github itsDNNS/docsight v2026-03-26.1

latest releases: v2026-06-22.1, v2026-06-10.1, v2026-06-04.1...
3 months ago

Security

  • Supply chain hardening: All Python dependencies pinned to exact versions with cryptographic hashes. Docker base image pinned to SHA256 digest. All GitHub Actions pinned to commit SHAs. New pip-audit CI job detects known vulnerabilities on every push/PR. Dependabot configured for automated weekly updates. (#294)
  • Smokeping proxy hardening: Validate full PNG signature (ISO 15948) before serving proxied responses. Added X-Content-Type-Options: nosniff and restrictive CSP header to prevent content injection. (#298)
  • ReDoS fixes: Replaced backtracking-prone regex in CM3000 driver and bounded quantifier in modulation engine. (#298)
  • Webhook URL no longer logged: Notification channel setup no longer writes the webhook URL to application logs. (#298)

Improvements

  • Python 3.13: Runtime upgraded from Python 3.12 to 3.13. (#296)

Bug Fixes

  • Sagemcom login crash: Fixed crash on XMO_INVALID_SESSION_ERR during Sagemcom session recovery.

Documentation

  • README: Added CGM4981COM to hardware table, updated BQM, Connection Monitor, Event Log, and Speedtest feature descriptions.
  • Wiki: Roadmap updated to v2026-03-26 with all recently shipped features marked as complete.

Don't miss a new docsight release

NewReleases is sending notifications on new releases.