PasswordPusher

v2.7.1 Maintenance

This release keeps dependencies and maintenance posture current for teams operating this tool.

Published 1d Secrets & Credentials

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

communicate-passwords docker encryption file-sharing information-technology msp

+12 more

netsec netsec-tools password password-expiration password-pusher password-safety ruby secret security security-tools self-hosted upload-file

Summary

AI summary

Updates arrow_up: Dependencies updates, memo: What’s Changed, and apipie across a mixed release.

Changes in this release

Type	Severity	Summary	CVE
Dependency
Dependency	Low	Bump ruby from 4.0.2-alpine to 4.0.5-alpine in /containers/docker. Bump ruby from 4.0.2-alpine to 4.0.5-alpine in /containers/docker. Source: llm_adapter@2026-06-02 Confidence: high	—
Dependency	Low	Bump overcommit from 0.69.0 to 0.70.0. Bump overcommit from 0.69.0 to 0.70.0. Source: llm_adapter@2026-06-02 Confidence: high	—
Dependency	Low	Bump google-apis-storage_v1 from 0.62.0 to 0.63.0. Bump google-apis-storage_v1 from 0.62.0 to 0.63.0. Source: llm_adapter@2026-06-02 Confidence: high	—
Dependency	Low	Bump rubyzip from 3.3.0 to 3.3.1. Bump rubyzip from 3.3.0 to 3.3.1. Source: llm_adapter@2026-06-02 Confidence: high	—
Dependency	Low	Bump aws-partitions from 1.1254.0 to 1.1255.0. Bump aws-partitions from 1.1254.0 to 1.1255.0. Source: llm_adapter@2026-06-02 Confidence: high	—
Dependency	Low	Bump aws-sdk-core from 3.249.0 to 3.250.0. Bump aws-sdk-core from 3.249.0 to 3.250.0. Source: llm_adapter@2026-06-02 Confidence: high	—
Dependency	Low	Bump fugit from 1.12.1 to 1.12.2. Bump fugit from 1.12.1 to 1.12.2. Source: llm_adapter@2026-06-02 Confidence: high	—
Dependency	Low	Bump json from 2.19.5 to 2.19.7. Bump json from 2.19.5 to 2.19.7. Source: llm_adapter@2026-06-02 Confidence: high	—
Dependency	Low	Bump msgpack from 1.8.0 to 1.8.1. Bump msgpack from 1.8.0 to 1.8.1. Source: llm_adapter@2026-06-02 Confidence: high	—
Dependency	Low	Bump jbuilder from 2.15.0 to 2.15.1. Bump jbuilder from 2.15.0 to 2.15.1. Source: llm_adapter@2026-06-02 Confidence: high	—
Dependency	Low	Bump rubocop-rails from 2.35.2 to 2.35.3. Bump rubocop-rails from 2.35.2 to 2.35.3. Source: granite4.1:30b@2026-06-02-audit Confidence: low	—

Full changelog

:memo: What’s Changed

apipie: Update to latest (#4518) @pglombardo
Switch to standard Ruby debug for development (#4517) @pglombardo

:arrow_up: Dependencies updates

:arrow_up: Bump ruby from 4.0.2-alpine to 4.0.5-alpine in /containers/docker (#4497) @dependabot[bot]
:arrow_up: Bump overcommit from 0.69.0 to 0.70.0 (#4513) @dependabot[bot]
:arrow_up: Bump google-apis-storage_v1 from 0.62.0 to 0.63.0 (#4514) @dependabot[bot]
:arrow_up: Bump rubyzip from 3.3.0 to 3.3.1 (#4515) @dependabot[bot]
:arrow_up: Bump aws-partitions from 1.1254.0 to 1.1255.0 (#4516) @dependabot[bot]
:arrow_up: Bump aws-sdk-core from 3.249.0 to 3.250.0 (#4507) @dependabot[bot]
:arrow_up: Bump fugit from 1.12.1 to 1.12.2 (#4508) @dependabot[bot]
:arrow_up: Bump aws-partitions from 1.1253.0 to 1.1254.0 (#4509) @dependabot[bot]
:arrow_up: Bump json from 2.19.5 to 2.19.7 (#4510) @dependabot[bot]
:arrow_up: Bump msgpack from 1.8.0 to 1.8.1 (#4511) @dependabot[bot]
:arrow_up: Bump jbuilder from 2.15.0 to 2.15.1 (#4502) @dependabot[bot]
:arrow_up: Bump rubocop-rails from 2.35.2 to 2.35.3 (#4503) @dependabot[bot]
:arrow_up: Bump retriable from 3.5.0 to 3.8.0 (#4504) @dependabot[bot]
:arrow_up: Bump puma from 8.0.1 to 8.0.2 (#4505) @dependabot[bot]

:busts_in_silhouette: List of contributors

@dependabot[bot], @pglombardo and dependabot[bot]

:motor_boat: Docker Images

Available on Docker Hub:
https://hub.docker.com/r/pglombardo/pwpush

:running_man: Run This Version

Point DNS to your server (e.g. pwpush.example.com).
Download docker-compose.yml or clone the repo.
In docker-compose.yml, uncomment and set:
- TLS_DOMAIN: 'pwpush.example.com' for automatic Let’s Encrypt TLS.
Run:

docker compose up -d

Open https://pwpush.example.com or alternatively http://your-ip:5100.

:link: Useful Links

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track PasswordPusher

Get notified when new releases ship.

About PasswordPusher

Securely share sensitive information with automatic expiration & deletion after a set number of views or duration. Track who, what and when with full audit logs.

All releases →