|
@@ -9,7 +9,10 @@ Uppy 1.8, 1.9 and a few important security patches are out! Here’s are the hig
|
|
|
|
|
|
|
|
<!--more-->
|
|
<!--more-->
|
|
|
|
|
|
|
|
-## Companion: new Instagram API and security patches
|
|
|
|
|
|
|
+## Companion: Security patches and new Instagram API
|
|
|
|
|
+
|
|
|
|
|
+* We released a patch to an SSRF vulnerability affecting `@uppy/companion` and the `@uppy/url` plugin. Many thanks you the parties involved in [reporting and disclosing](https://hackerone.com/reports/786956) this vulnerability with the Uppy team. The patch is available in [@uppy/companion version 1.9.5](https://github.com/transloadit/uppy/blob/master/CHANGELOG.md#194)
|
|
|
|
|
+* As the Instagram Legacy API will soon no longer be available, we have now added support for the new Instagram Graph API. As far as using this on `@uppy/companion` goes, not much has changed. The only difference is that you will now be retrieving your Instagram credentials from the [Facebook Developer Platform](https://developers.facebook.com/), and no longer the [Instagram Developer Platform](https://www.instagram.com/developer/)
|
|
|
|
|
|
|
|
## Error handling
|
|
## Error handling
|
|
|
|
|
|
ifedapoolarewaju