fix: use nanoid instead of shortid
shortid is deprecated and they recommend nanoid instead. We're not sure if this has to do with possible name collisions or enumerability, but to be sure and on the safe side, we're changing this. nanoid seems quite safe since it uses node's crypto module underneath. Signed-off-by: Erik Michelson <github@erik.michelson.eu>
This commit is contained in:
Erik Michelson
committed by
Philip Molares
Philip Molares
parent
c449d3a815
commit
637c451486
@@ -3,16 +3,14 @@
|
||||
## <i class="fa fa-tag"></i> 1.x.x <i class="fa fa-calendar-o"></i> UNRELEASED
|
||||
|
||||
### Enhancements
|
||||
|
||||
- Add `enableUploads` (`CMD_ENABLE_UPLOADS`) config option to restrict uploads to `registered` users, `all` users or
|
||||
`none` to completely disable uploads.
|
||||
- Allow links to protocols such as xmpp, webcal or geo
|
||||
- Switch from deprecated shortid to nanoid module, with 10 character long aliases in "public" links
|
||||
|
||||
### Bugfixes
|
||||
- Ignore the healthcheck endpoint in the "too busy" limiter
|
||||
|
||||
### Enhancements
|
||||
- Allow links to protocols such as xmpp, webcal or geo
|
||||
|
||||
## <i class="fa fa-tag"></i> 1.10.3 <i class="fa fa-calendar-o"></i> 2025-04-09
|
||||
|
||||
### Security fixes
|
||||
|
||||
Reference in New Issue
Block a user