Skip to content

v0.9.5

Latest
Latest

Choose a tag to compare

View all tags
@DorianZheng DorianZheng released this 16 May 13:14
· 159 commits to main since this release
v0.9.5
7f8df26
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Security

If you are still running boxlite < 0.9.0, upgrade. Two Critical vulnerabilities were fixed in 0.9.0:

Surfacing this here is intended for users not covered by Dependabot — curl | sh installer, prebuilt C SDK / native library, vendored source, cargo audit (uses RustSec, not the GitHub Advisory Database). See SECURITY.md.

What's Changed

  • ci(e2e): rescue logs, disk precheck, attempt-namespaced artifacts by @DorianZheng in #508
  • feat(release): sh.boxlite.ai Cloudflare Worker for installer by @DorianZheng in #510
  • docs(cli): add CLI reference + README CLI Quick Start by @DorianZheng in #511
  • Fix mobile credential row overflow by @DorianZheng in #513
  • chore(deps): bump astro from 6.1.6 to 6.1.10 in /apps in the npm_and_yarn group across 1 directory by @dependabot[bot] in #514
  • fix(runner): pong-based liveness for WebSocket attach sessions by @DorianZheng in #516
  • chore(deps): add lint:yarn-lock make target + pre-commit hook by @DorianZheng in #517
  • fix(dashboard): constrain dialog grid/flex children so long values stay inside on mobile by @DorianZheng in #518
  • feat(dashboard): mobile-first sandbox terminal and VNC by @DorianZheng in #521
  • fix(runner): SSH gateway uses BoxLite exec (ssh -p 2222 back online) by @DorianZheng in #524
  • fix(dashboard): RP-initiated logout fallback for non-compliant IdPs by @DorianZheng in #526
  • fix(runtime): preserve box record on init failure as Failed state by @DorianZheng in #520
  • feat(api): single bearer auth, /v1/me, RFC 8628 device flow endpoints by @DorianZheng in #527
  • feat(api): drop OAuth device-flow endpoints + schemas from spec by @DorianZheng in #531
  • fix: move test cache under workspace target by @uran0sH in #533
  • feat(auth): bearer auth + RFC 8628 device flow (SDK + CLI + server stubs) by @DorianZheng in #532
  • test: keep-going matrix via FAIL_FAST + FILTER for every suite by @DorianZheng in #534
  • refactor(node): move rest bag adaptation into the napi binding by @DorianZheng in #536
  • fix(runtime): prune embedded cache by each dir's own build profile by @DorianZheng in #537
  • chore(sdk): bump SDK patch version 0.9.4 -> 0.9.5 by @DorianZheng in #538
  • test(security): GHSA-g6ww-w5j2-r7x3 Python regression + advisory note by @DorianZheng in #539
  • test(security): GHSA-f396-4rp4-7v2j Python regression + advisory note by @DorianZheng in #540

Full Changelog: v0.9.4...v0.9.5

Contributors

DorianZheng, dependabot, and uran0sH
Assets 43
Loading