-
Notifications
You must be signed in to change notification settings - Fork 206
Update Dockerfile 23.08 #431
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conversation
HJF9w
commented
Aug 30, 2023
I think there should be a note in the readme about the ssr variable.
Version 23.08 added a Server Side Request Allow List, configurable in the .env file with ALLOWED_SSR_HOSTS, in case the trusted (admin-level) users should not be able to freely make server side requests.
@HJF9w This project (and other projects providing host/containers) generally have only listed changes/notices relevant to their own containers/project, rather than all changes to BookStack itself, otherwise that's a lot of extra info to keep on top of and maintain for projects like this. Changes and notices for BookStack itself should probably remain just on the BookStack side of things to reduce duplication (of effort and content) and to prevent advisories becoming disjointed (For example, if I have to change the official advisories).
Sorry, I've been away this past week. I've raised #432 to bump to the point-one release, and will merge-and-tag that as soon as the CI finishes.
I agree with @ssddanbrown - the changelog for this project should only include changes from this project, rather than for the upstream as well.
No description provided.