Cloudron Forum

[1.14.0] set the default charset to utf8mb4 See docs on how to migrate the charset of an existing instance

[1.17.12] Update loomio to 3.0.24 Full Changelog Fixed: Prevent comment authors from editing or restoring comments that an admin has discarded. Fixed: Preserve group ownership when creating discussions from templates in grouped contexts. Improved: Hardened deployment/runtime behavior with trusted ingress IP allowlisting and exec-based Docker startup processes. Improved: Removed obsolete hocuspocus SQLite persistence and legacy document-list template calls. Improved: Background jobs now avoid retrying forever for records that have already been deleted. Maintenance: Updated dependencies including Devise, Vite, Bootsnap, Rollup, Sentry, Nokogiri, Puma, and tzinfo-data.

[1.25.0] Update typebot.io to 3.17.1 Full Changelog Fix upload proxy public URL (#2508) Add Ask Model action using OpenAI Responses API (#2455) Add time filter to results export and fix CSV download on R2 (#2449) (openai) Add Ask Model file search controls (#2483) Handle GA script load failure to prevent bot from hanging (#2446) Fix transcript compute crash on choice items with session-var display condition (#2468) Fix credential access control and remove vulnerable S3 upload endpoint (#2459) Fix SSRF bypass via DNS rebinding in HTTP request and script fetch flows (#2461) Add SSRF_ALLOWED_HOSTS env for self-hosted internal APIs (#2474) Sanitize CSV exports against formula injection (#2493)

[2.13.4] Update castopod to 1.15.5 Full Changelog

[2.6.0] Update joplin to 3.7.1 Full Changelog New: Add support for post-quantum cryptography (PQS) TLS (#15055 by Alex Martens) New: Add support for whiteboards (#15305) (#15193) Improved: Add settings search to config screen (#14820) (#14763 by @slimuCS) Improved: Add table editing commands (add/delete rows and columns) (#14519) (#12372 by @kanishka0411) Improved: Do not load plugin if it is disabled (#15083) Improved: Speed up app startup by skipping unnecessary plugin file processing (#15085) (#15081) Fixed: Add the ability to delete the default profile (#15153) (#14506 by @mrjo118) Fixed: Avoid OOM when printing notes with large attachment links (#15026) (#13903 by @Rygaa) Fixed: Fix silent sync failure which prevents new changes being synced, when a single server object has an updated_time in the future (#15262 by @mrjo118) Fixed: Preserve timestamps when converting HTML notes (#15275) (#15263 by @izumedonabe)

[2.28.0] Update VueTorrent to 2.34.0 Full Changelog Settings/WebUI: Add API key support for qBit 5.2.0+ (#2784) (71ff0ec) Sidebar: Add DHT node and peer connection count (#2774) (4a5c857) login: restore vertical centering after Vuetify v4 migration (#2775) (ce05f81) support shareLimitAction in per-torrent view editing (qBit 5.2.0+) (#2780) (7bb3d16)

[1.29.0] Update navidrome to 0.62.0 Full Changelog Fix cross-account disclosure of other users' shares (incl. share tokens) by enforcing per-user ownership on share reads. (1e7996f5d, GHSA-3g4p-jhv2-xrxf, reported by @Wernerina) Fix cross-tenant player takeover and share-update IDOR by enforcing ownership atomically on player and share updates. (#5563, GHSA-x65f-m8x9-pjxm reported by @tonghuaroot; GHSA-58gr-c777-g23p reported by @lighthousekeeper1212; GHSA-wx2c-q8g7-4q5p reported by @CE2Sec) Fix unauthenticated Last.fm scrobble session hijack (IDOR) by requiring a signed state token on the link callback. (#5521, GHSA-8jrh-w926-8rvw, reported by @geo-chen) Fix JWT expiration bypass on public share stream endpoints by validating token expiration and share existence. (#5426, GHSA-3rfj-qx9q-jghx, reported by @wooseokdotkim) Cap concurrent transcodes to prevent an ffmpeg-based denial of service, with new per-server and per-user limits. (#5522 by @deluan) Add EnforceNonRootUser option to exit early if Navidrome is started as root. (#5373 by @kopf) Replace UI scrobble with reportPlayback and redesign the Now Playing panel. (#5448 by @deluan) Add the sonicSimilarity extension as a plugin capability. (#5419 by @deluan) Add ReplayGain fields to the criteria system. (d9dac4445 by @deluan) Add isMissing and isPresent operators. (#5436 by @deluan)