Version 2.0.2 of the Alpha Framework has just been released, please check the Packagist page for details on how to consume it via Composer.
The main focus of this release has been on security fixes, including the following improvements:
- Placed a warning banner on the admin UI if the admin user password matches what is in the config file. This will encourage admin users to change their password after installation.
- A default login/password is no longer used in the config file for installations, you have to set it to something unique.
- Removed MCrypt calls from Alpha, replaced them with OpenSSL calls.
- Ran a security audit using W3AF and fixed any issues highlighted.
You can view the changelog for further details.
The main focus for the next release of Alpha, version 2.0.3, will be on usability fixes and improvements.
