ยซ Changelog History


Offen v0.1.0-alpha.10 Release Notes

Release Date: 2020-06-29 // almost 4 years ago

  • ๐Ÿš€ This is an exciting release as it is likely to be our last alpha version / pre-release. It contains a lot of feedback we received from a recent security audit and focuses on hardening the application further. This version if fully compatible with v0.1.0-alpha.9.

    ๐Ÿ”‹ Features

    • โฌ†๏ธ Upgrade dexie version and further tighten CSP #399
    • โž• Add strict transport policy headers to html responses and script #400
    • Establish password policy #405
    • Harden server by applying selective rate limits to routes #406

    ๐Ÿ›  Fixes

    • Properly implement in memory fallback key storage #403
    • ๐Ÿ“œ Tighten event validation and parsing #401

    Chores

    • โž• Add Hacker News to referrer buckets #404
    • Do not apply rate limiting rules when running behind a reverse proxy #409

    ๐Ÿ“„ Docs

    • ๐Ÿ“„ Actively discourage the use of a reverse proxy in the docs #402
    • โž• Add more docs and hints on subdomain setup #407