bivashy/Blitz-Proxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update changelog

Browse Source
This commit is contained in:
Whispering Wind
2025-09-10 23:03:34 +03:30
committed by GitHub
parent 25d22c8290
commit 1484878a42
1 changed files with 7 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
changelog
View File

@ -1,31 +1,12 @@
### 🛡️ **\[1.18.1] Security Patch & Hysteria Settings Tab** ### 🚀 **\[2.0.0] Major Release: MongoDB Migration**
*Released: 2025-08-30* *Released: 2025-09-10*
#### 🔒 Security #### 💾 Core Update
* 🛡️ **Open Redirect Fix**: * 📦 **User management migrated from `users.json` → MongoDB**
Removed `next_url` parameter from login flow to prevent **open redirect vulnerability**. * ⚡ Improved **scalability, performance, and reliability** for large deployments
Special thanks to [**@HEXER365**](https://github.com/HEXER365) for responsible disclosure 🙏 #### ⚠️ Breaking Change
#### ✨ Features * Previous JSON-based `users.json` file is no longer used
* ⚙️ **New Hysteria Settings tab** in Web Panel (with **geo update support**)
* 🎨 Redesigned **Login Page** for better UI/UX
#### 🛠️ Fixes
* 📦 Backup `extra.json` during upgrades
* 📱 Improved responsive design across web panel
* 🧩 Relaxed conflict check in user viewmodel
* 🧹 Removed `/dev/null` redirects for cleaner logging
#### 📦 Chore & Dependencies
* ⬆️ Updated dependencies:
* `typing-extensions` → 4.15.0
* `starlette` → 0.47.3
* `requests` → 2.32.5
* 🧹 Removed **deprecated `user.sh`** script (legacy auth)