🐛 Bug Fixes & Optimizations

• @directus/app
  • Fixed a bug that caused an error when making unchanged edits to an O2M field (#25387 by @formfcw)
• @directus/api
  • Fixed requireSelection check for manual trigger flows (#25386 by @JoshTheDerf)

📦 Published Versions

• @directus/app@13.11.2
• @directus/api@28.0.2

🐛 Bug Fixes & Optimizations

• @directus/app
  • Fixed a bug that was preventing the file interface menu from appearing in the drawer (#25374 by @formfcw)

📦 Published Versions

• @directus/app@13.11.1
• @directus/api@28.0.1

⚠️ Potential Breaking Changes

Added support for LDAP login and enhanced parameter consistency for refresh/logout commands. Allowed overriding the mode in refresh and logout commands to be inline with login (#25132)
The login method now accepts a payload object instead of separate email and password parameters.
This enables support for both standard and LDAP authentication, but requires updates to code that previously called sdk.login(email, password).
The new usage is sdk.login({ email, password }) or sdk.login({ identifier, password }) for LDAP.

The refresh and logout command method parameters have been updated to be consistent across usage. The functions now accept an options object instead of their previous regular parameters.

For example the new usage for refresh is sdk.request(refresh({ mode: "json", refresh_token })) instead of sdk.request(refresh('json', refresh_token)).

• @directus/api
  • Fixed manual flows to only trigger with appropriate permissions (#25354 by @br41nslug)
• @directus/sdk
  • Added support for LDAP login and enhanced parameter consistency for refresh/logout commands. Allowed overriding the mode in refresh and logout commands to be inline with login (#25132 by @ComfortablyCoding)
• @directus/extensions-sdk
  • Update to Rollup v4 (#25035 by @abdonrd)

✨ New Features & Improvements

• @directus/app
  • Added Keyboard Accessibility (#25214 by @formfcw)
  • Improved the UX of the field permissions by changing its interface to a checkbox tree (#25253 by @formfcw)
• @directus/api
  • Added AUTH_.+_ISSUER_DISCOVERY_MUST_SUCCEED and AUTH_.+_CLIENT_HTTP env variables to the openid provider (#25002 by @ComfortablyCoding)
  • Added backlink query parameter to exclude back-relations when expanding *.* in the fields query parameter (#25284 by @Nitwel)
• @directus/composables
  • Added Keyboard Accessibility (#25214 by @formfcw)
• @directus/env
  • Added AUTH_.+_ISSUER_DISCOVERY_MUST_SUCCEED and AUTH_.+_CLIENT_HTTP env variables to the openid provider (#25002 by @ComfortablyCoding)
• @directus/sdk
  • Added backlink query parameter to exclude back-relations when expanding *.* in the fields query parameter (#25284 by @Nitwel)
• @directus/types
  • Added backlink query parameter to exclude back-relations when expanding *.* in the fields query parameter (#25284 by @Nitwel)

🐛 Bug Fixes & Optimizations

• @directus/app
  • Added BSL license banner to display for first admin user (#25299 by @AlexGaillard)
  • Fixed system filters showing null (#25294 by @br41nslug)
  • Ensured to revert changes on error after drag & drop in kanban and calendar layout (#25329 by @formfcw)
  • Prevented table column widths from having null values (#25298 by @robluton)
  • Ensured that the redirection to the collection view after editing an item takes the bookmark query into account (#25327 by @formfcw)
  • Allowed selecting custom collections for items.sort action hook (#25340 by @ComfortablyCoding)
  • Improved nested folder rendering performance (#25276 by @AlexGaillard)
  • Fixed the “Save as Copy” action for files (#25351 by @Nitwel)
  • Updated dependencies tar-fs, vue-i18n, vite and undici (#25267 by @br41nslug)
  • Ensured that the archive filter would only apply if permissions were granted for the archive field (#25352 by @formfcw)
• @directus/api
  • Added BSL license banner to display for first admin user (#25299 by @AlexGaillard)
  • Updated info.version in the OpenAPI specs (#25353 by @br41nslug)
  • Replaced mapValuesDeep with deepMap. (#25216 by @Nitwel)
  • Fixed existing numeric_precision, numeric_scale and max_length not respected on schema changes (#25346 by @ComfortablyCoding)
  • Fixed translating m2a filters on GQL only when applicable (#24830 by @Nitwel)
  • Added anonymous project id for improved telemetry (#25300 by @rijkvanzanten)
  • Added support for non array group claims in OpenID and OAuth2 (#25173 by @smgrol)
  • Fixed logging of invalid url in isUrlAllowed (#25235 by @MrGreenTea)
  • Added key/value information to db errors (#25112 by @Nitwel)
  • Improved redaction in Flows' Log to Console operation (#25355 by @br41nslug)
  • Fixed Marketplace extension ID when extension was not on database yet (#25304 by @joselcvarela)
  • Fixed permissions for shares for non-admin users (#25229 by @Nitwel)
• @directus/env
  • Added BSL license banner to display for first admin user (#25299 by @AlexGaillard)
• @directus/types
  • Added BSL license banner to display for first admin user (#25299 by @AlexGaillard)
  • Added anonymous project id for improved telemetry (#25300 by @rijkvanzanten)
• @directus/system-data
  • Added BSL license banner to display for first admin user (#25299 by @AlexGaillard)
  • Added anonymous project id for improved telemetry (#25300 by @rijkvanzanten)
• @directus/components
  • Updated dependencies tar-fs, vue-i18n, vite and undici (#25267 by @br41nslug)
• @directus/extensions-sdk
  • Updated dependencies tar-fs, vue-i18n, vite and undici (#25267 by @br41nslug)
• @directus/storage-driver-cloudinary
  • Updated dependencies tar-fs, vue-i18n, vite and undici (#25267 by @br41nslug)
• @directus/storage-driver-supabase
  • Updated dependencies tar-fs, vue-i18n, vite and undici (#25267 by @br41nslug)
• @directus/themes
  • Updated dependencies tar-fs, vue-i18n, vite and undici (#25267 by @br41nslug)
• @directus/utils
  • Replaced mapValuesDeep with deepMap. (#25216 by @Nitwel)
  • Fixed translating m2a filters on GQL only when applicable (#24830 by @Nitwel)
• @directus/schema-builder
  • Fixed translating m2a filters on GQL only when applicable (#24830 by @Nitwel)
• @directus/sdk
  • Added anonymous project id for improved telemetry (#25300 by @rijkvanzanten)
• @directus/errors
  • Added key/value information to db errors (#25112 by @Nitwel)
• @directus/extensions
  • Fixed default value of extension options not allowing any (#25273 by @Nitwel)

📦 Published Versions

• @directus/app@13.11.0
• @directus/api@28.0.0
• @directus/components@1.1.1
• @directus/composables@11.2.0
• create-directus-extension@11.0.15
• @directus/env@5.1.0
• @directus/errors@2.0.2
• @directus/extensions@3.0.7
• @directus/extensions-registry@3.0.7
• @directus/extensions-sdk@14.0.0
• @directus/memory@3.0.6
• @directus/pressure@3.0.6
• @directus/schema-builder@0.0.3
• @directus/storage-driver-azure@12.0.6
• @directus/storage-driver-cloudinary@12.0.6
• @directus/storage-driver-gcs@12.0.6
• @directus/storage-driver-s3@12.0.6
• @directus/storage-driver-supabase@3.0.6
• @directus/system-data@3.1.1
• @directus/themes@1.1.2
• @directus/types@13.2.0
• @directus/utils@13.0.7
• @directus/validation@2.0.6
• @directus/sdk@20.0.0

Changelog

Features

• 2ae595a: feat(api): support async call (#1166) (@BlackHole1)
• c05ea62: feat: add "wake group" button (@seriousm4x)
  

Bug fixes

• 2cb4ee3: fix: drop freebsd/arm support (modernc.org/sqlite does not support it) (@seriousm4x)

Go dependencies

• 7d3ef22: go-dep: bump github.com/pocketbase/pocketbase in /backend (@dependabot[bot])

Npm dependencies

• bacb021: npm-dep: bump @eslint/js from 9.26.0 to 9.27.0 in /frontend (@dependabot[bot])
• 84498fe: npm-dep: bump @inlang/paraglide-js from 2.0.12 to 2.0.13 in /frontend (@dependabot[bot])
• 7e97066: npm-dep: bump @sveltejs/kit from 2.21.0 to 2.21.1 in /frontend (@dependabot[bot])
• c03a4b1: npm-dep: bump @tailwindcss/postcss from 4.1.6 to 4.1.7 in /frontend (@dependabot[bot])
• b95b08d: npm-dep: bump daisyui from 5.0.35 to 5.0.37 in /frontend (@dependabot[bot])
• 5d1460b: npm-dep: bump daisyui from 5.0.37 to 5.0.38 in /frontend (@dependabot[bot])
• cc3f473: npm-dep: bump eslint from 9.26.0 to 9.27.0 in /frontend (@dependabot[bot])
• 63d300b: npm-dep: bump prettier-plugin-svelte from 3.3.3 to 3.4.0 in /frontend (@dependabot[bot])
• 9b329da: npm-dep: bump svelte from 5.28.6 to 5.30.1 in /frontend (@dependabot[bot])
• 7b2d9e7: npm-dep: bump svelte from 5.30.1 to 5.30.2 in /frontend (@dependabot[bot])
• 1908a8c: npm-dep: bump svelte from 5.30.2 to 5.31.1 in /frontend (@dependabot[bot])
• 481ad7f: npm-dep: bump svelte from 5.31.1 to 5.32.1 in /frontend (@dependabot[bot])
• 33bb22b: npm-dep: bump svelte from 5.32.1 to 5.33.1 in /frontend (@dependabot[bot])
• ce5ddc6: npm-dep: bump svelte from 5.33.1 to 5.33.2 in /frontend (@dependabot[bot])
• b56ab43: npm-dep: bump svelte from 5.33.2 to 5.33.3 in /frontend (@dependabot[bot])
• 368c7d7: npm-dep: bump svelte-check from 4.2.0 to 4.2.1 in /frontend (@dependabot[bot])
• e12a14f: npm-dep: bump tailwindcss from 4.1.6 to 4.1.7 in /frontend (@dependabot[bot])
• d574f3e: npm-dep: update (@seriousm4x)

Changelog

Bug fixes

• 1bf01ca: fix: only clear auth on 401 or 403, close #1158 (@seriousm4x)

Others

• 0efd8a8: update lock file (@seriousm4x)

Npm dependencies

• 1bd2f64: npm-dep: bump svelte-check from 4.1.7 to 4.2.0 in /frontend (@dependabot[bot])

Changelog

Bug fixes

• 58971d0: fix: countdown would not show after login (@seriousm4x)

Changelog

Bug fixes

• 0a7762e: fix: date-fns not showing in other languages than english (@seriousm4x)

Others

• 74b8e35: Added Korean i18n Support (#1151) (@zzunipark)
• 4158c9f: update deps (@seriousm4x)

Go dependencies

• d7ce88a: go-dep: bump github.com/pocketbase/pocketbase in /backend (@dependabot[bot])
• 8af6557: go-dep: bump github.com/pocketbase/pocketbase in /backend (@dependabot[bot])
• 25f7a70: go-dep: bump golang.org/x/sys from 0.32.0 to 0.33.0 in /backend (@dependabot[bot])

Npm dependencies

• 0ecaf8e: npm-dep: bump @eslint/compat from 1.2.8 to 1.2.9 in /frontend (@dependabot[bot])
• d2b51bc: npm-dep: bump @eslint/js from 9.25.1 to 9.26.0 in /frontend (@dependabot[bot])
• e5a8685: npm-dep: bump @sveltejs/kit from 2.20.7 to 2.20.8 in /frontend (@dependabot[bot])
• ac2bd62: npm-dep: bump @sveltejs/kit from 2.20.8 to 2.21.0 in /frontend (@dependabot[bot])
• b59bc41: npm-dep: bump @tailwindcss/postcss from 4.1.4 to 4.1.5 in /frontend (@dependabot[bot])
• f4b1c82: npm-dep: bump @tailwindcss/postcss from 4.1.5 to 4.1.6 in /frontend (@dependabot[bot])
• b17a497: npm-dep: bump daisyui from 5.0.28 to 5.0.30 in /frontend (@dependabot[bot])
• ae2db49: npm-dep: bump daisyui from 5.0.30 to 5.0.35 in /frontend (@dependabot[bot])
• b262886: npm-dep: bump eslint from 9.25.1 to 9.26.0 in /frontend (@dependabot[bot])
• 8af2111: npm-dep: bump eslint-config-prettier from 10.1.2 to 10.1.3 in /frontend (@dependabot[bot])
• afd5112: npm-dep: bump eslint-config-prettier from 10.1.3 to 10.1.5 in /frontend (@dependabot[bot])
• 537290b: npm-dep: bump svelte-check from 4.1.6 to 4.1.7 in /frontend (@dependabot[bot])
• eac0703: npm-dep: bump tailwindcss from 4.1.4 to 4.1.5 in /frontend (@dependabot[bot])
• fde3a0e: npm-dep: bump tailwindcss from 4.1.5 to 4.1.6 in /frontend (@dependabot[bot])
• 52c91d1: npm-dep: bump typescript-eslint from 8.31.0 to 8.31.1 in /frontend (@dependabot[bot])
• a7f84b2: npm-dep: bump typescript-eslint from 8.31.1 to 8.32.0 in /frontend (@dependabot[bot])
• e3dcbf1: npm-dep: bump typescript-eslint from 8.32.0 to 8.32.1 in /frontend (@dependabot[bot])
• f1c2b23: npm-dep: bump vite from 6.3.3 to 6.3.4 in /frontend (@dependabot[bot])
• 8588359: npm-dep: bump vite from 6.3.4 to 6.3.5 in /frontend (@dependabot[bot])

Changelog

Features

• 20e274d: feat: handlers return status of device action (@seriousm4x)

Others

• 24ed3c3: Update Crowdin configuration file (@seriousm4x)
• fec8979: Update Crowdin configuration file (@seriousm4x)
• c4d93cd: Update Crowdin configuration file (@seriousm4x)
• 258cf9e: Update Crowdin configuration file (@seriousm4x)
• de37325: Update Crowdin configuration file (@seriousm4x)
• bf51b38: rename translations to match locale names (@seriousm4x)
• d40d2d1: update all deps (@seriousm4x)

Go dependencies

• 642ceaa: go-dep: bump github.com/pocketbase/pocketbase in /backend (@dependabot[bot])
• abb9ee6: go-dep: bump github.com/pocketbase/pocketbase in /backend (@dependabot[bot])
• cbbc49f: go-dep: bump github.com/pocketbase/pocketbase in /backend (@dependabot[bot])
• 51280bf: go-dep: bump github.com/pocketbase/pocketbase in /backend (@dependabot[bot])
• 140e9f6: go-dep: bump github.com/prometheus-community/pro-bing in /backend (@dependabot[bot])
• 64706ac: go-dep: bump golang.org/x/sys from 0.31.0 to 0.32.0 in /backend (@dependabot[bot])
• 74b9cfd: go-dep: update (@seriousm4x)

Npm dependencies

• 8d95d26: npm-dep: bump @eslint/compat from 1.2.7 to 1.2.8 in /frontend (@dependabot[bot])
• b2cf724: npm-dep: bump @eslint/js from 9.23.0 to 9.24.0 in /frontend (@dependabot[bot])
• 37e172b: npm-dep: bump @eslint/js from 9.25.0 to 9.25.1 in /frontend (@dependabot[bot])
• c8ded1a: npm-dep: bump @inlang/cli from 3.0.10 to 3.0.11 in /frontend (@dependabot[bot])
• 12099d0: npm-dep: bump @inlang/cli from 3.0.7 to 3.0.9 in /frontend (@dependabot[bot])
• 49d874e: npm-dep: bump @inlang/cli from 3.0.9 to 3.0.10 in /frontend (@dependabot[bot])
• 54f9b46: npm-dep: bump @inlang/paraglide-js from 2.0.10 to 2.0.11 in /frontend (@dependabot[bot])
• c4dce7d: npm-dep: bump @inlang/paraglide-js from 2.0.11 to 2.0.12 in /frontend (@dependabot[bot])
• 33f6367: npm-dep: bump @inlang/paraglide-js from 2.0.5 to 2.0.6 in /frontend (@dependabot[bot])
• 83e017c: npm-dep: bump @inlang/paraglide-js from 2.0.6 to 2.0.8 in /frontend (@dependabot[bot])
• 658ffc7: npm-dep: bump @inlang/paraglide-js from 2.0.8 to 2.0.10 in /frontend (@dependabot[bot])
• 8cd8bb1: npm-dep: bump @sveltejs/kit from 2.20.2 to 2.20.3 in /frontend (@dependabot[bot])
• f4abc52: npm-dep: bump @sveltejs/kit from 2.20.3 to 2.20.4 in /frontend (@dependabot[bot])
• 59bbfc1: npm-dep: bump @sveltejs/kit from 2.20.4 to 2.20.5 in /frontend (@dependabot[bot])
• b9200c0: npm-dep: bump @sveltejs/kit from 2.20.5 to 2.20.7 in /frontend (@dependabot[bot])
• 65d9eca: npm-dep: bump @tailwindcss/postcss from 4.0.15 to 4.0.16 in /frontend (@dependabot[bot])
• 669f27a: npm-dep: bump @tailwindcss/postcss from 4.0.16 to 4.0.17 in /frontend (@dependabot[bot])
• d048b05: npm-dep: bump @tailwindcss/postcss from 4.1.1 to 4.1.2 in /frontend (@dependabot[bot])
• 7a31362: npm-dep: bump @tailwindcss/postcss from 4.1.2 to 4.1.3 in /frontend (@dependabot[bot])
• f17ba26: npm-dep: bump @tailwindcss/postcss from 4.1.3 to 4.1.4 in /frontend (@dependabot[bot])
• bc0c687: npm-dep: bump daisyui from 5.0.12 to 5.0.13 in /frontend (@dependabot[bot])
• 6dc0518: npm-dep: bump daisyui from 5.0.13 to 5.0.16 in /frontend (@dependabot[bot])
• b81eef0: npm-dep: bump daisyui from 5.0.16 to 5.0.17 in /frontend (@dependabot[bot])
• 8cb3262: npm-dep: bump daisyui from 5.0.17 to 5.0.18 in /frontend (@dependabot[bot])
• bdcd128: npm-dep: bump daisyui from 5.0.18 to 5.0.19 in /frontend (@dependabot[bot])
• 468e508: npm-dep: bump daisyui from 5.0.19 to 5.0.22 in /frontend (@dependabot[bot])
• 6cf573e: npm-dep: bump daisyui from 5.0.22 to 5.0.23 in /frontend (@dependabot[bot])
• a10b160: npm-dep: bump daisyui from 5.0.23 to 5.0.27 in /frontend (@dependabot[bot])
• a7b2c07: npm-dep: bump daisyui from 5.0.27 to 5.0.28 in /frontend (@dependabot[bot])
• 4a9ed50: npm-dep: bump daisyui from 5.0.9 to 5.0.11 in /frontend (@dependabot[bot])
• 2008fba: npm-dep: bump eslint from 9.23.0 to 9.24.0 in /frontend (@dependabot[bot])
• 9cb9353: npm-dep: bump eslint from 9.25.0 to 9.25.1 in /frontend (@dependabot[bot])
• f92100b: npm-dep: bump eslint-config-prettier from 10.1.1 to 10.1.2 in /frontend (@dependabot[bot])
• 4f2a07d: npm-dep: bump pocketbase from 0.25.2 to 0.26.0 in /frontend (@dependabot[bot])
• 9b8c80c: npm-dep: bump svelte from 5.25.10 to 5.27.0 in /frontend (@dependabot[bot])
• 576bc62: npm-dep: bump svelte from 5.25.5 to 5.25.6 in /frontend (@dependabot[bot])
• 7042c4c: npm-dep: bump svelte from 5.25.6 to 5.25.7 in /frontend (@dependabot[bot])
• 380fd75: npm-dep: bump svelte from 5.25.7 to 5.25.8 in /frontend (@dependabot[bot])
• 12ca02f: npm-dep: bump svelte from 5.25.8 to 5.25.9 in /frontend (@dependabot[bot])
• c25a878: npm-dep: bump svelte from 5.25.9 to 5.25.10 in /frontend (@dependabot[bot])
• 99813b2: npm-dep: bump svelte from 5.28.1 to 5.28.2 in /frontend (@dependabot[bot])
• 8d1b831: npm-dep: bump svelte-check from 4.1.5 to 4.1.6 in /frontend (@dependabot[bot])
• f490641: npm-dep: bump svelte-fa from 4.0.3 to 4.0.4 in /frontend (@dependabot[bot])
• 3190d1a: npm-dep: bump tailwindcss from 4.0.15 to 4.0.16 in /frontend (@dependabot[bot])
• 9ddd893: npm-dep: bump tailwindcss from 4.0.16 to 4.0.17 in /frontend (@dependabot[bot])
• 0043bde: npm-dep: bump tailwindcss from 4.0.17 to 4.1.0 in /frontend (@dependabot[bot])
• bb03444: npm-dep: bump tailwindcss from 4.1.1 to 4.1.2 in /frontend (@dependabot[bot])
• 8a0c46b: npm-dep: bump tailwindcss from 4.1.2 to 4.1.3 in /frontend (@dependabot[bot])
• 237356c: npm-dep: bump tailwindcss from 4.1.3 to 4.1.4 in /frontend (@dependabot[bot])
• ea8abc9: npm-dep: bump typescript from 5.8.2 to 5.8.3 in /frontend (@dependabot[bot])
• b39f9a3: npm-dep: bump typescript-eslint from 8.29.0 to 8.29.1 in /frontend (@dependabot[bot])
• 76aa7d9: npm-dep: bump typescript-eslint from 8.29.1 to 8.30.1 in /frontend (@dependabot[bot])
• 774fee0: npm-dep: bump typescript-eslint from 8.30.1 to 8.31.0 in /frontend (@dependabot[bot])
• 3f613cb: npm-dep: bump vite from 6.2.4 to 6.2.5 in /frontend (@dependabot[bot])
• 6483ea8: npm-dep: bump vite from 6.2.5 to 6.2.6 in /frontend (@dependabot[bot])
• 6cbf924: npm-dep: bump vite from 6.2.6 to 6.3.0 in /frontend (@dependabot[bot])
• 850414b: npm-dep: bump vite from 6.3.0 to 6.3.1 in /frontend (@dependabot[bot])
• 66369fd: npm-dep: bump vite from 6.3.1 to 6.3.2 in /frontend (@dependabot[bot])
• 8824b2f: npm-dep: bump vite from 6.3.2 to 6.3.3 in /frontend (@dependabot[bot])
• 97d559e: npm-dep: update (@seriousm4x)
• a4d38f4: npm-dep: update (@seriousm4x)

Changelog

Features

• 20e274d: feat: handlers return status of device action (@seriousm4x)

Others

• de37325: Update Crowdin configuration file (@seriousm4x)
• fec8979: Update Crowdin configuration file (@seriousm4x)
• 24ed3c3: Update Crowdin configuration file (@seriousm4x)
• c4d93cd: Update Crowdin configuration file (@seriousm4x)
• 258cf9e: Update Crowdin configuration file (@seriousm4x)
• bf51b38: rename translations to match locale names (@seriousm4x)
• d40d2d1: update all deps (@seriousm4x)

Go dependencies

• abb9ee6: go-dep: bump github.com/pocketbase/pocketbase in /backend (@dependabot[bot])
• 642ceaa: go-dep: bump github.com/pocketbase/pocketbase in /backend (@dependabot[bot])
• cbbc49f: go-dep: bump github.com/pocketbase/pocketbase in /backend (@dependabot[bot])
• 140e9f6: go-dep: bump github.com/prometheus-community/pro-bing in /backend (@dependabot[bot])
• 64706ac: go-dep: bump golang.org/x/sys from 0.31.0 to 0.32.0 in /backend (@dependabot[bot])
• 74b9cfd: go-dep: update (@seriousm4x)

Npm dependencies

• 8d95d26: npm-dep: bump @eslint/compat from 1.2.7 to 1.2.8 in /frontend (@dependabot[bot])
• b2cf724: npm-dep: bump @eslint/js from 9.23.0 to 9.24.0 in /frontend (@dependabot[bot])
• 12099d0: npm-dep: bump @inlang/cli from 3.0.7 to 3.0.9 in /frontend (@dependabot[bot])
• 49d874e: npm-dep: bump @inlang/cli from 3.0.9 to 3.0.10 in /frontend (@dependabot[bot])
• 54f9b46: npm-dep: bump @inlang/paraglide-js from 2.0.10 to 2.0.11 in /frontend (@dependabot[bot])
• 33f6367: npm-dep: bump @inlang/paraglide-js from 2.0.5 to 2.0.6 in /frontend (@dependabot[bot])
• 83e017c: npm-dep: bump @inlang/paraglide-js from 2.0.6 to 2.0.8 in /frontend (@dependabot[bot])
• 658ffc7: npm-dep: bump @inlang/paraglide-js from 2.0.8 to 2.0.10 in /frontend (@dependabot[bot])
• 8cd8bb1: npm-dep: bump @sveltejs/kit from 2.20.2 to 2.20.3 in /frontend (@dependabot[bot])
• f4abc52: npm-dep: bump @sveltejs/kit from 2.20.3 to 2.20.4 in /frontend (@dependabot[bot])
• 59bbfc1: npm-dep: bump @sveltejs/kit from 2.20.4 to 2.20.5 in /frontend (@dependabot[bot])
• b9200c0: npm-dep: bump @sveltejs/kit from 2.20.5 to 2.20.7 in /frontend (@dependabot[bot])
• 65d9eca: npm-dep: bump @tailwindcss/postcss from 4.0.15 to 4.0.16 in /frontend (@dependabot[bot])
• 669f27a: npm-dep: bump @tailwindcss/postcss from 4.0.16 to 4.0.17 in /frontend (@dependabot[bot])
• d048b05: npm-dep: bump @tailwindcss/postcss from 4.1.1 to 4.1.2 in /frontend (@dependabot[bot])
• 7a31362: npm-dep: bump @tailwindcss/postcss from 4.1.2 to 4.1.3 in /frontend (@dependabot[bot])
• f17ba26: npm-dep: bump @tailwindcss/postcss from 4.1.3 to 4.1.4 in /frontend (@dependabot[bot])
• bc0c687: npm-dep: bump daisyui from 5.0.12 to 5.0.13 in /frontend (@dependabot[bot])
• 6dc0518: npm-dep: bump daisyui from 5.0.13 to 5.0.16 in /frontend (@dependabot[bot])
• b81eef0: npm-dep: bump daisyui from 5.0.16 to 5.0.17 in /frontend (@dependabot[bot])
• 8cb3262: npm-dep: bump daisyui from 5.0.17 to 5.0.18 in /frontend (@dependabot[bot])
• bdcd128: npm-dep: bump daisyui from 5.0.18 to 5.0.19 in /frontend (@dependabot[bot])
• 468e508: npm-dep: bump daisyui from 5.0.19 to 5.0.22 in /frontend (@dependabot[bot])
• 6cf573e: npm-dep: bump daisyui from 5.0.22 to 5.0.23 in /frontend (@dependabot[bot])
• a10b160: npm-dep: bump daisyui from 5.0.23 to 5.0.27 in /frontend (@dependabot[bot])
• 4a9ed50: npm-dep: bump daisyui from 5.0.9 to 5.0.11 in /frontend (@dependabot[bot])
• 2008fba: npm-dep: bump eslint from 9.23.0 to 9.24.0 in /frontend (@dependabot[bot])
• f92100b: npm-dep: bump eslint-config-prettier from 10.1.1 to 10.1.2 in /frontend (@dependabot[bot])
• 4f2a07d: npm-dep: bump pocketbase from 0.25.2 to 0.26.0 in /frontend (@dependabot[bot])
• 9b8c80c: npm-dep: bump svelte from 5.25.10 to 5.27.0 in /frontend (@dependabot[bot])
• 576bc62: npm-dep: bump svelte from 5.25.5 to 5.25.6 in /frontend (@dependabot[bot])
• 7042c4c: npm-dep: bump svelte from 5.25.6 to 5.25.7 in /frontend (@dependabot[bot])
• 380fd75: npm-dep: bump svelte from 5.25.7 to 5.25.8 in /frontend (@dependabot[bot])
• 12ca02f: npm-dep: bump svelte from 5.25.8 to 5.25.9 in /frontend (@dependabot[bot])
• c25a878: npm-dep: bump svelte from 5.25.9 to 5.25.10 in /frontend (@dependabot[bot])
• 8d1b831: npm-dep: bump svelte-check from 4.1.5 to 4.1.6 in /frontend (@dependabot[bot])
• 3190d1a: npm-dep: bump tailwindcss from 4.0.15 to 4.0.16 in /frontend (@dependabot[bot])
• 9ddd893: npm-dep: bump tailwindcss from 4.0.16 to 4.0.17 in /frontend (@dependabot[bot])
• 0043bde: npm-dep: bump tailwindcss from 4.0.17 to 4.1.0 in /frontend (@dependabot[bot])
• bb03444: npm-dep: bump tailwindcss from 4.1.1 to 4.1.2 in /frontend (@dependabot[bot])
• 8a0c46b: npm-dep: bump tailwindcss from 4.1.2 to 4.1.3 in /frontend (@dependabot[bot])
• 237356c: npm-dep: bump tailwindcss from 4.1.3 to 4.1.4 in /frontend (@dependabot[bot])
• ea8abc9: npm-dep: bump typescript from 5.8.2 to 5.8.3 in /frontend (@dependabot[bot])
• b39f9a3: npm-dep: bump typescript-eslint from 8.29.0 to 8.29.1 in /frontend (@dependabot[bot])
• 76aa7d9: npm-dep: bump typescript-eslint from 8.29.1 to 8.30.1 in /frontend (@dependabot[bot])
• 3f613cb: npm-dep: bump vite from 6.2.4 to 6.2.5 in /frontend (@dependabot[bot])
• 6483ea8: npm-dep: bump vite from 6.2.5 to 6.2.6 in /frontend (@dependabot[bot])
• 6cbf924: npm-dep: bump vite from 6.2.6 to 6.3.0 in /frontend (@dependabot[bot])
• 850414b: npm-dep: bump vite from 6.3.0 to 6.3.1 in /frontend (@dependabot[bot])
• 66369fd: npm-dep: bump vite from 6.3.1 to 6.3.2 in /frontend (@dependabot[bot])
• a4d38f4: npm-dep: update (@seriousm4x)
• 97d559e: npm-dep: update (@seriousm4x)

Changelog

Go dependencies

• e13e9df: go-dep: bump (@seriousm4x)
• 12b3b78: go-dep: bump github.com/pocketbase/pocketbase in /backend (@dependabot[bot])
• 98f222b: go-dep: update (@seriousm4x)

Npm dependencies

• 2b7d68b: npm-dep: bump, close #1045 (@seriousm4x)

Changelog

Bug fixes

• de66c39: fix: validation syntax #1043 (@seriousm4x)

Changelog

Bug fixes

• c9bc0c8: fix: port check ignore connection refused error (@seriousm4x)
• 69acc57: fix: save failed when creating new device (@seriousm4x)

Changelog

Bug fixes

• 80fb1a6: fix: ping test case (@seriousm4x)
• 92a66fc: fix: reduce port check errors (@seriousm4x)
• 95946d7: fix: sveltekit-sync and update (@seriousm4x)
• fee9d60: fix: update interval format in docker compose (@seriousm4x)
• c125afd: fix: use netErr.Timeout() to check for timeout (@seriousm4x)

Others

• 8c52952: Update docker-compose version (@seriousm4x)
• 8bedcbf: cleaner if (@seriousm4x)
• ac16e98: update docker compose to v5 (@seriousm4x)

🆕 New Features

• Docker client updated to 28.0.4
• Docker Compose updated to 2.34.0
• #767 Console Improvements

⬆️ Improvements

• #642 Remove useless scrollbar (Thanks @cyril59310)
• #473 #507 fix default compose version obsolete (Thanks @cyril59310 @oddysee)

🐛 Bug Fixes

• #685 fix bug #176: preserve YAML comments when reordering items (Thanks @turnah)
• #740 Fix #727 (Thanks @Tor-del)
• #446 Update json-yaml-validate to latest version (Thanks @GrantBirki)
• #617 Fix #356 (Thanks @DomiiBunn)

🦎 Translation Contributions

• #396 #641 Translations update from Kuma Weblate (Thanks @Aluisio @Casp054a @Celer21 @CosmoAbdon @DogukanK @Dumach @Eventyret @Faisalalali @GunnarNorin @Jumala9163 @MatyiFKBT @MrEddX @NexiaMoe @ahmedtalaltwd7 @aindriu80 @albertparlys @altendorfme @brmvnml @bunducdragos @cyril59310 @djismgaming @er2de2 @erkenbilgin @gergepalfi @jgtorcal @k1llo @kiznick @letterlock @marco-doerig @mikeleord @pacoculebras @retmas-gh @rumplin @stanol @teatower @vipnetant @wial88)
• #425 Added Irish language (Thanks @aindriu80)
• #506 Translation keys (Thanks @cyril59310)

⬆️ Security Fixes

• GHSA-7vx4-hf96-mqq6

Others

• Other small changes, code refactoring and comment/doc updates in this repo:
• #636 #766

Please let me know if your username is missing, if your pull request has been merged in this version, or your commit has
s been included in one of the pull requests.

🐛 Bug Fixes

• #380 Fixed the startup issue that Dockge is no longer working after restart
• #342 Fixed the login placeholder issue (Thanks @cyril59310)

🦎 Translation Contributions

• #340 #376 #381 Translations update from Kuma Weblate (Thanks @dng-nguyn @401U @Alanimdeo @MrEddX @NexiaMoe @Yirade @Zaid-maker @catfishlty @cyril59310 @gergepalfi @marco-doerig @nazo6 @oplexz @pacoculebras @queeup @stanol @tomeczekstecc)
• #344 Added Hungarian (Thanks @gergepalfi)
• #377 Added catalan (Thanks @pacoculebras)
• #368 Added translate key (Thanks @cyril59310)

Please let me know if your username is missing, if your pull request has been merged in this version, or your commit has been included in one of the pull requests.

Update to 1.4.1

🆕 New Features

• #200 Initial support for multiple Dockge instances

🦎 Translation Contributions

• #318 #324 Translations update from Kuma Weblate (Thanks @Alanimdeo @Bloeckchengrafik @D3-3109 @FreddieDK @GunnarNorin @MrEddX @NexiaMoe @RappyTV @Zandor300 @abnerssantana @cyril59310 @demonisius @djismgaming @dng-nguyn @leonsk29 @marco-doerig @rumplin @salvacmp @stanol)
• Added a new language: Bahasa Indonesia (Thanks @NexiaMoe)
• #332 Added Vietnamese language (Thanks @dng-nguyn)

Please let me know if your username is missing, if your pull request has been merged in this version, or your commit has been included in one of the pull requests.

How to setup multiple instances

Assume that you have 4 Dockge instances currently.

1. Find one Dockge instance as your primary Dockge
2. Login to your primary Dockge
3. In the homepage, you can connect to other Dockge instances by clicking New Agent.
4. Now you should see all instances are online and all stacks across all Dockge instances are in the stack list.

How it works?

• Your browser only need to connect to Dockge 1. Dockge 2/3/4 are connected from Dockge 1.
• Dockge 1 works like a proxy, it will forward requests/responses from Dockge 2/3/4 to your browser.

🆕 New Features

• #200 Multiple Dockge instances

🦎 Translation Contributions

• #318 Translations update from Kuma Weblate (Thanks @NexiaMoe @leonsk29 @rumplin @GunnarNorin @stanol @FreddieDK @demonisius)
• Added a new language: Bahasa Indonesia (Thanks @NexiaMoe)

Please let me know if your username is missing, if your pull request has been merged in this version, or your commit has been included in one of the pull requests.

How to switch to the beta version?

Open dockge's compose.yaml and change the image tag from 1 to beta like:

...
services:
  dockge:
    image: louislam/dockge:beta
...

And then update and restart the stack:

docker compose pull
docker compose up -d

How to setup multiple instances

Assume that you have 4 Dockge instances currently.

1. Find one Dockge instance as your primary Dockge
2. Login to your primary Dockge
3. In the homepage, you can add new agent. Connect all 3 other Dockge instances.
4. Now you should see all instances are online and all stacks across all Dockge instances are in the stack list.

How it works?

• Your browser only need to connect to Dockge 1. Dockge 2/3/4 are connected from Dockge 1.
• Dockge 1 works like a proxy, it will forward requests/responses from Dockge 2/3/4 to your browser.

Update to 1.3.5

⬆️ Improvements

• #299 The stack list no longer shows folders without a yaml file (Thanks @Ozy-Viking)
• #285 Improved terminals' width. (Thanks @Ozy-Viking)

🐛 Bug Fixes

• #301 Fixed an envsubst issue that it won't work if the yaml contains non-string primitive types
• #303 Updated Docker Dompose plugin from 2.21.0 to 2.23.3, which may fixed some upstream bugs

🦎 Translation Contributions

• #302 Translations update from Kuma Weblate (Thanks @JinToSek @MrEddX @PeterDaveHello @alexdelprete @cyril59310 @rumplin @stanol @watchakorn-18k)

Please let me know if your username is missing, if your pull request has been merged in this version, or your commit has been included in one of the pull requests.

🐛 Bug Fixes

• #255 Fix: The .env editor is stopped working if the file contains \r\n (Thanks @syko9000)
• #269 Fix: Check update is not working
• #268 Envsubst the yaml file in order to display the correct values in the UI instead of tags such as ${PORT}
• #270 Fix: .env code change is not reactive

🦎 Translation Contributions

• #257 Translations update from Kuma Weblate (Thanks @thetredev @demonisius @GunnarNorin @ti777777 @altendorfme)

⬆️ Security Fixes

• GHSA-88j4-pcx8-q4q3
• GHSA-mj22-23ff-2hrr

Others

• Other small changes, code refactoring and comment/doc updates in this repo:
  #264 (Thanks @derekmahar)

Please let me know if your username is missing, if your pull request has been merged in this version, or your commit has been included in one of the pull requests.

Update to 1.3.2

🆕 New Features

• #218 #231 Added support for editing .env file (Thanks @syko9000)
• #212 Added pnpm run reset-password, which is used for resetting your password.

Improvements

• #228 Sort non-managed stacks to the end of stack list
• #227 Improved performance

🐞 Bug Fixes

• #206 Fixed an issue that the container terminal could be wrong if containers from different stacks had the same service name (Thanks @ThalesC)
• #235 Fixed an issue that the external network do not show correctly in 1.3.0

🦎 Translation Contributions

• #190 #229 Translations update from Kuma Weblate (Thanks @401U @Alanimdeo @D3-3109 @FreddieDK @LevantinLynx @MSalim7 @Zaid-maker @abosaad11 @bjornclauw @bunducdragos @cyril59310 @furkanipek @lucasreiners @nazo6 @stanol @syko9000)
• Added 日本語 (Thanks @nazo6)
• Added Dansk (Thanks @FreddieDK)
• Added Română (Thanks @bunducdragos)
• Added Nederlands (Thanks @bjornclauw)

Others

• Other small changes, code refactoring and comment/doc updates in this repo:
  @Zaid-maker
  #191 #210 #211

Links

• Update instructions

Full List of Changes

This release contains the following fixes and changes:

• Updated new WYSIWYG editor with a range of fixes: (#5653)
  • Added toolbar for media elements for easier menu access.
  • Updated media embed code field to show existing embed code for direct editing.
  • Updated media resize handling to be more reliable and to retain focus after resize.
  • Updated table resize handles to be more efficient, and prevented them wondering far away from tables so often.
  • Fixed buggy media selection scenarios.
  • Fixed media form "src" field not working when video is using source elements.
  • Fixed table resize handles overlapping table captions.
  • Fixed text formatting being inconsistent on new paragraphs.
  • Fixed tiny image resize square on image insert.
• Fixed comment updates showing incorrect notification text. (#5642)
• Fixed search system ignoring words adjacent to non-breaking spaces. (#5640)
• Updated translations with latest Crowdin changes. (#5637)

Routine release.

What's Changed

• Fix lfc.pl bug with page content when comments exist by @brtsos in #4425
• docs by @dvikan in #4427
• [AnisearchBridge] changed id of div so trailers work again by @Tone866 in #4428
• [GovTrackBridge] Rebase on top of official RSS feed by @Phantop in #4429
• fix: set default cache TTL of 1d by @dvikan in #4434
• [PepperBridgeAbstract, DealabsBridge, HotUKDealsBridge, MydealsBridge] Fixing bridge and add subcategories by @sysadminstory in #4436
• [PepperBridgeAbstract, DealabsBridge, HotUKDealsBridge, MydealsBridge] Fix parameters typo by @sysadminstory in #4439
• [YouTubeFeedExpanderBridge] Add bridge by @Phantop in #4430
• Fix CarThrottleBridge by @t0stiman in #4442
• fix nn.de description and paywall filter by @theScrabi in #4444
• fix(vk): semi-disable broken bridge by @dvikan in #4448
• fix(github): semi-repair by @dvikan in #4449
• [BukowskisBridge] Fix data-lot-id not matching auction id so use link as uid instead by @Qluxzz in #4453
• New bridge for the latest Shadertoy submissions by @thefranke in #4456
• [RadioMelodieBridge] Fix media content by @sysadminstory in #4458
• [FreeTelechargerBridge] Update URL and some fix by @sysadminstory in #4459
• [InstagramBridge] Add a fallback to the "Username" mode by @sysadminstory in #4461
• [LeagueOfLegendsNewsBridge] Initial commit by @KappaPrajd in #4462
• [ReutersBridge] Adjust Fact Check feed path by @KappaPrajd in #4465
• [TldrTechBridge] Fix duplicate entries and empty sections by @SqrtMinusOne in #4466
• [TomsToucheBridge] Add new bridge by @Latz in #4438
• [AuctionetBridge] Add Auctionet bridge by @Qluxzz in #4452
• [BruegelBridge] Initial commit by @KappaPrajd in #4470
• [RedditBridge] Added time interval and filter for min comment count by @chibicitiberiu in #4471
• [BazarakiBridge] Add new bridge by @danwain in #4473
• [OpenCVEBridge] Rewrite for API change by @SqrtMinusOne in #4476
• [CeskaTelevizeBridge] Adjusted getting article timestamp by @KappaPrajd in #4486
• fixes XPathAbstract documentation issues by @Niehztog in #4488
• [AnthropicBridge] Delete bridge by @SqrtMinusOne in #4490
• fix #4475 by @mruac in #4491
• [TheFarSideBridge] Remove hotlink protection bypass by @VerifiedJoseph in #4492
• [ManyVidsBridge] Create proper feed content by @subtle4553 in #4493
• fix: operator precedence bug by @dvikan in #4494
• feat: add sanity check for required curl module by @dvikan in #4495
• [MinecraftBridge] Add Bridge by @tillcash in #4497
• [ManyVidsBridge] Fix parsing of URL input by @subtle4553 in #4499
• [html] convertLazyLoading: Add parseSrcset() by @ORelio in #4503
• [FeedExpander] Add prepareXml() overridable function by @ORelio in #4485
• fix: dont read /etc if open_basedir #4502 by @dvikan in #4505
• [MinecraftBridge] fix favicon by @tillcash in #4506
• [AO3Bridge] Add option to make one entry per fic by @Phantop in #4508
• [GoComicsBridge] New layout fix and added features by @TReKiE in #4510
• [SubstackProfileBridge] Add new bridge by @Phantop in #4507
• fix(reuters): tweak, try to avoid antibot by @dvikan in #4515
• Update 06_Public_Hosts.md by @pprenghy in #4519
• fix(telegram): trim username for convenience #4520 by @dvikan in #4521
• [ZonebourseBridge] Add Bridge by @tillcash in #4501
• fix(atom): omit item timestamp if absent by @dvikan in #4541
• fix(reddit): handle absent search keywords, #4502 by @dvikan in #4542
• fix(furaffinity): date and tags, #4513 by @dvikan in #4543
• fix(github): PRs and issues by @dvikan in #4544
• chore(fdroid): remove dead bridge by @dvikan in #4545
• [ElektroARGOSBridge] add new bridge - News, events and promotions from ARGOS website by @pprenghy in #4523
• test by @dvikan in #4546
• fix(CssSelector): html entity decode bug, fix #4484 by @dvikan in #4547
• Apple App Store bridge fix by @NohamR in #4516
• [LinuxBlogBridge] add bridge by @tillcash in #4528
• [InstagramBridge] Use fallback when User ID can not be found by @sysadminstory in #4531
• [GoComicsBridge] Update fix for latest layout changes by @TReKiE in #4539
• [FinanzflussBridge] fix for images not displayed by @Tone866 in #4538
• [AllegroBridge] fixes; use JSON instead of HTML by @wrobelda in #4536
• [TikTokBridge] Use oEmbed for video metadata by @CoffeeCoder1 in #4514
• fix(tiktok) by @dvikan in #4550
• [LinuxBlogBridge] fix typo by @tillcash in #4549
• fix: tweak logging rules by @dvikan in #4551
• fix: do not log rate limit exceptions by @dvikan in #4552
• fix(furaffinity): type error by @dvikan in #4554
• fix nnplus article filter by @theScrabi in #4555
• Update libcurl-impersonate usage by @wrobelda in #4535
• fix: deprecation warning by @dvikan in #4567
• ci: fix broken ci by @dvikan in #4568
• devcontainer: Fixed Dev Containers setup by @thiagocferr in #4556
• fix(telegram): remove meta message by @dvikan in #4569
• Adding a bridge for Paul Graham's essays by @killermouse0 in #4570
• [CuriousCatBridge] Remove bridge by @VerifiedJoseph in #4571
• [OpenlyBridge] Remove bridge by @VerifiedJoseph in #4572
• [GolemBridge] Add code elements by @Mynacol in #4573
• [EpicGamesFree] Fixes: url not set, other promos shown by @arokettu in #4575
• chore: prepare for 2025-06-03 release by @dvikan in #4583

New Contributors

• @KappaPrajd made their first contribution in #4462
• @Latz made their first contribution in #4438
• @chibicitiberiu made their first contribution in #4471
• @danwain made their first contribution in #4473
• @subtle4553 made their first contribution in #4493
• @pprenghy made their first contribution in #4519
• @NohamR made their first contribution in #4516
• @CoffeeCoder1 made their first contribution in #4514
• @thiagocferr made their first contribution in #4556
• @killermouse0 made their first contribution in #4570
• @arokettu made their first contribution in #4575

Full Changelog: 2025-01-26...2025-06-03

• Milestone

This is a bug-fix release for FreshRSS 1.26.x

A few highlights ✨:

• Keep sort and order criteria during navigation
• Implement loading spinner for marking as favourite/read
• Many bug fixes

This release has been made by @Alkarex, @Inverle and newcomers @CarelessCaution, @the7thNightmare

Full changelog:

• Features
  • Keep sort and order criteria during navigation #7585
  • Add info about PDO::ATTR_CLIENT_VERSION (relevant for MySQL / MariaDB with obsolete driver) #7591
• Bug fixing
  • Fix SQL request for user labels with custom sort (affecting PostgreSQL) #7588
  • Fix regression for favicon in GReader and Fever APIs #7573
  • Fix newest articles (within last second) not shown #7577
  • Fix duplicate HTTP header for POST #7556
  • Fix important articles on reader view #7602
  • Fix remove last share method #7613
  • Fix API handling of default category #7610
  • Fix user self-deletion #7626
  • Move PHP minimum version check #7560
• Security
  • Fix encoding of themes #7565
  • Fix .htaccess.dist for access to /scripts/vendor/ #7598
• SimplePie
  • Strip more HTML deprecated styles attributes: bgcolor, text, background, link, alink, vlink #7606
• UI
  • Implement loading spinner for marking as favourite/read #7564
  • Provide theme class for CSS #7559
• Deployment
  • Use HTTP Cache-Control: immutable for some files #7552
  • Drop Apache 2.2 (only support Apache 2.4+) #7561
• I18n
  • Improve Indonesian #7622
  • Improve Polish #7587
• Misc.
  • Update to PHPMailer 6.10.0 #7542
  • Update dev dependencies #7630, #7631, #7632
    #7633, #7634, #7635

Links

• Release video overview
• Update instructions
• Update details on blog

Full List of Changes

• Added support for comments to reference page sections. (#5584, #1265)
• Added comment archive support. (#5584)
• Added AVIF image support. (#5625, #5474)
• Added new system info API endpoint. (#5607, #5603)
• Added user avatar image fetching for OIDC authentication. Thanks to @rubentalstra. (#5626, #5429, #4271)
• Updated new WYSIWYG editor with further fixes. (#5627)
• Updated page-edit redirect to page-view if permission failed on edit. (#5568)
• Updated translations with latest Crowdin changes. (#5622)
• Update codebase and packages to address php 8.4 depreactions. (#5358)

✨ New Features & Improvements

• @directus/app
  • Ensured the configured display format is applied to the kanban layout (#24840 by @brunoocasali)
  • Enhanced the appearance of the flow trigger buttons in the sidebar by applying their custom colors (#25192 by @Mehdi-YC)
  • Enhanced the flow logs with color indications for success and failure, and added a new filter to view only failed logs (#25125 by @AfaqJaved)
  • Fixed permissions handling in the Files module (#25187 by @amosmurmu)
  • Added the ability to toggle a variable input for the _in and _nin filters. (#25245 by @formfcw)
• @directus/api
  • Added new action events for extensions (#25181 by @amosmurmu)

🐛 Bug Fixes & Optimizations

• @directus/app
  • Fixed a bug that prevented fields from being validated in a relational drawer with junction fields (#25152 by @formfcw)
  • Added filters to file(s) and image interface and fixed relation creation to directus_files (#25241 by @Nitwel)
  • Improved clarity for usage of the Readonly and Required options in the Advanced Field Settings (#25158 by @formfcw)
  • Made v-list-group togglable in storybook (#25166 by @Nitwel)
  • Fixed a bug in the select color field that caused invalid color values to be stored (#25149 by @formfcw)
  • Added primaryKey data attribute to all form-fields. (#25249 by @robluton)
  • Fixed permissions handling in the Files module (#25220 by @licitdev)
  • Fixed a bug where the ID of newly added M2M/M2A items was lost after editing a junction field (#25148 by @formfcw)
• @directus/api
  • Bumped samlify to v2.10.0 (#25251 by @br41nslug)
  • Added deletion of the dist folder to the build command (#25129 by @licitdev)
  • Added redirect to login page for OpenID SSO error (#25237 by @Nitwel)
  • Fixed coercion of values only in rest (#25207 by @Nitwel)
  • Fixed including aliases in wildcard selection (#25128 by @Nitwel)
  • Fixed cache skipping for getSchema (#25204 by @Nitwel)
  • Added ip, userAgent and origin for ws activity (#25114 by @ComfortablyCoding)
  • Fixed date not being returned in valid ISO format (#25160 by @Nitwel)
• @directus/utils
  • Fixed coercion of values only in rest (#25207 by @Nitwel)
• @directus/types
  • Added ip, userAgent and origin for ws activity (#25114 by @ComfortablyCoding)
• @directus/env
  • Fixed ADMIN_PASSWORD, ADMIN_TOKEN, KEY, and SECRET to always be interpreted as strings (#25196 by @the-other-dev)

🧪 Blackbox Tests

• Added deletion of the dist folder to the build command (#25129 by @licitdev)

📦 Published Versions

• @directus/app@13.10.0
• @directus/api@27.1.0
• @directus/composables@11.1.11
• create-directus-extension@11.0.14
• @directus/env@5.0.5
• @directus/extensions@3.0.6
• @directus/extensions-registry@3.0.6
• @directus/extensions-sdk@13.1.1
• @directus/memory@3.0.5
• @directus/pressure@3.0.5
• @directus/schema-builder@0.0.2
• @directus/storage-driver-azure@12.0.5
• @directus/storage-driver-cloudinary@12.0.5
• @directus/storage-driver-gcs@12.0.5
• @directus/storage-driver-s3@12.0.5
• @directus/storage-driver-supabase@3.0.5
• @directus/themes@1.1.1
• @directus/types@13.1.2
• @directus/utils@13.0.6
• @directus/validation@2.0.5

Part-DB 1.17.1

Security fixes

Until this version, users could upload SVG files containing JS code, that would be executed if a user opened the SVG in a new tab, allowing for a XSS vulnerability. This was only possible if the SVG files were explicitly opened in a new tab, if the file was embedded inside a Part-DB tab, then there was no risk.

Since this version, SVG files gets sanitized during upload, to prevent any JS code execution. If you have existing SVG files, you can sanitize them, by running the console command php bin/console partdb:attachments:sanitize-svg.

If you are using Part-DB with nginx, you should add the following block to your server configuration, to further harden it by setting a content security policy for SVG files.

# Set Content-Security-Policy for svg files, to block embedded javascript in there
    location ~* \.svg$ {
        add_header Content-Security-Policy "default-src 'self'; script-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'none';";
    }

For apache, this is done automatically in the .htaccess file of Part-DB.

New features

• Added barcode placeholders for C93 and datamatrix barcodes (#931, thanks to @monoxide13)

Miscellaneous

• Updated translations
• Updated dependencies

New Contributors

• @monoxide13 made their first contribution in #931

Full Changelog: v1.17.0...v1.17.1

Links

• Update instructions

Full List of Changes

This release contains the following fixes and changes:

• Fixed incorrect image directory permissions. (#5609, #5605)
• Updated translations with latest Crowdin changes. (#5608)
• Updated PHP packages.
• Updated system CLI:
  • Fixed handling of database credentials with escaped special characters.
  • Updated download-vendor command with extra clean-up handling.