Skip to content

Releases: UN-OCHA/hid-api

Production 2022-12-08

17 Nov 10:17
@rupl rupl
v5.1.9
f021cc6
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Production 2022-12-08

5.1.9 (2022-11-17)

⚠️ Note: this deploy was moved to 8 Dec 2022 in order to avoid conflicting with GHO launch. The title has been edited to reflect the schedule change.

Bug Fixes

  • add csp settings (79c8589)
  • allow new GTM inline script (161324e), closes #383
  • security: regular dependency updates
Assets 2
Loading

Production 2022-10-06

22 Sep 15:10
@rupl rupl
v5.1.8
a27b074
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Production 2022-10-06

5.1.8 (2022-09-22)

Bug Fixes

  • correct paths for alert include within settings pages (fb5dd80)
  • update tracking code to use GTM/GA4 (1be35f2)
  • Use the shared build action with tagging, notifications and pushing. (fabb069)
Assets 2
Loading

Production 2022-08-11

28 Jul 08:28
@rupl rupl
v5.1.7
899e8f8
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Production 2022-08-11

5.1.7 (2022-07-28)

Bug Fixes

  • security: security updates to dependencies (aef65eb)
Assets 2
Loading

Production 2022-07-14

30 Jun 10:21
@lazysoundsystem lazysoundsystem
v5.1.6
3b946d9
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Production 2022-07-14

5.1.6 (2022-06-30)

Bug Fixes

  • update packages for security (e309d09)
Assets 2
Loading

Production 2022-06-16

02 Jun 14:05
@lazysoundsystem lazysoundsystem
v5.1.5
e76a8a7
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Production 2022-06-16
  • security: Update EJS and regular security updates
Assets 2
Loading

Production 2022-05-19

03 May 09:16
@lazysoundsystem lazysoundsystem
v5.1.4
b952e7b
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Production 2022-05-19
  • security: dependabot updates, nodejs update
Assets 2
Loading

Production 2022-04-21

07 Apr 14:11
@lazysoundsystem lazysoundsystem
v5.1.3
a70b1d0
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Production 2022-04-21

Read the CHANGELOG for a complete history of changes.

5.1.3 (2022-04-07)

Bug Fixes

  • security: updates to dependencies

  • prevent errors during OAuth dialog confirmations (c98b59f)

Assets 2
Loading

Production 2022-02-24

04 Feb 12:17
@rupl rupl
v5.1.2
2c1e1ad
Compare
Choose a tag to compare
Production 2022-02-24

Read the CHANGELOG for a complete history of changes.

5.1.2 (2022-02-04)

Bug Fixes

  • logs: supply correct client_id value when generating OAuth tokens (289f06a)
  • ux: when displaying user-friendly registration errors, parse for new error strings (33334b1)
  • security: updates to dependencies
Assets 2
Loading

Production 2022-01-27

14 Jan 11:36
@rupl rupl
v5.1.1
0757de7
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
Production 2022-01-27

See the CHANGELOG for a complete history of changes.

5.1.1 (2022-01-13)

Bug Fixes

  • adjust copy of french emails (81cf9ce)
  • adjust copy of french emails again (9832d35)
  • create users with minimal attributes (c57d9af)
  • drop mentions of info@hid and provide registration link in admin_delete email (ad867fa)
  • drop obsolete HID Contacts notify method (53b26b7)
  • drop obsolete property User.createdBy (18f5a7c)
  • implement UserPolicy.canDestroy as policy for UserController.destroy (842dd35)
  • log more events and metadata (e397dd9)
  • log something when we issue OAuth/JWT tokens (8c7f91d)
  • make User.isStrongDictionary static in order to use it when creating users (f4f0060)
  • migration to drop User.createdBy field (2d4d43b)
  • really really fix AuthPolicy setup (db19788)
  • remove all Notifications templates (04aceb2)
  • remove app_verify_url from UserController.create (714dcf1)
  • remove HID Contacts code from UserPolicy.canDestroy (aa308e8)
  • remove special-casing for IASC tokens (9ace65b)
  • require family/given names when creating users via API (662b703)
  • restore 2FA to admin actions that require it (30aace2)
  • use a dedicated email notification for deleting unverified accounts (7df4ad6)
  • validate email when creating users via API call (d596e30)
Assets 2
Loading

Production 2021-12-02

18 Nov 11:06
@rupl rupl
v5.1.0
495d3fb
Compare
Choose a tag to compare
Production 2021-12-02

See the CHANGELOG for a complete history of changes.

5.1.0 (2021-11-18)

Features

  • auth: confirmed recovery email addresses can be used to login (dcb51c9)
  • security: passwords must now pass a dictionary test in addition to all existing requirements (5b8fdae)

Bug Fixes

  • email: clarify email notification when adding recovery address to profile (ee502b2)
  • email: fix footer inclusion in FR alert email (13d25f8)
  • email: make EN template closure more consistent (aa1bb41)
  • email: remove CTA for email support from email_alert (c0dfaa0)
  • email: remove CTA for email support from reset_password (6bdd0ea)
  • email: remove email wording related to HID Contacts (af8905e)
  • email: remove legacy command and email template special_password_reset (5433630)
  • email: remove legacy email template verification_expiry (d3787ca)
  • email: update EN/FR email footers to remove email and add FAQs (a7e7da8)
  • email: update wording in FR templates and make introduction and closure more consistent (de0d806)
  • log password update/reset errors with consistent metadata (70f8769)
  • point users to FAQs for common errors (7824e8e)
  • provide more specific error when password did not meet guidelines (6a0ede6)
  • security: do explicit case-insensitive string matching before passing to cracklib (f4141da)
  • security: isStrongDictionary auto-compares email, and logs feedback when present (9689e8b)
  • security: isStrongDictionary compares password to family, given, and each email address (3b83d60)
  • security: only destroy session after password reset succeeds (0d30eea)
  • security: only destroy session after password reset succeeds (f1db7c9)
  • theme: update CD and implement Header nav (02e984e)
  • upgrade qrcode and underlying dependencies (50a4bb8)
  • when password requirements are not met during password reset, show form again (80803bf)

Full commit log: v5.0.1...v5.1.0

Assets 2
Loading