What's Changed
Security & Fixes
- Fixed command injection vulnerability in health check commands (#8898)
- Added path validation to prevent command injection in file locations
- Fixed environment variables being overwritten when changing service domains (#8915, fixes #8912)
- Fixed Nixpacks deployment failures when application has no domain set (#8902, fixes #6830)
- Fixed resource deletion failing silently in the danger zone (#8909, fixes #8836)
- Fixed scheduled task input fields losing focus while editing (#8654, fixes #8647)
- Added
docker_cleanupparameter to API stop endpoints (#8899, fixes #7758)
Improvements
- Added GitLab source integration with SSH deploy keys and HTTP basic auth (#8910, fixes #5295)
- Added database-backed proxy config storage with automatic recovery and versioned backups (#8905, fixes #7178)
- Added server metadata collection and display
What's Changed
- fix(security): sanitize newlines in health check commands to prevent RCE by @andrasbacsai in #8898
- fix: prevent scheduled task input fields from losing focus by @sharkcreep87 in #8654
- fix(api): add docker_cleanup parameter to stop endpoints by @andrasbacsai in #8899
- fix(deployment): filter null and empty environment variables from nixpacks plan by @andrasbacsai in #8902
- feat(proxy): add database-backed config storage with disk backups by @andrasbacsai in #8905
- fix(livewire): add error handling and selectedActions to delete methods by @andrasbacsai in #8909
- feat(git-sources): add GitLab integration and URL encode credentials by @andrasbacsai in #8910
- fix(parsers): use firstOrCreate instead of updateOrCreate for environment variables by @andrasbacsai in #8915
- v4.0.0-beta.467 by @andrasbacsai in #8911
New Contributors
- @sharkcreep87 made their first contribution in #8654
Full Changelog: v4.0.0-beta.466...v4.0.0-beta.467