Operations | Monitoring | ITSM | DevOps | Cloud

July 2021

Securing XML implementations across the web

In December 2020, we blogged about security issues in Go’s encoding/xml with critical impact on several Go-based SAML implementations. Coordinating the disclosure around those issues was no small feat; we spent months emailing the Go security team, reviewing code, testing and retesting exploits, coming up with workarounds, implementing a validation library, and finally reaching out to SAML library maintainers and 20 different companies downstream.

Migrating Thousands of Cloud Instances to New Kubernetes Custom Resources

Mattermost’s Kubernetes Operator spins up and manages Mattermost instances running on Kubernetes based on a ClusterInstallation Custom Resource (CR). Mattermost Operator 1.0 has evolved a lot since its release, along with the ClusterInstallation CR in the v1alpha version. As time went by — as with any software — the Operator gained more features, configuration options, functionalities, and technical debt.

Installing Mattermost to Heroku

Heroku is a wonderful cloud platform that allows developers to provision and operate applications. It enables the kind of fast feedback loop that developers crave. There is a heavy layer of abstraction when using Heroku to run applications, but it’s a valid tradeoff considering its ability to bootstrap projects. In this article, we will provide the steps you need to take in order to get Mattermost running on the Heroku Cloud Platform.

Collapsed Reply Threads are here! Get early access to the beta

We’ve heard your feedback, and are excited to announce that users of Mattermost Cloud and Mattermost Self-Managed v5.37 or later can now get early access to Collapsed Reply Threads in beta! This feature has been a top priority for our team and is the most voted feature request on our idea forum. Given this is an early access beta, we highly encourage Admins and users interested in enabling the feature to review our documentation and known issues.