slash_console 0.1.3 → 0.1.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +9 -0
- data/README.md +1 -0
- data/lib/slash_console/engine.rb +4 -0
- data/lib/slash_console/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: eb63a5b059ae9d711cdaf34435c86829ada9cb92a50b0599d8b571efae6dc1ff
|
|
4
|
+
data.tar.gz: 596977091e038ecb3a9da8dcc74d278da2fe30f2fd569e5896a50965091634cf
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 35d2c6cf00fda4a2e950fd04c925e463d74df9331d0559a65080ddf6702838344628e3f255b8ef06f9e15c6562088d80502fbf666996ff7ebeac9015b435f067
|
|
7
|
+
data.tar.gz: f666530036a635c0b35f7e842929ffa57989bce870dfde848c21c289225e89f722c1bc7555485cc6b4cc159a83aec9258e44def4cac4bfe7e81a99630eb1f717
|
data/CHANGELOG.md
CHANGED
|
@@ -7,6 +7,15 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
7
7
|
|
|
8
8
|
## [Unreleased]
|
|
9
9
|
|
|
10
|
+
## [0.1.4] - 2025-09-15
|
|
11
|
+
|
|
12
|
+
### Fixed
|
|
13
|
+
- Allow console access from all IPs in production (with authentication)
|
|
14
|
+
- Fix blank page issue on cloud platforms like Render
|
|
15
|
+
|
|
16
|
+
### Changed
|
|
17
|
+
- Add security note about IP allowlist in README
|
|
18
|
+
|
|
10
19
|
## [0.1.3] - 2025-09-15
|
|
11
20
|
|
|
12
21
|
### Changed
|
data/README.md
CHANGED
|
@@ -43,6 +43,7 @@ Without these environment variables, you'll see an error message explaining what
|
|
|
43
43
|
|
|
44
44
|
- Only use for applications where the security trade-offs are acceptable. Basically, only for toy apps; never where real user data is at risk. For serious apps, SSH into the server and run `rails console` at the command-line.
|
|
45
45
|
- Make up a strong, unique `ADMIN_PASSWORD` for each app.
|
|
46
|
+
- In production, the gem allows console access from all IP addresses (0.0.0.0/0) when authenticated. The authentication layer is your only protection.
|
|
46
47
|
|
|
47
48
|
## How It Works
|
|
48
49
|
|
data/lib/slash_console/engine.rb
CHANGED
|
@@ -5,6 +5,10 @@ module SlashConsole
|
|
|
5
5
|
config.before_initialize do
|
|
6
6
|
Rails.application.config.web_console ||= ActiveSupport::OrderedOptions.new
|
|
7
7
|
Rails.application.config.web_console.development_only = false
|
|
8
|
+
|
|
9
|
+
if Rails.env.production?
|
|
10
|
+
Rails.application.config.web_console.allowed_ips = "0.0.0.0/0"
|
|
11
|
+
end
|
|
8
12
|
end
|
|
9
13
|
|
|
10
14
|
initializer "slash_console.mount_engine" do |app|
|