All Versions
Latest Version
Avg Release Cycle
18 days
Latest Release
99 days ago

Changelog History
Page 1

  • v0.276

    November 23, 2020
    • โช Reverted broken static publishing change.
  • v0.275

    November 22, 2020
    • ๐Ÿ”’ When an app uses static publishing, symlinks placed in the publish directory are no longer allowed to point outside that directory. This could hypothetically have been a security issue if an app allowed a non-trusted user to instruct it to publish symlinks, but we're not aware of any current apps that do this. Only the app's own data was at risk, not the system. (Thanks @zenhack.)
    • โœ‚ Removed implementation of httpGet() method of HackSessionContext. This has been disabled for some time, with the ability to re-enable it through a hidden setting, but no one has asked us for the hidden setting, so we believe this feature is no longer in use. Apps must now use powerbox requests to get permission to make HTTP requests. (Thanks @zenhack.)
    • โšก๏ธ Updated Dutch translation. (Thanks @m-burg.)
  • v0.274

    October 26, 2020
    • ๐Ÿ›  Fixed regression that broke downloading backups for some Linux kernel versions. Unfortunately, these versions do not support cgroup freezing and so will not get atomic backups.
  • v0.273

    October 24, 2020
    • ๐Ÿ‘ Extended Let's Encrypt automatic certificate renewal to support deSEC DNS. (Thanks @rs22.)
    • Grains will now be temporarily paused while creating backups, to ensure the backup is atomic. (Thanks @zenhack.)
    • โšก๏ธ Updated Simplified Chinese translation. (Thanks @misaka00251.)
    • ๐Ÿ›  Fixed bug in sandstorm-http-bridge when responding to HEAD requests. Apps will need to be re-packaged to get the update. (Thanks @zenhack.)
    • ๐Ÿ›  Fixed "Unhandled exception in Promise: TypeError: Cannot read property 'catch' of undefined" when using scheduled tasks. (Thanks @zenhack.)
  • v0.272

    September 26, 2020
    • โšก๏ธ Regular dependency updates.
    • To make porting apps a little easier, the headers X-CSRFToken and X-CSRF-Token are now automatically passed through to the app. Thanks @zenhack.
  • v0.271

    August 31, 2020
    • โช We have reverted the change preventing apps from talking to third-party servers in client-side code. This caused more breakage than was expected. We will work to fix and/or grandfather the affected apps before trying to roll this out again.
  • v0.270

    August 29, 2020
    • โœ… Apps can no longer talk to third-party servers in client-side code, except for embedding images and video. This has long been a goal of Sandstorm, but we did not want to begin enforcing it until apps could explicitly request access to third-party servers via the Powerbox. We have tested all apps on the app market and found only minor breakage (e.g. wrong fonts), but it is possible that we missed bigger breakages or that some private apps are broken. Please contact sandstorm-dev to report any issues. Thanks @zenhack for pushing this change through.
    • โšก๏ธ Apps can no longer make server-side HTTP requests without requsting permission through the Powerbox. We believe the only app that ever did so was Tiny Tiny RSS, but it was recently updated to use the powerbox. If you experience other app breakages, please let sandstorm-dev know. Thanks again to @zenhack.
    • โšก๏ธ Updated Finnish translation. Thanks @xet7.
    • โšก๏ธ Updated dependencies, including Meteor to 1.11.
  • v0.269

    August 01, 2020
    • ๐Ÿ‘ฏ You can now clone a grain via a button in the top bar. Thanks @zenhack.
    • ๐Ÿ‘ Grains now run inside cgroups, if the kernel supports cgroup namespaces and cgroups v2. Thanks @zenhack.
    • ๐Ÿ‘ Code implementing old Sandcats TLS issuance has been deleted. Sandcats now supports only Let's Encrypt.
  • v0.268

    July 04, 2020
    • โž• Added CLI commands for configuring ACME (Let's Encrypt), so that this can be done before HTTPS is working.
    • ๐Ÿ†• New installs using Sandcats will now use Let's Encrypt immediately.
    • ๐Ÿ‘Œ Improved error page when accessing Sandstorm using an unrecognized hostname. Thanks @zenhack.
    • โž• Added Google Cloud Platform DNS provider for ACME challenges (not to be confused with Google Domains). Thanks @abliss.
    • โšก๏ธ Updated Sandstorm RPC APIs to use Cap'n Proto streaming flow control where applicable.
    • The box showing the changelog is now taller. Thanks @ocdtrekkie.
    • Made navigation menu scrollable on mobile. Thanks @spollard.
  • v0.267

    June 06, 2020
    • ๐Ÿ›  Fix possible problem where Let's Encrypt auto-migration would not actually renew the certificate until Sandstorm was restarted.