We have released an update to the Timefold Platform to fix a security issue (affecting versions v0.25.0 and v0.26.2). A certain API endpoint of the platform exposed sensitive keys. This has been remedied with the release of v0.26.3 which was deployed to app.timefold.ai on Oct 17th at 8:26PM GMT+2.
We recommend self-hosted solutions to upgrade to v0.26.3 and to revoke the applicable keys.
For Azure:
secrets:
data:
azureStoreConnectionString: YOUR_AZURE_BLOB_STORE_CONNECTION_STRING
For AWS:
secrets:
data:
awsAccessKey: YOUR_AWS_ACCESS_KEY
awsAccessSecret: YOUR_AWS_ACCESS_SECRET
For GCP:
secrets:
stringData:
serviceAccountKey: YOUR_GOOGLE_STORAGE_SERVICE_ACCOUNT_KEY
Please let us know if you have questions.