Releases: dazoakley/bandiera
v4.0.5
What's Changed
- Update deps by @dazoakley in #76
This also resolves CVE-2021-43618 due to including updated alpine packages.
Full Changelog: v4.0.4...v4.0.5
Contributors
Assets 2
v4.0.4
What's Changed
- Update ruby and gem dependencies by @dazoakley in #67
This will also cover off CVE-2021-43809 as a newer (fixed) version of bundler is included in the build.
Full Changelog: v4.0.3...v4.0.4
Contributors
Assets 2
v4.0.3
Security update to the base alpine image (resolves CVE-2021-41817).
v4.0.2
b265e7b
dazoakley
Darren Oakley
Refactor how the Dockerfile is configured. This will allow things to run on kubernetes with strict pod security
policies in place.
- Install all gems and binaries within /home/bandiera as the root user
- Run as an unprivileged user (id: 2000, name: bandiera)
- Remove some warnings when starting up puma
v4.0.1
Security update to resolve CVE-2021-23214 (https://www.postgresql.org/support/security/CVE-2021-23214/).
v4.0.0
7547ae6
dazoakley
Darren Oakley
Re-implementation of the audit logging feature - this unfortunately is a backwards incompatible change, hence the major version bump. As part of the database migration it will truncate your audit_records table. Audit logging is now permanently on (with no option to remove).
Removed the syslog logging capabilities and now default to logging to STDOUT. This is the norm for containerised applications and running via a container is our recommended deployment option.
Removed the statsd based metrics capabilities and now just provide prometheus metrics (on /metrics). Prometheus seems more prevalent these days...
Removed the dependency on a very outdated gem - macmillan-utils.
Removed the unicorn config. As the container is the recommended deployment option (and this uses puma), this was no longer needed.