Update Git clients on Windows and OS X

Last week, a security fix was released for Git. The fix patches a bug in the Git client that is exploitable on operating systems with case insensitive file systems such as Windows and OS X.

Heroku has updated the Git installer that we ship with Toolbelt for Windows. We have also removed an old Git version from the OS X installer (it was not generally used).

In addition, we’ve added a Git version warning in Toolbelt that will prompt you to update Git if you’re using a vulnerable version on Windows (shown here) or OS X:

$ heroku apps
WARNING: Your version of git is 1.9.3. Which has serious security vulnerabilities.                                               
More information here: https://blog.heroku.com/archives/2014/12/23/update_your_git_clients_on_windows_and_os_x

Heroku Toolbelt ships msysGit for Windows and users should update to 1.9.5, available from the msysGit website. OS X users should update their system Git using, for example, the OS X installers or using Homebrew.

Details of the exploit are available on the Git Blame blog and from the Git mailing list announcement.

HTTP Git now Generally Available

Today we’re happy to announce that the HTTP Git beta is over and that HTTP Git is fully ready for production.

The beta was launched less than a month ago and we are already handling thousands of HTTP Git builds per day. In addition, HTTP Git powers the Dropbox Sync beta, making sure that Dropbox folders and Heroku repos are up-to-date.

Over the past month, we have seen great adoption from partners, and Travis CI is using HTTP Git as the default git strategy for Heroku deployments.

We encountered few issues during the beta, and we’re confident that HTTP Git is the best Git implementation for most Heroku users. For that reason, we’re making HTTP Git the default setup when repos are configured by Heroku tooling. We will keep SSH Git as an option and SSH Git still works for all repos on Heroku. You can use SSH Git and HTTP Git (and Dropbox Sync) interchangeably as needed by you and your collaborators. Read on for details.

Read more →

Introducing the General Availability of Performance Dynos in Europe

Since day one, developers from all over the world have been deploying apps on Heroku, and we’re extremely proud of the strong global community we’ve built. Our European customers in particular have asked for the ability to deploy applications geographically close to their European customer base so they can offer a better user experience with more responsive apps. In 2013 we launched 1X and 2X dynos in Europe to meet this demand. Today we’re pleased to announce the general availability of Performance Dynos in our European region.

Read more →

Announcing Beta Dropbox Sync

Helping teams to collaborate on creating, shipping and operating great apps is a core Heroku value. People collaborating on Heroku apps are not all alike: Some spend all day in the terminal, others prefer using Heroku from a browser. That’s why we’ve built both a powerful CLI and a great Dashboard.

Today, we’re adding beta support for Dropbox Sync to complement Git-based deployments. By adding Dropbox as a way to sync changes, we’re making it easier for more users on diverse teams to contribute to apps built on Heroku.

Git is a powerful tool for software developers to collaborate on building great apps and software. We added Git-based deployments 6 years ago, to plug Heroku straight into that collaboration flow and to make deploying to production as simple as sharing changes with your collaborators.

With Dropbox Sync, we’re inviting more people to participate in the process of creating great apps and we’re giving existing users more choice and flexibility in how code is deployed to Heroku. Read on for details.

Read more →

Heroku External Objects: Bringing Native Postgres to Salesforce

Today we are announcing a new data solution for combined users of the Heroku and Salesforce platform: Heroku External Objects. The newest feature of Heroku Connect, Heroku External Objects makes data from any Heroku Postgres database - like that from customer apps, transaction systems, or data warehouses- seamlessly available within a given Salesforce deployment. Leveraging the newly announced Salesforce1 Lightning Connect, Heroku External Objects gives Force.com developers a powerful new capability to help architect their Salesforce deployments and implement data services.

Read more →

Browse the blog archives or subscribe to the full-text feed.

Visit the Engineering Blog