[ANN] Clojars 122 - login with GitHub OAuth
12 views
Skip to first unread message
Toby Crawley
Nov 7, 2020, 10:15:06 AM11/7/20
to clojars-maintainers
Howdy folks!
We just released Clojars 122. Here is what changed since the last
announcement (for 114):
- A fix in the generate-feeds logic that allows for a version segment
that is longer than an int
- A fix for a possible XSS vulnerability via :licenses or :scm in the
pom file (thanks to Renato Alencar[1] for the report)
- A fix in the authentication flow that was rejecting unauthenticated
deploy requests too early, preventing the "deploy token is required"
message from being returned
- GitHub will now report any deploy tokens found in public
commits/comments. Clojars will disable the token and email the owner
(this functionality existed pre-114, but the change on the GitHub side
was deployed since)
- You can now login via OAuth with your GitHub account (thanks again
to Renato Alencar[1] for adding this)
Changelogs:
- clojars-web: https://github.com/clojars/clojars-web/compare/114...122
- clojars-server-config:
https://github.com/clojars/clojars-server-config/compare/4e5de00fefc17846f8bd423b7f84ceb7a62042af...968217483bd07e61d4515bd78b91d56c484b5c21
[1]: https://github.com/renatoalencar
- Toby
We just released Clojars 122. Here is what changed since the last
announcement (for 114):
- A fix in the generate-feeds logic that allows for a version segment
that is longer than an int
- A fix for a possible XSS vulnerability via :licenses or :scm in the
pom file (thanks to Renato Alencar[1] for the report)
- A fix in the authentication flow that was rejecting unauthenticated
deploy requests too early, preventing the "deploy token is required"
message from being returned
- GitHub will now report any deploy tokens found in public
commits/comments. Clojars will disable the token and email the owner
(this functionality existed pre-114, but the change on the GitHub side
was deployed since)
- You can now login via OAuth with your GitHub account (thanks again
to Renato Alencar[1] for adding this)
Changelogs:
- clojars-web: https://github.com/clojars/clojars-web/compare/114...122
- clojars-server-config:
https://github.com/clojars/clojars-server-config/compare/4e5de00fefc17846f8bd423b7f84ceb7a62042af...968217483bd07e61d4515bd78b91d56c484b5c21
[1]: https://github.com/renatoalencar
- Toby
Reply all
Reply to author
Forward
0 new messages