File tree 2 files changed +31
-1
lines changed
2 files changed +31
-1
lines changed Original file line number Diff line number Diff line change 1+ # v0.3.2
2+
3+ ## Description
4+ This release focused on some security issues reported by @eriksw , thanks Erik!
5+ By default, Atlantis will be more secure now and you'll have to specify which repositories
6+ you want it to work on.
7+
8+ ## Features
9+ * New flag ` --allow-fork-prs ` added to ` atlantis server ` controls whether Atlantis will operate on pull requests from forks. Defaults to ` false ` .
10+ This flag was added because on a public repository anyone could open up a pull request to your repo and use your Atlantis
11+ install.
12+ * New mandatory flag ` --repo-whitelist ` added to ` atlantis server ` controls which repos Atlantis will operate on. This flag was added
13+ so that if a webhook secret is compromised (or you're not using webhook secrets) Atlantis won't be used on repos you don't control.
14+ * Warn if running ` atlantis server ` without any webhook secrets set. This is dangerous because without a webhook secret, an attacker
15+ could spoof requests to Atlantis.
16+ * Make CLI output more readable by setting a fixed column width.
17+
18+ ## Bug Fixes
19+ * None
20+
21+ ## Backwards Incompatibilities / Notes:
22+ * Must set ` --allow-fork-prs ` now if you want to run Atlantis on pull requests from forked repos.
23+ * Must set ` --repo-whitelist ` in order to start ` atlantis server ` . See ` atlantis server --help ` for how that flag works.
24+
25+ ## Downloads
26+ * [ atlantis_darwin_amd64.zip] ( https://github.com/runatlantis/atlantis/releases/download/v0.3.2/atlantis_darwin_amd64.zip )
27+ * [ atlantis_linux_386.zip] ( https://github.com/runatlantis/atlantis/releases/download/v0.3.2/atlantis_linux_386.zip )
28+ * [ atlantis_linux_amd64.zip] ( https://github.com/runatlantis/atlantis/releases/download/v0.3.2/atlantis_linux_amd64.zip )
29+ * [ atlantis_linux_arm.zip] ( https://github.com/runatlantis/atlantis/releases/download/v0.3.2/atlantis_linux_arm.zip )
30+
131# v0.3.1
232## Features
333* None
Original file line number Diff line number Diff line change 88
99func main () {
1010 v := viper .New ()
11- v .Set ("version" , "0.3.1 " )
11+ v .Set ("version" , "0.3.2 " )
1212
1313 // We're creating commands manually here rather than using init() functions
1414 // (as recommended by cobra) because it makes testing easier.
You can’t perform that action at this time.
0 commit comments