This release improves how CloudCannon handles GitHub accounts and updates the email change workflow. It addresses several issues caused by signing up to CloudCannon with GitHub's no-reply or standard email addresses.
Improved GitHub account management#
Previously, GitHub's no-reply email addresses would prevent you from resetting your CloudCannon password.
Additionally, CloudCannon would require you to enter a password to accomplish some actions in the app, even though signing up with a standard GitHub email address does not require you to set a password to log in. This prevented you from:
- Changing your account password.
- Changing your account email address.
- Deleting an Organization.
- Deleting your Account.
The only way to address these issues was to use the Forgotten Password recovery flow, which added unnecessary friction and potential security concerns.
This release adds the following improvements:
- You can no longer use GitHub's no-reply email addresses to sign up to CloudCannon.
- If you sign up for CloudCannon via GitHub, you can no longer sign up to CloudCannon with an email address that is unverified in GitHub.
- If you sign up for CloudCannon via GitHub and do not set a password, CloudCannon will flag the account accordingly.
- CloudCannon actions requiring a password will no longer prompt you if you have not set one for your account.
Improved email change workflow#
When you update the email address associated with your account, CloudCannon now requires you to verify access to the new email address. This ensures that only the owner of an email address can use it on CloudCannon.