Clearance v2.3.0 Release Notes

Release Date: 2020-08-14 // about 1 year ago
  • 2.3.0 - August 14, 2020

    ๐Ÿ›  Fixed

    • โœ‚ Delete cookie correctly when a callable object is set as the custom domain
      setting.
    • Strip as parameter when signing in through the back door.
    • โœ‚ Remove broken autoload for deprecated password strategies.

    ๐Ÿ”„ Changed

    • Deliver password reset email inline rather than in the background.
    • โœ‚ Remove unnecessary unsafe interpolation in erb templates.

Previous changes from v2.2.1

  • ๐Ÿ›  Fixed

    • ๐ŸŒฒ Prevent user enumeration by timing attacks. Trying to log in with an
      unrecognized email address will now take the same amount of time as for a user
      that does exist in the system.