EPL warning needed - now makes it easier to use "=" when you mean ":=".

Since discarding the value of an expression used as a statement was permitted in 10.15.4 one of the situations for a common EPL programming error, using "=" instead of ":=", was permitted. In order to prevent this common error, we have added a warning if this case is detected. This warning will be promoted to an error in a future release.

Cannot compare optional types containing any type within it.

It was not possible to compare optional types containing the any type. For example, strings such as the following could not be compared: optional<sequence<any>>, optional<dictionary<string,any>>. This issue has now been fixed.

Cumulocity IoT transport goes to an infinite loop when pageSize is set to 1.

The Cumulocity IoT transport had a regression (introduced in Apama 10.15.2) that could cause REST queries to infinitely loop if pageSize was set to 1. This is now fixed.

Updated Cumulocity IoT SDK version to get fix for vulnerable 3rd party component "json".

The Cumulocity IoT SDK Java version has been updated to version 1015.0.518 to resolve high severity vulnerabilities affecting the previous version.

Cumulocity IoT transport suppresses all HTTP error logging in a multi-tenant environment.

HTTP error responses are now logged when Apama communicates with multiple tenants. In an Apama-ctrl microservice subscribed to multiple tenants, the Cumulocity IoT transport ignored HTTP errors rather than recording them in the correlator log. This issue has now been fixed. When an HTTP error response is received, it is now logged as an error.

Cumulocity IoT transport claims an ability to connect to a server with self-signed certificates that does not work.

When connecting to a Cumulocity IoT platform whose certificate is not signed by a trusted certificate authority (CA), the CUMULOCITY_AUTHORITY_FILE property in the CumulocityIoTREST.properties configuration file, which provides the TLS certificate authority file for the Cumulocity IoT connectivity bundles, was not used. This has now been fixed.

Vulnerable 3rd party component spring-core.

The Spring libraries have been upgraded from 5.3.22 to 5.3.31.

HTTP client form encoding does not work for the Cumulocity IoT binaries API.

The HTTP client incorrectly added "Content-Length" headers to multi-part forms that were sent with chunk encoding. This is no longer the case. In addition, the HTTP client now supports adding form metadata to string type inputs.