Skip to content

Releases: VuteTech/bor

Release v0.7.0

Choose a tag to compare

@eniac111 eniac111 released this 14 May 18:23
185d0d6

New Features

Package Management Policy

This release introduces a new Package policy type, enabling administrators to manage software repositories and packages on enrolled Linux desktops.


Features

Agent: Package enforcement via PackageKit

  • Package installation, removal, and "keep at latest" enforcement via the PackageKit (https://www.freedesktop.org/software/PackageKit/) D-Bus API — abstracts APT, DNF, and Zypper uniformly across distributions.
  • Auto-detects the node's package manager (APT / DNF / Zypper) to write the correct repository file format.
  • Writes APT deb822 .sources files to /etc/apt/sources.list.d/ and GPG keys to /etc/apt/trusted.gpg.d/.
  • Writes DNF/YUM .repo INI files to /etc/yum.repos.d/ and RPM GPG keys to /etc/pki/rpm-gpg/.
  • Writes Zypper .repo INI files to /etc/zypp/repos.d/.
  • Repository and package state is merged from multiple bound policies by priority (higher-priority bindings win conflicts).
  • Desktop notifications inform the user when package policy changes are applied.

Web UI: Package Policy Editor

  • Repositories tab — add, edit, and remove repositories per type (APT deb822, DNF, Zypper). Fields adapt to the selected type. GPG key upload supported for all types.
  • Packages tab — manage packages with desired state (present / absent / latest), optional version pinning, and an "optional" flag.
  • Options tab — control cache refresh after repo writes and allow-downgrade behaviour.

Web UI: Repository import helpers

Three one-click import flows are available in the Repositories tab:

  • Add Ubuntu PPA… — enter a ppa:owner/name address and select an Ubuntu codename; the server fetches the repository URI and signing key from Launchpad and the Ubuntu keyserver automatically.
  • Add openSUSE 1-Click .ymp… — upload a .ymp file; the server parses the XML and populates repositories and packages. When the file contains multiple distversion groups, a selection modal lets you choose which to import.
  • Add Fedora COPR… — enter a owner/project or @group/project address and select a chroot; the server resolves the DNF repo URL and signing key from the COPR API.

Notes

  • GPG verification is enabled automatically when a signing key is fetched successfully; it is disabled (with a warning) when no key is available, so the repository is still added and usable.
  • The .ymp importer skips type="pattern" items (not installable via PackageKit) and reports them as warnings.
  • Signed-off builds require godbus/dbus/v5 as a new agent dependency.

Release v0.6.0

Choose a tag to compare

@eniac111 eniac111 released this 10 May 22:53
995ada8

New Features

  • ACME / Let's Encrypt support — the server can now automatically provision and renew TLS certificates from Let's Encrypt or any RFC 8555-compatible CA. Enabled with BOR_ACME_ENABLED=true + BOR_ACME_DOMAINS + BOR_ACME_EMAIL. Mutually exclusive with manually supplied cert/key files.
  • Self-service password management — users can now change their own password from the Account Security settings in the UI without administrator involvement. Admins can also reset other users' passwords from the Users tab.

Bug Fixes

  • WebAuthn origin fallback — WebAuthn no longer silently fails to initialize when BOR_WEBAUTHN_ORIGINS is not set. The server now derives a default origin of https://, so standard deployments on port 443 only need BOR_WEBAUTHN_RPID.
  • Agent module consistency — agent/go.mod indirect dependencies (x/net, x/sys, x/text) are now in sync with the golang.org/x/crypto bump applied by Dependabot, resolving go mod tidy build failures.

Dependency Updates

  • golang.org/x/crypto → 0.51.0 (server + agent)
  • google.golang.org/grpc → 1.81.0 (agent)
  • github.com/Azure/go-ntlmssp → 0.1.1 (server)
  • github.com/fsnotify/fsnotify → 1.10.1 (agent)
  • golang.org/x/image → 0.38.0 (server)
  • Frontend: ts-proto, webpack, babel-loader, postcss, fast-uri
  • CI: actions/upload-artifact v7, docker/login-action v4, softprops/action-gh-release v3

Release V0.5.1

Choose a tag to compare

@eniac111 eniac111 released this 13 Apr 21:10
666879a

Release v.0.5.1

This is a bugfix release. The main changes:

  • fix(packaging): add missing /var/lib/bor/acme directory to package specs
  • fix(frontend): rebuild bundle with double-submit CSRF header support

Release 0.5.0

Choose a tag to compare

@eniac111 eniac111 released this 13 Apr 17:40
7fe1e33

First official release!

  • Support for policies: Kconfig (KDE), gconf (Gnome), Firefox, Chromium (Chrome), polkit
  • LDAP integration
  • Kerberos and token authentication for the agents
  • Inotify based tamper protection for files managed by Bor
  • And many more..