- Fix
hex_api_release:retirement_params/0type spec.
- Fix
hex_tarball:create_docs/1type spec.
- Drop support for OTP 20.
- Update
hex_licensesmodule to reflect most recent list available from SPDX.
-
Drop support for old OTP and Rebar versions.
hex_corenow requires OTP20+ and Rebar 3.15.1+. -
Add
hex_repo:get_docs/3andhex_repo:get_public_key/1.
-
Change
hex_registryfunctions to match protobuf fieldsBefore:
> hex_registry:unpack_names(Payload, <<"test">>, TestPublicKey) {ok,[#{name => <<"package1">>, ...}, #{name => <<"package2">>, ...}]}After:
> hex_registry:unpack_names(Payload, <<"test">>, TestPublicKey) {ok,#{packages => [#{name => <<"package1">>, ...}, #{name => <<"package2">>, ...}], repository: <<"test">>}} -
Change
hex_repofunctions to match protobuf fieldsBefore:
> hex_repo:get_names(Config), {ok,{200, ..., [#{name => <<"pacakge2">>, ...}, #{name => <<"pacakge2">>, ...}, ...]}}After:
> hex_repo:get_names(Config), {ok,{200, ..., #{packages => [#{name => <<"pacakge2">>, ...}, #{name => <<"pacakge2">>, ...}, ...], repository => <<"test">>}}}
- Add
@doctohex_licenses
- Don't warn on non-https URLs
- Add
hex_licensesmodule
- Warn on unsafe httpc default SSL settings
- Update gpb to 4.17.6 to avoid dialyzer warnings
- Deprecate registry encode/decode API in favour of new high-level build/unpack API
- Add
updated_atto repository names resource
- Fix dialyzer warnings on OTP 23
- Fix compatibility with OTP 24
- Change
hex_tarball:create/2error value from{error, too_big}to{tarball, {too_big_compressed | too_big_uncompressed, Size}}.
- Add configuration for max tarball size
- Do not create extraneous "memory" directory when unpacking
- Add
hex_api_release:publish/3
- Fix tarball file extraction through symlinks
- Fix compatibility with OTP 18 and 17
- Do not crash on empty tarballs
- Fix directory traversal vulnerability for symlinks in tarballs
- Transition away from
http_uriwhen using newer OTP releases - Ensure
Roleis given as an atom inhex_api_organization_member:add/3 - Add
http_headersto thehex_core:config()type - Add default
http_headerstohex_core:default_config/0 - Fix
hex_registry:decode_and_verify_signed/2spec - Fix
hex_tarball:files/0type
- Fix setting level and transfer options in organization api
- Add organization API
- Add level and transfer params to add owner API
- Add
hex_tarball:unpack_docs/2 - Add
hex_api_auth:test_key/3
- Gracefully handle HTTP errors
- Fix bug when publishing with configuration that does not have
repo_organizationkey set
- Backwards-incompatible: Change successful return value of
hex_tarball:create/2from{ok, {Tarball, Checksum}}to{ok, Map}. Currently,Maphastarball,inner_tarball, andouter_tarballkeys - Rename existing tarball checksum to inner checksum and deprecate it
- Add tarball outer checksum
- Do not allow comments in
safe_erl_term - Forward compatible tarball contents by not failing on unknown files
- Fix bug when publishing with configuration that does not have
repo_organizationkey set
- Fetch package data from proper repository organization and don't verify origin if configured
- Backwards-incompatible: Make
hex_apimodule private - Backwards-incompatible:
organizationconfig key has been replaced withapi_organizationandapi_repositorykeys - Add
repo_organizationconfig key vendor.sh: Add missinghex_pb_*.erlfilesvendor.sh: Fix replacinghex_core
- Revert switch from proto2 to proto3
- Verify authenticity of signed payload
- Add
repo_verify_originconfig option
- Switch from proto2 to proto3
- Fix
hex_http:bodytype - Fix
hex_http:requestspec
- Always return the whole response tuple from requests
- Guess rebar3 as build tool over rebar
- Return compressed tarball from hex_tarball:create_docs/1
- Add package identity to registry records
- Accept
{filename(), filename()}in files list for tarballs - Support httpc profile through adapter configs
- Update generated protobuf files with OTP 21 compatibility
- Use
hex_coreproject name in user agent string
- First release