2023.04.2
This release contains a number of security and performance improvements, including:
- More aggressive request filtering, to block unnecessary bot traffic to the app
- Improved request rate limiting, moving it before requests hit the app
- Implemented a strict Content Security Policy for improved client security
- Allow payment processor configuration per-agency
- More configuration options for our Sentry error monitoring service
What's Changed
- chore(pre-commit): autoupdate hooks by @pre-commit-ci in #1344
- chore(deps): bump sentry-sdk from 1.18.0 to 1.19.1 in /appcontainer by @dependabot in #1351
- chore(deps): bump django from 4.1.7 to 4.2 in /appcontainer by @dependabot in #1345
- fix(url): fix broken link in docs by @machikoyasuda in #1352
- chore(pre-commit): autoupdate hooks by @pre-commit-ci in #1355
- Fix: Docker platform issue by @machikoyasuda in #1354
- Refactor: move dependencies and metadata to pyproject.toml by @thekaveman in #1356
- Feat: Configure a payment processor for SacRT by @thekaveman in #1365
- Separate payment processors (test) by @thekaveman in #1366
- Docs: make Agency Cards use-case more generic by @thekaveman in #1361
- chore(pre-commit): autoupdate hooks by @pre-commit-ci in #1362
- chore(deps-dev): bump cypress from 12.9.0 to 12.10.0 in /tests/cypress by @dependabot in #1363
- Feat: Implement strict Content Security Policy by @thekaveman in #1358
- Fix: allow unsafe-inline for style-src by @thekaveman in #1369
- Fix: Configurable traces sampling rate for Sentry by @thekaveman in #1360
- Feat: improve traffic filtering at nginx by @thekaveman in #1359
- Chore: prep release 2023.04.2 by @thekaveman in #1370
- Deploy 2023.04.2 to test by @thekaveman in #1371
- Fix: relax the 404 filter by @thekaveman in #1372
- Deploy to test by @thekaveman in #1373
- Release 2023.04.2 by @thekaveman in #1375
Full Changelog: 2023.04.1...2023.04.2
Release process issue: #1368
Contributors
thekaveman, machikoyasuda, and 2 other contributors