[1.8.0] Update 2FAuth to 6.0.0 Full Changelog 2FAuth can now fetch icons from offline icon packs. Visit the new Icon documentation page to learn how to set them up (#203). The sort order of 2FA accounts is saved to user preferences when changed from the Manage mode. This allows the account list to be reordered automatically after a new account is registered. (#377). Groups can be reordered (manually, from the Group management view) (#419). A new filter is available to only show 2FA accounts that do not belong to any group (#430). The Import feature now supports Bitwarden export (#501). Group names now accept single quote (#465). Upon logging out, users are now redirected to the last login form they used: Password, SSO or Webauthn. (#478). Catchable errors that occur during the sending of a test email are now displayed in the UI to help you understand what's going on. issue #447 Unable to import Google Authenticator. issue #464 Import error not correctly reported in the GUI.

[1.7.1] Update Ackee to 3.5.1 Full Changelog Several dependencies have been updated to their latest versions to bring in security patches and improvements ackee-tracker has been updated to fix an issue where visits were not recorded when the website had an empty document.referrer. You might have seen lower visit counts since version 3.5.0 when your website had no referrer, e.g., when visiting it directly or via bookmarks.

[1.21.0] Update actual to 26.1.0 Full Changelog Breaking changes: Removed support for legacy CSV import format Features: Added new budgeting overview page Features: Improved sync performance with cloud accounts Bug fixes: Fixed issue with transaction duplication on import Bug fixes: Resolved crash when opening settings on macOS Bug fixes: Corrected display issue in dark mode Bug fixes: Fixed bug causing incorrect currency conversion rates

[1.14.10] Update AdGuardHome to 0.107.71 Full Changelog In this release, the schema version has changed from 31 to 32. Added a new string fields dns.cache_optimistic_answer_ttl and dns.cache_optimistic_max_age. Optimistic DNS cache not working ([#​8148]).

This look like a good replacement for Alltube (which we were using) https://github.com/alexta69/metube

[1.24.0] Update dependency ampache/ampache to v7.8.0

[1.7.0] Update answer to 2.0.0 Full Changelog New: AI Assistant feature (@​shuashuai @​LinkinStars #​1479) New: MCP server feature (@​LinkinStars @​shuashuai #​1480) New: API Keys feature (@​LinkinStars @​shuashuai #​1482) New: Editor plugin support (@​robinv8 #​1481) Fixed: Add user in the Admin, no result prompt after submission (@​bimakw #​1457) Fixed: Fix/external id notification (@​IfDougelseSa #​1465) Fixed: fix: expand avatar column length from 1024 to 2048 (@​csouls #​1463) Fixed: When the input type of SchemeForm is a number, the default value of 0 is not displayed.@​shuashuai

@perelin said in ArchiveBox initial setup: Should I use the regular login mask, but what password to use / where to set a password. If you followed the first time setup guid step by step, you should be able to user your cloudron username and password in the login mask. I have just tested and confirmed it is working if the first time setup guide is followed.

Hello @andreasdueren Thanks for the report. Fixing it right now.

[1.96.1] Update audiobookshelf to 2.32.1 Full Changelog Important: New authentication system was added in v2.26.0. See https://github.com/advplyr/audiobookshelf/discussions/4460 for details. Server crash matching with Audible provider #4931 More strings translated Finnish by @pHamala Polish by @MarcinKlejna Russian by @renesat Swedish by @bittin

Thanks for reporting here @gardinermichael . We have in fact hidden the app package because there were many issues with it and we couldn't manage to get it to be stable . Maybe we should revisit this.

[1.33.5] Update baserow to 2.0.6 Full Changelog [Core] Added more advanced formulas. #4318 [Core] Allow array properties to be selected in the formula context when expert mode is selected. #4485 [Builder] Resolve an issue with styling button fields in table elements. #4494 [Database] Ensure m2m field indexes are all set. [Database] Prevent creating a new constraint when the enter key of the default value is pressed.

[1.6.2] Update beszel to 0.18.3 Full Changelog The Windows agent's updated version of LibreHardwareMonitorLib now uses PawnIO instead of WinRing0. If you lose temperature sensors, make sure PawnIO is installed. (See #1657 and #1697.) Container NetworkSent and NetworkRecv fields have been deprecated in favor of Bandwidth. Agents will stop populating those fields in 0.19.0, so please update any integrations to prefer Bandwidth. It's available for all containers on hubs >= 0.18.3. Add experimental sysfs AMD GPU collector. (#737, #1569) Improve container network stats accuracy. Fix SHARE_ALL_SYSTEMS for system_details, smart_devices, and systemd_services. (#1660) Improve CJK truncation in UI. Fix container uptime sorting edge case. (#1696) Remove stale systemd services from tracking after deletion. (#1594) Update honeypot field name and autofill ignores. (#1011) Write health_file to /dev/shm instead of /tmp if available. (#1455)

[1.46.3] Update BookStack to 25.12.3 Full Changelog Page Content - As of this release, most types of form content are now removed from page content on render. If you applied customizations which made use of in-page form content, you may now need to find alternative methods. Updated application PHP dependencies. Updated session-based API authentication to only be active for GET requests. Updated page content filtering to remove many common form elements & attributes. Updated translations with latest Crowdin changes. (#5997)

Hello @miednr @miednr said in Docker Remote Builder cannot push to private Cloudron Registry – no basic auth credentials due to read-only HOME / missing Docker config: Could you please provide some commands to check, where the problem's cause is? I have set up my docker registery under dr.cloudron.dev and the build service under cbs.cloudron.dev. I run the command from the build service once: cloudron build login --url 'https://cbs.cloudron.dev' --build-token 4d9e63406e98c078e296f6f273d5d9adb080643d50dd1d82b687af8c414cf915 When I now build a custom app I run: cloudron build --file ./Dockerfile --set-repository dr.cloudron.dev/org.cloudron.copyparty --tag 0.1.0

[2.12.11] Update cal.com to 6.1.12 Full Changelog fix: missing phone numbers on new HubSpot contacts by @anikdhabal in #27555 feat: support Cubic feedback workflow for external forked MRs by @keithwillcode in #26910 fix: prevent video redirect when booking additional seats by @anikdhabal in #27574 fix: restore Atoms build by reverting component relocation to @calcom/web by @pedroccastro in #27575 feat: add GitHub workflows to sync agents/ to Devin Knowledge by @eunjae-lee in #26994 fix: misalignment in rows per page select in bookings page by @mr-mods-yg in #27512 fix: use step output for MR number in Cubic review workflow by @keithwillcode in #27577 fix(docs): correct env copy command in local-development.mdx by @Shivangisharma4 in #27274 fix: avatar URL breaking for team/orgs in BookerEmbed atom by @Ryukemeister in #27424 fix(companion): handle special characters in extension event types by @pedroccastro in #27533

[1.29.0] Update calibre to 9.2.0 Full Changelog

@nebulon Honestly, there's no actual script at play right now. A simple sudo rm -rf session did the trick. The subsequent session then generated a new folder, complete with a file, the correct user, and appropriate permissions.

[1.27.6] Update changedetection.io to 0.52.9 Full Changelog Update messages.po // German "From" by @DominikHerold in #3793 Open github link on new tab by @mstrey in #3791 Update French translation by @sCreami in #3788 Browser page fetching speedup - Element locking was adding up to 1minute page load time, Element locking 'off' by default (so they dont move when the screenshot scroll happens), only lock top viewport elements. Improve logging. by @dgtlmoon in #3796 Make language selection sticky and provide a way to return back to default auto-detect #3792 by @dgtlmoon in #3795 Use credentials to fetch the web manifest by @ianis in #3790 Memory management improvements by @dgtlmoon in #3798

Hello @webmaster-srpl I was able to set up the Facebook Messenger with chatwoot according to the official chatwoot documentation. I did not need to configure anything with /webhooks/facebook so I am curious how you are trying to set up the Facebook Messenger in chatwoot. [image: 1769179599246-600be0a5-9028-4453-8be5-5d9cb87c9bd3-image-resized.png] [image: 1769179549380-fc97ccc6-92f9-41ec-8b35-96091f4edbc9-image-resized.png]

[1.41.0] Update code to 25.04.8.1.1

[1.7.0] Update comentario to 3.16.0 Full Changelog Per-page email notifications (#209) - abae9cf, 12c20cd, cd5e8b2, f0aed95, bac6b97 AdminUI: fix base href when deployed on a non-root path (#217) - 7d8e292 Backend: Resolve repeated notifications - cd5e8b2 Backend: use correct paths in site.webmanifest - 7d8e292 Docs: add explicit mentions of Edit domain page (#210) - 6e53611 I18n: improve logging for missing messages, add contribute page link - 257753b I18n: DE: add missing messages - 1e9bc35

@gh0stface yup, they made a release yesterday it seems and it should have the PRs we made upstream. @vladimir-d is checking the package again.

@girish Yep, exactly that. AnyType and Appflowy are growing in popularity. Would be nice to see them

@atridad Thanks for the heads up, the app is gone from our library as well.

[1.12.0] Update cryptpad to 2025.9.0 Full Changelog Update icons #1987 Make client compatible with new server #2059 Guard against misconfiguration of fileHost setting #2017 @ansuz Add a checkup page test for /upload-blob #1995 @ansuz Add forceRedirect to SSO #1868 @avinash-0007 SSO login redirect #2057 Make sure OnlyOffice user index does not change #2066 Office documents corruption on server issues #2064 Fix disappearing sheets #1991 Hardcoded values in PDF export metadata #2015

[1.25.0] Update ctfreak to 1.35.0 Full Changelog

[2.7.0] Update cubby to 2.7.0

[1.5.2] Update dawarich to 1.0.4 Full Changelog Wrong path helper in the navbar for Settings link. #2215 #2213 Gemfile being not updated #2210 Excessive memory usage during visits suggestions job (thanks @nareddyt!) #2119 SMTP_STARTTLS environment variable to enable STARTTLS for SMTP connections. Disabled by default. App-level DNS cache with 5 minutes TTL to reduce DNS lookups and improve performance. #2183 New Insights page with comprehensive analytics and visualizations: Transportation mode detection for tracks: Tracks are now automatically segmented by transportation mode (walking, cycling, driving, etc.) with configurable speed thresholds in settings. Modes are recalculated when threshold settings change. Near real-time track generation: Tracks are now generated within ~45 seconds of receiving new points (via OwnTracks, Overland, or the Points API) using a Redis-based debouncer. This replaces the previous 4-hour polling cycle for most cases. Daily generation job frequency reduced from every 4 hours to every 12 hours as a fallback. Track merging: Consecutive tracks that belong to the same journey are automatically merged when the gap between them is within the configured time threshold. Email preferences moved to "General" tab in user settings for better organization.

[2.14.1] Update directus to 11.14.1 Full Changelog Added multi-domain support for OAuth/OpenID (#26312) Removed the deprecated /webhooks functionality across the stack. This includes the API route and its related tests, (#26311 by @mobml) Removed the "Comment" tab from the activities page (#26440 by @Abdallah-Awwad) Fixed getAsset returning all file fields instead of only those allowed by the users permissions (#25905 by @gaetansenn) Added a new AI_ENABLED environment variable to allow opting out of our AI chat feature (#26458 by @bryantgillespie) Added concurrency control for file uploads via a new FILES_MAX_UPLOAD_CONCURRENCY env variable (#26424 by @thomas-svrts) Added nested validation rules to validation error notice (#26389 by @robluton) Added Comparison modal wysiwyg diff highlighting (#26301 by @robluton) Fixed an issue that would cause some drawer header icons from being displayed too large (#26442 by @kekekuli) Added support for specifying a KMS Key ID in S3 storage when using aws:kms Server Side Encryption (#26377 by @Joey92)

[2.9.4] Update discourse to 3.5.4

@miednr I build all my apps using local device docker, push to a cloudron private registry and use cloudron install --image xxx. I feel guilty in some way for not using Cloudron Builder, but local gets the job done fine, so good that you got your build out and deployed.

[1.17.0] Update documenso to 2.6.0 Full Changelog fix: exclude soft-deleted documents from folder count by @misha366 in #2410 fix: send organisation member removal email to correct user by @catalinpit in #2405 feat: add bulk document selection and move functionality by @catalinpit in #2387 fix: correct webhook event name in documentation by @Lahirudahampath03 in #2424 fix(i18n): mark missing strings for translation in card components by @mKoonrad in #2308 feat: autoplace fields from placeholders by @catalinpit in #2111 feat: add license integration by @dguyen in #2346 feat: allow non-team members as default recipients by @catalinpit in #2404 fix: resolve safari cert download issues by @dguyen in #2430 fix: add license logging by @dguyen in #2431

[1.12.0] Update community to 5.14.0 Full Changelog Added Spanish language support

[1.13.2] Update docuseal to 2.3.2 Full Changelog Enhance context menu with field settings Allow to set the same height/width for selected fields via context menu. Add white font color option. Fix MySQL connection. Number field "equal", "not equal", "greater than", "less than" conditions.

[1.26.0] Update dokuwiki-plugin-oauth to 2025-10-23

I assume the app as such uses the database just fine? Database access is quite fundamental I would assume for dolibar, so maybe some security setting in dolibarr itself?

[1.7.1] Update easyappointments to 1.5.2 Full Changelog Fix the GTag script URL html rendering (#​1666) Fix the "Load More" JS error in secretaries page (#​1677) Fix the PHP compatibility error of the appointments index API endpoint (#​1678) Catch individual email delivery exceptions (#​1670) Apply permission checks to the appointment and unavailability search (#​1753) Make sure the sync button is visible on provider log in (#​1749) Update unavailable dates after applying appointment data while rescheduling (#​1662) Make sure that any-provider does not include hidden providers while generating availability (#​1733) Provide "text" version of the emails in addition to HTML (#​1711) Trigger webhook requests when managing records via the API (#​1676)

[1.18.2] Update Emby.Releases to 4.9.3.0 Full Changelog Add user option to set user's auto remote quality Add library option to use legacy folder scanning method Music transcoding fixes Add landing tab option for book libraries Support volume control with youtube trailer player Update mixed content tabs to combine Movies & Shows Fix maintenance mode blocking some settings screens Fix embedded audio fields not getting rescanned on file changes Fix loss of genre and collection images after deleting a movie Fix latest section not showing items for some channel plugins

[2.20.0] Update espocrm to 9.3.0 Full Changelog OpenAPI specification generation #3535 Currency exchange rates stored as entities #3544 PDF Template: Filename with placeholder #3510 PDF Template: Currency symbol helper #3529 Decimal field type #3508 Preferences: Parameter to receive notifications about reactions in non-followed records #3479 In-app notification about being added as a collaborator #3530 Users auto-follow the record when added as colloborators #3532 Personal email account: Map IMAP folders to personal email folders #3513 Formula: Support column data in record\relate function #3537

Got it. Thank you.

[1.16.6] Update evcc to 0.300.8 Full Changelog c563112 Add HomeAssistant charger (#27103) 725af06 ChargeX: fix register decoding (#27110) 44dcd03 MQTT: fix namespace clash (revert #26999)

https://feedback.fider.io/posts/329/data-administration-import-accounts-tags-votes-posts-and-comments-via-web-interface this is a known thing in Fider it seems that the UI has no restore option. They have a new version coming this week so maybe it'll get added. I imagine people clone the file structure and PostgreSQL DB now to migrate or restore.

[1.15.0] Update filepizza to 60704b4

[1.1.0] Update fmd-server to 0.14.0 Full Changelog Light mode. And a setting to switch between theme modes. Ability to view the map in fullscreen. Ability to pass a message when locking the device (fmd lock <message>). Setting to switch between metric and imperial units. The command list is much longer, making nearly all commands available in the web UI. The commands now also have a description. The UI now automatically refreshes the location shown on the map. If you select "Remember me" during login, the access token and the private keys will now be stored in the browser's local storage. Enable WAL (write-ahead-logging) in sqlite. (!159) Limit request body size to 15 MB. (!164) Reduce default MaxSavedLoc from 1000 to 500. (!170)

[3.10.10] Update firefly-iii to 6.4.15 Full Changelog Issue 11264 (Add GUI for some settings, replacing environment variables) reported by @jacobburrell Discussion 11433 (Updates to Date Range selection) started by @fett327 Moved some settings to your system settings The following environment variables are removed and will no longer work. They are now in your settings. Removed sentry.io code Issue 11378 (Wrong account balance with initial transfer from different currency) reported by @bozho Issue 11383 (Login flow could redirect to javascript path) reported by @stefvonb Issue 11388 (TypeError bugs during upgrade to 6.4.14 + account_balances corruption) reported by @jaconde2 Issue 11396 (Reconciliation adds extra digits) reported by @niklas2810 Issue 11399 (Unusual behavior in audit logs (multi-currency)) reported by @jgmm81

[2.6.1] Update formbricks to 4.6.1 Full Changelog fix: optimize license check flow (backport to 4.6) by @BhagyaAmarasinghe in #7193

[0.5.0] basic tests implemented

[1.15.28] Update freescout to 1.8.203 Full Changelog Fixed "Invalid byte sequence for encoding UTF-8" error on PostgreSQL on fetching (#​5159) Make customer email in the conversation list more compact (#​5066) Revert changes made to "Collapse email history in Gmail" to avoid problems with replies separation in FreeScout (#​5136)

[1.27.1] Update FreshRSS to 1.28.1 Full Changelog Handle Web scraping of text/plain as <pre class="text-plain"> #​8340 New customisable message for closed registrations #​8462 Fix unwanted expansion of user queries (saved searches) applied to filters #​8395 Fix encoding of filter actions for labels #​8368 Fix searching of tags #​8425 Fix refreshing feeds with token while anonymous refresh is disabled #​8371 Fix RSS and OPML access by token #​8434 Fix MySQL/MariaDB transliterator_transliterate fallback (when the php-intl extension is unavailable) #​8427 Fix regression with MySQL/MariaDB index hint #​8460 Auto-add lastUserModified database column also during mark-as-read action #​8346

[4.149.1] Update ghost to 6.16.1 Full Changelog This release contains fixes for minor bugs and issues reported by Ghost users.

[1.37.4] Update gitea to 1.25.4 Full Changelog Release attachments must belong to the intended repo (#36347) (#36375) Fix permission check on org project operations (#36318) (#36373) Clean watches when make a repository private and check permission when send release emails (#36319) (#36370) Add more check for stopwatch read or list (#36340) (#36368) Fix openid setting check (#36346) (#36361) Fix cancel auto merge bug (#36341) (#36356) Fix delete attachment check (#36320) (#36355) LFS locks must belong to the intended repo (#36344) (#36349) Fix bug on notification read (#36339) #36387 Add more routes to the "expensive" list (#36290)

Yes, it's only jekyll. Not an expert on next.js but I think it also needs a backend right ? If so, you have to create a custom package - https://docs.cloudron.io/packaging/tutorial/

[1.112.3] Update gitlab-foss to 18.8.3 Full Changelog Send the uuid for usage quota when it is a trial for SM (merge request) GitLab Enterprise Edition Unsubscribe from pipeline status updates when pipeline ID changes (merge request) Fix JWT token expiration when memoized before timeout is set (merge request) Fix encoding error in related branches work item widget (merge request) Disable Sidekiq retries for ClickHouse pipeline/build sync workers (merge request) Disable async_insert in build and pipeline sync operations (merge request) Add work item support to missing chat integrations (merge request) Only check optional ActionCable Redis instance if necessary (merge request) Fixes preserving external author on work item move and clone (merge request) Refactor Redis TLS options parsing to fix ActionCable configuration (merge request)

[0.2.0] Update logo

[1.23.0] Update gogs to 0.14.1 Full Changelog Support comparing tags in addition to branches. #6141 Show file name in browser tab title when viewing files. #5896 Support using TLS for Redis session provider using [session] PROVIDER_CONFIG = ...,tls=true. #7860 Support expanading values in app.ini from environment variables, e.g. [database] PASSWORD = ${DATABASE_PASSWORD}. #8057 Support custom logout URL that users get redirected to after sign out using [auth] CUSTOM_LOGOUT_URL. #8089 The required Go version to compile source code changed to 1.25. The build tag cert has been removed, and the gogs cert subcommand is now always available. #7883 Switched to pure-Go SQLite driver, CGO is no longer required to compile Gogs. #7882 Security: Unauthenticated file upload. #8128 - GHSA-fc3h-92p8-h36f Security: Protected branch bypass in web UI. #8124 - GHSA-2c6v-8r3v-gh6p

[2.3.2] Update grafana to 12.3.2 Full Changelog API: Add missing scope check on dashboards #116888, @Proximyst Avatar: Require sign-in, remove queue, respect timeout #116893, @macabu ElasticSearch: Update annotation time-range properties #115566, @aangelisc Explore: Reset legend when a new query is run #116590, @ifrost Go: Update to 1.25.6 #116396, @macabu Alerting: Fix a race condition panic in ResetStateByRuleUID #115680, @alexander-akhmetov Alerting: Fix data source recording rules editor #116303, @soniaAguilarPeiron

IMPORTANT Packages starting 1.8.6 to 1.9.0 have been revoked. 1.8.6 - 1.8.13 - Upstream has removed all 1.7.50.x packages. See https://discourse.getgrav.org/t/upgrade-to-grav-v1-7-50-9-not-working/29222/4 1.9.0 - had incorrect beta version update

[1.9.0] Update greenlight to 3.7.0 Full Changelog Improve copy recordings functionality (#6154) Added popovers that describe recording formats (#6136) Fixed a few Host Header vulnerabilities related to asset urls Removed role_id from permitted update params (#6117) Updated multiple gems and packages Clear recordings before the sync starts (#6164)

The latest cloudron package symlinks the config.json into /app/data. This allows to enable the enterprise edition mode. One thing to note is, that the env.sh file needs the line with GRIST_DEFAULT_EMAIL to be enabled and set to the users's email address. Otherwise the admin UI will not grant the user access.

Hello @albertbeaufrand and welcome to the Cloudron Forum This topic is a duplication of https://forum.cloudron.io/post/97415 and will be merged into it. Please read the responses above to get the full answer to your question.

[1.11.0] Update base image to 5.0.0

[1.21.3] Update hedgedoc to 1.10.6 Full Changelog GHSA-x74j-jmf9-534w reports a bug where security headers for upload files were not set correctly. GHSA-672m-p72w-gw28 reports potential security issues with limited script execution in uploaded SVG files.

[1.15.4] Update core to 2026.1.3 Full Changelog

Ok thanks for letting us know.

[1.97.2] Update immich to 2.5.3 Full Changelog fix: reset and unsaved change states in editor by @bwees in #25588 fix: no notification if release check is disabled by @jrasm91 in #25688 fix(mobile): hide latest version if disabled by @uhthomas in #25691 fix(web): enable asset viewer navigation across memory boundaries by @midzelis in #25741 fix: upload progress bar flickering by @alextran1502 in #25829 fix: prevent stale values in edit user form after save by @michelheusschen in #25859 fix: prevent album page get rebuilt when resuming app by @alextran1502 in #25862 fix: prevent backspace from accidentally triggering delete modals by @michelheusschen in #25858 fix: metadata extraction race condition by @danieldietzler in #25866 fix: reset zoom when navigating between assets by @michelheusschen in #25863

[1.19.0] Rename to Ip2location due to trademark collision

@jdaviescoates Thanks - Not the I have not though about this, but, at last, this could only be a temporary solution following our infrastructure setup. It also does not solve the underlying OIDC issue, which I very much find intriguing.

@nebulon Thank you for setting me straight. I always think "go to the cloud" and just the reverse is needed in this case.

[1.21.7] Update invoiceninja to 5.12.55 Full Changelog Fixes for compose dependencies v5.12.55 by @turbo124 in #11658 Updated dependencies Fixes for Peppol command v5.12.54 by @turbo124 in #11657

[1.13.2] Update jellyfin to 10.11.6 Full Changelog Prioritize better matches on search [MR #15983], by @Shadowghost Fix artist display order [MR #15816], by @theguymadmax Restore weekly refresh for library folder images [MR #16046], by @theguymadmax Be more strict about PersonType assignment [MR #15872], by @Shadowghost Fix birthplace not saving correctly [MR #16020], by @theguymadmax Trim music artist names [MR #15808], by @theguymadmax Add mblink creation logic to library update endpoint. [MR #15965], by @Collin-Swish Fix watched state not kept on Media replace/rename [MR #15899], by @MarcoCoreDuo Skip hidden directories and .ignore paths in library monitoring [MR #16029], by @theguymadmax Revert "always sort season by index number" [MR #15950], by @theguymadmax

App discontinued due to no upstream updates.

[1.12.1] Update Jirafeau to 4.7.1 Full Changelog Fixed another possibility to bypass the checks for CVE-2022-30110, CVE-2024-12326 and CVE-2025-7066 (prevent preview of SVG images and other critical files) by sending a manipulated HTTP request with a MIME type like "image". When doing the preview, the browser tries to automatically detect the MIME type resulting in detecting SVG and possibly executing JavaScript code. To prevent this, MIME sniffing is disabled. The default value of max_upload_chunk_size_bytes was set to 5000000. Higher values could trigger a bug Chromium-based browsers on servers with HTTP/3 enabled, causing asynchronous uploads to fail.

Hello @girish, hello everyone, Is there any hope that Jitsi Meet (https://forum.cloudron.io/topic/10900/updates-to-jitsi) will be offered on Cloudron again? It’s such a great tool! Thank you very much!

[2.4.1] Update joplin to 3.5.2 Full Changelog

[1.58.3] Update jupyterhub to 5.4.3 Full Changelog

[1.17.5] Update kanboard to 1.2.49 Full Changelog fix(ldap): ensure LDAP placeholders are escaped fix: restore Ctrl+Enter submission on the task creation form feat(locale): update translations feat: prevent protocol-relative URL redirects after login feat: block private network access for external web link (configurable) feat: add TRUSTED_PROXY_NETWORKS config option

[1.9.1] Add optional OpenID integration for new installations

[1.5.2] Update keycloak to 26.5.2 Full Changelog #​44994 CVE-2025-67735 - netty-codec-http: Request Smuggling via CRLF Injection dependencies #​43443 Keycloak should warn when ISPN or JGROUPS is running in debug level logging #​45498 Ignore OpenAPI artifacts when disabled dist/quarkus #​44785 Can not get through SSO login if using a custom attribute with default value user-profile #​45015 Deadlock in Infinispan virtual threads infinispan #​45250 IDToken contains duplicate address claims oidc #​45333 User admin events don't show role, group mapping, reset password like events admin/ui #​45396 Database Migration fails when updating to 26.5.0 on MS SQL core #​45415 cache-remote-host becomes mandatory at build time when using clusterless feature infinispan #​45417 Unmanaged Attributes Type (Only administrators can view) allows admin API to set Unmanaged Attributes user-profile

[0.3.0] Update keila to 0.18.0 Full Changelog Added public archive links for campaigns Added ability to review sent campaigns Added $empty operator to Contact query language and segment editor Added segment filtering based on campaign interactions Added text color tool to Block Editor Added social media icons block to Block Editor (see #444) success_url in contact forms is now processed with Liquid, allowing personalized redirects Added support for id_type in API Contact deletion endpoint Preview emails are now prefixed with "[Preview]" Added Spanish translation (thanks @PedroMartpico)

[2.41.0] Update kimai to 2.47.0 Full Changelog Further SecurityPolicy hardening for twig invoice and export templates (#5784) Fix: moved "print" export to self-contained template (#5784) Fix: synchronisation problem when editing user-preferences of the currently logged-in user (#5784) Fix: selected text highlight color in dark mode (#5784) Fix: remove backdrop from the "loading indicator" (#5784) Do not show report toolbars in a card, following the general Kimai UI principles (#5784) Removed most toast messages, replacing them by a tiny loading indicator. reason: an app should work as expected and not need to indicate that an action was successful, instead it should only warn if something fails. toasts were kept for ticktack / restarting of timesheets and error messages, as those might be started from any screen. (#5784)

[1.34.0] Update koel to 8.3.0 Full Changelog fix: hover status on context menu items by @phanan in #2184

Running TURN server on port 443 only matters for setups where a Client is unable to contact the server on non-port 443. This is only common in some ultra locked down intranet setups.

https://forum.cloudron.io/topic/15003/komf-on-cloudron-komga-and-kavita-metadata-fetcher

[2.4.1] Set supportsDisplayName to false in manifest

Hello @chmod777 I have rebased the oidc-support branch against the master branch. You should be able to run git pull in the oidc-support branch now.

[1.27.0] Update languagetool to 97476d3

[1.11.1] Update leantime to 3.6.2 Full Changelog Fix timer not starting after v3.6.0 update by @gloriafolaron in #3215 fix(db): Fix zp_entity_relationship table migration issues by @gloriafolaron in #3221 Timer Not Starting - Fixed an issue where the stopwatch/timer feature stopped working after the 3.6.0 update (#3208) Database Migration Fix - Added migration to fix entity relationship table issues that caused dashboard and ticket errors (#3221)

[1.1.1] Update LibreChat to 0.8.2 Full Changelog Cross-replica support for resumable streams in Redis mode, enabling seamless horizontal scaling for production deployments. Add, configure, and share MCP servers directly from the UI with full access control. Includes API key authentication support, domain restrictions for remote transports, and improved OAuth handling. Pin frequently used agents and models to the sidebar for quick access. Render Mermaid diagrams inline within chat messages with enhanced UX and focus rendering. Extensive improvements to meet WCAG standards with better screen reader support, keyboard navigation, focus management, and contrast ratios across the entire application. Moonshot Kimi K2 Bedrock support Anthropic Beta support for Bedrock Anthropic Vertex AI support Gemini Image Generation Tool (Nano Banana) Bedrock Guardrails support

[1.55.4] Update LimeSurvey to 6.16.4+260113

[1.26.1] oidc: add env template to optionally disable login form

[1.20.0] add dumb-init to collect zombies

[1.15.0] Update listmonk to 6.0.0 Full Changelog TOTP two-factor authentication. E-mail based Forgot password reset flow. Ability to archive lists. Subscriber activity in the Subscriber profile UI. Ability to send transactional mails to non-subscribers via the /api/tx API. Campaign-level JSON JSON {} attributes just like subscriber attributes. Granular override on subscriptions / subscriber profile in bulk import. In-built Postgres VACUUM cron in Maintenance settings for large databases. Add attribs to campaign docs. Upgrade altcha JS to latest version.

[1.17.6] Update loomio to 3.0.18 Full Changelog Add LOOMIO_RESTRICT_EXPLORE_TO_SIGNED_IN_USERS by @​robguthrie in #​12143 Add polls to vote on page by @​robguthrie in #​12142 Replace invite-only terminology with direct discussions by @​robguthrie in #​12144 fix for missing translation on invite only discussions page

[2.41.0] Update Lychee to 7.3.1 Full Changelog Version 7.3.1 for automated deployement by @ildyria in #4036 Fix missing top level permission by @ildyria in #4034 Add more contributions guides by @ildyria in #4006 Clarify album rights propagation by @ildyria in #4019 [SE] Add LDAP support by @ildyria in #4020 Fix ugly header bar in light mode when showing photo details by @ildyria in #4029 Migration breaking on some installations by @ildyria in #4028 Version 7.3.0 by @ildyria in #4030 Fix missing dependency: ldap by @ildyria in #4033

@girish That is a super handy feature!

[1.17.4] Update mastodon to 4.5.4 Full Changelog Fix custom emojis not being rendered in profile fields (#37365 by @ClearlyClaire) Fix serialization of context pages (#37376 by @ClearlyClaire) Fix quotes with CWs but no text not having fallback link (#37361 by @ClearlyClaire) Fix outdated link target for locked warning (#37366 by @ClearlyClaire) Fix local custom emojis sometimes being rendered in remote posts (#37284 by @ChaosExAnima) Fix some assets not being loaded from configured CDN (#37310 by @ChaosExAnima) Fix notifications page error in Tor browser (#37285 by @diondiondion) Fix custom emojis not being displayed in CWs and fav/boost notifications (#37272 and #37306 by @ChaosExAnima and @ClearlyClaire) Fix default Admin role not including view_feeds permission (#37301 by @ClearlyClaire) Fix hashtag autocomplete replacing suggestion's first characters with input (#37281 by @ClearlyClaire)

[1.54.1] Update matomo to 5.7.1

@humptydumpty I'm not familiar with CCAI. You shouldn't have to enter ports etc at all as those are defined in the Manifest that's in the repository.

[1.23.1] Update mattermost to 11.2.2 Full Changelog

@jayonrails are you referring to the Mautic App or Cloudron? For Mautic - we have a monthly online meetup for DACH every first monday at 12:30 CET. Except for today - its moved to 12th of january. (https://meet.mauticamp.de/adm-suk-gfm-ath). Also we have a poll for a real world meetup running: https://forum.mautic.org/t/neues-jahr-neues-meetup-terminfindung-fur-das-d-a-ch-mauticamp-2026/36991

[1.33.1] Update mealie to 3.10.2 Full Changelog fix: use BASE_URL config for redirect_url if available @​whattheschnell (#​6995) fix: OIDC caching @​michael-genson (#​7009) fix(deps): update dependency fastapi to v0.128.1 @​renovate (#​7008)

[3.6.1] Update mediawiki to 1.45.1 Full Changelog

Closed due to inactivity

[1.5.1] pin package source by hash

[2.35.1] Update metabase to 0.58.5.1 Full Changelog

[2.36.23] Update bedrock to 1.21.132.3

Also @senthilkumaran If you are just now updating to @miniflux version 2.0.49 on Cloudron, which was packaged and published Oct 16, 2023, you are years behind with updates. This would also explain why you run into this issue, since this was also resolved with @miniflux version 2.2.13 which was packaged and published Sep 19, 2025, 9:18 AM

Time to poke RustFS too. No fear.

[1.18.5] Update mirotalkp2p to 1.7.23

The app package runs the cron job as outlined in https://github.com/monicahq/monica/blob/4.x/docs/installation/providers/generic.md#4-configure-cron-job Can you open a webterminal into the app and run it manually via: sudo -E -u www-data php /app/code/artisan schedule:run and see if it shows an error or sends the mails then?

@osobo Moodle package has quite a complicated setup. The app has over 25 (!) plugin types and each plugin writing all over the source code. For this reason, source code is treated as data. /app/code is just the released tarball. The app runs off /app/data/moodle . The package seems to make some best effort update by copying latest /app/code into /app/data/moodle .

@msbt said in Issue with Read/Write node: export N8N_RESTRICT_FILE_ACCESS_TO="/app/data" This solves it Thank you

[1.27.0] Update navidrome to 0.60.0 Full Changelog This release introduces a major rewrite of the experimental Plugin System, now with multi-language PDK support, enabling developers to extend Navidrome's functionality using WebAssembly-based plugins written in Go, Rust, Python or JavaScript. Plugins run in a secure sandbox and can provide additional metadata sources, custom integrations, and server-side enhancements. Users can now easily configure plugins directly from the UI through a new JSONForms-based configuration interface. Additionally, this version includes a pure-Go metadata extractor built on top of the new go-taglib library. This is a significant step toward removing the C++ TagLib dependency, which will simplify cross-platform builds and packaging in future releases. The new extractor is activated by default, but in case of any issues you can revert to the previous implementation by setting Scanner.Extractor="legacy-taglib" configuration option. The Instant Mix feature generates a playlist of similar songs based on a selected track. By default, it retrieves similar songs from Last.fm (if configured with an API key) or falls back to Deezer. It can also be configured to use external plugins, like AudioMuse-AI for sonic analysis-based similarity recommendations. Fix potential XSS vulnerability by sanitizing user-supplied data before rendering (GHSA-rh3r-8pxm-hg4w). (d7ec735 by @AlexGustafsson) Fix potential DoS vulnerability in cover art upscaling by clamping requested square size to original dimensions (GHSA-hrr4-3wgr-68x3). (77367548 by @deluan). Thanks to @yunfachi Add new WebAssembly-based plugin system with multi-language PDK support (Go, Rust, Python). (#4833 by @deluan) Add JSONForms-based plugin configuration UI. (#4911 by @deluan) Add similar songs retrieval functions to plugins API. (#4933 by @deluan) Add pure-Go metadata extractor (go-taglib) as alternative to FFmpeg-based extraction. (#4902 by @deluan)

@charlesnw can you try increasing the memory limit for that redis? Services -> redis ->memory limit?

Thank you @girish ! I just tried a "invite" action that is supposed to send an email and I received the email as expected!

[2.24.1] Update NodeBB to 4.8.1 Full Changelog upgrade script to handle topics that were already pruned (03b7374) closes #​13899 (f98de3e) #​10682, fix all the other rss routes as well (385a4d0) protocol (da5605e) closes #​12986 (310e90c) #​13919 (b2c6fbe) use min (090b9f5) #​13918, make arrayLimit configurable increase default to 50 (d25e772) closes #​13258, dont mark digest as delivered if it fails (f29c9f0) wrap fields in quotes in user csv export (1b08aef)

[1.19.0] Update ntfy to 2.16.0 Full Changelog This release adds support for updating and deleting notifications, heartbeat-style / dead man's switch notifications, custom Twilio call format. It also adds a "New version available" banner to the web app. Support for updating and deleting notifications (#​303, #​1536, ntfy-android#151, thanks to @​wunter8 for the initial implementation) Support for heartbeat-style / dead man's switch notifications aka updating and deleting scheduled notifications (#​1556, #​1142, #​954, thanks to @​GamerGirlandCo for the initial implementation) Configure custom Twilio call format for phone calls (#​1289, thanks to @​mmichaa for the initial implementation) ntfy serve now works on Windows, including support for running it as a Windows service (#​1104, #​1552, originally #​1328, thanks to @​wtf911) Web app: "New version available" banner (#​1554)

[1.3.4] Update ollama to 0.15.5 Full Changelog Improvements to ollama launch Sub-agent support for ollama launch for planning, deep research, and similar tasks ollama signin will now open a browser window to make signing in easier Ollama will now default to the following context lengths based on VRAM: GLM-4.7-Flash support on Ollama's experimental MLX engine ollama signin will now open the browser to the connect page Fixed off by one error when using num_predict in the API Fixed issue where tokens from a previous sequence would be returned when hitting num_predict

I looked into the logs and it was the outdated Commons module. Thanks for your help and keep up the great work with cloudron!

[1.24.1] Update DocumentServer to 9.2.1

[0.5.2] Update opencloud to 5.0.2 Full Changelog CVE-2026-23989, a security issue in public links is resolved in v5.0.2.

[1.8.1] Update openhab-distro to 5.1.1 Full Changelog Switch to using asynchronous send with Jetty websockets Fix UIResource GET endpoints require no auth if implicit user role disabled Use quotes for numbers stored as strings when generating YAML Normalize thing/channel config in response of /file-format/parse API Allow cross-binding bridges when generating code for a thing Add special handling to thing/channel config param of Fix NullPointerException for POI mode Fix XML error handling Support bridges with hardware embedded accessory things Properly consider special values in DP value validation

[3.45.2] Update openproject to 17.0.2 Full Changelog Bugfix: Unable to change to earlier finish date for automatically scheduled successor [#​65130] Bugfix: Meeting outcomes cannot be saved with ctrl/cmd+enter [#​69974] Bugfix: AXe Accessibility error: invalid list structure [#​70573] Bugfix: Fix AXe Accessibility error: Navigation toggler must have discernible text [#​70574] Bugfix: Documents module is missing meaningfull html title [#​70614] Bugfix: Users with the "Manage Users" permission did not see links to Lock/Unlock users [#​70796] Bugfix: Cannot authorise OpenProject app with OpenProject when user has 2FA enabled [#​70966] Bugfix: Running docker slim image, runs slim-bim one [#​70980] Bugfix: 'For all projects' project attributes are not displayed during new project creation [#​70982] Bugfix: Fix revision parsing in git diff output [#​71020]

Hi @girish so I learned something while setting up my Radicale and OWC. It seems like the calendar client publishing in to the ICS in Radicale (or wherever your ICS source lives) can matter. When I used the Calendar app on macOS I saw no descriptions. When I used Thunderbird I do. You can see it on my live page that has the OWC page in an iframe https://kb.filewave.com/books/community-engagement/page/customer-event-schedule and if you click on events in the agenda then the description shows. I think initially I was also hoping to show description on the Agenda page without clicking on an event but originally I was bothered that I just couldn't get description to show up. So now it does at least show up when you click an event. I haven't looked at why Calendar doesn't make a summary that shows and Thunderbird does but I'm fine using Thunderbird to put events in my calendar feed.

Newest package that ships Open WebUI 0.7.2 resolved this

[1.1.0] Update opodsync to 0.5.0 Full Changelog Add URL of instance on homepage, with copy button Add support for being used as an external app inside KaraDAV

The latest update seems to have fixed it. Patience is a virtue xD

[1.19.0] Update outline to 1.4.0 Full Changelog New "Toggle blocks" allow creating content that is collapsed by default in #8317 Table cells can now have a custom background color set in #10930 Search results are now highlighted in the document when navigating from search in #11262 A new Figma integration allows unfurling information about Figma links in documents by @hmacr in #11044 Added support for sorting dates in table columns by @lucawimmer in #11198 Document changes made through the API are now synced to clients in realtime in #11186 The rate limiter now prefers user ID over ip address for logged in sessions, prevents issues on larger office networks in #11215 The markdown importer now supports more file layouts in #11278 Fixed some typos comments and messages by @NAM-MAN in #11203 Fixed an issue where mentions would sometimes break when using drag and drop in a list in #11208

[1.6.1] Update owncast to 0.2.4 Full Changelog Lots of localization changes, both in how they work across the web application, and adding more support for them. So more places should show more languages. The backend refactor continues with more splitting things off into standalone data repositories and services. Higher bitrates can now be selected in the video encoding settings. There's a new webhook that fires when you get a new Fediverse follower. Admin: add line divider in sidebar #4098 Display shortcut keys of hide/show chat in Dropdown menu #4096 Create a custom Translation component #4428 Add support for pluralization in the new Translation component #4440 Add support for translations in the web project #3950 Add server status as a default field in all webhooks #4384

[1.3.0] Update base image to 5.0.0

[1.47.1] Update paperless-ngx to 2.20.6 Full Changelog Fix: extract all ids for nested tags @shamoon (#11888) Fix: prevent note deletion outside doc @shamoon e4b861d Performance: improve treenode inefficiencies @shamoon (#11606) Fixhancement: change date calculation for 'this year' to include future documents @shamoon (#11884) Fix: Running management scripts under rootless could fail @stumpylog (#11870) Fix: use correct field id for overrides @shamoon (#11869)

You can still install it like this https://my.<cloudron>/#/appstore/rocks.paperwork.cloudronapp . But note that it was last updated 3 years ago. I tried to build a new version with latest with PHP a year ago and the app was not even building anymore. They have been re-writing a new version for a couple of years now.

I recently hit an issue where my PeerTube instance stopped being able to upload videos to my Scaleway S3 bucket. All move-to-object-storage jobs were failing with this error: NoSuchBucket: The specified bucket does not exist The confusing part was that the bucket definitely existed, and I could even connect to it successfully from the PeerTube web terminal using the AWS SDK directly. The Problem Recent versions of PeerTube (v6+) changed the object storage config format. New storage sections are now required: user_exports:, original_video_files:, and captions:. The v6.0.0 changelog also mentions that Docker environment variables were renamed (e.g., PEERTUBE_OBJECT_STORAGE_VIDEOS_* → PEERTUBE_OBJECT_STORAGE_WEB_VIDEOS_*), which the Cloudron devs will have implemented. However, the YAML config key videos: still appears to work based on the AWS example in the docs and this Hetzner S3 guide from October 2025. See the official PeerTube Remote Storage documentation for the current config format. My old config (broken in PeerTube v6+): object_storage: enabled: true endpoint: 'https://s3.fr-par.scw.cloud' region: 'fr-par' videos: bucket_name: 'your-bucket-name' prefix: 'videos/' streaming_playlists: bucket_name: 'your-bucket-name' prefix: 'streaming-playlists/' credentials: access_key_id: 'YOUR_ACCESS_KEY' secret_access_key: 'YOUR_SECRET_KEY' max_upload_part: 2GB My new config (working with PeerTube v6+): object_storage: enabled: true endpoint: 'https://s3.fr-par.scw.cloud' region: 'fr-par' credentials: access_key_id: 'YOUR_ACCESS_KEY' secret_access_key: 'YOUR_SECRET_KEY' max_upload_part: 2GB web_videos: bucket_name: 'your-bucket-name' prefix: 'web-videos/' streaming_playlists: bucket_name: 'your-bucket-name' prefix: 'streaming-playlists/' user_exports: bucket_name: 'your-bucket-name' prefix: 'user-exports/' original_video_files: bucket_name: 'your-bucket-name' prefix: 'original-video-files/' captions: bucket_name: 'your-bucket-name' prefix: 'captions/' Key changes: videos: → web_videos: (matches the Docker env var rename, though videos: may still work) prefix: 'videos/' → prefix: 'web-videos/' (not strictly necessary, but matches the Backblaze example in the docs) Added required sections: user_exports:, original_video_files:, and captions: After updating production.yaml and restarting PeerTube from the Cloudron dashboard, all my failed jobs completed successfully. Hope this helps someone else!

[1.14.0] Update penpot to 2.12.1 Full Changelog Fix setting a portion of text as bold or underline messes things up Github #7980 The backend RPC API URLS are changed from /api/rpc/command/<name> to /api/main/methods/<name>. The previous PATH is preserved for backward compatibility; however, if you are a user of this API, it is strongly recommended that you adapt your code to use the new PATH. The OAuth / Single Sign-On (SSO) callback endpoint has changed to align with the new OpenID Connect (OIDC) implementation. Add the ability to select boards to export as PDF Taiga #12320 Add toggle for switching boolean property values Taiga #12341 Make the file export process more reliable Taiga #12555 Add auth flow changes Taiga #12333 Add new shape validation mechanism for shapes Github #7696 Apply color tokens from sidebar Taiga #11353 Display tokens in the inspect tab Taiga #9313

App discontinued due to no upstream updates.

The upstream project has not released in almost 3 years now. We had to build from develop to get some PHP 8 support going, but there are bugs like https://github.com/phpservermon/phpservermon/issues/1196 , https://github.com/phpservermon/phpservermon/issues/1232 . There's also a bunch of basic issues: Normal user cannot login after admin user logs in. Some issue related to service worker. LDAP functionality is incomplete

[3.2.0] Update Piwigo to 16.2.0 Full Changelog

@james Thanks again for your response and also for reporting the issue on the Pixelfed GitHub.

[1.14.2] Update pocketbase to 0.36.2 Full Changelog Updated modernc.org/sqlite to v1.44.3 (race check fix), goja (circular references fix) and other go deps. Other minor fixes (updated tests to silence some of the race detector errors, updated FindFirstRecordByData with more clear error message when missing or invalid key is used, etc.).

Hello @zigmasdirigeant Thanks to your detailed report I was able to reproduce this issue right away. I will look into it. Either setting client_max_body_size 0; or make it configurable.

[1.4.0] Update pretix to 2026.1.0 Full Changelog Breaking change: Removed deprecated API endpoints for ticket validation Feature: Added support for multi-currency payments Feature: Introduced a new dashboard for event analytics Bug fix: Fixed issue with email notifications not being sent Bug fix: Resolved payment gateway timeout errors Feature: Enhanced security for user authentication Breaking change: Changed default settings for new events Bug fix: Corrected display issue on mobile devices Feature: Implemented new search functionality for events Bug fix: Addressed problem with data export feature

[1.11.3] Update PrivateBin to 2.0.3 Full Changelog FIXED: Prevent arbitrary PHP file inclusion when enabling template switching FIXED: Malicious filename can be used for self-XSS / HTML injection locally for users FIXED: Unable to create a new paste from the cloned one when a JSON file attached (#1585)

[2.9.1] Update prometheus to 3.9.1 Full Changelog [BUGFIX] Agent: fix crash shortly after startup from invalid type of object. #​17802 [BUGFIX] Scraping: fix relabel keep/drop not working. #​17807

[2.25.3] Update VueTorrent to 2.31.3 Full Changelog lsio-mod: Fix invalid permissions on non-root users (#2597) (85a1fb3) RightClick: Prevent selecting text when opening menu on apple touch devices (#2598) (f1846ec) RSSArticles: Prevent unread status inconsistency (#2624) (6963f29) Wrong message for category delete confirmation (#2599) (5f9fc86) ActiveFilters: Click on chip disables only active filters (#2606) (bfca3d4) Content: Double click on a node to toggle selection (#2607) (2bcce0a) Improve URL detection (#2590) (26ea94d) Overview: Wrap comment to prevent text overflow (#2589) (c48c2e0) RSSArticles: Use vue-concurrency (#2624) (e28bfcd) TorrentDetail: Change title to use torrent name (#2608) (bbbe846)

[2.11.0] chore(deps): update dependency radicale to v3.6.0

[2.7.0] Update rallly to 4.7.0 Full Changelog Update poll status names Upgrade to prisma 7.3.0 Enable account linking

App discontinued due to no upstream updates.

Did the update (package v5.3.1) help?

[3.9.3] Update redmine_oauth to 3.0.9

Indeed, that app treats each user individually and since an app would have to actively sync up some deactivated (or even deleted) user state explicitly, which releasebell does not, it just keeps working for that user. Since the app uses OpenID, there is actually no real way for the app, to know if a user even still exists to then purge the user. A login of the user would of course not work, but since this works in releasebell without a login-session, not sure what to besides manually purging that user. Have to think more about how to better handle that, until that you may have to actually do what you proposed. I was trying to quickly come up with a mysql statement to purge, but that is more involved than I thought, due to all the constraints.

This will take some time because it requires Mongo DB 8.x . Cloudron's mongodb was in 6.x but was just upgraded to 7.x in Cloudron 9.0.16 . Cloudron 9.1 will have mongodb 8.x . We can only move step by step because mongodb does not support jumping versions.

[2.9.2] Update roundcubemail to 1.6.12 Full Changelog Support IPv6 in database DSN (#9937) Don't force specific error_reporting setting Fix compatibility with PHP 8.5 regarding array_first() Remove X-XSS-Protection example from .htaccess file (#9875) Fix "Assign to group" action state after creation of a first group (#9889) Fix bug where contacts search would fail if contactlist_fields contained vcard fields (#9850) Fix bug where an mbox export file could include inconsistent message delimiters (#9879) Fix parsing of inline styles that aren't well-formatted (#9948) Fix Cross-Site-Scripting vulnerability via SVG's animate tag Fix Information Disclosure vulnerability in the HTML style sanitizer

[1.15.0] Update rss-bridge to 2025-08-05 Full Changelog [FabBridge] Pull 100% discounted items via Fab API by @thefranke in https://github.com/RSS-Bridge/rss-bridge/pull/4584 [GoComicsBridge] Fix for JSON being removed by @TReKiE in https://github.com/RSS-Bridge/rss-bridge/pull/4585 [IdealoBridge] Bypass bot protection by @sysadminstory in https://github.com/RSS-Bridge/rss-bridge/pull/4588 [GoComicsBridge] Add fallback when link to current comic is missing by @TReKiE in https://github.com/RSS-Bridge/rss-bridge/pull/4589 [GolemBridge] Add tables to content by @Mynacol in https://github.com/RSS-Bridge/rss-bridge/pull/4613 [ZeitBridge] Improvements by @Mynacol in https://github.com/RSS-Bridge/rss-bridge/pull/4617 [NasestrechaBridge] Add bridge by @pprenghy in https://github.com/RSS-Bridge/rss-bridge/pull/4591 [WaggaCouncilBridge] Add bridge by @Scrub000 in https://github.com/RSS-Bridge/rss-bridge/pull/4593 [HeiseBridge] removes language-info-text, add archive.is link for people without subscription by @Tone866 in https://github.com/RSS-Bridge/rss-bridge/pull/4594 [CentreFranceBridge] Fix parser following website update by @quent1-fr in https://github.com/RSS-Bridge/rss-bridge/pull/4596

Given that the upstream project is not maintained anymore, we have hidden this in the appstore. I had also submitted a PR upstream for a basic issue which is ignored - https://github.com/aliasaria/scrumblr/pull/161

@james said in settings.yml missing from web file manager: Hello @user123456 We looked into it. Someone has disabled the SFTP service on the demo Cloudron Demo Server along with other services.

[1.2.0] checklist added to manifest

Guys, tyvm for your feedback. As a workaround I simply disallowed dav on a group level. Nevertheless I'll feature request this during Christmas time. ^^

[2.18.0] Update Shaarli to 0.16.0 Full Changelog v0.x branches and tags will no longer be maintained after v0.16. Always upgrade to the latest release to receive bugfixes and security patches. docs: update PHP version compatibility table fix stored XSS via suggested tags (GHSA-g3xq-mj52-f8pg) build(deps): update frontend build dependencies (js-yaml/glob)

@girish said in SickChill unlisted from app store: I hope they atleast bring back the issue tracker Out of interest, why does this matter for Cloudron? BTW, someone has replied to the thread I started on Discord informing me that the master releases are these https://pypi.org/project/sickchill/ Doesn't look like there has been a new one since March though.

[1.3.0] Update shiori to 1.8.0 Full Changelog feat(apiv1): refactor tags api (#1075) feat: add PWA support share functionality (#1060) feat: add apis to handle bookmark tags (#1081) feat: allow tag filtering and count retrieval via api v1 (#1079) feat: improve SQLite performance (#1024) feat: reverts message in json output and allows configuration (#1082) feat: support proxy forward headers authentication (#1105) fix: auth validation on existing sessions, rely on token only (#1069) fix: incorrectly set cookie's expires value in login.js (#1049) fix: parse pocket new CSV format (#1112

The upstream project is archived - https://github.com/boypt/simple-torrent/ . There has been no changes in 2 years and modules are not updated.

Hello @darrendavid and welcome to the Cloudron forum Could you please explain a little how this is connected to Cloudron? I am not sure if you are in the correct place here for this question.

[1.18.7] Update snipe-it to 8.3.7 Full Changelog Add new 'git remote' management to change Snipe-IT URLs by @uberbrady in #18245 Fixes [FD-52064] Avery L6009_A & L4736_A label field overflow with scaling by @Godmartinz in #18246 Optimize queries for Components listing by @uberbrady in #18251 Added endpoint & use_path_style_endpoint configs for public/private S3 by @Valinwolf in #18266 Experiment: simpler light/dark toggle by @snipe in #18249 Refactor assignee in Checkoutable to accept null by @Godmartinz in #18273 Check That Email Exists on Recipient in Checkout Acceptance by @spencerrlongg in #18274 Fixed #18160 - Multi-create validation fixes by @uberbrady in #18247 Fixes Manager View not displaying subordinates EULAs properly in View Assets page by @iryadifarhan in #18257 adds #17422 [FD-49345] --expired-licenses command parameter to snipeit:expiring-alerts by @Godmartinz in #18244

@james thank you so much! SOGoMailCustomFromEnabled worked prefectly!

Just checked on this again but it seems statping-ng is not going forward much . https://github.com/statping-ng/statping-ng/tags says the release was almost a year ago.

[3.4.3] Update Stirling-PDF to 2.4.3 Full Changelog Correctly show desktop and server versioning separately Support for watched folders to be recursive and multiple directories to be defined Desktop login expiry fix Desktop self-host connection improvements (self-sign fixes and others) Page editor performance and UI improvements frontend error screen appearing during SSO fix Desktop CORS fixes feat(settings): display frontend/backend versions and warn on client-server mismatch by @Ludy87 in Stirling-Tools#5571 Support multiple pipeline watch directories and configurable pipeline base path by @Frooodle in Stirling-Tools#5545 Stop type checking TypeScript files that won't be run by @jbrunton96 in Stirling-Tools#5607

[1.12.0] chore(deps): update dependency apache-superset to v6

This is fixed with latest package update.

[1.33.15] Update syncthing to 2.0.14 Full Changelog

We only published a fixed package now, based on the alternative LDAP plugin

[1.10.2] Update recipes to 2.4.2 Full Changelog added quick link from start page to search with pre-filled parameters added diameter based scaling fixed uploading images on mobile #4400 fixed items per page not saving in search view #4275 fixed rating filter less than or equal to not working #4280 (thanks to @smilerz #4396)

[1.5.1] checklist added to manifest

@timconsidine said in Teddit Subscriptions no longer working: Just FYI - my LibReddit - selfhosted as Docker on another VPS = is still working. But now it is down. Maybe they have caught up with me.

[1.22.1] checklist added to manifest

@Sam_uk we have unlisted TLDraw by now. Please see https://forum.cloudron.io/topic/10806/no-more-updates-to-tldraw . The license and company direction has changed.

No no, I‘ve the actual version running! It‘s just that it stopped working on 29th of November and when I looked into the events i noticed that on this day 1.21 was installed!

[2.6.3] Update libretranslate to 1.8.4 Full Changelog Add --translation-cache by @pierotofy in #912 Update argos-translate, use MINISBD by @pierotofy in #928

[2.5.0] Update transmission to 4.1.0 Full Changelog Improved TP download performance. (#​6508) Added support for IPv6 and dual-stack UDP trackers. (#​6687) Support trackers that only support the old BEP-7 with &ipv4= and &ipv6=. (#​7481) New JSON-RPC 2.0-compliant RPC API. (#​7269) Added optional sequential downloading. (#​4795) Use native icons for menus and toolbars: SF Symbols on macOS, Segoe Fluent on Windows 11, Segoe MDL2 on Windows 10, and XDG standard icon names everywhere else. (#​7819, Qt Client) Fixed 4.0.6 bug where Transmission might spam HTTP tracker announces. (#​7086) Improved libtransmission code to use less CPU. (#​4876, #​5645, #​5715, #​5734, #​5740, #​5792, #​6103, #​6111, #​6325, #​6549, #​6589, #​6712, #​7027, #​7744, #​7800) Avoid unnecessary heap memory allocations. (#​5519, #​5520, #​5522, #​5527, #​5540, #​5649, #​5666, #​5672, #​5676, #​5720, #​5722, #​5725, #​5726, #​5768, #​5788, #​5830, #​6542) Slightly reduced latency when sending protocol messages to peers. (#​5394)

[1.27.2] Update Trilium to 0.101.3 Full Changelog SQL Console: cannot copy table data by @SiriusXT Title is not selected when creating a note via the launcher by @SiriusXT Popup editor closing after inserting a note link by @SiriusXT New Mermaid diagrams do not save content by @lzinga Can't scroll mermaid diagram code Max content width is not respected when switching between note types in the same tab Crash When a Note Includes Itself Severe Performance Degradation and Crash Issues Due to Recursive Inclusion in Included Notes is not a launcher even though it's in the launcher subtree Archived subnotes of direct children appear in grid view without #includeArchived

[2.76.0] Update tt-rss to c625ca6

[1.23.2] Update typebot.io to 3.15.2 Full Changelog Fix app router automatically adding transfer-encoding: chunked header to backend requests 69efa2f

[3.23.0] Add optional redis

[2.0.6] Update cloudflared to 2026.1.2

Closed due to inactivity note: mods are working, asked @BrutalBirdie he tested it briefly

[1.82.2] Update vault to 1.21.2 Full Changelog auth/oci: bump plugin to v0.20.1 core: Bump Go version to 1.25.5 packaging: Container images are now exported using a compressed OCI image layout. packaging: UBI container images are now built on the UBI 10 minimal image. secrets/azure: Update plugin to v0.25.1+ent. Improves retry handling during Azure application and service principal creation to reduce transient failures. storage: Upgrade aerospike client library to v8. core/activitylog (enterprise): Resolve a stability issue where Vault Enterprise could encounter a panic during month-end billing activity rollover. http: skip JSON limit parsing on cluster listener. quotas: Vault now protects plugins with ResolveRole operations from panicking on quota creation. replication (enterprise): fix rare panic due to race when enabling a secondary with Consul storage.

Hello @nilp and welcome to the Cloudron Forum This issue has been adressed and a fix is avaiable here: https://forum.cloudron.io/post/117779 I will merge this topic into the existing one.

[1.72.5] Update verdaccio to 6.2.4 Full Changelog fix: allow docker listen address to be configured (6.x) by @markormesher in #5503

[1.18.0] Update vikunja to 1.0.0 Full Changelog (editor) Prevent crash when exiting edit mode in tiptap (files) Make sure base directory exists when using local file system (#2166) (routes) Restore SPA routing after Echo v5 upgrade Use dark shadows for email template in dark mode (#2155) (28593e6) Add required checkbox to confirm issue search before submission (d61caab) Add vikunja doctor command for diagnostic checks (#2165) (3aa1e90)

@timconsidine said in Self-hosted VPN server made EASY!: Fine - live in your own world then. I tried but some people can't read the room

[2.5.6] Update wallabag to 2.6.14 Full Changelog Change version in wallabag.yml by @nicosomb in #8251 Fix deprecation by @j0k3r in #8267 Add annotations filter to entries API endpoint by @skn in #8346 Update dependencies by @yguedidi in #8435 Bump deps (mostly for siteconfig) by @j0k3r in #8489 Fix reading time computation for short entries by @andreadecorte in #8332 Fix urls parameter when sending many urls to be stored using the API by @j0k3r in #8488 Prepare 2.6.14 by @j0k3r in #8494

[1.19.0] OIDC auth implemented, OIDC auth tests implemented

[1.20.1] Update whitebophir to 1.22.1 Full Changelog

[1.36.1] Update weblate to 5.15.2 Full Changelog Statistics generator is now triggered upon installation. Screenshots updated from the repository have proper history. reStructuredText syntax error now reports unintended list conversion. Unchanged translation check ignores AsciiDoc source code blocks. Information leak via screenshots (CVE 2026-21889 / GHSA-3g2f-4rjg-9385). Explanation sync in TermBase eXchange format. User interface fixes. Clarified needs editing/checking/rewriting states. Automatically translated flag with bulk approvals. GitHub forks no longer trigger actions.

[4.98.0] Update wekan to 8.28 Full Changelog Updated meteor-node-stubs Fixed text truncation at quick-access board link bar Improved cardDetails.css for better UI Fixed Jade syntax at header Await async setDone before closing popup in copy/move dialogs

[1.13.4] Update wiki to 2.5.311 Full Changelog b950e06 - stop dompurify from breaking draw.io diagrams (MR #​7888 by @​tribut) 19c26e5 - handle breadcrumb locale prefix correctly (commit by @​NGPixel) 857c172 - css editor in page properties dialog not loading (commit by @​NGPixel) 7d4627b - rocketchat auth prototype pollution via userProfile function (commit by @​NGPixel) 1d0d87a - add cookie secure flag when site is using https (commit by @​NGPixel) 85c304f - add cookie secure flag when site is using https (client-side) (commit by @​NGPixel)

[2.14.0] Update woodpecker to 3.13.0 Full Changelog Update quic-go/qpack & quic-go/quic-go #5885 fix: updateRepoPermissions to cleanup old permissions #5790 Add cli contexts #5929 Use repo-user for api call of cron #5967 Close opened file on LogFind #5961 Delete/Deactivate repo ignores missing repo at forge #5953 Correctly update repo permissions #5928 Revert repos pagination for GH and BB #5924 fix: send correct argument to rpc call for name/url #5922 fix: secrets-file flag #5909

[3.15.2] Update openid-connect-generic to 3.10.3

[3.12.5] Update openid-connect-generic to 3.10.3

[1.4.1] checklist added to manifest