cluster 8.0
  - The "migrate-to-pxc" utility that previously assisted with migrations from
  cf-mysql-release are no longer included in this version of pxc-release
  **Breaking Changes**
  - If you previously relied on /var/vcap/packages/pxc in this release, the
  latest Percona XtraDB Cluster binaries are now located under
  /var/vcap/packages/percona-xtradb-cluster-8.0/bin
  Note that pxc-release always symlinks /usr/local/bin/mysql to the latest
  Percona XtraDB Cluster mysql cli for troubleshooting on the local VM.
  - Since v1.0, ubuntu-xenial is no longer supported! Only ubuntu-jammy or ubuntu-bionic stemcells can be used to deploy pxc-release v1.0.1
          </pre>
        </details>
      </td>
    </tr>
    <tr><td>python-offline-buildpack</td><td>1.7.56</td><td></td></tr>
    <tr><td>r-offline-buildpack</td><td>1.1.32</td><td></td></tr>
    <tr><td>routing</td><td>0.239.0</td><td></td></tr>
    <tr><td>ruby-offline-buildpack</td><td>1.8.57</td><td></td></tr>
    <tr><td>silk</td><td>3.12.0</td><td></td></tr>
    <tr><td>smb-volume</td><td>3.1.5</td><td></td></tr>
    <tr><td>smoke-tests</td><td>4.7.0</td>
      <td>
        <details>
          <summary>4.7.0</summary>
          <pre style="max-width: 30em">
  Create bosh final release 4.7.0
          </pre>
        </details>
      </td>
    </tr>
    <tr><td>staticfile-offline-buildpack</td><td>1.5.33</td><td></td></tr>
    <tr><td>statsd-injector</td><td>1.11.22</td><td></td></tr>
    <tr><td>syslog</td><td>12.0.4</td><td></td></tr>
    <tr><td>system-metrics-scraper</td><td>3.3.0</td><td></td></tr>
    <tr><td>uaa</td><td>76.0.0</td>
      <td>
        <details>
          <summary>v76.0.0</summary>
          <pre style="max-width: 30em">
  ### Feature
  - Update to [UAA v76.0.0](https://github.com/cloudfoundry/uaa/releases/tag/v76.0.0)
  ### Security fixes
  - Added Content-Security-Policy headers for responses https://github.com/cloudfoundry/uaa/pull/1981 #390
  ### Breaking Changes
  - Removed the deprecated google analytics feature https://github.com/cloudfoundry/uaa/pull/2022  #400
  ### Dependency bumps
  - Bump github.com/onsi/gomega from 1.20.0 to 1.20.2 in /k8s https://github.com/cloudfoundry/uaa/pull/2012 https://github.com/cloudfoundry/uaa/pull/2010
  - Bump jasmine from 4.3.0 to 4.4.0 in /uaa https://github.com/cloudfoundry/uaa/pull/2013
  - Bump jasmine-core from 4.3.0 to 4.4.0 in /uaa https://github.com/cloudfoundry/uaa/pull/2014
  - Bump k8s.io/client-go from 0.24.4 to 0.25.0 in /k8s https://github.com/cloudfoundry/uaa/pull/2006
  - Bump postgresql from 42.4.2 to 42.5.0 https://github.com/cloudfoundry/uaa/pull/2009
  ### Notes
  - MFA feature is being deprecated and will be removed in a future release https://github.com/cloudfoundry/uaa/pull/2024 #404
  ### Full Changelog
  - [https://github.com/cloudfoundry/uaa-release/compare/v75.23.0...v76.0.0](https://github.com/cloudfoundry/uaa-release/compare/v75.23.0...v76.0.0)
          </pre>
        </details>
      </td>
    </tr>
  </tbody>
</table>

## <a id='new-features'></a> New Features in <%= vars.app_runtime_abbr %> <%= vars.v_major_version %>

<%= vars.app_runtime_abbr %> <%= vars.v_major_version %> includes the following major features:

## <a id='breaking-changes'></a> Breaking Changes

<%= vars.app_runtime_abbr %> <%= vars.v_major_version %> includes the following breaking changes:

### Component Logs Always Use Human-Readable RFC3339 Timestamp Format

Non-standardized and non-human readable timestamps in logs make debugging TAS
more difficult. Since TAS 2.10.0 there has been an option in the System Logging
tab to **Optionally Use Human-Readable Timestamps for Component Logs**. In TAS
4.0 this radio button has been removed and all components will use the
human-readable RFC3339 format for the timestamps in their logs.

### Max Request Header Size Now Defaults to 48kb

Upgrading to TAS 4.0 will automatically set **Max request header size in kb** to 48,
unless the pre-existing configuration was already lower. Lowering this value establishes
a better security posture for TAS for VMs and applications. This value can still be configured
back up to 1024kb in the Networking tab if necessary. Any requests with headers larger
than this value will receive a 431 status code.

## <a id='known-issues'></a> Known Issues

<%= vars.app_runtime_abbr %> <%= vars.v_major_version %> includes the following known issues:

### <a id='stemcell-certification'></a> Stemcell Compliance Certification

The Ubuntu 22.04 long-term support (LTS) stemcell, Jammy Jellyfish, is not yet CIS or STIG-certified.


### <a id='uaa-sso-copy'></a> UAA Single Sign-On Copy Button is Broken

In the User Account and Authentication (UAA) user interface (UI), the button that copies Single Sign-On (SSO) codes does not work.

To work around this issue, you must manually copy and paste the displayed code.