zachdaniel
Creator of Ash
Minor Ash CVE: Email link auto-click account confirmation vulnerability
Hey folks, we have a minor CVE issued for AshAuthentication. Please read the CVE and update accordingly. Relatively low severity, can’t compromise a user’s data, but there is an opportunity for a user to be “confirmed” for an email they do not have access to.
The Ash team takes security extremely seriously and always follow the proper procedure for filing CVEs for all security issues. This is just on the borderline of whether or not a CVE wouldn’t even be necessary, but we err on the side of caution.
Popular in News & Updates
As some of you know, I have been working on a tight integration between Ash and Reactor which has triggered a few small bug fixes in Spar...
New
This week we added official Nerves support for the OSD32MP1 line of SOMs.
Currently we have tested the osd32mp1-brk breakout board, and ...
New
After years of developing our framework, we have a release candidate for Membrane Core 1.0! :tada:
The new version introduces children g...
New
Hey folks!
AshEvents Release
We’ve just released the first version of AshEvents, an Event Sourcing tool for Ash Framework apps.
Check o...
New
The Raspberry Pi is a very popular hardware platform for Nerves users and the official systems are getting an upgrade! :tada: :beers:
Wh...
New
Hey folks! I’ve begun putting together some concrete, framework-wide tooling and guidance on the usage of LLMs in development. The goal h...
New
Hi everyone!
After about 3 months of really hard work, we have released the very first version of Jellyfish Media Server!
The best star...
New
We’re excited to announce that we’re actively working on NervesHub 2.0, an improved version of our IoT device firmware update and managem...
New
Hey there! There’s a new kid on the block! :smiley:
What is it?
Full stack isomorphic Elixir web framework that can be used on top of P...
New
I wanted to let everyone know that the Erlang Ecosystem Foundation (EEF) has a working group dedicated to embedded systems and IoT. We ha...
New
Other popular topics
lets say i have a sample like
a = 20; b = 10;
if (a > b) do
{:ok, "a"}
end
if (a < b) do
{:ok, b}
end
if (a == b) do
{:ok, "equa...
New
Hello!
tl;dr Announcing Oban, an Ecto based job processing library with a focus on reliability and historical observability.
After spen...
New
This post is an instruction guide to help you setup your Neovim for Elixir development from scratch. It includes general information on h...
New
I have a relationship of love and hate with Elixir. Lots of things are just absolutely right, but there are some things that are kind of ...
New
Hello everybody,
usually, I use a 29" ultra-wide monitor for VSCode which can easily accomodate explorer (files panel) + file with code ...
New
I asked this very same question on twitter and got some interesting feedback, but I thought it would be a good question to ask here as we...
New
I am going through the kafka architecture. All the features what the kafka is providing are already in Erlang. I would like hear your opi...
New
Hi everyone,
I was playing with phoenix liveView but I run into an issue. I have a form and want to validate each input text when the te...
New
Is there a way to rollback a specific migration and only that one (“skipping” all the other ones)?
Would
mix ecto.rollback -v 200809061...
New
Hi!
Currently I want to submit a form by pressing the Enter key. However, since my input field is of type “textarea” this is just adds a...
New
Categories:
Sub Categories:
Forums
Popular Tags
- #ecto
- #liveview
- #troubleshooting
- #learning-elixir
- #deployment
- #library
- #erlang
- #testing
- #genserver
- #mix
- #absinthe
- #remote-other
- #otp
- #plug
- #how-to-question
- #macros
- #postgres
- #channels
- #elixirconf
- #exunit
- #discussion
- #code-sync
- #javascript
- #podcasts
- #onsite
- #dialyzer
- #docker
- #authentication
- #umbrella
- #full-time-contract
- #podcasts-by-brainlid
- #ecto-query
- #elixir-ls
- #phoenix_html
- #iex
- #blog-post
- #graphql
- #genstage
- #ai
- #websockets
- #supervisor
- #advent-of-code
- #elixirconf-us
- #distillery
- #processes
- #forms
- #api
- #metaprogramming
- #security
- #performance









