v0.10.0
kopia-builder
released this
14 Jan 06:32
·
1190 commits
to master
since this release
Security
This is a recommended update for all users as it fixes a security vulnerability in self-hosted website UI (not the desktop app):
- prevent cross-site request forgery in the UI website by @jkowalski in #1653
Breaking Change
- server: support for server control APIs and tooling by @jkowalski in #1644
This removes some APIs that were unintentionally exposed to the UI moves them to new /api/v1/control
endpoing. Also adds support for server-control
user and set of administrative APIs for controlling a running kopia server externally.
What's Changed
- logging: log maximum concurrency level when talking to backend storage by @jkowalski in #1629
- kopiaui: added menu option prompting users to manually upgrade when auto-update fails by @jkowalski in #1655
- ui: embed version info in index.html by @jkowalski in #1656
Dependencies
- build(deps-dev): bump electron-builder from 22.14.6 to 22.14.11 in /app by @dependabot in #1640
- build(deps-dev): bump concurrently from 6.5.0 to 6.5.1 in /app by @dependabot in #1638
- build(deps): bump electron-log from 4.4.3 to 4.4.4 in /app by @dependabot in #1639
- build(deps): bump github.com/minio/minio-go/v7 from 7.0.18 to 7.0.20 by @dependabot in #1642
- build(deps): bump github.com/aws/aws-sdk-go from 1.42.23 to 1.42.25 by @dependabot in #1641
Nits
- small error on domain name example at the end. by @icepic in #1627
- nit: fixed benign test data race by @jkowalski in #1635
- server: moved serving of static files to internal/server package by @jkowalski in #1637
- testing: fixed test flake in TestSnapshotCounters by @jkowalski in #1645
- chore(infra): enforce structural commit messages and PR titles by @jkowalski in #1646
Full Changelog: v0.9.8...v0.10.0