mtlynch/picoshare 1.5.2
on GitHub

5 hours ago

Security fixes

Sandbox uploaded file responses by @roxy5201314 in #760
- Prevents a scenario where a malicious user with access to a guest upload link uploads malicious JavaScript and tricks the instance owner into viewing it.
Return early after rejecting inactive guest uploads by @roxy5201314 in #761
- Prevents users from uploading to inactive guest links
Use crypt/rand instead of math/rand by @mtlynch in #733
- Reduces the likelihood of predicting random IDs

Improvements

Replace bulma with bootstrap5 by @mtlynch in #718
Replace modd with air for local development by @mtlynch in #736
Add PS_SHARED_SECRET_FILE support for Docker Secrets by @gene1wood in #750

New Contributors

@gene1wood made their first contribution in #750
@roxy5201314 made their first contribution in #761

Full Changelog: 1.5.1...1.5.2

Check out latest releases or
releases around mtlynch/picoshare 1.5.2

Don't miss a new picoshare release

NewReleases is sending notifications on new releases.

Get notifications