🔖 release(2.5.2): Packaging, security fixes & dependency upgrades 🔐

Released: 2026-06-08

✨ Changes

• 🧰 CI / Packaging: Exclude .vscode directory from GitHub Actions release packages to avoid bundling editor settings.

• 🔒 Security / Restore: Added path traversal and unauthorized file checks in restore functionality to prevent arbitrary file access.
  Special thanks to @HEXER365 for responsible disclosure 🙏

• ♻️ Refactor: Omit insecure query parameter from generated URIs when its value is True.

🔧 Dependencies

Upgraded a set of dependencies via dependabot and maintenance PRs, including notable bumps:

• FastAPI → 0.136.3
• aiohttp → 3.14.0
• pytelegrambotapi → 4.34.0
• python-multipart → 0.0.32
• requests → 2.34.2
• pydantic-settings → 2.14.1
• pymongo → 4.17.0
• pillow → 12.2.0
• psutil → 7.2.2
• certbot → 5.6.0

🐛 Fixes & Chores

• Various dependency bumps and housekeeping merges from dependabot.