Introduction

This release covers two main product lines: Stellar and Galaxy. The primary focus is on enhancing the security and stability of Stellar & Data Planet and improving data synchronization mechanisms to ensure compliance with ZAP security scan standards.

We have introduced several security fixes to address potential SQL Injection and Path Traversal vulnerabilities, while also laying a solid foundation for the Galaxy service's data discovery and synchronization capabilities.

Both the Galaxy and Aralia Apollo (AI Copilot) services require multi-stage development. Currently, the basic infrastructure and framework have been completed. Galaxy has established data crawling, and Aralia Apollo (AI Copilot) has built the basic conversational framework.

Release Date: 2025.11.06

Module Versions:

• Stellar V1.0.6
• Data Planet V2.0.4

Beta Features

• Galaxy Data Discovery and Synchronization Foundation (Not yet officially released 0.0.1)
  • Implemented a scheduling mechanism for Galaxy to periodically fetch Discovery Dataset Snapshot files from Stellar, supporting a schedule retry mechanism (default: 3 retries every 15 minutes, configurable).
  • Implemented a metadata fetching mechanism for Galaxy, supporting reading Stellar's manifest and feed files. It also supports GZIP compression and the HTTP 304 (Not Modified) protocol to optimize bandwidth usage.
  • Added storage in Galaxy for crawled Stellar metadata.
• Aralia Apollo Basic Conversational Features (Not yet officially released)
  • Integrated LLM in the Portal to build conversational functions, including sidebar display logic and AI message display.
  • Implemented chat history behavior on the frontend, supporting features like clearing history on page refresh and independent sessions for multiple tabs.

Improvements & Enhancements

• System Security Enhancement
  • Keycloak Realm Security Configuration: Automatically modifies the Keycloak Content Security Policy (form-action) URL when adding/deleting a Planet to ensure login process security.
  • Development Environment Stability: Integrated mypy, ruff, and pre-commit hooks into the Stellar backend project, resolving numerous type errors to improve code quality and maintainability.
• Management and User Experience
  • Portal Login Experience Optimization: Fixed an issue where logins occasionally failed when redirecting back to the Portal from Keycloak.
  • Planet/Dataset Navigation Optimization: Added a "Go to Data Planet" direct link option in the Portal's Planet list and dataset search results to speed up user access.
  • System Version Display: Added a version number display (version - commit hash) to the Portal and Admin pages for easier version tracking and issue reporting.

Bug Fixes

• Fixed Display Issues on Safari for Stellar & Data Planet
  • Resolved an issue where the UI failed to render on Safari for macOS due to a CSS loading failure.
• Information Security
  • Fixed multiple information security vulnerabilities and errors to ensure the system meets industry security standards.
  • Provided security explanation reports for specific states that could not pass scans.