Hex v0.19.0 Release Notes
Release Date: 2019-01-15 // over 5 years ago-
โจ Enhancements
- ๐ Improve output of
mix hex.config
- ๐ฆ Print publisher in
mix hex.info PACKAGE VERSION
- โ Add organization flag to dependency config in
mix hex.info PACKAGE
๐ Bug fixes
- Don't follow symlinks when adding files to tarballs
- ๐ Error with a descriptive msg when building a package with git dependencies
- ๐ Improve listing of incompatible package versions when displaying backtrack error message
- ๐ Improve resolver performance when it needs to do a lot of backtracking
๐ Security fixes
- Verify authenticity of registry records. This fixes a vulnerability that would allow a malicious mirror to serve modified versions of Hex packages. A new check has been introduced that requires the latest registry record version, if you are using a repository or mirror that has not been updated yet you can disable this check by setting the environment variable
HEX_NO_VERIFY_REPO_ORIGIN=1
. Further clarification of this issue will come at a later stage.
- ๐ Improve output of