0.41.0-rc1

Added

• New SECRET_KEY optional environment variable (#671)
• /api-token-auth/ and the associated tokens can now be disabled through the EXPIRY_TOKEN_ENABLED environment variable and server.allowImplicitLogin chart value (#698)
• Tokens issued by /api-token-auth/ can now be deleted like other API tokens, through a DELETE request on the /active-api-tokens endpoint (#698)

Changed

• Increase the number of tasks displayable in frontend workflow #697
• BREAKING: Change the format of many API responses from {"message":...} to {"detail":...} (#705)

Removed

• BREAKING: SECRET_KEY_PATH and SECRET_KEY_LOAD_AND_STORE environment variables (#671)
• Removed logic for storing SECRET_KEY at startup, in order to increase stability; it should be done at a higher level, i.e. the chart (#671)

Fixed

• /api-token-auth/ sometimes handing out tokens that are about to expire (#698)