GitLab

Adding Fission to IPFS early testers page

chore: update go-ds-badger

fixes https://github.com/ipfs/go-ipfs/issues/6986

feat: bump version

feat: initial update to the changelog for 0.5.0

feat(dht): update to cypress DHT in backwards compatibility mode

This upgrades to the next DHT version, but in backwards compatibility mode.

chore: update deps

update bash completion for `ipfs add`

HTTP API: Only allow POST requests (plus OPTIONS)

Spec says that response with 405 must set Allow headers.

This commit upgrades go-ipfs-cmds and configures the commands HTTP API Handler
to only allow POST/OPTIONS, disallowing GET and others in the handling of
command requests in the IPFS HTTP API (where before every type of request
method was handled, with GET/POST/PUT/PATCH being equivalent).

The Read-Only commands that the HTTP API attaches to the gateway endpoint will
additional handled GET as they did before (but stop handling PUT,DELETEs).

By limiting the request types we address the possibility that a website
accessed by a browser abuses the IPFS API by issuing GET requests to it which
have no Origin or Referrer set, and are thus bypass CORS and CSRF protections.

This is a breaking change for clients that relay on GET requests against the
HTTP endpoint (usually :5001). Applications integrating on top of the
gateway-read-only API should still work (including cross-domain access).
Co-Authored-By: Steven Allen <steven@stebalien.com>
Co-Authored-By: Marcin Rataj <lidel@lidel.org>

Revert last change (the default is now printed twice)

chore: update libp2p deps

Prepare for an RC. This also re-re-disables stream write coalescing till we get
a chance to thoroughly profile it.

chore(deps): bump github.com/ipfs/go-ds-flatfs from 0.4.0 to 0.4.1

Fix #4996: Improve help text for "ipfs files cp"

And align capitalization.