4 posts tagged with "security"

This release focuses on improving static sites build reliability and fixing various deployment issues, along with security and usability improvements.

Highlights:

• Updated sites Node.js engine version for better compatibility
• Added install command support for Hostless site builds
• Improved site build context path handling
• Reset ALTCHA verification for improved spam prevention

Fixes:

• Fixed handling of undefined buildSystem for Hostless sites
• Fixed sites build manifest post-processing
• Fixed GitHub repository listing when no repos exist
• Fixed site name validation to prevent spaces
• Fixed billing and sites deployment issues

Notes:

• No breaking changes expected for typical usage
• Static site builds are now more reliable with improved error handling
• Site names no longer accept spaces for better URL compatibility
• GitHub integration handles empty repository lists gracefully

This release enhances application security with read-only filesystem protection and optimizes container image storage for better performance.

Highlights:

• Added read-only filesystem security for deployed applications
• Optimized image registry storage
• Enhanced application isolation and security posture
• Improved temporary storage handling for application processes

Fixes:

• Fixed manual scaling edge cases

Notes:

• No breaking changes expected for typical usage
• Applications now run with enhanced filesystem security by default
• Image storage optimizations reduce resource usage
• Existing deployments continue to work without modification

This release improves application security and adds infrastructure tooling for platform maintenance.

Highlights:

• Added security context to improve isolation and deployments
• Upgraded build capabilities for better compatibility
• Updated database security configurations

Notes:

• No breaking changes expected for typical usage
• Application now run with enhanced security contexts
• Build processes have improved capabilities for complex builds
• These changes improve overall platform security posture

This release introduces ALTCHA, an open-source CAPTCHA solution, to combat spam and protect user accounts during signup and login.

Highlights:

• Added ALTCHA verification to login and signup flows
• Implemented privacy-first, self-hosted CAPTCHA solution
• Enhanced security against automated account creation
• Seamless user experience with proof-of-work verification
• No external dependencies or third-party tracking

Notes:

• ALTCHA verification is now required for all new account signups
• ALTCHA verification is required for email/password login
• The verification process is automatic and typically completes in seconds
• No breaking changes for existing authenticated users
• OAuth login methods (GitHub, GitLab) are not affected by this change