Releases: phasehq/console
v2.54.2
What's Changed
Important
This release contains a number of security fixes that remediate vulnerabilities that were discovered in the latest external penetration test that was commissioned by Phase. As part of one of the security fixes, the Phase backend is now referencing the X_REAL_IP HTTP header to detect client IP. Please make sure your middleware (Such as Nginx, Cloudflare or Treafik) is setting this header correctly, if you are using a custom configuration. You can find examples in our Docs here.
- feat: Self-hosting nginx config improvements by @nimish-ks in #688
- feat: add misc graphql validation rules by @rohan-chaturvedi in #686
- chore(deps-dev): bump js-yaml from 3.14.1 to 3.14.2 in /frontend by @dependabot[bot] in #690
- chore: bump glob to 10.5.0 by @rohan-chaturvedi in #691
- fix: secret editor performance by @rohan-chaturvedi in #689
Full Changelog: v2.54.1...v2.54.2
Contributors
Assets 2
v2.54.1
Important
This release contains a number of security patches including a fix for a critical SQL injection vulnerability in Django. It is highly recommended to upgrade to this version as soon as possible.
What's Changed
- chore(deps): bump cryptography from 42.0.4 to 44.0.1 in /backend by @dependabot[bot] in #458
- chore(deps): bump requests from 2.31.0 to 2.32.4 in /backend by @dependabot[bot] in #581
- chore(deps): bump urllib3 from 1.26.18 to 2.5.0 in /backend by @dependabot[bot] in #589
- Build(deps): bump twisted from 23.10.0 to 24.7.0 in /backend by @dependabot[bot] in #359
- Build(deps): bump micromatch from 4.0.5 to 4.0.8 in /frontend by @dependabot[bot] in #356
- Build(deps): bump idna from 3.4 to 3.7 in /backend by @dependabot[bot] in #228
- chore(deps): bump nanoid from 3.3.7 to 3.3.11 in /frontend by @dependabot[bot] in #545
- chore(deps): bump tmp and inquirer in /frontend by @dependabot[bot] in #675
- chore(deps): bump brace-expansion in /frontend by @dependabot[bot] in #677
- Build(deps): bump djangorestframework from 3.14.0 to 3.15.2 in /backend by @dependabot[bot] in #283
- chore: bump next to 14.2.32 by @rohan-chaturvedi in #680
- Build(deps): bump ip from 2.0.0 to 2.0.1 in /frontend by @dependabot[bot] in #249
- chore: remove npm dependency by @rohan-chaturvedi in #681
- chore: bump next-auth to 4.24.13 by @rohan-chaturvedi in #682
- chore(deps): bump django from 4.2.25 to 4.2.26 in /backend by @dependabot[bot] in #684
- chore: bump to 2.54.1 by @rohan-chaturvedi in #685
Full Changelog: v2.54.0...v2.54.1
Contributors
Assets 2
v2.54.0
Important
This release includes database migrations that must be run when upgrading to this version. This migration can take several minutes to an hour for tables with millions of rows, and is designed to be run concurrently on a live instance. It is highly recommended to run this migration externally after deploying the backend, to prevent blocking deployment. For more information, please see docs.
What's Changed
- fix: optimize log count calculation for large querysets by @rohan-chaturvedi in #667
- chore(deps): bump django from 4.2.22 to 4.2.25 in /backend by @dependabot[bot] in #649
- chore(deps): bump axios from 1.8.2 to 1.12.0 in /frontend by @dependabot[bot] in #644
- chore(deps): bump jspdf from 3.0.1 to 3.0.2 in /frontend by @dependabot[bot] in #670
- Build(deps): bump cross-spawn from 7.0.3 to 7.0.6 in /frontend by @dependabot[bot] in #392
- Build(deps): bump braces from 3.0.2 to 3.0.3 in /frontend by @dependabot[bot] in #279
- chore: upgrade reaviz to version 15.19.1 and update related dependencies by @rohan-chaturvedi in #673
- Build(deps): bump ws from 8.17.0 to 8.18.0 in /frontend by @dependabot[bot] in #335
- Build(deps): bump dset from 3.1.3 to 3.1.4 in /frontend by @dependabot[bot] in #363
- chore(deps): bump rollup and reaviz in /frontend by @dependabot[bot] in #674
- feat: add database indexes for SecretEvent model to improve query performance by @rohan-chaturvedi in #669
- fix: prevent org names from being reformatted with startCase by @rohan-chaturvedi in #672
- chore: Bump version from v2.53.2 to v2.54.0 by @rohan-chaturvedi in #678
- Build(deps): bump certifi from 2023.7.22 to 2024.7.4 in /backend by @dependabot[bot] in #287
Full Changelog: v2.53.2...v2.54.0
Contributors
Assets 2
v2.53.2
What's Changed
- feat: vercel custom environment support by @rohan-chaturvedi in #663
- chore: bump version from v2.53.1 to v2.53.2 by @rohan-chaturvedi in #666
Full Changelog: v2.53.1...v2.53.2
Contributors
Assets 2
v2.53.1
What's Changed
- feat: sync secrets GitHub environments by @nimish-ks in #650
- chore: bump version from v2.53.0 to v2.53.1 by @rohan-chaturvedi in #655
- refactor: improve breadcrumbs and page titles by @rohan-chaturvedi in #626
- fix: cleanup frontend dependencies, tsconfig by @rohan-chaturvedi in #653
- feat: support manual github credential setup by @rohan-chaturvedi in #662
- feat: [dev] create dummy users by @rohan-chaturvedi in #586
- fix: replace full_clean with clean in ServiceAccountToken save method by @rohan-chaturvedi in #665
Full Changelog: v2.53.0...v2.53.1
Contributors
Assets 2
v2.53.0
What's Changed
Important
This release includes database migrations that must be run when upgrading to this version. For more information, please see docs.
- fix: min ttl + logs filter permissions by @rohan-chaturvedi in #648
- fix: local dev server by @nimish-ks in #646
- feat: service account kms by @nimish-ks in #634
- feat: external identities - AWS IAM by @nimish-ks in #635
Full Changelog: v2.52.0...v2.53.0
Contributors
Assets 2
v2.52.0
What's Changed
Important
This release includes database migrations that must be run when upgrading to this version. For more information, please see docs.
- feat: dynamic secrets by @rohan-chaturvedi in #638
Full Changelog: v2.51.0...v2.52.0
Contributors
Assets 2
v2.51.0
What's Changed
- feat: update CommandPalette title by @nimish-ks in #636
- feat: login banner message text by @nimish-ks in #637
- feat: support multi-line secrets by @rohan-chaturvedi in #631
- fix: Add App search component by @nimish-ks in #639
Full Changelog: v2.50.3...v2.51.0
Contributors
Assets 2
v2.50.3
What's Changed
- chore: fix dev docker compose by @rohan-chaturvedi in #628
- feat: add env timestamps, index to tokens api response by @rohan-chaturvedi in #629
- chore: bump version to v2.50.3 by @nimish-ks in #630
Full Changelog: v2.50.2...v2.50.3
Contributors
Assets 2
v2.50.2
What's Changed
- feat: add stripe customer portal by @rohan-chaturvedi in #627
Full Changelog: v2.50.1...v2.50.2