Releases: HemmeligOrg/Hemmelig.app
Random password + never expire TTL
What's Changed
- feat: generate random password checkbox by @bjarneo in #43
- feat: add never expire TTL by @bjarneo in #44
Full Changelog: v1.8.5...v1.9.0
Contributors
Assets 2
Bcrypt fix
- fix: update bcrypt to bcrypt js
Plz no burn me
What's Changed
- chore: add env file
- fix: ignore scripts such as prepare for husky on production build
- security: change the burn endpoint to post to prevent CSRF
- feat: add checkbox to disable burn of a secret before expiration date
- chore: disable file upload field if not active from the server
- chore: increase the default secret textarea height
- chore: run prettier
- fix: update dependencies and eslint errors
- Implement redux by @TaneliR in #42
New Contributors
Contributors
Assets 2
Fix Awkward Client IP bug
v1.8.1 fix: awkward bug in the code
Get client IP
The Statistical Bugfix
Unique ID for password field
Nothing more. Nothing less.
Better encryption
The Attachment
The main focus of this release is to enable users to upload an image. This requires the users to sign in. Email is required.
Other is if the secret is a base64 encoded string, it will detect this within the frontend, and add a button to convert it to plain text.
The Unlockable
This release will create a more secure storing of secrets. It requires a unique key that is part of the URL in order to unlock the secret. From the README:
You enter https://hemmelig.app, write your sensitive information, expire time, optional password, and click create a secret link. You share the secret link. The receiver of the link opens it, writes the optional password, and retrieves the sensitive information. When a secret link is created, it gets its unique encryption key that is not saved to the database and only will be part of the URL. This means NO ONE can decrypt your secret without the hash(SECRET_MASTER_KEY + YOUR_UNIQUE_ENCRYPTION_KEY), and access to the Redis instance.