What's Changed
Security & Fixes
- Prevent command injection via base64-encoding log drain environment variables
- Prevent command injection via git reference validation
- Add sentinel token validation to prevent command injection
- Require write permission for API validation endpoints
- Prevent false container exits on failed docker queries (#8860)
- Track last_online_at and reset database restart state
- Preserve user-saved environment variables on Docker Compose redeploy (#8894)
- Fix build-time environment variables breaking Next.js (#8890)
- Prevent command injection in developer view shared variables (#8889)
- Make confirmation modal close after dispatching Livewire actions (#8892)
- Respect keep for rollback setting for Nixpacks build images (#8859)
Dependencies
What's Changed
- fix(docker-cleanup): respect keep for rollback setting for Nixpacks build images by @andrasbacsai in #8859
- fix(docker): prevent false container exits on failed docker queries by @andrasbacsai in #8860
- build(deps): bump rollup from 4.57.1 to 4.59.0 by @dependabot[bot] in #8691
- build(deps): bump league/commonmark from 2.8.0 to 2.8.1 by @dependabot[bot] in #8793
- fix: prevent command injection and fix developer view shared variables error by @andrasbacsai in #8889
- fix: Build-time environment variables break Next.js by @andrasbacsai in #8890
- fix(modal): make confirmation modal close after dispatching Livewire actions by @andrasbacsai in #8892
- fix(parser): preserve user-saved env vars on Docker Compose redeploy by @andrasbacsai in #8894
- v4.0.0-beta.466 by @andrasbacsai in #8893
Full Changelog: v4.0.0-beta.465...v4.0.0-beta.466