Avg Release Cycle
35 days ago
- 🛠 Self-hosting: Fixed sending server invites by email (from the "send invites" tabh in the admin settings).
- 👌 Improved error message seen when static publishing TXT records are misconfigured.
- 👌 Improved error message when trying to send a sharing invite to an invalid email address.
- 👍 Expanded LDAP config for search-query-based user matching to support authenticating the search and adding a search filter. LDAP is nuts.
- Worked around bug in Chrome 50 which was causing app installs to sometimes fail complaining that no URL was provided.
- 💻 Worked around an unexplained bug observed in the wild causing Sandstorm to fail to load in a browser claiming "no such route", apparently when accessed from behind certain proxies.
- 🚀 Worked around bug in libseccomp which could cause Sandstorm binaries built using older kernel headers to fail to filter newer syscalls, possibly making systems insecure. All of our releases have been built against up-to-date headers, so we don't believe our release builds have been affected.
- 🛠 Fixed a case where "who has access" dialog could show users named "null".
- Self-hosting: STMP config has been broken out into components rather than using a "URL" format.
- Development: Restarting
spk devwill now reload all grains of the app without the need to manually refresh.
- ♻️ Internal refactoring of grain tab management.
- Sandstorm for Work: For self-hosters in a business setting. Initial release supports LDAP and basic organization managament. Requires a feature key to enable. See the "For Work" section of the admin settings.
- 💻 Your set of open grains will now be preserved through refreshes and closing/reopening the browser.
- The "home" button is now aligned with the sidebar and collapses with it, which maybe makes it clearer that the rest of the top bar is attached to the content.
- 🔊 The file-open dialogs when uploading an SPK or a grain backup now filter for the desired file type.
- Offer templates can now substitute a sluggified grain title into the template body.
- 💻 Browser's autocomplete will no longer draw over sharing autocomplete.
- 🛠 Fix non-token-specific API host, i.e. all API tokens created before 0.146.
- 🛠 Fix new offer template unauthenticated host properties feature to support mapping resource paths containing periods. This was failing because periods are not permitted in Mongo keys.
- Offer templates can now define some static properties of the API host to be served statically in response to unauthenticated requests, such as the DAV header for OPTIONS requests as well as simple resources. This should allow DAV apps like Davros and Radicale to fix incompatibilities with certain client apps.
- Offer templates can now include a clipboard button which copies the text to the clipboard.
- Sharing emails to/from Github identities will now use the Github account's primary email address, rather than the first-listed address.
- Setting BIND_IP to an ipv6 address should now work.
- 👌 Improved styling of "shrink sidebar" button.
- 🛠 Fixed that if you visited a grain URL when not logged in, saw the "request access" screen, then logged in as an identity that already has access, the "request access" screen would continue to display until refresh.
- 🛠 Fixed that "request access" would display for non-existent grain IDs.
- 🛠 Fixed several icons displaying incorrectly on IE, especially in the sharing UI.
- 🛠 Fixed that the API endpoint URL in the (obscure) webkey dialog was showing up as
- If you open a grain URL to which you do not have access -- presumably becaues the owner forgot to share it with you, and thought that just copy/pasting the URL would work -- you will now be presented with the ability to send an access request email.
- Client apps accessing Sandstorm grains via HTTP APIs no longer need to be whitelisted for use of HTTP Basic Auth. As part of this, Sandstorm now allocates a new random hostname for every API key. This change was made so that an upcoming CalDAV apps can be used with any standard CalDAV client. We still prefer new apps use bearer token authorization rather than basic auth.
- 🔒 IP network capabilities can now be granted through the powerbox, opening the door to apps that need to operate at the raw TCP or UDP level -- however, only the server admin is able to grant such capabilities, since it could be a security problem for large shared servers.
- 💻 Shrinking the sidebar is now sticky (remembered by your browser, not by the server).
- It is now possible for developers to recover from losing their app signing key by submitting a pull request against
src/sandstorm/appid-replacements.capnpin the Sandstorm repository.
- 💅 More large internal refactoring to switch to ES6 with JSCS-enforced style checking.
- 🛠 Fixed another issue that could cause spurious errors when returning to grains after losing internet connectivity for a bit.
- 🛠 Fixed problem that caused Groove Basin streams to disconnect.
- 🛠 Oasis: Fixed another problem preventing adding an identity to your account which was already attached to some other empty account.
- 🛠 Oasis: Fixed problem preventing signup keys from being consumed (applies to preorders and Indiegogo customers who hadn't claimed their invites yet).
- ⚡️ Updated glibc for CVE-2015-7547.
- 🛠 Oasis: Fixed a bug that prevented adding an identity that is already attached to an empty account.
- 🎉 Initial version of Picker Powerbox implemented. A grain can now prompt the user to choose one of their other grains to share, and then the requesting grain can present that grain to other users. This could be used e.g. to share securely through a chat room or message board. Look for apps to start using this soon.
- When app search gives no results, we now suggest the user try the app market.
- HTTP headers
If-None-Match: *are now correctly passed through to the app.
- ➕ Added tooltips to all topbar items.
- The "share access" button now works in incognito mode (and suggests copy/pasting the link).
- ♻️ Significant internal refactoring: Now using more ES6 features, and using
- Self-hosting: We now show an explanatory error message in the admin panel if
WILDCARD_HOSTis misconfigured, which we've found is a common mistake.
- 🛠 Oasis: Fixed bug where grains could get stuck at "loading" spinner forever.
- ➕ Added support for HTTP PATCH method.
- 🛠 Fixed inability to revoke some types of shares in the "who has access" dialog.
- ✂ Removed obsolete and confusing
sandstorm reset-oauthshell command.