Upgrading
If you installed with Docker Hub
# In the same directory as the one you installed
docker compose -f docker-compose.prod.yml down
# Make edits as appropriate to the configuration, if needed
# Pull the new images
docker compose -f docker-compose.prod.yml pull
# Start the daemon
docker compose -f docker-compose.prod.yml up -dIf you installed with Docker Build
# in the same directory as the one you cloned
docker compose down
git pull
# Make edits as appropriate to the configuration, if needed
# Build new images
docker compose up --buildSecurity
-
RCE: implemented strict Zod schema validation and input sanitization on file uploads; added path traversal guards to file handling logic
-
XSS: used DOMPurify for HTML sanitization; blocked execution-capable SVG attributes and enforces CSP headers.
-
DoS: moved CPU-intensive operations to worker threads to prevent event loop blocking; request rate limiting (1,000 req/15 min per IP) and streaming for large files
Infras & Deployment
- non-root execution (uid 1001) in containers
- migrated to multi-stage Docker builds
Database
-
migrated to better-sqlite3, converted all DB interactions to non-blocking async operations and offloaded integrity checks to worker threads.
-
implemented SQLite magic header validation; added automatic backup triggers preceding data import
-
input validation logic
Frontend
- updated Settings UI to show version
Full Changelog: v0.1.2...v0.1.5