Skip to content

chore: v0.1.3 changelog #29

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
peg merged 1 commit into from
Mar 18, 2026
Merged

chore: v0.1.3 changelog #29

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 10 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,16 @@ Versioning: [Semantic Versioning](https://semver.org/)

## [Unreleased]

## [0.1.3] - 2026-03-18

### Fixed
- Unregistered tokens no longer fire the global fallback webhook — probe traffic hitting random/partial token URLs is silently dropped (#23)
- Added 15s timeout to all outbound HTTP clients — CLI no longer hangs forever if snare.sh is unreachable (#19)
- Write `.snare.bak` backup before appending canary content to existing config files; backup cleaned up on successful disarm (#18)
- Dashboard authentication replaced ?token= query param with HttpOnly session cookie — prevents token leakage to browser history and server logs (#22)
- Session cookie Secure flag is conditional on TLSDomain — plain HTTP self-hosted deployments now work correctly
- Release checksums signed with Sigstore/cosign for tamper verification (#21)

## [0.1.2] - 2026-03-18

### Added
Expand Down
Loading