github netresearch/ofelia v0.17.0
on GitHub

latest releases: v0.25.0, v0.24.0, v0.23.1...
5 months ago

Highlights

This release brings secure web authentication, new notification presets, and a major test infrastructure overhaul that reduced test suite runtime by ~80%.

New Features

Secure Web Authentication (#408)

  • Complete bcrypt password hashing with HMAC session tokens
  • Secure cookie handling with HttpOnly, Secure, and SameSite flags
  • Support for reverse proxy HTTPS detection (X-Forwarded-Proto header)
  • New password hashing utility: ofelia hashpw
  • Web auth validation added to ofelia doctor command

Documentation: Web Authentication Setup | Web Package Security

ntfy-token Notification Preset (#409)

  • Bearer token authentication for self-hosted ntfy instances
  • Works with both ntfy.sh cloud and self-hosted deployments

Documentation: ntfy Webhook Configuration

Webhook Host Whitelist (#410)

  • New webhook-allowed-hosts configuration option
  • Default: * (allow all hosts) - consistent with local command trust model
  • Whitelist mode when specific hosts are configured
  • Supports domain wildcards (e.g., *.slack.com)

Documentation: Webhook Host Whitelist | Security Model

CronClock Interface (#412)

  • Testable time abstraction for scheduler testing
  • FakeClock implementation for instant, deterministic tests
  • go-cron compatible Timer interface

Security

Cookie Security Hardening (#411)

  • All cookies now set Secure, HttpOnly, and SameSite=Lax flags
  • HTTPS detection for reverse proxy deployments
  • New ADR-002: Security Boundaries documenting the security responsibility model

Documentation: Security Considerations

GitHub Actions Security (#411)

  • All workflow actions pinned to SHA for supply chain security
  • CodeQL updated to v3.31.9

Improvements

Test Infrastructure Overhaul (#412)

  • Complete migration from gocheck to stdlib + testify
  • New Eventually pattern replacing time.Sleep-based synchronization
  • Parallel test execution with t.Parallel()
  • Race condition fixes detected by -race flag
  • Test suite runtime reduced by ~80%

Linting (#413)

  • Comprehensive golangci-lint configuration audit
  • All linting issues resolved

Dependencies (#405, #406)

  • Upgraded to go-cron v0.7.1
  • Removed race condition workarounds

Included in this release

View all PRs and Issues included in this release

Check out latest releases or
releases around netresearch/ofelia v0.17.0

Don't miss a new ofelia release

NewReleases is sending notifications on new releases.

Get notifications