PasswordPusher

v2.7.0 Feature

This release adds 1 notable feature for engineering teams evaluating rollout.

Published 8d Secrets & Credentials

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

communicate-passwords docker encryption file-sharing information-technology msp

+12 more

netsec netsec-tools password password-expiration password-pusher password-safety ruby secret security security-tools self-hosted upload-file

Affected surfaces

deps

Summary

AI summary

All assets are now loaded locally, eliminating remote asset loads.

Full changelog

This release makes sure that no assets are loaded remotely. We had this previously but a few remote asset loads snuck in recently.

:memo: What’s Changed

Pin sass to 1.99.0 to fix bin/setup CSS build (#4500) @pglombardo
Improve asset management (#4493) @ozovalihasan
Update versions of bundler and JavaScript packages (#4492) @ozovalihasan

:arrow_up: Dependencies updates

:arrow_up: Bump bootsnap from 1.24.4 to 1.24.5 (#4495) @dependabot[bot]
:arrow_up: Bump zeitwerk from 2.8.1 to 2.8.2 (#4499) @dependabot[bot]
:arrow_up: Bump solid_cable from 3.0.12 to 4.0.0 (#4498) @dependabot[bot]
:arrow_up: Bump pagy from 43.5.4 to 43.5.5 (#4496) @dependabot[bot]
:arrow_up: Bump retriable from 3.4.1 to 3.5.0 (#4494) @dependabot[bot]
:arrow_up: Bump aws-sdk-s3 from 1.223.0 to 1.224.0 (#4489) @dependabot[bot]
:arrow_up: Bump aws-sdk-kms from 1.127.0 to 1.128.0 (#4488) @dependabot[bot]
:arrow_up: Bump aws-sdk-core from 3.247.0 to 3.248.0 (#4490) @dependabot[bot]
Bump js-cookie from 3.0.5 to 3.0.7 (#4487) @dependabot[bot]
:arrow_up: Bump aws-sdk-s3 from 1.222.0 to 1.223.0 (#4478) @dependabot[bot]
:arrow_up: Bump faraday-net_http from 3.4.2 to 3.4.3 (#4481) @dependabot[bot]
:arrow_up: Bump aws-partitions from 1.1250.0 to 1.1252.0 (#4482) @dependabot[bot]
:arrow_up: Bump aws-sdk-kms from 1.125.0 to 1.127.0 (#4483) @dependabot[bot]
:arrow_up: Bump marcel from 1.1.1 to 1.2.1 (#4484) @dependabot[bot]

:busts_in_silhouette: List of contributors

@dependabot[bot], @ozovalihasan, @pglombardo and dependabot[bot]

:motor_boat: Docker Images

Available on Docker Hub:
https://hub.docker.com/r/pglombardo/pwpush

:running_man: Run This Version

Point DNS to your server (e.g. pwpush.example.com).
Download docker-compose.yml or clone the repo.
In docker-compose.yml, uncomment and set:
- TLS_DOMAIN: 'pwpush.example.com' for automatic Let’s Encrypt TLS.
Run:

docker compose up -d

Open https://pwpush.example.com or alternatively http://your-ip:5100.

:link: Useful Links

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track PasswordPusher

Get notified when new releases ship.

About PasswordPusher

Securely share sensitive information with automatic expiration & deletion after a set number of views or duration. Track who, what and when with full audit logs.

All releases →