Cloudron Forum

[1.10.0] Update grav to 2.0.0 Full Changelog

[2.11.0] Update rallly to 4.11.1 Full Changelog Keep environment validation out of the client bundle (#2476, fixes #2474) Polls now default to time-based options with a duration picker (#2466) Hidden participants are anonymized instead of dropped, so the grid stays readable (#2422) Redesigned poll settings form (#2423) Faster first load: browser-cached manifest and icons, fewer round trips (#2438) All-day polls stay on the same date across timezones (#2470) Voters can edit responses from the confirmation email when participants are hidden (#2399) OTP codes are reused on resend, so the latest email always works (#2439) Gravatar is disabled on self-hosted instances; avatars fall back to initials (#2462)

[1.38.3] Update gitea to 1.26.3 Full Changelog fix(actions)!: require merged MR to bypass fork MR approval gate (#38010) (#38041) fix(hostmatcher): patch incorrect private list (#38170) (#38173) fix: Various security fixes (#38103) (#38151) fix: allow git clone of private repos with anonymous code access (#38074) (#38146) fix(hostmatcher): block reserved IP ranges from external/private filters (#38039) (#38059) feat(api): add Link header in ListForks (#38052) (#38063) fix: Fix the panic when ssh remote lfs endpoint parsing failure (#38026) (#38158) fix(api): nil pointer panic when filtering tracked times by a non-existent user (#38112) (#38115) fix(releases): generate notes for initial tag (#37697) (#37986) fix: Fix issue target branch selection for non-collaborators (#36916) (#38164)

[1.44.1] Update koel to 9.9.1 Full Changelog fix: accept Subsonic API endpoints without the .view suffix by @phanan in #2585

[2.55.0] Update kimai to 2.61.0 Full Changelog Add working contract preferences to user when setting for the first time from API (#5894) SAML: allow to configure the attribute name for the user identifier (#5996) Translations update from Hosted Weblate (#5987) Fix broken redirect for expired login links (#5990) Added fallback redirects for /login and /logout (#5990)

[3.16.4] Update metabase to 0.62.2.7

[1.38.0] Update whitebophir to 2.12.0 Full Changelog

[0.4.0] Update urlaubsverwaltung to 6.0.0 Full Changelog Migration siehe im Migration Guide im Wiki Alle spezifischen nderungen sind in den Milestones vorhanden Milestone 1 Milestone 2 Milestone 3 Milestone 4 Milestone 5 Milestone 6 Milestone RC1 build(deps-dev): bump rollup from 4.61.1 to 4.62.0 in the rollup group #6261

[4.111.0] Update wekan to 9.64 Full Changelog Fixed ChecklistBleed: any authenticated user can write checklist data into a private board they are not a member of (cross-board write via collection allow rule) Fixed ProxyBleed: Header-login IP allowlist bypass via X-Forwarded-For spoofing allows unauthenticated full account takeover (incl. admin) Fixed TokenBleed: unauthenticated login-token minting via un-awaited auth check in POST /api/createtoken/:userId Fixed BoardBleed: Broken access control lets any authenticated user move their Cards/Lists/Swimlanes into a private board they are not a member of (cross-board write via collection allow rule) Added card dependency "Red Strings" / PI program board Greatly expanded board automation Rules Added Jira import Full right-to-left (RTL) UI for every page when an RTL language is selected Greatly improved import from Trello to WeKan Fixed SyncedCron crash

[3.14.1] Update Stirling-PDF to 2.13.1 Full Changelog feat(i18n): sync editor translations with pluralization support and new UI strings by @Ludy87 in #6565 Fix more any typing usage in the frontend by @jbrunton96 in #6664 Fix bad frontend architecture by @jbrunton96 in #6730 Fix Multi Tool page rotation lost on save by @Frooodle in #6733 Add desktop mobile-upload page and fix LAN QR URL by @Frooodle in #6736 Add metrics for numerical count of total PDFs by @Frooodle in #6737 Add message when running task with no arguments by @jbrunton96 in #6731