Skip to main content

0.6.5 (Pre Release)

An update to the Hasura environment variable is needed.

You must update the following in your environment:

HASURA_GRAPHQL_JWT_SECRET='{"key":"<jwt-secret-from-server-env>","type":"HS256","header":{"type":"Cookie","name":"X-USER-TOKEN"}}'
  • Make sure the placeholder value <jwt-secret-from-server-env> matches the JWT_SECRET variable in your server environment.
  • BBy default, the Helm chart and Docker Compose deployments now set COOKIE_HTTP_ONLY to "true" (was "false").
  • The new environment default for COOKIE_HTTP_ONLY is "true" if not set in your chart or Docker Compose.
  • These changes improve the security of RepoFlow by ensuring JWT cookies are HttpOnly by default.

Features (5)

  1. Dependency Viewer
    You can now view package dependencies directly in the RepoFlow UI for these package types: npm, NuGet, Composer, Debian, and Cargo (Rust). Let us know which package type you want us to add next.

  2. Enhanced Helm Kubernetes Secrets Support & Documentation
    Helm Kubernetes Secrets support now also includes Minio, Elastic, and PostgreSQL deployments, allowing you to securely use secrets through the secretEnv field, and the documentation on using Kubernetes Secrets with RepoFlow has been significantly expanded and clarified; read more in the updated guide: Using Kubernetes Secrets.

  3. Improved Error Pages for Backend Downtime
    When the server or Hasura is unreachable (e.g., network errors, server offline), RepoFlow now displays clearer, more user-friendly error pages.

  4. Emoji Support in Package READMEs
    Package READMEs can now include emoji placeholders like :white_check_mark: and :rocket:, they will render as real emoji automatically in RepoFlow.

  5. Easier Checkbox Clicking
    Checkboxes are now easier to use, clicking just outside the checkbox icon (within a small distance) will also toggle it. This makes it more user-friendly, especially on touch devices or when aiming for smaller checkboxes.

Bug Fixes (1)

  1. Fixed an issue where, during a Docker pull from a remote repository, RepoFlow sometimes returned an incorrect error message instead of preserving and displaying the original error from the remote repository.

  2. Resolved a bug that prevented pushing Docker images containing manifests when the config section was missing from the manifest.