Cerebrate version 1.26 released with improvements, security fixes and bugs fixed

Cerebrate Release Notes - v1.26 (2024-11-28)

We are glad to announce the release of Cerebrate v1.26, which introduces new features, key improvements, and a host of fixes aimed at enhancing functionality and security. Here’s a breakdown of what’s new:

🚀 New Features

  • Bookmark Security Enhancements:
    Administrators can now tighten bookmark creation rules by restricting base URLs to a predefined list via server settings, ensuring greater control and security.

🔧 Improvements & Changes

  • AuthKey Management:
    • More elegant solutions for adding authentication keys.
    • Improved permission handling for group admins, allowing them to manage API keys for their groups.
    • Streamlined user dropdown for adding AuthKeys to focus on relevant users only.

🛠️ Fixes

This release resolves numerous issues to improve system stability, usability, and security:

Security Fixes:

  • Tightened role assignment permissions to prevent privilege escalation by low-privilege administrators.
  • Improved ACL handling for group admin permissions, preventing unauthorized user assignments to external organizations.
  • Bookmark error handling enhancements, ensuring failures are explicitly reported and resolved.

Bug Fixes:

  • Fixed installation issues caused by non-boolean debug mode.
  • Correctly set the perm_community_admin value to resolve community admin role issues.
  • Improved debug level settings to ensure numeric values fall within valid ranges.
  • Addressed typos in configurations, descriptions, and controllers for smoother operation.
  • Resolved internal server errors in user settings view when accessed without a user ID.
  • Fixed cryptic error messages related to role deletions with attached users.

Usability Enhancements:

  • Enhanced error handling for Ajax contexts, ensuring clear feedback during save failures.
  • Resolved edge cases for PGP key status checks.
  • Set proxy settings diagnostics severity to info for improved clarity.

📝 Miscellaneous Updates

  • Streamlined and cleaned up the ACL component by removing duplicate checks.

We encourage all users to update to v1.26 to benefit from these enhancements and fixes.

Huge shoutout to @Wachizungu for his incredible contributions and attention to detail! 😎

As always, thank you for your continued support and contributions to the Cerebrate project!

For a detailed list of changes, visit the Cerebrate GitHub repository.