-
Notifications
You must be signed in to change notification settings - Fork 259
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
3 changed files
with
103 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,100 @@ | ||
<h1>v<%= releaseVersion %></h1> | ||
|
||
<p class='info-icon'>Be sure to keep up with the latest releases by subscribing to the | ||
<a href='http://mbtest.org/feed'>ATOM feed</a>.</p> | ||
|
||
<p>This patch release resolves a security vulnerability unearthed by <a href='https://github.com/dcRUSTy'>dcRUSTy</a>.</p> | ||
|
||
<h2>New Features</h2> | ||
<ul class='bullet-list'> | ||
<li>Allow overriding the <a href='//<%= host %>/docs/api/proxies'>cipher suite</a> for HTTP proxies</li> | ||
</ul> | ||
|
||
<h2>Bug Fixes</h2> | ||
<ul class='bullet-list'> | ||
<li>All IP whitelisting CLI parameters (<code>--localOnly</code> and <code>--ipWhiteList</code>) | ||
were not killing the server end of the socket. In practice, this meant that even though the client | ||
connection was killed, the server operation (e.g. creating an imposter) would still succeed. This | ||
release ensures that both ends of the socket are immediately closed if the connection originates | ||
from an invalid IP address.</li> | ||
</ul> | ||
|
||
<h2>Contributors</h2> | ||
<p>Many thanks to the following kind folks for help with this release, either through bug reports, | ||
suggestions, or direct code contributions:</p> | ||
|
||
<ul class='bullet-list'> | ||
<li>dcRUSTy</li> | ||
</ul> | ||
|
||
<h2>Install</h2> | ||
|
||
<pre><code>npm install -g mountebank@<%= releaseVersion %></code></pre> | ||
|
||
<p>or:</p> | ||
|
||
<table> | ||
<tr> | ||
<th>Option</th> | ||
<th>node.js required?</th> | ||
<th>sudo required?</th> | ||
<th>links</th> | ||
<th>Description</th> | ||
</tr> | ||
<tr> | ||
<td>Self-contained archives</td> | ||
<td>No</td> | ||
<td>No</td> | ||
<td style="min-width: 5em;"> | ||
<ul> | ||
<li><a href="https://s3.amazonaws.com/mountebank/v<%= releaseMajorMinor %>/mountebank-v<%= releaseVersion %>-darwin-x64.tar.gz">osx</a></li> | ||
<li><a href="https://s3.amazonaws.com/mountebank/v<%= releaseMajorMinor %>/mountebank-v<%= releaseVersion %>-linux-x86.tar.gz">linux x86</a></li> | ||
<li><a href="https://s3.amazonaws.com/mountebank/v<%= releaseMajorMinor %>/mountebank-v<%= releaseVersion %>-linux-x64.tar.gz">linux x64</a></li> | ||
<li><a href="https://s3.amazonaws.com/mountebank/v<%= releaseMajorMinor %>/mountebank-v<%= releaseVersion %>-win-x86.zip">win x86<sup>*</sup></a></li> | ||
<li><a href="https://s3.amazonaws.com/mountebank/v<%= releaseMajorMinor %>/mountebank-v<%= releaseVersion %>-win-x64.zip">win x64<sup>*</sup></a></li> | ||
</ul> | ||
</td> | ||
<td>Simply unpack and run <code>mb</code> from inside</td> | ||
</tr> | ||
<tr> | ||
<td>OS-specific packages</td> | ||
<td>No</td> | ||
<td>Yes</td> | ||
<td> | ||
<ul> | ||
<li><a href="https://s3.amazonaws.com/mountebank/v<%= releaseMajorMinor %>/mountebank-v<%= releaseVersion %>.pkg">pkg</a></li> | ||
<li><a href="https://s3.amazonaws.com/mountebank/v<%= releaseMajorMinor %>/mountebank-<%= releaseVersion %>-1.x86_64.rpm">rpm</a></li> | ||
<li><a href="https://s3.amazonaws.com/mountebank/v<%= releaseMajorMinor %>/mountebank_<%= releaseVersion %>_amd64.deb">deb</a></li> | ||
</ul> | ||
</td> | ||
<td>Puts <code>mb</code> at <code>/usr/local/bin</code>, which is generally in the <code>PATH</code>.</td> | ||
</tr> | ||
<tr> | ||
<td>source tarball</td> | ||
<td>Yes</td> | ||
<td>No</td> | ||
<td> | ||
<ul> | ||
<li><a href="https://s3.amazonaws.com/mountebank/v<%= releaseMajorMinor %>/mountebank-v<%= releaseVersion %>-npm.tar.gz">mb</a></li> | ||
</ul> | ||
</td> | ||
<td>source tarball if you roll that way.</td> | ||
</tr> | ||
</table> | ||
|
||
<h2 id='windows-path-limitations'>Windows path limitations</h2> | ||
|
||
<p><sup>*</sup>mountebank wishes very much for your Windows experience to be hassle-free, but he is simply not qualified to address | ||
a particular constraint of Windows Explorer. For legacy reasons, some Windows applications, including most notably Windows Explorer, | ||
have a maximum number of characters allowed in a path of 260 characters. As mountebank writes these words, the longest path he | ||
includes in the zip files is around 175 characters. The zip file name, which is likely to represent itself as <i>two</i> | ||
nested directories if you use the defaults to unzip it, will be around 25 characters. That gives you very little wiggle room. | ||
If you unzip the file in your users directory, you may very likely get an error because of this constraint.</p> | ||
|
||
<p>The following solutions will all work:</p> | ||
|
||
<ul class='bullet-list'> | ||
<li>Unzip to the root of your C: drive (or a similar small path)</li> | ||
<li>Use <a href='http://www.7-zip.org/'>7zip</a> to unzip the file instead of Windows Explorer</li> | ||
<li>Use <code>npm</code> to install mountebank instead of the zip file</li> | ||
</ul> |