Cloudron Forum

[1.1.1] Update forgejo to 15.0.1 Full Changelog See https://codeberg.org/forgejo/forgejo/src/branch/forgejo/release-notes-published/15.0.1.md

[1.1.1] Update grist-core to 1.7.13 Full Changelog Boot key login: New installations generate a GRIST_BOOT_KEY and print it at startup. Visit /boot, paste the key, and you're logged in as the install admin and ready to set the admin email. No pre-existing account needed, and no window where the server is open to the world before authentication is configured. The key (and the related GRIST_IN_SERVICE flag) can also be set via env vars or managed from the Admin Panel. Existing installations are unaffected. (commit) Restart in place: Grist can now apply config changes by restarting itself without dropping the listening socket. During the brief gap, /status keeps answering for liveness checks while readiness flips to 503. On by default for Linux under Node, off for Windows and Electron. Toggle with GRIST_RESTART_SHELL=true/false (#2265). Site Settings page: Team site owners on self-managed installations can edit team name, domain, and logo from a new /site-settings page (commit). WebSocket auth for API keys, boot keys, and access tokens: The WebSocket side now goes through the same identity-resolving code path as the REST API, so any auth method that works on one works on the other. Opens the door to console clients and out-of-page custom widgets. Also tidies up auth priority and unifies API rate-limiting between the two. (commit) (Bulk)AddOrUpdateRecord now returns id / recordIds / createdRecordIds / updatedRecordIds, and BulkAddOrUpdateRecord accepts a record-shaped payload that can match different columns per row (#2193) Fix wrong active section in the creator panel after duplicating a page with collapsed widgets (#2298) Fix CORS handling for opaque ("null") origins, eliminating spurious 500s for https:// widgets on http:// hosted sites (#2299) Fix padded checkboxes so the border and tick line up inside padded wrappers (#2300) Fix SELF_HYPERLINK() returning a share-key URL when a doc was first opened via a share link (commit) Bump handlebars from 4.7.7 to 4.7.9 (#2208)

[1.9.1] Update grav to 1.7.52 Full Changelog GPM client now sends the running PHP version with index requests so the server can substitute PHP-aware compat fallbacks when a plugin's latest release requires a newer PHP than the client can run. [security] Extended default uploads_dangerous_extensions to include md, yaml, yml, json, twig, ini page-content extensions that can be weaponised via permissive form-upload accept policies (GHSA-w4rc-p66m-x6qq, defense-in-depth alongside the Form 9.1.0 plugin fix). Added foundation for migrating to Grav 2.0: cross-major auto-upgrades are blocked in GPM, and core now surfaces a next_major hint so admin can point users at the new migrate-grav plugin Added compatibility: blueprint support so plugins/themes can declare which Grav versions they support Added self-upgrade preflight that flags incompatible plugins/themes and psr/log / Monolog conflicts before proceeding Added upgrade resilience with automatic maintenance mode and opcache reset during self-upgrade Added new cache-cleanup CLI command to prune obsolete cache entries Added new onFlexDirectoryConfigBeforeSave event for Flex More readable time output in bin/grav logviewer #4009 Fixed selectize field losing values when keyed options were used

[1.37.4] Update baserow to 2.2.2 Full Changelog [Automation] Send notification when a workflow is disabled #5186 [Core] Allow self-hosted operators to inject custom client-side scripts via environment variables. [Builder] Resolved a bug which prevented users from creating data sources from the data source dropdown's footer. #5118 [Core] Give Kuma the current license tier in its context and steer uncertain feature or plan questions to docs search. #5210 [Core] Hardened user uploaded media serving and neutralized active-content file uploads by default. [Builder] stop infinite /dispatch-data-sources/ refetch loop in page editor

[1.1.3] Update opodsync to 0.5.3 Full Changelog Fix: get around wrong use of NextCloud auth by YourPods client (thanks @kaiwei)

[1.19.3] Update mirotalkp2p to 1.8.24

[4.20.1] Update n8n to 2.18.5 Full Changelog ai-builder: Hide and reap intermediate AI-created workflows (#29344) (1031603) editor: Constrain InstanceAiView stacking context below sidebar (#29335) (6508bce) editor: Disable WF version menu only when all actions are unavailable (#29326) (263f0b7) editor: Fix NDV not loading parameters panel if refreshed (#28856) (b6ce410) No Credits state for n8n Connect badge (#29380) (a53fbbf) Add warning when publishing workflow, if some nodes in it are using ai gateway credentials (#29174) (acbf598) In the n8n Connect table on row click open execution related to that usage row (#29195) (f9b6b58) OpenAI Node: Use dynamic model selection for image edit and update analyze model filter (#29330) (78c37ac)

[3.8.0] Update metabase to 0.60.3.2 Full Changelog

[1.32.2] Update whitebophir to 2.6.3 Full Changelog

[2.14.1] chore(deps): update dependency radicale to v3.7.2

[1.12.2] Update dawarich to 1.7.2 Full Changelog rails_pulse performance monitoring has been removed entirely. The gem, its initializer (config/initializers/rails_pulse.rb), the /rails_pulse route mount, the scheduled RailsPulse::SummaryJob and RailsPulse::CleanupJob cron entries, and all rails_pulse_* tables are gone. A new migration DropRailsPulseTables cleans up existing installations on upgrade. This resolves a class of upgrade failures where the rails_pulse_* tables ended up missing/half-applied on production. (#2549) Swagger docs for all the recent API additions and changes, improving API discoverability and client generation. The full OpenAPI spec is available at /api-docs. Map v2: Delete button on the point info card. Selecting a point now offers an immediate Delete action (with confirm dialog), matching the long-standing Map v1 behavior. The deleted point is removed from the points layer in place without a full reload. Monthly and yearly digest emails now convert distance from stored meters to the user's preferred unit (km/mi). Previously the raw meter value was shown next to the unit label (e.g. 500000 km instead of 500 km). Map (Leaflet): route lines no longer revert to their pre-move shape when an unrelated point is deleted after dragging another point. The dragend handler was failing to update the marker array because it looked for the controller in the wrong place. (#1797) Track creation now caps a single track's distance at 100,000 km (with a logged warning) instead of silently truncating at the legacy 999,999 m limit. Long-haul journeys are no longer collapsed to ~1000 km. (#1693) Dev container: bind-mount the project root into the container so bundle install can locate the Gemfile. Previously only sub-paths were mounted, leaving /var/app/Gemfile missing. (#1804) Map v2: photos without GPS metadata (latitude/longitude null) no longer render as markers at Null Island (0, 0) they are now correctly excluded from the photos layer. (#2464, #2465)

[1.15.1] Update alertmanager to 0.32.1 Full Changelog [BUGFIX] dispatcher: Fix issue with dispatching to a contended route. #5179 [BUGFIX] ui: Provide prebuilt ui assets in release. #5191 [ENHANCEMENT] ui: Support building artifacts in containers with Docker or Podman. #5102

[1.6.4] Update komga to 1.24.4 Full Changelog omit UserDto.ageRestriction instead of returning null (e3a8cc6) some TOC may not be parsed correctly (5fc0b7e) proxy raw request body to kobo store (4a7d9a6), closes #2289 also accept application/json on Accept header (ddfe65d) incorrect latest series navigation links (717ef82), closes #2285 auth logo issue when using base url (7c00661), closes #2285

[1.56.0] Update matomo to 5.9.0 Full Changelog UsersManager.logoutUser was added to sign a user out of all sessions. The jQuery UI liveWidget API ($.fn.liveWidget) is now deprecated and will be removed in Matomo 6. Use Live.AutoRefreshWidget vue component instead.