From f66a854e0e4be3de5bfd6baab679909fffb5dc9a Mon Sep 17 00:00:00 2001 From: Michael Eischer Date: Mon, 14 Apr 2025 21:30:39 +0200 Subject: [PATCH] polish changelogs --- changelog/unreleased/issue-189 | 4 ++-- changelog/unreleased/pull-295 | 2 +- changelog/unreleased/pull-307 | 12 +++++++----- changelog/unreleased/pull-315 | 5 +++-- 4 files changed, 13 insertions(+), 10 deletions(-) diff --git a/changelog/unreleased/issue-189 b/changelog/unreleased/issue-189 index f60bcd58..8a9b92fb 100644 --- a/changelog/unreleased/issue-189 +++ b/changelog/unreleased/issue-189 @@ -2,8 +2,8 @@ Enhancement: Support group accessible repositories Rest-server now supports making repositories accessible to the filesystem group by setting the `--group-accessible-repos` option. Note that permissions of -existing files are not modified. Use `chmod -R g+rwX /path/to/repo` to make -the repository group-accessible. +existing files are not modified. To make an existing repository group-accessible, +use `chmod -R g+rwX /path/to/repo`. https://github.com/restic/rest-server/issues/189 https://github.com/restic/rest-server/pull/308 diff --git a/changelog/unreleased/pull-295 b/changelog/unreleased/pull-295 index 5ad31f36..3f93473e 100644 --- a/changelog/unreleased/pull-295 +++ b/changelog/unreleased/pull-295 @@ -1,5 +1,5 @@ Enhancement: Output status of append only mode on startup -Rest-server now outputs whether append only mode has been enabled on startup. +Rest-server now displays the status of append-only mode during startup. https://github.com/restic/rest-server/pull/295 diff --git a/changelog/unreleased/pull-307 b/changelog/unreleased/pull-307 index 29025654..38628a6c 100644 --- a/changelog/unreleased/pull-307 +++ b/changelog/unreleased/pull-307 @@ -1,8 +1,10 @@ -Enhancement: Add support for proxy-based authentication +Enhancement: Support proxy-based authentication -The server now supports authentication via a proxy header specified with the `--proxy-auth-username` flag (e.g., `--proxy-auth-username=X-Forwarded-User`). -When this flag is set, the server will authenticate users based on the given header and disable BasicAuth. -Note that `--proxy-auth-username` is ignored if `--no-auth` is set, as `--no-auth` disables all authentication. +Rest-server now supports authentication via HTTP proxy headers. This feature can +be enabled by specifying the username header using the `--proxy-auth-username` +option (e.g., `--proxy-auth-username=X-Forwarded-User`). When enabled, the server +authenticates users based on the specified header and disables BasicAuth. +Note that proxy authentication is disabled when `--no-auth` is set. https://github.com/restic/rest-server/issues/174 -https://github.com/restic/rest-server/pull/307 \ No newline at end of file +https://github.com/restic/rest-server/pull/307 diff --git a/changelog/unreleased/pull-315 b/changelog/unreleased/pull-315 index 9b36679a..a9f7826a 100644 --- a/changelog/unreleased/pull-315 +++ b/changelog/unreleased/pull-315 @@ -1,6 +1,7 @@ Enhancement: Hardened tls settings -rest-server now uses a secure tls cipher suit set and the minimal TLS version -can be set with the option `--tls-min-ver` +Rest-server now uses a secure TLS cipher suite set by default. The minimum TLS +version is now TLS 1.2 and can be further increased using the new `--tls-min-ver` +option, allowing users to enforce stricter security requirements. https://github.com/restic/rest-server/pull/315