0.6.0

This version finalizes the features and improvements introduced in the 0.5.3-rc pre-release series.
We chose to release it as 0.6.0 to reflect the scope of changes added during the RC cycle.

Note:
As with every update, ensure HASURA_UPGRADE_ON_START is enabled (it’s on by default).
If you're using the Helm chart, see the last feature for an important addition to values.yaml.

Features (15)

1. Workspace-Level Permissions
   Introduced workspace-level permissions, allowing admins to manage user roles across the entire workspace, alongside the existing per-repository permission system.

2. NPM Dist Tag Management
   Full support for managing npm dist tags (add, remove, list) using standard npm CLI commands.

3. CLI Retry Configuration
   Added API_REQUEST_RETRY_AMOUNT environment variable to control retry logic in the CLI for all network requests.

4. Treat OIDC Refresh Tokens as Personal Access Tokens
   You can now configure RepoFlow to accept OIDC refresh tokens directly in API requests, just like personal access tokens by setting ALLOW_OIDC_REFRESH_TOKENS_AS_PERSONAL_ACCESS_TOKENS.

5. Password Special Character Policy
   Added support for toggling the use of special characters in passwords using IS_PASSWORD_SPECIAL_CHARACTERS_ALLOWED.

6. Block Disposable Emails
   Added an environment variable IS_SIGNUP_WITH_DISPOSABLE_EMAILS_ALLOWED to prevent signups using disposable email addresses.

7. UI for Adding Workspace Members
   System admins can now add members to a workspace directly from the user interface.

8. Support for Debian stable Distribution
   You can now upload and install packages to/from the stable Debian distribution.

9. Show Debian Distribution on Package Page
   The package page now displays the Debian distribution used for each package.

10. External Role Mapping Support
    Added support for role mapping from an external server. Read more here.

11. Documentation Design Improvements
    The RepoFlow documentation has been improved for better clarity and a more user-friendly experience.

12. Docs Home & FAQ Redesign
    Redesigned the Docs Home page and added a new FAQ page to improve discoverability.

13. Improved Tooltips UX
    You can now move your mouse from the icon to the tooltip content without it closing.

14. Debounce for Icon Buttons
    Prevents rapid repeated clicks and reduces accidental spamming on icon buttons.

15. Custom Kubernetes ServiceAccount in Helm
    You can now specify a custom ServiceAccount in the Helm chart

Note: Make sure to add this section, which is now part of the values.yaml:

serviceAccount:
  enabled: false
  create: false
  name: ""
  annotations: {}

Bug Fixes (8)

1. Non admin users could previously access the workspace settings page via direct URL, though they couldn’t view or change anything. They now see a message indicating that admin access is required.
2. Fixed an issue where the amount of users displayed in system settings was incorrect by 1.
3. Grype will no longer run database updates if IS_VULNERABILITY_SCANNING_ENABLED is disabled, even when GRYPE_AUTO_UPDATE is enabled. Now, both must be enabled for automatic database updates to occur.
4. Authenticating over personal access token on npm was not working, now fixed.
5. optionalDependencies and bundledDependencies are now correctly saved and returned for npm packages. Packages that use these fields will now work as expected.
6. Fixed multiple issues in the RepoFlow CLI where outdated API routes were still being used. All CLI commands now use the correct and updated API endpoints.
7. Fixed an issue where navigation could break on some documentation pages using server URL placeholders in code blocks.
8. Fixed an issue where searching for scoped packages sometimes did not work.

Changes (2)

1. The workspace metadata API endpoint has changed to /workspace/<workspace-name>. The previous /hasura/workspace/<workspace-name> endpoint will continue to work for now, but we recommend updating to the new URL.
2. By default, HASURA_GRAPHQL_ENABLE_TELEMETRY is now set to false in both the Helm chart and Docker Compose.