Skip to content

Releases: rjpr/snappass

v2.0.0

01 Dec 08:06
@rjpr rjpr
v2.0.0
6cfa369
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v2.0.0 Latest
Latest

SnapPass 2.0.0 Release Notes

This is a modernized fork of the original Pinterest SnapPass with significant UI/UX improvements and enhanced functionality.

New Features

UI & Theming

  • Modern UI with Pico CSS framework, dark mode support, and 20 built-in color themes
  • Theme customization via THEME_COLOR and THEME_MODE environment variables
  • Automatic dark mode detection based on system preferences
  • Customizable site title via SITE_TITLE
  • Configurable default TTL via DEFAULT_TTL (hour, day, week, two weeks)
  • Optional GitHub link visibility control via HIDE_GITHUB_LINK

Security Enhancements

  • APIs disabled by default - Set ENABLE_API=True to enable programmatic access
  • Configurable maximum secret length via MAX_SECRET_LENGTH (defaults to 150KB)
  • Enhanced security headers (CSP, X-Frame-Options, X-Content-Type-Options)
  • Secure session cookies (HttpOnly, Secure, SameSite)
  • Redis authentication enabled in production configurations

Additional Configuration & Compatibility

  • URL token customization with TOKEN_PREFIX for backwards compatibility

Technical Improvements

Frontend

  • Removed: Bootstrap 3.x, Font Awesome, jQuery (~12,000 lines)
  • Added: Pico CSS v2 (minimal, classless framework)
  • Reduced static asset size by ~95%
  • SVG icons replace font-based icons
  • Improved clipboard integration with visual feedback
  • Better mobile experience and accessibility

Backend

  • Updated to Python 3.9+ (tested through 3.13)
  • All dependencies updated to latest versions:
    • Flask 3.1.0
    • cryptography 44.0.2
    • redis 5.2.1
    • Werkzeug 3.1.3
    • flask-babel 4.0.0
    • waitress 3.0.2
  • Enhanced error handling and validation
  • Improved configuration system with environment variables

Infrastructure

  • Docker-first deployment approach with official images on Docker Hub and GHCR
  • Multi-platform Docker support (AMD64 and ARM64)
  • Production-ready docker-compose.example.yml with comprehensive configuration
  • Redis persistence with volume mounting
  • Automated CI/CD with GitHub Actions
  • Complete documentation converted to Markdown

Migration from Original

Fully backwards compatible when configured properly:

  1. Use the same Redis instance (existing data preserved)
  2. Set TOKEN_PREFIX=snappass for URL compatibility
  3. Keep REDIS_PREFIX=snappass (default)
  4. Update Docker image to rjpr/snappass

See README.md for detailed migration instructions.

Docker Deployment

Recommended deployment using Docker Compose:

  1. Download the example configuration:

    curl -o docker-compose.yml https://raw.githubusercontent.com/rjpr/snappass/master/docker-compose.example.yml

  2. Edit docker-compose.yml and change:

    • SECRET_KEY to a secure random value
    • CHANGE_REDIS_PASSWORD to a secure password (in two places)

  3. Start the services:

    docker compose up -d

SnapPass will be accessible at http://localhost:5000

Alternative using Docker run:

docker run -d --name redis redis:latest
docker run -d --name snappass --link redis:redis -p 5000:5000 \
  -e REDIS_HOST=redis -e SECRET_KEY=your-secret-key-here \
  rjpr/snappass

Breaking Changes

  • Minimum Python version raised to 3.9
  • Bootstrap completely replaced with Pico CSS
  • APIs disabled by default (set ENABLE_API=True to enable)
Assets 2
Loading