mirror of
https://github.com/restic/rest-server.git
synced 2025-12-07 09:36:13 -08:00
Reword changelogs
This commit is contained in:
Michael Eischer
@@ -1,8 +1,9 @@
|
||||
Bugfix: Fix Docker configuration for DISABLE_AUTHENTICATION
|
||||
Bugfix: Fix Docker configuration for `DISABLE_AUTHENTICATION`
|
||||
|
||||
A regression was introduced which caused the DISABLE_AUTHENTICATION environment
|
||||
variable to stop working in Docker configurations. This has been fix by
|
||||
automatically setting the option `--no-auth` to disable authentication.
|
||||
rest-server 0.10.0 introduced a regression which caused the
|
||||
`DISABLE_AUTHENTICATION` environment variable to stop working for the Docker
|
||||
container. This has been fixed by automatically setting the option `--no-auth`
|
||||
to disable authentication.
|
||||
|
||||
https://github.com/restic/rest-server/issues/119
|
||||
https://github.com/restic/rest-server/pull/124
|
||||
|
||||
@@ -14,4 +14,3 @@ curl -v -X DELETE -u foo/config:attack http://localhost:8000/foo/config
|
||||
https://github.com/restic/rest-server/issues/131
|
||||
https://github.com/restic/rest-server/pull/132
|
||||
https://github.com/restic/rest-server/pull/137
|
||||
|
||||
|
||||
@@ -1,8 +1,9 @@
|
||||
Change: Build rest-server at docker container build time
|
||||
|
||||
Add a build stage such that the latest rest-server is always built and packaged.
|
||||
This is done in a standard golang container to ensure a clean build environment
|
||||
and only the final binary is shipped rather than the whole build environment.
|
||||
The Dockerfile now includes a build stage such that the latest rest-server is
|
||||
always built and packaged. This is done in a standard golang container to
|
||||
ensure a clean build environment and only the final binary is shipped rather
|
||||
than the whole build environment.
|
||||
|
||||
https://github.com/restic/rest-server/issues/146
|
||||
https://github.com/restic/rest-server/pull/145
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
Enhancement: Expand use of security features in example systemd unit file
|
||||
|
||||
Additional systemd features have been used which may mitigate potential
|
||||
security vulnerabilities in rest-server and the various packages and operating
|
||||
system components which it relies upon.
|
||||
The example systemd unit file now enables additional systemd features to
|
||||
mitigate potential security vulnerabilities in rest-server and the various
|
||||
packages and operating system components which it relies upon.
|
||||
|
||||
https://github.com/restic/rest-server/issues/148
|
||||
https://github.com/restic/rest-server/pull/149
|
||||
|
||||
@@ -1,22 +1,20 @@
|
||||
Change: refactor handlers, add subrepo support
|
||||
Change: Add subrepo support and refactor server code
|
||||
|
||||
Support for multi-level repositories has been added, so now each user can have
|
||||
its own subrepositories. This feature is always enabled.
|
||||
|
||||
Authentication for the Prometheus /metrics endpoint can now be disabled with the
|
||||
new `--prometheus-no-auth` flag.
|
||||
|
||||
We have split out all HTTP handling to a separate `repo` subpackage to cleanly
|
||||
separate the server code from the code that handles a single repository.
|
||||
separate the server code from the code that handles a single repository. The new
|
||||
RepoHandler also makes it easier to reuse rest-server as a Go component in
|
||||
any other HTTP server.
|
||||
|
||||
The refactoring makes the code significantly easier to follow and understand,
|
||||
which in turn makes it easier to add new features, audit for security and debug
|
||||
issues.
|
||||
|
||||
The new RepoHandler also makes it easier to reuse rest-server as a Go component in
|
||||
any other HTTP server.
|
||||
|
||||
As part of the refactoring, support for multi-level repositories has been added, so
|
||||
now each user can have its own subrepositories. This feature is always enabled.
|
||||
|
||||
Authentication for the Prometheus /metrics endpoint can now be disabled with the
|
||||
new `--prometheus-no-auth` flag.
|
||||
|
||||
https://github.com/restic/restic/pull/112
|
||||
https://github.com/restic/restic/issues/109
|
||||
https://github.com/restic/restic/issues/107
|
||||
|
||||
|
||||
@@ -1,14 +1,16 @@
|
||||
Bugfix: Fix possible data loss due to interrupted network connections
|
||||
|
||||
When rest-server was run without `--append-only` it was possible to lose uploaded
|
||||
files in a specific scenario in which a network connection was interrupted. For the
|
||||
data loss to occur a file upload by restic would have to be interrupted such that
|
||||
restic notices the interrupted network connection before the rest-server. Then
|
||||
restic would have to retry the file upload and finish it before the rest-server
|
||||
notices that the initial upload has failed. Then the uploaded file would be
|
||||
accidentally removed by rest-server when trying to cleanup the failed upload.
|
||||
files in a specific scenario in which a network connection was interrupted.
|
||||
|
||||
For the data loss to occur a file upload by restic would have to be interrupted
|
||||
such that restic notices the interrupted network connection before the
|
||||
rest-server. Then restic would have to retry the file upload and finish it
|
||||
before the rest-server notices that the initial upload has failed. Then the
|
||||
uploaded file would be accidentally removed by rest-server when trying to
|
||||
cleanup the failed upload.
|
||||
|
||||
This has been fixed by always uploading to a temporary file first which is moved
|
||||
in position only once it was transfered completely.
|
||||
in position only once it was uploaded completely.
|
||||
|
||||
https://github.com/restic/rest-server/pull/142
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
Bugfix: Use platform-specific temporary directory in default path
|
||||
Bugfix: Use platform-specific temporary directory as default data directory
|
||||
|
||||
Instead of using hardcoded value for temporary directory, rest-server now uses
|
||||
Go standard library functions to retrieve the temporary directory path for the
|
||||
If no data directory is specificed, then rest-server now uses the Go standard
|
||||
library functions to retrieve the standard temporary directory path for the
|
||||
current platform.
|
||||
|
||||
https://github.com/restic/rest-server/issues/157
|
||||
|
||||
@@ -1,13 +1,13 @@
|
||||
Bugfix: Reply "insufficient storage" on disk full or over-quota
|
||||
|
||||
When there was no space left on disk, or any other write-related error,
|
||||
rest-server was replying with HTTP status code 400 (Bad request). This is
|
||||
misleading (restic client will dump the status code to the user).
|
||||
When there was no space left on disk, or any other write-related error
|
||||
occurred, rest-server replied with HTTP status code 400 (Bad request).
|
||||
This is misleading (restic client will dump the status code to the user).
|
||||
|
||||
This has been fixed changing the behaviour so two different statuses are used:
|
||||
rest-server now replies with two different status codes in these situations:
|
||||
* HTTP 507 "Insufficient storage" is the status on disk full or repository
|
||||
over-quota
|
||||
* HTTP 500 "Internal server error" on other disk-related errors
|
||||
* HTTP 500 "Internal server error" is used for other disk-related errors
|
||||
|
||||
https://github.com/restic/rest-server/issues/155
|
||||
https://github.com/restic/rest-server/pull/160
|
||||
https://github.com/restic/rest-server/pull/160
|
||||
|
||||
Reference in New Issue
Block a user