From 39b7a75759ffb1df3b841cc06ab4c7256192f908 Mon Sep 17 00:00:00 2001 From: asonix Date: Fri, 15 Sep 2023 15:31:13 -0400 Subject: [PATCH] Add releases entry --- releases/0.4.3.md | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 releases/0.4.3.md diff --git a/releases/0.4.3.md b/releases/0.4.3.md new file mode 100644 index 0000000..3c7f7fe --- /dev/null +++ b/releases/0.4.3.md @@ -0,0 +1,33 @@ +# pict-rs 0.4.3 + +## Overview + +pict-rs 0.4.3 contains a single new feature and a few dependency upgrades. The primary motivation +for publishing this release is to produce new docker images containing the libwebp CVE fix released +within the last few days. + +### Features + +- [External Validation](#external-validation) + + +## Upgrade Notes + +There's no significant changes from 0.4.2, so upgrading should be as simple as pulling a new version +of pict-rs. + + +## Descriptions + +### External Validation + +There is a new config option in the `[media]` section called `external_validation`. This setting +exists to allow custom validation of uploaded images in pict-rs, allowing 3rd party applications to +be developed for further filtering permitted uploads. When this value is set, pict-rs will upload +each uploaded file after initial ingest processing to the provided URL. The `Content-Type` header is +set to the file's media type, and the request's body is simply the uploaded file. The expected +response is a simple 2XX for files that pass validation, and any other status code for files that do +not (although I personally recommend a 4XX response). + +This new value is optional. There is no default value and no first-party application is provided for +providing this extra validation.