This is a security fix release. Please consider upgrading it.
- Fixed a bunch of security issues found by huntr.dev
Reject the current user operation if the user has just been de-activated.
Secure the access token to prevent CSRF attack.
Disallow Bytebase to be loaded in an iframe.
- Thanks @jiweiyuan to fix our first good first issue
📕 Upgrade instruction
- For fresh installation, follow https://github.com/bytebase/bytebase#installation.
- If you upgrade from 0.7.0, no migration needed. If you upgrade before 0.7.0, there is some breaking schema change, please contact email@example.com and we will help you manually upgrade to the new version.