github CodesWhat/drydock v1.4.0-rc.7
on GitHub

latest releases: v1.4.0-rc.9, v1.4.0-rc.8
pre-releaseone day ago

Highlights

  • Update confirmation dialog — container updates now require explicit confirmation before triggering
  • MQTT attribute filtering for Home Assistant — selective publishing based on container attributes
  • Docker Compose post_start env validation — prevents runtime errors from missing/invalid env var references
  • SHA-1 hash deprecation banner — dismissible dashboard banner prompts migration to argon2id
  • Socket proxy ECONNREFUSED fix — removed :ro flag from socket mount examples, added health checks and FAQ entry

Security

  • Fail-closed webhook token enforcement — missing or mismatched tokens now return 403 instead of allowing bypass
  • Lockout counter persistence — brute-force lockout counter no longer resets prematurely; strategy IDs protected from enumeration

Fixes

  • Container status not reconciled on cron poll — stopped containers now detected between event stream updates
  • DD_AUTH_ANONYMOUS_CONFIRM env var alias now accepted
  • LSCR (lscr.io) cross-host auth failure with ghcr.io token endpoint
  • iPad sidebar clipping — uses dvh instead of vh
  • Mobile dashboard scroll clipping
  • Stale vulnerability data retained on fetch error
  • Audit service missing limit query parameter

Performance

  • Session index cache with atomic login locks for O(1) session lookups
  • Proactive LokiJS store cache eviction to reduce memory pressure
  • Async secret file loading via fs/promises for faster startup

Dependencies

  • Trivy upgraded to 0.69.3

Other

  • Argon2id entry moved to correct CHANGELOG section (Changed, not duplicated)
  • Error contract description refined
  • Behavior load test made advisory in CI (#123)

See full CHANGELOG for details.

Check out latest releases or
releases around CodesWhat/drydock v1.4.0-rc.7

Don't miss a new drydock release

NewReleases is sending notifications on new releases.

Get notifications