Releases: HemmeligOrg/Hemmelig.app
Brush your teeth
14c9c39 - fix: reset the enable password on new secret
f9c0b0e - style: add mobile css workaround for the secret creation layout
c5975c2 - chore: change the layout and position for the share button
4e1b3a4 - fix: embarrasing bug
415cb56 - feat: add share of the url
075e6f3 - security: set the max file size to the multipart middleware
bdb0984 - chore: make more use of the redux sign in
be76006 - chore: remove unused func
3698ae0 - security: make the password part of the encryption and decryption key if it is defined
24904cb - chore: remove the basic auth logic which is not used
88b683d - chore: run the owasp zap once a day
811d9a1 - fix: typo
6443dd4 - fix(code-smell): declare getRandomADjective as a const
fb32da7 - fix(code-smell): isLoggedIn does not need to use useState
ec60744 - fix(code-smell): do not assign the upload to a variable and wrap it in a try catch
cfb468e - chore: let non account users download files
55d0160 - security: remove the LFI hack, and change the approach of how a file is uploaded
e0f7a1e - Revert "security: update the LFI check to sanitize the filename before passing it to the folder check"
9827b9a - security: update the LFI check to sanitize the filename before passing it to the folder check
7e45d84 - security: prevent LFI if the disk adapter is being used
f8754fb - docs: update the DO env vars with s3 to the explanation
396eb98 - feat: set an env variable to override the file size allowed to be uploaded
The password glitch
Full Changelog: v3.5.0...v3.5.1
The Big Refactor
f8deec7 - chore: update the desktop image
d372aa6 - chore: adjust the footer
6c46099 - chore: adjust the header
9ed0f23 - feat: improve the ux for the secret page
fadeccc - feat: improve the ux for the landing page
d9ed61f - chore: change the color for the upload and download button
21df649 - feat: add file adapter to choose between services
0a44b2e - docs: update account details
6168a81 - docs: update docker readme
dea0764 - feat: add weekly docker image build
43e1bd2 - chore: change from never expire to 14 and 28 days
f4ec83c - feat: do not burn the file if the preventBurn flag is set to true
657db08 - fix: a bug where file is always an object, which makes it not possible to create secrets
0b7254b - security: the user has to be signed in to download files
cd79333 - security: change so you cant bypass the file type that easily
28f9e50 - fix: add the pretty bytes packages to get the correct error message
0fdef6f - chore: set max file size to 8mb
a846da9 - infrastructure: publish the bleeding edge main branch to dockerhub on each push to main
32a3e97 - chore: change the icon size to 14
9a46157 - feat: make it possible to update the user data
ed99d48 - chore: remove copy and pasted text
Full Changelog: v3.4.0...v3.5.0
User Features
Terms & Files
81b5c37 - docs: add terms and condition
ddbdb01 - feat: allow more file types to upload
Full Changelog: v3.2.1...v3.3.0
Clear Title
File Upload
Amazing Heading
9257910 - feat: add optional title
cf35fac - feat: change the delete profile to a modal
9f99ba7 - chore: wrap the emoji to solve the a11y issue
7de8675 - feat: make it possible to delete the user profile
0d6c437 - docs: update the privacy page
39845d0 - feat: add cloudflare and cloudfront client ip to the check
Full Changelog: v3.0.0...v3.1.0
TweetNacl Encryption
This release is a major release as it is changing how we do encryption. It changes from a home brewed solution to be using Tweetnacl.
IMPORTANT: This release will break your current secrets, so do not update until you have cleared the database / or just do not care about the secrets created.
Changes:
feat: push the docker image to dockerhub as a tag as well
security: change from own crypto to use tweetnacl
fix: how we handle the sign up error handling
chore: increase password length, and add symbols to the mix
Le Darkmode
This is the first of many releases of version 2
What's Changed
- Bump fastify-multipart from 4.0.7 to 5.3.1 by @dependabot in #45
- Bump validator from 13.6.0 to 13.7.0 by @dependabot in #46
- Bump follow-redirects from 1.14.5 to 1.14.8 by @dependabot in #48
- Bump nanoid from 3.1.23 to 3.1.31 by @dependabot in #47
- Bump url-parse from 1.5.3 to 1.5.7 by @dependabot in #49
- Bump url-parse from 1.5.7 to 1.5.10 by @dependabot in #50
- Bump minimist from 1.2.5 to 1.2.6 by @dependabot in #52
- security: run the DAST for every push to main by @bjarneo in #54
- build(deps): bump async from 2.6.3 to 2.6.4 by @dependabot in #53
- build(deps): bump eventsource from 1.1.0 to 1.1.1 by @dependabot in #57
- build(deps): bump file-type from 16.5.0 to 16.5.4 by @dependabot in #59
- build(deps): bump terser from 4.8.0 to 4.8.1 by @dependabot in #58
- feat: refactor and use mantine with darkmode by @bjarneo in #60
New Contributors
- @dependabot made their first contribution in #45
Full Changelog: v1.9.0...v2.0.0