All Versions
Latest Version
Avg Release Cycle
25 days
Latest Release
88 days ago

Changelog History
Page 12

  • v0.187 Changes

    September 24, 2016
    • Apps can now make a powerbox request for an identity. The user will choose from among their contacts. This can be used e.g. to assign a task in Wekan to a user who hasn't yet visited the board.
    • ๐Ÿ‘Œ Improved usability of setup wizard based on user testing.
    • ๐Ÿ‘Œ Improved installer usability.
    • Activity events generated by anonymous users should now work correctly.
    • ๐Ÿ›  Fixed that if a user on a server manually updated a preinstalled app via the app market before the update notification had gone out, then new users would continue to receive the old version of the app.
    • ๐Ÿ›  Fixed bug where timing issues in template rendering could lead to a blank screen, for instance when a demo account expires.
  • v0.186 Changes

    September 17, 2016
    • โšก๏ธ Self-hosted Sandstorm updates will now have "zero" downtime, whereas previously users would experience connection failures for several seconds. This is accomplished by keeping the listen sockets open, so instead of errors, users only perceive a delay.
    • ๐Ÿ›  Fixed that pronoun selection was always showing up as "they" in account settings.
    • Alphabetical sorting of grains is now locale-aware.
    • ๐Ÿ”„ Changed various text to call Sandstorm a "productivity suite".
    • ๐Ÿ›  Fixed that the collections app was not being automatically selected for pre-installation on self-hosted instances.
    • โž• Added a way for users to leave feedback when deleting their account.
    • ๐Ÿ›  Fixed display of user limit for feature keys with unlimited users.
    • Whitelisted X-Requested-With and X-Phabricator-* headers in HTTP requests.
  • v0.185 Changes

    September 12, 2016
    • ๐Ÿ›  Fixed a problem preventing some LDAP users from receiving notification e-mails.
  • v0.184 Changes

    September 12, 2016
    • ๐Ÿ›  Fixed that refactoring in 0.181 could cause SAML login to fail.
  • v0.183 Changes

    September 11, 2016
    • ๐Ÿš€ The security hardening in 0.181 broke Gogs, for a different reason. This release rolls back the hardening temporarily while we resolve the issue.
  • v0.182 Changes

    September 11, 2016
    • ๐Ÿš€ The security hardening in 0.181 broke Ethercalc. This release fixes it.
  • v0.181 Changes

    September 10, 2016
    • Sandstorm for Work: Feature keys now automatically renew when they expire. If automatic renewal isn't possible, the administrators will receive notifications by bell menu and (if possible) e-mail.
    • โž• Added hardening against clickjacking and CSRF attacks on apps. On Chrome and Safari, CSRF attacks should now be totally blocked, even if the app fails to implement proper protections.
    • ๐Ÿ›  Fixed that newly-received shares were appearing at the bottom of the grain list using the default sort order (by last-opened date). Never-opened grains will now sort according to the share date, and will show "Unopened" in the last-opened column.
    • ๐Ÿ›  Fixed bug in Meteor that could cause the server to suddenly spawn tens of thousands of fibers, which in turn due to a bug in V8 would make the server permanently consume excessive CPU, even after the fibers exited.
    • ๐Ÿ›  Fixed that the "stay anonymous" button on the sign-in hint didn't work (but closing the hint dialog worked and had the same effect).
    • ๐Ÿ›  Fixed that after manually updating an app, the button to upgrade existing grains did not appear. (When auto-updating an app via the notifications menu, grains are updated automatically.)
    • ๐Ÿ›  Fixed grain tab close buttons sometimes being the wrong size on new builds of Chrome.
    • ๐Ÿ›  Fixed some console log spam.
    • ๐Ÿ”จ Various refactoring.
    • โšก๏ธ Updated all dependencies.
  • v0.180 Changes

    September 03, 2016
    • The "Who has access" dialog now shows collections of which the grain is a part, and (more generally) other grains through which this grain has been shared.
    • The "Delete Account" button now makes you type a phrase to confirm. (It still doesn't actually delete your account for 7 days.)
    • When a user deletes their own account, they will now receive an e-mail notification, in case of hijacking.
    • The "Sandstorm for Work" section of the admin panel now contains a direct link to manage your feature key's billing preferences.
    • โž• Added spk dev --proc flag which requests that /proc be mounted in the sandbox for debugging purposes. This may decrease security of the sandbox, so is only allowed in dev mode.
    • The account settings page now looks reasonable on mobile.
    • ๐Ÿ›  Fixed grains in trash sometimes missing icon and other app details.
    • Setting a BASE_URL with a trailing slash will no longer subtly break things.
    • โฌ‡๏ธ Dropping a SturdyRef not owned by the calling grain will now act as if the SturdyRef doesn't exist rather than throwing an exception. This particularly affects grains that have been backup/restored and so have someone else's tokens in their storage.
    • ๐Ÿ‘ป HTTP API requests will no longer throw an exception if the user-agent header is missing.
    • ๐Ÿ‘€ sandstorm-http-bridge will now log a note if the app doesn't seem to be coming up on the expected port.
    • Oasis: Added self-monitoring and auto-restart for the "fiber bomb" problem. Also added instrumentation to track down root cause.
  • v0.179 Changes

    August 26, 2016
    • A user can now request deletion of their own account, unless they are a member of a Sandstorm for Work organization. Deletion has a 7-day cooldown during whith the user can change their mind.
    • Admins can now suspend and delete accounts from the admin panel.
    • โšก๏ธ Apps can now request that an offer template be a link with a special protocol scheme that can trigger a mobile intent, allowing one-click setup of mobile apps. Apps will need to be updated to take advantage of this.
    • Identity capabilities now have a getProfile() method, allowing a grain to discover when a user's profile information has changed without requiring the user to return to the grain.
    • ๐Ÿ›  Fixed that admins were unable to un-configure SMTP after it had been configured.
    • ๐Ÿ›  Fixed problems in sandstorm-http-bridge that could make notifications unreliable. Affected apps will need to rebuild.
    • Increased expiration time for uploading a backup from 15 minutes to 2 hours, to accommodate large backup files on slow connections.
    • ๐Ÿ›  Fixed email attachments from apps having incorrect filenames.
    • ๐Ÿ›  Fixed various styling issues.
    • ๐Ÿ”จ Various ongoing refactoring.
  • v0.178 Changes

    August 20, 2016
    • The grain list can now be sorted by clicking on the column headers.
    • ๐Ÿ’ป Many improvements to mobile UI. (Still more to do.)
    • Your current identity's profile picture now appears next to your name in the upper-right.
    • ๐Ÿ›  Fixed desktop notifications displaying grain titles incorrectly.
    • ๐Ÿ›  Fixed spk publish throwing an exception due to a bug in email handling.
    • ๐Ÿ‘Œ Improved accessibility of "Sandstorm has been updated - click to reload" bar.
    • ๐ŸŒฒ When an app returns an invalid ETag header, sandstorm-http-bridge will now log an error and drop it rather than throw an exception.
    • โšก๏ธ Updated to Meteor 1.4.1.
    • ๐Ÿ›  Oasis: Fixed appdemo not working for Davros.