github BradGroux/veritas-kanban v2.1.1
v2.1.1 — Reverse Proxy Support
on GitHub

latest releases: v2.1.3, v2.1.2
12 hours ago

Fixed

  • Reverse Proxy Support (#100) — Added TRUST_PROXY environment variable for deployments behind nginx, Caddy, Traefik, Synology DSM, and other reverse proxies. Fixes express-rate-limit ValidationError and WebSocket authentication loops caused by untrusted X-Forwarded-For headers.
    • Supports hop counts (TRUST_PROXY=1), named values (loopback, linklocal), and subnet strings
    • TRUST_PROXY=true is blocked by default (security hardening — logs warning, falls back to no trust)
    • Disabled by default — no behavior change for existing deployments
    • Documentation added for nginx, Caddy, and Docker Compose configurations

Security

  • Blocked TRUST_PROXY=true to prevent accidental trust-all-proxies misconfiguration on public-facing deployments

Docs Updated

  • CHANGELOG.md — v2.1.1 entry
  • README.md — version badge bumped
  • docs/DEPLOYMENT.md — reverse proxy guidance (nginx + Caddy)
  • docs/TROUBLESHOOTING.md — rate limit error fix
  • docs/GETTING-STARTED.md — TRUST_PROXY env var reference

Full Changelog: v2.1.0...v2.1.1

Thanks to @Casenl for reporting this issue! 🎉

Check out latest releases or
releases around BradGroux/veritas-kanban v2.1.1

Don't miss a new veritas-kanban release

NewReleases is sending notifications on new releases.

Get notifications