Helpy 2.8.0
Version 2.8 contains important security updates and the following new features:
Whats New?
- NEW It is now possible create users one at a time, with or without inviting them.
- NEW When creating tickets by API, you can now specify the CC and BCC for the new ticket.
- NEW A new API for viewing and editing taggings has been added (thanks @schmidt)
- NEW A honeypot (anti spam) feature was added to the new ticket form (thanks @schmidt)
- CHANGE Assigning an agent no longer automatically marks the ticket as "pending".
- CHANGE The whitelist of allowable file attachments has been significantly changed and made more flexible (see upgrade notes below).
- FIX A bug was fixed that displays the proper error message when a non supported file attachment is made in the web UI
- FIX #1576 The right menu no longer gets stuck open when turbolinks is enabled
- FIX #1581 Radio buttons are now properly aligned in the mobile responsive view of the Singular theme
IMPORTANT UPGRADE NOTES:
Helpy Community and Pro
This release of Helpy includes a change to the way file attachments are handled. Previous versions used a default "whitelist" of file types where were allowed and was generally limited to the most common image and doc formats.
This version adds configuration settings which can be modified by API that allow you to set your own whitelist of filetypes which should be allowed, or a blacklist of filetypes that should be rejected. In addition, the default whitelist has been removed, and Helpy now ships with a short blacklist of files that could be considered "risky." Files with these extensions are blacklisted by default:
'''ade, adp, apk, appx, appxbundle, bat, cab, chm, cmd, com, cpl, dll, dmg, exe, hta, ins, isp, iso, jar, js, jse, lib,
lnk, mde, msc, msi, msix, msixbundle, msp, mst, nsh, pif, ps1, scr, sct, .shb, sys, vb, vbe, vbs, vxd, wsc, wsf, wsh'''
NOTE: Do not provide values for both blacklist and whitelist, as they will conflict and it will be impossible for customers to attach files.
See UPDATING.md for details on how to update. If you are on Helpy Hosted Cloud, there is nothing to do, the changes will happen automatically.
Helpy Hosted Cloud
All updates are applied for you. You do not need to do anything. The file attachment feature described about is not configurable in the hosted environment.