What's New
Added
- Dashboard Update buttons — Per-row update buttons and "Update all" button in the Updates Available dashboard widget. (#173)
- Getting Started guide — New step-by-step onboarding guide covering watchers, tag filters, registries, notifications, auto-updates, safety features, and multi-host setup. (#153)
Fixed
- Container recreate alias filtering — Hardened Docker watcher timestamp parsing, added event handler early return for transient aliases, canonical MQTT topic naming, and stale topic cleanup for recreated containers. (#156)
- About modal version display — Version is now fetched dynamically from the API instead of being hardcoded. (#167)
- Version resolution fallback —
DD_VERSION=unknownis now skipped so the version is correctly read frompackage.jsonat startup. - Theme circle transition origin — The theme toggle animation now originates from the click point instead of the viewport center.
- Trigger code bugs — Gotify URL and Apprise URL now correctly enforce
.required()validation; KafkaclientIdcasing normalized.
Security
- OIDC debug log redaction — Sensitive OIDC parameters are now redacted in debug logs. (#168)
- Agent API error sanitization — Error logs and responses in the agent API are sanitized to prevent leaking internal details.
- Registry config value redaction — Trigger group configuration now logs keys only, not values.
- socket.io-parser 4.2.5 → 4.2.6 (CVE-2026-33151)
Changed
- API versioning — All UI fetch calls migrated from
/api/to/api/v1/paths. - Docs audit (78 files) — Fixed 18 doc accuracy issues, 3 code bugs, 22+ broken links, and restructured 8 pages.
Dependencies
fast-xml-parser5.3.8 → 5.5.6 (CVE),next16.1.6 → 16.1.7 (HTTP smuggling, CSRF bypass, DoS)step-security/harden-runnerv2.15.1 → v2.16.0,github/codeql-actionv4.32.6 → v4.33.0- App, UI, Website, and Demo dependency bumps — see CHANGELOG for full details.
Full Changelog: v1.4.4...v1.4.5