Ovumcy v0.6.1
Release date: 2026-03-15
Highlights
- Hardened secure deployments so Ovumcy emits
Strict-Transport-Securityitself when secure cookies are enabled. - Patched the runtime container to Alpine
3.22.3and pinned security scanner inputs more strictly for reproducible operator and CI behavior. - Kept shared API error rendering aligned with the centralized transport mapping layer and added a focused regression around JSON, HTMX, and flash redirect negotiation.
- Fixed the remaining English
Insightslabel in the Spanish UI so navigation and stats stay fully localized.
Security and quality
- Reverse-proxy examples no longer add a second HSTS policy on top of the application when
COOKIE_SECURE=true. - Runtime and scanner image inputs now use concrete versions or digests instead of drifting floating tags, and the shipped runtime image no longer includes the OpenSSL packages that failed the previous Trivy run.
- Browser, backend, and deployment validation were rerun before the release, including full Playwright coverage and compose validation for supported stacks.
Upgrade notes
- No database migration is required for this release.
- Existing deployments can upgrade in place and pin
OVUMCY_IMAGE=ghcr.io/terraincognita07/ovumcy:v0.6.1if they do not want to tracklatest. - No auth/session contract changes are required for operators in this release.
Full changelog
- Compare: v0.6.0...v0.6.1
- Changelog entry:
CHANGELOG.mdsection0.6.1.