• [p]Reduced network bandwidth utilization[/p][/*]

Bugfixes and minor changes:

• Replacing of invalid characters in filenames when downloading can no longer be disabled
• If saving of password was disabled, temporarily remembering passwords until FileZilla gets closed could result in additional password prompts
• SFTP: Fix accessing symbolic links
• FileZilla is now distributed under the terms of the GPL version 3 or later (formerly version 2 or later)

1.4.12 (2026-04-09)

Thank you for your donations:

One-time

• @mkorthaus-private

Monthly

• You? Become a sponsor!

Features

• PWA: Add PWA support with service worker and install prompt
• Calendar: Add birthday calendar feature with settings and localization
• Calendar: Clamp February 29 birthdays in non-leap years
• Identity: Add automatic identity synchronization (#167)
• Plugins: Disable plugins by default and require admin approval
• Plugins: Replace auth header exposure with a secure HTTP proxy API for plugins
• Auth: Add configurable OAuth scopes and cookie security via environment variables
• Email: Sync mail view to browser history for back/forward navigation
• Contacts: Add ability to rename address books (#152)
• UI: Add version badge in settings
• i18n: Add Latvian (lv) locale support
• i18n: Add Polish language support
• i18n: Add Korean language support
• i18n: Add Simplified Chinese (zh_CN) locale support

Fixes

• Email: Show recipient instead of sender in Sent and Drafts folder lists
• Email: Embed dropped images as data URLs and prevent duplicate attachments (#163)
• Email: Fix logic for marking email as read in EmailViewer
• Email: Fix archive action passing MouseEvent as argument
• Mailbox: Preserve search filters on push-triggered mailbox refresh (#164)
• Mailbox: Align shared account folders with primary folders (#151)
• Mailbox: Fetch mailboxes on mount in FolderSettings when store is empty
• Mailbox: Improve mailbox deletion error handling
• Calendar: Improve calendar event retrieval by batching requests to avoid server limits (#141)
• Calendar: Compute per-occurrence UTC start/end in recurrence expansion (#116)
• Calendar: Guard against undefined trigger in calendar event alert popover (#143)
• Files: Stream WebDAV PUT uploads to avoid buffering in memory (#162)
• Files: Prune recent files against server nodes on refresh (#146)
• Files: Fix file deletion logic to update recent files and handle errors (#146)
• Files: Extend file drop zone to fill remaining viewport height
• Files: Fallback to application/octet-stream for long MIME types
• Security: Replace unguarded crypto.randomUUID() with safe generateUUID() utility
• Security: Validate plugin HTTP post URL against origin with regression tests
• Security: Allow blob images in CSP for inline drag-and-drop (#163)
• Auth: Resolve settings sync identity mismatch for OAuth/SSO sessions (#127)
• Contacts: Fix address book ID namespacing for shared contacts in create and update operations (#133)
• UI: Fix focused mode expanding beyond screen bounds (#156)
• API: Handle 403 on principal fetch without console error
• API: Enhance error handling in Stalwart API responses

• View downloads
• View release notes

The Asterisk Development Team would like to announce
the release of asterisk-23.3.0.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/23.3.0
and
https://downloads.asterisk.org/pub/telephony/asterisk

Repository: https://github.com/asterisk/asterisk
Tag: 23.3.0

This release resolves issues reported by the community
and would have not been possible without your participation.

Thank You!

Change Log for Release asterisk-23.3.0

Links:

• Full ChangeLog
• GitHub Diff
• Tarball
• Downloads

Summary:

• Commits: 50
• Commit Authors: 21
• Issues Resolved: 34
• Security Advisories Resolved: 0

The Asterisk Development Team would like to announce
the release of asterisk-22.9.0.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/22.9.0
and
https://downloads.asterisk.org/pub/telephony/asterisk

Repository: https://github.com/asterisk/asterisk
Tag: 22.9.0

This release resolves issues reported by the community
and would have not been possible without your participation.

Thank You!

Change Log for Release asterisk-22.9.0

Links:

• Full ChangeLog
• GitHub Diff
• Tarball
• Downloads

Summary:

• Commits: 50
• Commit Authors: 21
• Issues Resolved: 34
• Security Advisories Resolved: 0

The Asterisk Development Team would like to announce
the release of asterisk-20.19.0.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/20.19.0
and
https://downloads.asterisk.org/pub/telephony/asterisk

Repository: https://github.com/asterisk/asterisk
Tag: 20.19.0

This release resolves issues reported by the community
and would have not been possible without your participation.

Thank You!

Change Log for Release asterisk-20.19.0

Links:

• Full ChangeLog
• GitHub Diff
• Tarball
• Downloads

Summary:

• Commits: 50
• Commit Authors: 21
• Issues Resolved: 34
• Security Advisories Resolved: 0

What's Changed

Security & Fixes

• Allow quoted arguments in custom Docker run options (#9481, fixes #9343)
• Patched Alpine packages in helper, realtime, and development Docker images (#9437)
• Bumped Alexandrie images to address upstream security advisory (#9434)

New Services & Templates

• Added Grimmory one-click service, the successor to Booklore (#9109)
• Comprehensive Supabase template update to latest versions (#8316)
• Allow overriding GOTRUE_SITE_URL in Supabase for separate frontend domains (#9079, fixes #5581)
• Added sensible CORS defaults to Directus templates (#9081, fixes #5024)
• Updated Rivet template to v2.2.0 (#9378)
• Updated Convex to current latest version (#9392)
• Fixed LibreChat healthcheck and upgraded Meilisearch image (#9358)
• Fixed n8n task-runners health check (#9309, fixes #9306)
• Increased Nextcloud healthcheck interval to prevent worker exhaustion (#9440, fixes #9439)
• Updated Nextcloud healthcheck endpoint to /status.php (#9470)
• Fixed Netbird client volume path so settings persist across restarts (#9484)
• Corrected Minecraft template category to games (#9387)
• Corrected several template categories that were set incorrectly (#9449)

Improvements

• Removed Algora bounty program references from community docs and templates (#9436)

What's Changed (Github)

• fix(services): bump images of alexandrie to fix security issue by @Smaug6739 in #9434
• feat(service): update Convex to current latest version by @sebous in #9392
• fix(template): Minecraft was on wrong category by @Iisyourdad in #9387
• feat(service): update Rivet to v2.2.0 by @yipfram in #9378
• fix(service): fix librechat healthcheck and update dependencies by @GauthierPLM in #9358
• fix(service): n8n task-runners health check fails by @frank-netkey in #9309
• feat(service): add grimmory by @RickyWanga in #9109
• fix(service): directus cors not applied in preflight requests by @xidik12 in #9081
• feat(service): update Supabase to current latest versions by @Vadko in #8316
• fix(service): allow overriding GOTRUE_SITE_URL in Supabase template by @xidik12 in #9079
• fix(service): nextcloud workers exhaustion due to low interval healthcheck by @ShadowArcanist in #9440
• fix(docker): add apk upgrade to helper, realtime, and development Dockerfiles by @andrasbacsai in #9437
• chore(community): remove Algora bounty program references by @andrasbacsai in #9436
• chore(service): update nextcloud healthcheck endpoint by @ShadowArcanist in #9470
• fix(validation): allow quoted docker run options in custom config by @andrasbacsai in #9481
• build(deps-dev): bump vite from 7.3.0 to 7.3.2 by @dependabot[bot] in #9457
• fix(service): Several templates on wrong catagory. by @Iisyourdad in #9449
• fix(service): netbird-client wrong volume path by @iamimmanuelraj in #9484
• v4.0.0-beta.472 by @andrasbacsai in #9492

New Contributors

• @sebous made their first contribution in #9392
• @Iisyourdad made their first contribution in #9387
• @frank-netkey made their first contribution in #9309
• @RickyWanga made their first contribution in #9109
• @iamimmanuelraj made their first contribution in #9484

Full Changelog: v4.0.0-beta.471...v4.0.0-beta.472

What's Changed

Security & Fixes

• Harden model mass assignment protection across all models (#9282)
• Scope server and project queries to current team (#9230)
• Harden GetLogs component with locked properties and input validation (#9229)
• Add validation and escaping for Docker network names (#9228)
• Add URL validation for notification webhook fields (#9224)
• Use server-side config for password reset URL generation (#9193)
• Add input validation for install/build/start command fields (#9227)
• Add input validation for resource limit fields (#9238)
• Add IP validation for custom DNS servers input (#9239)
• Add URL validation for proxy redirect input (#9241)
• Add input validation for server advanced settings page (#9242)
• Add input validation for sentinel configuration (#9243)
• Add input validation for database backup timeout (#9245)
• Add input validation for emails configuration (#9259)
• Add input validation for database public port and proxy timeout
• Add validation to block unsafe webhook URLs
• Use random_int() for email change verification codes (#9226)
• Move admin route into middleware group (#9225)
• Enforce team-scoped project/env lookups in onboarding
• Add input validation for port exposes and port mappings fields

New Services & Templates

• Added ElectricSQL template (#8190)

Fixes

• Fix intermittent pre-deployment command failures (#9165, fixes #9076)
• Fix Grafana GF_SERVER_DOMAIN using FQDN instead of URL (#9080, fixes #5307)
• Fix listmonk db config env typo (#9250)
• Fix Langfuse by pinning ClickHouse version to avoid init errors
• Fix cloning persistent volumes with missing uuid (#9290, fixes #9270)
• Fix redirect value not persisting in setRedirect (#9279)
• Fix cloud subscription notification links (#9296)
• Fix slash branches in public repo URLs
• Fix shared env vars resolving on wrong server
• Fix database SSL/status state and clone writes
• Fix auto-generate missing CA cert on SSL regeneration
• Fix backup notification failures affecting backup status (fixes #9088)
• Fix backup retention enforcement and stale execution cleanup
• Fix password visibility toggle using Alpine state
• Fix GitHub branch state when refreshing repositories

Improvements

• Shared server environment variables (#7764)
• Refresh repos on private GitHub app (#8621)
• Support Docker image tags for preview deployments
• Add preserve repository option to deployment API (#8371)
• Implement exponential backoff for unreachable servers (#9184)
• Improve scheduled task single view UX (#9266)
• Add two-step confirmation to enable self-registration (#9277)
• Add public port timeout configuration for databases
• Make textarea monospace opt-in and improve multiline toggle

What's Changed (Github)

• fix(backup): prevent notification failures from affecting backup status by @andrasbacsai in #9162
• fix(preview-env): ensure auto-created preview env vars inherit runtime/buildtime flags by @andrasbacsai in #9164
• fix(api): validate server ownership in domains endpoint and scope activity lookups by @andrasbacsai in #9166
• fix(backup): validate MongoDB collection names in backup input by @andrasbacsai in #9168
• fix(terminal): apply authorization middleware to terminal bootstrap routes by @andrasbacsai in #9169
• fix(livewire): add Locked attributes and consolidate container name validation by @andrasbacsai in #9171
• fix(livewire): add input validation to unmanaged container operations by @andrasbacsai in #9172
• feat(deployment): add command_hidden flag to hide command text in logs by @andrasbacsai in #9167
• fix(deployment): normalize whitespace in pre/post deployment commands by @andrasbacsai in #9173
• fix(storage): consistent path validation and escaping for file volumes by @andrasbacsai in #9176
• fix(backup): use escapeshellarg for credentials in backup commands by @andrasbacsai in #9175
• fix(storage): use escapeshellarg for volume names in shell commands by @andrasbacsai in #9185
• refactor: simplify remote process chain and harden ActivityMonitor by @andrasbacsai in #9189
• Add URL validation for GitHub source fields by @andrasbacsai in #9190
• refactor: split invitation endpoint into GET/POST flow by @andrasbacsai in #9192
• fix: sanitize error output in server validation logs by @andrasbacsai in #9197
• fix: use server-side config for password reset URL generation by @andrasbacsai in #9193
• refactor: move admin route into middleware group by @andrasbacsai in #9225
• Add URL validation for notification webhook fields by @andrasbacsai in #9224
• refactor: use random_int() for email change verification codes by @andrasbacsai in #9226
• fix: add input validation for install/build/start command fields by @andrasbacsai in #9227
• refactor: scope server and project queries to current team by @andrasbacsai in #9230
• fix: add validation and escaping for Docker network names by @andrasbacsai in #9228
• fix(application): persist redirect value in setRedirect by @andrasbacsai in #9279
• fix: harden GetLogs Livewire component properties by @andrasbacsai in #9229
• feat(api): Add support for Preserve Repository During Deployment in API by @ahmadw13 in #8371
• fix(clone): exclude uuid when replicating persistent volumes by @andrasbacsai in #9290
• fix(notification): updated cloud subscription links to valid url by @ShadowArcanist in #9296
• feat(ui): add two step confirmation to enable self registration by @ShadowArcanist in #9277
• fix(service): listmonk db config env typo by @mxswd in #9250
• fix(service): pin clickhouse version on Langfuse service to avoid error during clickhouse init by @GauthierPLM in #9236
• fix(service): use FQDN instead of URL for Grafana GF_SERVER_DOMAIN by @xidik12 in #9080
• feat(service): Add ElectricSQL by @matfire in #8190
• refactor: define explicit fillable attributes on all Eloquent models by @andrasbacsai in #9282
• fix(validation): add input validation for database public port and proxy timeout by @ShadowArcanist in #9272
• feat(ui): improve schedule task single view for better UX by @ShadowArcanist in #9266
• fix(validation): add input validation for emails configuration by @ShadowArcanist in #9259
• fix(validation): add input validation for database backup timeout by @ShadowArcanist in #9245
• fix(validation): add input validation for sentinel configuration by @ShadowArcanist in #9243
• fix(validation): add input validation for server advanced settings page by @ShadowArcanist in #9242
• fix(validation): add URL validation for proxy redirect input by @ShadowArcanist in #9241
• fix(validation): add input validation for port exposes and port mappings fields by @ShadowArcanist in #9240
• fix(validation): add IP validation for custom DNS servers input by @ShadowArcanist in #9239
• fix(validation): add input validation for resource limit fields by @ShadowArcanist in #9238
• feat: refresh repos on private github app by @adiologydev in #8621
• feat: Shared server environment variables by @ShadowArcanist in #7764
• chore(deps): bump aws/aws-sdk-php from 3.371.3 to 3.374.2 by @dependabot[bot] in #9222
• chore(deps): bump picomatch by @dependabot[bot] in #9178
• build(deps): bump league/commonmark from 2.8.1 to 2.8.2 by @dependabot[bot] in #9047
• build(deps): bump phpseclib/phpseclib from 3.0.49 to 3.0.50 by @dependabot[bot] in #9044
• feat(jobs): implement exponential backoff for unreachable servers by @andrasbacsai in #9184
• fix(deployment): resolve intermittent pre-deployment command failures by @andrasbacsai in #9165
• v4.0.0-beta.471 by @andrasbacsai in #9206

New Contributors

• @mxswd made their first contribution in #9250
• @xidik12 made their first contribution in #9080
• @matfire made their first contribution in #8190

Full Changelog: v4.0.0-beta.470...v4.0.0-beta.471

• View downloads
• View release notes

 The Extended Stable channel has been updated to 146.0.7680.188 for Windows and Mac which will roll out over the coming days/weeks.

5.42.0 (2026-04-08)

🚀 New feature

• removing A/B testing from the prompt Currently A/B testing opt-in isn't used, so removing it from the CLI (8d5b04ece4)
• changing sonar variable (0d822ade04)
• data-transfer: add directory export/import format (#25867)

🔥 Bug fix

• change return to continue in deleteRelations when using foreign keys (#25857)
• hide legacy options (da9cdfc640)
• contains filter no longer returns empty data (#25810)
• typos in documentation plugin README (4ff54bff36)
• admin: p is not function error (#25663)
• content-manager: pass component schemas when rebuilding list view headers (#25872)
• content-manager: wrap single type displayName with formatMessage (#25880)
• core: relation handling preserves order during unpublish/republish cycles (#25764)
• create-strapi-app: generate .yarnrc.yml for Yarn projects (#25869)
• documentation: use dist extensions path in production (#25863)

📚 Documentation Changes

• fix typos in documentation plugin README (8e11e41247)

⚙️ Chore

• add .claude directory to gitignore (e85aa81cdf)
• sonarqube variables like in their docs (40f9ecd6c7)
• deps: bump minimatch from 10.2.4 to 10.2.5 (#25879)
• deps: bump @xmldom/xmldom from 0.8.6 to 0.8.12 (#25877)
• deps: bump path-to-regexp from 8.2.0 to 8.4.0 (#25850)
• deps: bump undici from 6.24.0 to 6.24.1 (#25785)
• deps: bump handlebars from 4.7.7 to 4.7.9 (#25841)
• deps: bump yauzl from 3.2.0 to 3.2.1 (#25729)
• deps: bump bn.js from 4.12.0 to 4.12.3 (#25691)
• deps: bump js-yaml from 3.14.1 to 3.14.2 (#25680)
• deps: bump mdast-util-to-hast from 13.2.0 to 13.2.1 (#25681)
• deps: bump path-to-regexp from 8.4.0 to 8.4.1 (#25888)
• deps: bump simple-git from 3.21.0 to 3.32.3 (#25704)
• deps: bump file-type from 21.0.0 to 21.3.2 (#25728)
• deps: bump @octokit/plugin-paginate-rest from 9.2.1 to 9.2.2 (#25693)
• deps: bump @octokit/request from 8.4.0 to 8.4.1 (#25694)
• deps: bump picomatch from 2.3.1 to 2.3.2 (#25828)
• deps: bump nodemailer from 8.0.1 to 8.0.4 (#25848)

❤️ Thank You

• Adrien L @Adzouz
• Adrien Lepoutre @Adzouz
• Alexandre BODIN
• Bassel Kanso @Bassel17
• Ben Irvin
• guoyangzhen
• Jamie Howard @jhoward1994
• Joshua Klinesmith
• Simon Norris

 The Chrome team is delighted to announce the promotion of Chrome 147 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks.

nginx-1.29.8 mainline version has been released.

AppCenter

The latest version of AppCenter comes with some more improvements to the updates view including now showing all ongoing app installations, upgrades, and removals. Plus the “Last checked” information is now always shown in the “Up to Date” apps header. And we fixed an issue where in-app notifications were sent for every update installed.

There’s also some more performance improvements including much faster startup times, faster info fetching for apps that can be installed from multiple stores, and quite a bit of code simplification and cleanup, thanks to Leonhard.

Code

The latest version of Code comes with a number of fixes and a couple new tricks. In the Project’s sidebar, sorting project folders is now a toggle-able setting rather than a one-time action, the Terminal pane now follows the currently selected project’s path, and Jeremy fixed an issue that could cause the number of results for a global search to be incorrect. Plus, Loric fixed an issue that could cause a crash on startup or during certain global searches, and added a new setting to disable syntax highlighting for a more distraction-free editing experience. The High Contrast style has improved contrast for line numbers, thanks to the help of Micah. And it’s no longer possible to open multiple PasteBin dialogs thanks to Calle.

Onboarding & System Settings

We recently removed System Settings as a default dock item—since it’s accessible from several other places and dock space is at a premium—but, there were some expressed concerns about discoverability. So we’ve added some additional information to the final page of Onboarding to close the gap. This page shows even after selecting “Skip All”, so folks are always shown how to access additional System Settings and set up their computer how they like it.

We now also support a new accent color option thanks to Ryo: the smooth and creamy “Latte”. This is a great new option for big fans of soft neutrals and can be selected both during Onboarding and from Desktop Settings. And, Desktop settings now supports long-press secondary-click on touch screens for removing wallpapers.

Font settings have also been expanded to allow an open-ended selection. So whether you need a font like OpenDyslexic for accessibility reasons, feel more productive with a coding font like Fira, or just want to have a bit of fun, you now have to option to customize text to your liking.

In keyboard settings, Ryo also addressed an issue that would cause IBus to send a notification in Secure sessions, and Leo added support for using the “Tools” key present on some keyboards in custom keyboard shortcuts.

Window Manager

And of course we’ve got some more window manager improvements including performance improvements while zooming and a fix for an issue that would cause workspaces to change during pinch gestures by Leo. And Leonhard fixed issues with fullscreen Firefox videos, flickering when the Reduce Motion setting was enabled, and an issue where the correct window for apps with multiple windows would sometimes not be focused when selected from the Dock.

Get These Updates

As always, pop open System Settings → System on elementary OS 8 and hit “Update All” to get these updates plus your regular security, bug fix, and translation updates. Or set up automatic updates and get a notification when updates are ready to install!

Early Access

Quite a lot has been happening lately to prepare for OS 9 but I think it deserves its own blog post, so hang tight! For now, I’ll say that we’re getting close to a place where we might have bootable daily builds and we’re making good progress on some big projects like a new design for Portals, improved CJK input support and a new on-screen keyboard, a GTK4 powered panel, our next-generation app framework and visual design and more!

Sponsors

At the moment we’re at 20% of our monthly funding goal and 287 Sponsors on GitHub! Shoutouts to everyone helping us reach our goals here. Your monthly sponsorship funds development and makes sure we have the resources we need to give you the best version of elementary OS we can!

Monthly release candidate builds and daily Early Access builds are available to GitHub Sponsors from any tier! Beware that Early Access builds are not considered stable and you will encounter fresh issues when you run them. We’d really appreciate reporting any problems you encounter with the Feedback app or directly on GitHub.

✨ New Features & Improvements

• @directus/app
  • Moved useShortcut and translateShortcut in @directus/composables (#26979 by @HZooly)
  • added timezone support to datetime display (#26184 by @u12206050)
  • Added comparison modal checkbox to allow viewing only modified fields (#27010 by @robluton)
• @directus/composables
  • Moved useShortcut and translateShortcut in @directus/composables (#26979 by @HZooly)

🐛 Bug Fixes & Optimizations

• @directus/app
  • Fixed alias fields being included when selecting all fields in export (#26775 by @tysoncung)
  • Fixed invite acceptance error to display correctly on the frontend and allow for error translation (#26971 by @faizkhairi)
  • Fixed relational field removals inside groups not persisting on draft items (#26917 by @HZooly)
  • Fixed search input not closing when focus changes on keyboard navigation (#26970 by @Zhey-on)
• @directus/api
  • Fixed invite acceptance error to display correctly on the frontend and allow for error translation (#26971 by @faizkhairi)
  • Updated lodash, samlify and @xmldom/xmldom dependencies and add defu override (#27033 by @br41nslug)
  • Fixed coercion of stringified JSON in AI assistant tool arguments (#27005 by @bryantgillespie)
  • Added cleanup handlers for disconnected file streams (#26992 by @Champ-Goblem)
• @directus/errors
  • Fixed invite acceptance error to display correctly on the frontend and allow for error translation (#26971 by @faizkhairi)

📦 Published Versions

• @directus/app@15.8.0
• @directus/api@35.0.2
• @directus/composables@11.3.0
• create-directus-extension@11.0.34
• @directus/errors@2.3.1
• @directus/extensions-registry@3.0.24
• @directus/extensions-sdk@17.1.2
• @directus/memory@3.1.7
• @directus/validation@2.0.22

What's Changed

No notable changes in this release. Bumping versions for a new TestFlight build.

🔧 Additional changes

• Split SonarCloud into separate workflow by @andrewrabert in #772
• Remove coderabbit config by @thornbill in #781
• Mitigate pull_request_target privilege escalation by @andrewrabert in #788
• Bump build number to 1.8.0.1 by @thornbill in #795

New Contributors

• @andrewrabert made their first contribution in #772

Full Changelog: v1.8.0.0...v1.8.0.1

[3.0.4] - 2026-04-06

Added

• Added ability to enlarge the cover image on the Now playing screen
• Clicking the visualization switches it between the available styles

Changed

• Updated the Portuguese (brazilian) translation
• Updated the Swedish translation

Fixed

• Delete button is not visible when folder is not selected in "Manage collection" screen
• Window size increases when dragging
• Attempting to delete a song from a smart playlist, breaks the playlist.
• Deleting of a song from a playlist while filtering via search, removes most of the files from the playlist.
• Playback progress bar does not react to touch input
• The cover image on the Now playing screen has glitches
• Browsing folders on a NAS gets stuck in an infinite loop
• Follow the system color does not work on Linux

P.S.: If you enjoy Dopamine, please consider donating via PayPal or buying me a coffee. Your support keeps the music going!

Links

• Update instructions

Full List of Changes

This release contains the following fixes and changes:

• Updated translations with latest Crowdin changes. (#6067)
• Updated PHP dependency versions.