Skip to content

1.8.0

Compare
Choose a tag to compare
@dani-garcia dani-garcia released this 23 Mar 18:57
349cb33
  • Secrets are now hidden by default in the admin panel.
  • Now the version is shown in the top right corner of the admin page.
  • Read only settings are also shown in the admin panel, but not editable.
  • Added option to admin panel to force resync users, useful after restoring an old backup.
  • Implemented multiple U2F support, with custom names and compromised checks.
  • Emails now also include an HTML version next to the plaintext version. It's up to the email clients which one to show now.
  • Updated vault to 2.9.0
  • Implemented constant time comparison for admin password and two factor remember and recover tokens.
  • Added more config options:
    • Icon download timeout
    • Hide routes mount points, enabled by default
    • Disable WAL (not recommended, only for network filesystems that have problems with WAL enabled)
    • Disable Admin token (unsafe, only use when behind another authentication scheme).
    • Use wrapped TLS for email, when STARTTLS doesn't work.
    • Icon downloader domain blacklist, to block anything that might be sensitive, lik other servers in the local network.
  • Updated dependencies and fixed minor bugs