What a year! What an amazing year for NewReleases! Only looking at the list of all new features and improvements we made, a joy goes over our faces. As in previous years, we have listened and respected users suggestions and desires. This year was especially focused on implemenataion of these ideas. NewReleases started as a simple service, growing through small, but important security and stability improvements, and became a serious project, offering a wide variety of options and conveniences.
First, we want to say thanks for all the nice people that supported us through donations. That was the most subtle way to try to make the service sustainable from the monetary perspective. We are glad to see the appreciation in this way also, which is very important sign that we should continue our work and keep the service free. We are kindly asking to support us or continue to do so if you already did.
The biggest innovation is the introduction of Organizations. This is something we had in plan for a long time, but it took us some time for the idea to mature. Organizations are designed for collaborations between team members on projects that are relevant for all. They allow users to manage multiple lists of projects and their notification preferences without the need to create multiple accounts.
A support for one of the largest Open Source platforms is added. This provider have specific structure of releases, which are in form of concrete files that can be organized in arbitrary directories. This allows you to specify a concrete subdirectory that you want to track releases from. This is a convenient way to filter out files that are not interesting to you, but within the same project. Of course, you can have even more control with exclude regex pattern.
A world of .NET is huge and we have gladly added a support for this important package repository.
Some of a large, important and privacy concerned FOSS projects decided to use a self hosted GitLab for code management and collaboration. This was brought to us also by our users which use them and share similar principles. We decided to give our support, of course!
Having the same GitLab API for self-hosted instances as on the gitlab.com made our technical implementation very easy, even trivial, to extend.
We’ve started with four notable projects Debian, Gnome, KDE and Freedesktop.org which all are managing their own GitLab servers on their own domains. If someone is in need for any other FOSS project support, we would be glad to implement it.
Mattermost notifications joined our family of possible notification channels.
One of the highest requested features is sign in with social network accounts. You can easily sign in to NewReleases with your accounts on GitHub, GitLab, BitBucket, Google and Twitter.
Beside originally implemented options for email frequency on hourly, daily and weekly basis, there was a request for instant email notifications, which is now available.
Also, Common Vulnerabilities and Exposures Labels CVL are trackable now.
We got an interesting challenge from one of our user who is using Gotify. The problem was that our Webhooks were not compatible with it, so we decided to make Webhook Templates for sending a Custom JSON Body.
You can communicate and automate tasks involving NewReleases with only shell scripting as we have made the CLI tool available and open source, as well.
Group projects with simple tags to filter them on dashboard.
One feature was only available in NewReleases API, but not on the website. It’s filtering projects by provider and finally it got a place on dashboard.
List your projects in a new Compact View. Display a larger number of projects per page with only the latest version shown, instead of a number of latest releases alongside every project.
NewReleases is now checking every new password against already compromised passwords completely internally. NIST SP 800-63B guidelines state that user-provided passwords be checked against existing data breaches.
We are using an excellent list of 613M passwords provided by https://haveibeenpwned.com/Passwords. But completely internally. No password or password hash leaves our servers.
Following up on the improved passwords validation, we have made the service that we are using and its source code available on GitHub.
This service is useful for other projects that do not want to send even a part of a password hash to the external service in order to validate if it was already compromised and unsafe to use.
If you have your own open source project, and love and support what we do, make it easy for your users to track new releases of your project, with a shield badge linked to the NewReleases add project page.
Public listing of latest releases is now available at https://newreleases.io/latest. You can use this to get inspired for some new project, or to check what other users find interesting, even before creating an account.
New 2021 is in front of us with a plan to dedicate much more time to improve the service that we love to work on.