github FOSSBilling/FOSSBilling 0.8.3
on GitHub

6 hours ago

0.8.3

Alongside this release, we are publishing several security advisories for vulnerabilities addressed in 0.8.0 and later. Users should upgrade as soon as possible as releases prior to 0.8.0 contain critical vulnerabilities.

Installations that have not yet upgraded from older releases should treat 0.8.3 as the recommended security baseline.

⚠️ Potentially Breaking Changes

  • Public (guest) support tickets have been unified with client tickets. They now share the same endpoint, templates, email notifications, and event structure. Old public ticket email links redirect automatically, but custom modules or themes that reference the previous public ticket endpoints or template variables should be updated. (#3799)

📈 Enhancements

  • The order list and order details now use batch API retrieval for improved performance, and marking an invoice as paid through the admin panel correctly records the transaction. (#3769)
  • A persistent light/dark theme toggle has been added to the admin panel, with dark-mode logo support on login pages. (#3789)
  • The Huraga client theme dashboard now supports widget slots for extensions. (#3734)
  • Huraga pagination automatically redirects to the correct tab when navigating between pages. (#3797)
  • The Huraga theme now uses fb_api_link for API-triggered actions instead of custom event listeners, improving consistency and maintainability. (#3794)
  • Cron jobs now carry an is_cron flag for better context awareness, and admin-level fallback during cron runs has been restricted. (#3805)
  • The selected billing period now persists in product configuration forms. (#3754)
  • Company logos have a module-level partial fallback and a configurable width option. (#3773, #3778)
  • The WHM API authentication label now includes "API token" to clarify supported credential types. (#3793)
  • Payment gateway transaction handling has been hardened: failed transactions are now marked as errored with retry support, and SQL claim queries use correct IN grouping. (#3782)
  • Stripe payment integration received type hints, class qualification fixes, and appearance enhancements. (#3784, #3785)

🐛 Bug Fixes

  • Fixed Invoice hashes to self-heal when missing, and added a database patch to backfill hashes for existing invoices. (#3807)
  • Fixed currency settings crashing when exchange rate sync data was missing, and restored behavior for selected options in the currency settings UI. (#3733, #3736)
  • Fixed stale unpaid_invoice references that could cause incorrect invoice list counts and tab labels on the client invoice page. (#3770)
  • Fixed database getCell results returning strings where integers were expected, which could cause type mismatches in comparisons. (#3783)
  • Fixed invoice PDF layout issues, including better company logo sizing. (#3778)
  • Fixed admin order templates crashing on null or undefined service data. (#3765)
  • Fixed Huraga pending flash messages appearing at the wrong time. (#3775)
  • Fixed API permission identity forwarding so that cron-triggered subscription renewals and deposit payments are handled with the correct identity. (#3788)
  • Fixed numerous template rendering errors under Twig strict variables, including undefined keys in activity logs, support tickets, the security IP lookup, the client invoice page, the admin payment gateway edit page, and the domain registrar configuration page. (#3721, #3730)
  • Fixed email templates using the wrong recipient for staff password reset emails, and added sensible defaults for missing order and client data in email templates. (#3753)
  • Fixed the client order page not correctly displaying product add-ons when certain product categories were unavailable. (#3587)
  • Fixed legacy boxbilling IPN query parameters (bb_*) and bb-ipn.php so that requests now redirect to the standard ipn.php endpoint, improving compatibility with older payment gateway integrations. (#3749, #3763)

📝 Changes

  • Product models have been migrated toward Doctrine, and promo code redemption now compensates correctly when checkout fails. (#3587)
  • Legacy PNG and font-based icons have been replaced with standardized SVG icon markup across both themes. (#3758)
  • Icon sprite generation has been refactored: xlink:href is replaced with href, and sprite building is now shared rather than duplicated per theme. (#3772)
  • The Coloris color picker has been replaced with native input type="color". (#3795)
  • Email templates now include an example rendering mode and tests for Twig tag processing. (#3764)
  • The esbuild build helpers have been refactored, and a JavaScript checker with asset optimization has been added to the build pipeline. (#3774)

📦 Dependencies

  • Updated DiceBear core to v10.3.0 and styles to v10.2.0 (#3768, #3748, #3738, #3732)
  • Updated esbuild to v0.28.1 (#3759)
  • Updated Sass to v1.101.0 (#3761)
  • Updated Sentry to v4.28.0 (#3757)
  • Updated guzzlehttp/psr7 to v2.12.1 (#3806)
  • Updated the Dockerfile base tag to v1.25 (#3798)
  • Updated the checkout GitHub Action to v7 (#3804)
Check out latest releases or
releases around FOSSBilling/FOSSBilling 0.8.3

Don't miss a new FOSSBilling release

NewReleases is sending notifications on new releases.

Get notifications