Cloudron Forum

[2.7.1] Update distribution to 3.1.1 Full Changelog Fixes CVE-2026-41888 Bounds-check the file basename in PurgeUploads Walk callback Add S3 Express One Zone support to the S3 storage driver (#4858) Fix tag list endpoint in proxy mode (#4846) Clamp oversized n query parameter in proxy mode instead of returning 400 (#4856)

[1.32.4] Update whitebophir to 2.6.5 Full Changelog

[1.15.4] Update pocketbase to 0.37.5 Full Changelog Fixed password fields not being detected as changed (#7670). Added the local time zone name next to the date field label. Reload trusted proxy info UI after settings save. Other minor improvements (skips the duplicated record ids from the IN expand list, reordered confirm-email-change error checks to minimize enumeration attacks, etc.).

[1.22.1] Update evcc to 0.306.1 Full Changelog Drop unused eebus and mqtt requirement values (#29537) PSA: update base url Sponsor: fix machine id panic on startup with plant config (#29542) fix: add testid for app menu button (#29539)

[4.108.0] Update wekan to 9.06 Full Changelog Docs: Update lxc commands. Docs: Added firewall config for Internet access from LXD Ubuntu container at Fedora Asahi Linux Remix, because building Linux arm64 .zip bundle of WeKan. Docs: Added Manual Parallel Snap. Fix Snap Candidate WRITABLE_PATH directory permissions at Parallel Snap file path /var/snap/wekan_SOMENAME/common/files/. Update version script and dependencies.

[1.37.0] Update koel to 9.2.0 Full Changelog fix: use default cursor on context menu items instead of text cursor by @phanan in #2408 feat: include user's edit permission in album resource by @phanan in #2409 feat: include user's edit permission in artist resource by @phanan in #2410 feat: include user's edit and delete permissions on playlist resource by @phanan in #2411 feat: include user's edit and delete permissions on radio station resource by @phanan in #2412 feat: include viewer's edit and delete permissions on user resource by @phanan in #2413 fix: align user card with album/artist card affordances by @phanan in #2417 fix: add hover state to BasicListSorter menu items by @phanan in #2420 fix: increase album/artist thumbnail corner radius by @phanan in #2423 fix: shift tabindex from list/panel wrappers to media list items by @phanan in #2431

[2.27.1] Update NodeBB to 4.11.2 Full Changelog test manual dispatcher (3d969f0)

[4.167.0] Update ghost to 6.36.0 Full Changelog Added direct access-code entry for private sites - Jonatan Svennberg Moved private site controls into Access settings (#27390) - John O'Nolan Fixed RTL languages rendering left-to-right in newsletter emails (#27357) - Jannis Fedoruk-Betschki Declared lodash as a phantom dep in apps/admin - Rob Lester Preserved trailing slashes inside admin redirect query values - Rob Lester Fixed admin deep-link redirect when URL has a trailing slash - Rob Lester Fixed What's New banner breaking on null changelog fields - Rob Lester Fixed missing favicon and apple-touch-icon in React admin (#27528) - leafwind Added missing empty state for members (#27463) - Weyland Swart Fixed member import tier mapping (#27612) - Jonatan Svennberg

[1.13.7] Update wiki to 2.5.314 Full Changelog ec36eb2 - update arm docker base to node 24 (commit by @NGPixel) da64dcd - fix windows build missing migration file during tarball creation (commit by @NGPixel)

[2.15.0] Update woodpecker to 3.14.0 Full Changelog docs: bump follow-redirects [#6441] Sanitize agent introduced pipeline/workflow/step state changes and log streaming [#6308] Send 404 if logs are not allowed to access [#6349] Prevent registering as arbitrary agents with system token [#6283] Support one-shot agent execution mode [#6150] Add external secret extension implementation [#6252] Add Container Registry credential extension [#5993] fix(web): escape HTML in commit messages to prevent XSS [#6523] Add WOODPECKER_FORCE_IGNORE_SERVICE_FAILURE config to preserve non-breaking behavior by default [#6448] Fix when.status filter evaluation and add workflow-level support [#6183]

[2.4.0] Update uptime-kuma to 2.3.0 Full Changelog #7194 fix: Revert "add sorting to status pages" #7312 fix(database): add UPTIME_KUMA_SQLITE_SINGLE_CONNECTION #7304 feat: websocket improve to fix issue #7268 including support authentication (Thanks @sofia-fernandez-six) #7201 feat: add Telnyx messaging provider (Thanks @LuvForAirplanes) #7156 feat: add OracleDB monitor (Thanks @sitiom) #7154 feat: add collapsible groups to status page (Thanks @marco-carvalho) #7248 fix(notification): check for monitorJSON in Stackfield provider (Thanks @jlbrt) #7235 fix(uptime): ensure correct handling of missing time buckets in uptime calculations (Thanks @adrianceding) #7198 fix: Domain expiry doesn't seem to update #7189 (Thanks @shanto) #7125 fix: prometheus metrics have two series for a single monitor when that monitor has tags (Thanks @nicjansma)

[1.1.4] Fixup docs link

[1.25.3] Update ampache to 7.9.3 Full Changelog run:updateCatalogFile: Add -m|--move parameter to move file in the database to a new location run:updateCatalogFolder: Add -m|--move parameter to move all music in a folder to a new location Catch any Garbage Collection error for Albums Garbage collection for Albums missing from the album table License checks on upload not considering int ID's Star ratings scale Advanced Random actions missing joins for Artist and Album Don't limit Album track display by page size Extended orphan_album check in Song search Correct structuredLyrics array

[3.3.0] Update Rocket.Chat to 8.4.0 Full Changelog Adds file thumbnails with image preview to the message composer attachments Adds a new REST endpoint to accept or reject media calls without an active media session Adds externalIds field to livechat visitors for external platform identification. Adds a skipTranspile flag (default false) to webhook integrations. When set to true, the integration script is stored as-is without Babel transpilation matching the 9.0.0 default where Babel is removed entirely. Admins can flip the flag per-integration to validate strict-mode compatibility before upgrading. The field is deprecated and will be removed in 9.0.0. Updates omnichannel routing so agents with offline status are always excluded from assignment. The Livechat_enabled_when_agent_idle setting now only affects agents with away status. Introduces Cold Storage Archiving for Read Receipts to improve performance and scalability in large deployments. Fixed UI becoming unresponsive after clicking "See on Engagement Dashboard" from the workspace info card, which required a manual page refresh to recover. Fixes a bug that could remove all of a user's subscriptions when the user was re-added to a room while still banned. Security Hotfix (https://docs.rocket.chat/docs/security-fixes-and-updates) Fixes an issue where the Omnichannel routing system ignored the Livechat_accept_chats_with_no_agents setting. Now, offline agents are correctly considered for assignment when the setting allows it.