Releases v1.3.0
Compare
Sorry, something went wrong.
No results found
1.3.0 (2026-04-30)Features
add dev-docker-rebuild target and update dev docs (cd9ffe5 )
add HMR targets to Makefile for Go dev workflow (31edf31 )
add official Docker install path (d4ef6fb )
alerts: add backup alert event type and dispatcher (70f3f38 )alerts: add clear alert history (all or resolved only) (7231243 )alerts: snapshot rule config in alert history (1c50993 )api,proxy: multi-endpoint support with per-service routing (cb6b136 )api,ui: add degraded app status, user management improvements (131496f )api,ui: delete deploy history versions (856e599 )api,ui: support first-time git setup against empty remote (5a98457 )api: activity endpoints (da4ef83 )api: add backup summary, detect, config-trigger, test-s3 endpoints (525563e )api: add POST /api/git/test-connection (c0f8aa7 )api: add trust page and CA cert download for local TLS (870de7f )api: add UpdateWebhook and TestWebhook endpoints (dd7ef00 )api: apply-pending route + toggle fields in config/status (1d65732 )api: archive view, purge endpoint, delete refuses archived (c07e67a )api: expose deployment_mode/deployment_label on /system/info (b139141 )api: git status + webhook routes + compose/env write hooks (ce111ab )api: populate audit.Ctx in auth middleware (ecdddbc )api: POST /api/git/sync-now route (1984c99 )api: prevent app overwrite on deploy; suggest name for template collisions (c002b45 )api: realtime notify-only events bus and WebSocket (e2146ec )api: rewrite backup handlers for v2, add compose version endpoints (fa446e7 )audit/render: registry + compose diff renderer (0af1137 )audit/render: renderers for all categories (5378883 )audit: Ctx + context helpers (e68cfbf )audit: record config changes across all categories (1a3614e )audit: Recorder replaces in-memory Logger; migrate call sites (191f9d7 )audit: render archive and purge actions (61dd5ca )audit: retention pruner (06809c3 )backup: add checksum module for backup integrity verification (83f76f8 )backup: add hook runner for pre/post backup lifecycle hooks (8f8436e )backup: add pipeline processor, rewrite scheduler with hot-reload + retention (b2cb817 )backup: add v2 migration and rewrite core interfaces (1c1dae1 )backup: implement all 6 backup strategies (49f75cb )backup: rewrite targets to new interface, add detection coordinator (558454d )cli: wire backup alerts, S3 decryption, missed backup checker (438c6d3 )cmd: add config export/import subcommands (43afee1 )cmd: first-boot sidecar backfill + idempotent backfill test (6628912 )cmd: prune orphan sidecars on serve startup (3b0a485 )cmd: wire configsync Syncer at startup + mutation hook + global import (1b47d5e )cmd: wire gitsync into serve + CLI git subcommands (bda3909 )community recipes catalog integration (#11 ) (2d4c5bb )
config: add tls.mode validation, support 'local' mode (bd2e83b )config: expand ~ in data_dir, apps_dir, and ssh_key_path (d8080c6 )config: GitSync config block + validation (a1b67fb )configsync: add ImportGlobalIfEmpty + ImportAppSidecarIfMissing helpers (9390a1c )configsync: add sidecar YAML types (a12527d )configsync: apply FS-loaded sidecars to DB transactionally (bf4d391 )configsync: DeleteAppSidecar + PruneOrphanSidecars (85b344d )configsync: first-boot seed and FS->DB reload (d913bbe )configsync: inject .gitignore entries for secrets files (0e1301b )configsync: load app and global state from FS (cd7f019 )configsync: redacted global sidecar types (25c0e88 )configsync: rehydrate archived apps from tombstones on reload (3211a84 )configsync: SidecarWriteHook for gitsync integration (1089e20 )configsync: split secret material into AppSecrets/GlobalSecrets types (c48c063 )configsync: tombstone read/write/delete helpers (27a4b16 )configsync: write secrets to mode-0600 sidecar files (ea967dd )configsync: write/read/import sidecars + debouncer + tests (0806a4a )configsync: write+import redacted _global.yml, schedule writes both (fe798f3 )deployer: emit deploy_succeeded/deploy_failed/rollback audit events (2f66645 )deployer: post-deploy stabilization + unstable status, audit all templates (3249a75 )deployment: detect native/docker/desktop/dev modes (91310bf )e2e,templates: probe actual reachability for every app template (#8 ) (924cb84 )export/import app config bundle (#13 ) (73524b8 )
export/import follow-ups (docs, audit render, overwrite preview) (#15 ) (a583298 )
gitsync: add CheckRemote with classified errors (dbc0e05 )gitsync: add poll/auto-push/auto-apply/webhook toggles (7df4d4e )gitsync: add RecentCommits to Status (c83aebb )gitsync: core syncer + init + commit worker (57d0e5b )gitsync: DB-authoritative config + UI form for git sync (d8250da )gitsync: HMAC webhook handler (22b25fb )gitsync: stamp audit rows on push success/failure (843ac9f )metrics: use compose service name instead of container hash (07d0b94 )mirror docker.io images via GHCR to dodge Hub rate limits (74623d4 )
proxy: add local TLS mode using Caddy internal issuer (e1965bd )proxy: shared simpledeploy-public network + container-IP upstream (344a3f3 )reconciler: add syncer field + DR recovery after UpsertApp (79b73d7 )reconciler: archive on disk-removal instead of delete (3d96653 )reconciler: periodic app-status refresh (60700e6 )reconciler: watcher reloads FS-authoritative state on change (3f905c3 )rework roles to super_admin/manage/viewer (#14 ) (857b2e5 )
store: add archive-aware list helpers and MarkAppArchived (78883fb )store: add archived_at column on apps (5d0e8cb )store: add audit_log migration (b0045b0 )store: add backup summary and recent runs queries (40db7f8 )store: add helpers for configsync import/export (076163f )store: add MutationHook infrastructure (43ca7c5 )store: add PurgeApp cascade (ffda214 )store: add WipeConfigForRestore for DR import --wipe (e69f432 )store: audit_log read/write/prune/sync + retention config (cdd5622 )store: helpers for redacted global import (preserve secrets) (c1c8c59 )store: InsertConflictAlert for gitsync conflicts (dbb7f29 )store: rewrite backup store for v2 schema + add compose version metadata (53abe0c )store: system_meta table and backup_configs uuid backfill (2f31248 )store: wire MutationHook into all mutating methods (e761ac4 )ui,api: inline scale controls + scalability detection (#27 ) (62cfa27 )ui/api: activity client helpers (622cd2e )ui: ActivityRow component (d9284d3 )ui: add ActionModal component with live WebSocket terminal output (5211625 )ui: add active-only toggle to alert history (dabedbc )ui: add app-level templates to Deploy wizard (528f8f7 )ui: add backup summary, detect, config-trigger, test-s3 API methods (c1313b8 )ui: add BackupHealthCard dashboard component (ab6cc4f )ui: add Backups tab to AppDetail (a5f03be )ui: add BackupsTab per-app backup management component (21f62b6 )ui: add BackupWizard 4-step config creation component (28f3a6d )ui: add delete confirmation modal to users page (650af76 )ui: add Deployment card + mode-aware hints to System overview (ddcb27e )ui: add display name and email to user creation and cards (72da851 )ui: add inline help text to alerts sections (42489db )ui: add local TLS option with amber warning in endpoint settings (e9849b5 )ui: add manual override toggle to backup wizard strategy selection (a01947e )ui: add OverviewTab component (ce80c62 )ui: add request metric charts to metrics tab (93aa1a2 )ui: add ScheduleBuilder visual cron component (4964e94 )ui: add SettingsTab component consolidating app settings (0f5d6cb )ui: add sparkline and onclick support to StatCard (bfecb9c )ui: add SparklineChart component for stat card trends (38651a2 )ui: add Test connection button to Git Sync page (bf76386 )ui: archived apps view with purge action (30e9144 )ui: auto-generate rule names from config (b53c719 )ui: comprehensive setup screen with profile fields and password strength (3c1e20b )ui: dashboard recent-activity card (9eaa0a0 )ui: deploy wizard integration polish, SlidePanel moved into wizard (d078ff0 )ui: deploy wizard step 1 name input with validation (058521f )ui: deploy wizard step 1 YamlEditor with auto-validation (80eba21 )ui: deploy wizard step 2 routing labels with injection (b6962c5 )ui: deploy wizard step 2 service summary and registry selector (7d8e484 )ui: deploy wizard step 3 with live log streaming (5fe7ffc )ui: endpoints only in Settings, compose read-only view, env confirm+autocomplete (f965d7d )ui: enhance compose versions with inline editing, download, restore (9b66706 )ui: enhance visual editor with protocol support and service templates (2bc7473 )ui: env var UX overhaul in visual editor (953a55f )ui: export compose yaml from config tab (99d4865 )ui: GitSync admin page + nav link (1fcf90e )ui: global Audit view replaces in-memory ring buffer tab (dfecb03 )ui: guided Telegram webhook setup with bot token + chat ID builder (7f3adb4 )ui: help & feedback menu; add github issue/PR templates (ad742d6 )ui: hide Git Sync nav for non-super-admins (4c61f76 )ui: improve alert cards on dashboard home (fe0fb61 )ui: improve alert rule creation UX (5d9bd61 )ui: log-line compact activity rows + omnipresent ActivitySidebar (auto-open on new activity) (7a8236a )ui: mode-aware hints in backup destination and logs tab (63f7dd1 )ui: move gitsync config into modal, regroup sections (af82e80 )ui: move mode toggle above endpoints, file paths in YAML view (018f2df )ui: multi-endpoint visual editor with service routing (e7e6314 )ui: per-app Activity tab (94a6d4c )ui: per-container chart lines with visibility toggles (d0ce3c9 )ui: per-endpoint edit/add/delete, simpler env vars view (78528ef )ui: plain .env editor in YAML mode, dedupe env section (ccaf3dd )ui: polish API keys section, empty states, and key banner dismiss (44effa2 )ui: prioritize upload/build over templates, expand service list (16c739a )ui: quick-test endpoint mode + HTTP->HTTPS redirect listener (e400391 )ui: read-only visual builder, fix endpoint JSON, compose in ConfigTab (c1a5d31 )ui: realtime store and per-page subscriptions (7f7e99e )ui: replace user table with card grid and empty state (e628cbd )ui: restructure visual compose editor into grouped sections (e907500 )ui: revamp app details to 4-tab layout with action modal (8184b25 )ui: rewrite /backups as cross-app health dashboard (41e97e9 )ui: rewrite Alerts page with FormModal, edit/test webhooks, improved UX (d9d5768 )ui: rewrite backup UI for v2 with 6-step wizard, hooks, download, upload-restore (65bb9ed )ui: rewrite deploy wizard with modal + visual builder (9b29f14 )ui: scaffold DeployWizard with step indicator (5f56aa6 )ui: show actual values in chart tooltips (77f9ba6 )ui: show deployment mode badge in StatusBar (8ed128e )ui: show recent git activity on Git Sync page (58bfeda )ui: show slug, compose path, env path in app info (fc92d28 )ui: template access modes (quick-test sslip.io / custom / port-only) (5922df4 )ui: toggle controls + pending-apply banner (8922844 )ui: update frontend for metrics v2 API (c90f90b )ui: validate memory and CPU resource limits in VisualEditor (625d903 )ui: view-first Settings with read-only endpoint cards (5264e63 )ui: visual compose builder overhaul (cb221f0 )ui: wire DeployWizard into Dashboard, remove old deploy form (d724907 )wire data_dir into proxy config for local TLS storage (b8660e7 )
wire tls mode and data dir into API server (16f42d4 )
Bug Fixes
activity: address code review findings (1-8) (582e237 )activity: JSON shape (snake_case + raw before/after), per-app filter by slug, UI res.data unwrap, broader e2e coverage (7eed04b )activity: tighten non-admin scope to own auth events only (a90cbf5 )address archive + FS-authoritative review issues (32040ce )
address code review findings (ad1c84d )
alerts: close webhook SSRF DNS-rebinding window; expand reserved-IP filter (5b90450 )alerts: human-friendly values in webhook messages (48ec37a )alerts: resolve active alerts on rule disable/delete + format history values (e526d0a )alerts: update active history snapshot when rule is edited (6213e7f )api,proxy,ui: endpoint-update reliability + per-route local TLS (e3e8990 )api,reconciler: remove orphan sidecar when app is deleted (bb3c1bc )api,ui: add json tags to BackupConfig/BackupRun structs (05bf322 )api,ui: filter app list by access and add per-app grant UI (#21 ) (ddccc5a )api,ui: prevent silent overwrite when deploying existing app name (94bac4d )api: adaptive gap threshold in metrics insertGaps (7639c34 )api: add Content-Security-Policy on SPA index.html (b92c121 )api: add HTTP server slowloris defenses (ReadHeaderTimeout, IdleTimeout) (6fbb632 )api: add JSON tags to alert structs + populate AppSlug in rules list (a11ad55 )api: add panic-recovery middleware (1b667b1 )api: API key scopes — accept expires_at on create + last_used_at tracking (7a96c27 )api: cap concurrent upload-restore goroutines (2343d68 )api: cap inbound WS frames on logs and deploy_logs endpoints (54eff74 )api: correct disk size calculation on Linux (87a9889 )api: DELETE returns 404 when app row missing instead of 5xx (c24e44e )api: enforce per-app access check on backup config/run endpoints (d00b072 )api: fix SPA redirect loop in UI serving (573e900 )api: gate backup-config + alert-history routes by role/access (#23 ) (c4f6156 )api: gate webhook + alert-rule routes by role and per-app access (#18 ) (8251ff6 )api: make session cookie secure flag conditional on TLS mode (f0f360e )api: patch IDOR on GET /api/activity/{id} (32466d2 )api: per-handler request body limits (01be207 )api: record audit rows for rollback, profile self-update, gitsync config (af4d2e7 )api: restrict global:audit WS topic to super_admin (6f1acd0 )api: scrub crypto error details from registry encrypt responses (cd841bf )api: scrub webhook secrets from non-admin GET /api/webhooks (e1a02b2 )api: silence errcheck on SetWriteDeadline (aa80747 )api: tighten platform reads to super_admin and filter cross-app lists (#24 ) (f916434 )api: tighten WS Origin check + always SameSite=Strict on session cookie (e11d4a6 )api: validate .env keys/values to prevent line injection (c96a70d )api: validate endpoint domains at the API boundary (e2115a7 )api: verify JWT user exists in DB before granting access (e67f7a6 )api: wake Users page on user_/apikey_ audit events (#20 ) (d84663c )api: WS logs streams send pings + recheck auth periodically (addeec3 )audit: capture old compose bytes for redeploy diff (Before snapshot) (5c4e605 )audit: capture real username for user_deleted; thread actor for login events (a704fea )audit: instrument missing app settings handlers (env, IP allowlist, certs, pull, version delete, cancel) (1e14f0d )audit: wire lifecycle/created on new-app deploy + compose diff capture (8705b72 )auth: derive JWT signing key via HKDF subkey from master_secret (e8a8c61 )auth: make login rate limit configurable; raise for e2e (#70 ) (a109935 )auth: pin JWT issuer and audience claims (c3fa950 )auth: RealIP trusted_proxies accepts CIDR ranges (ddc3f73 )auth: rekey login lockout to (user,ip) tuple + match 401 on lock (849f543 )auth: server-side JWT invalidation via token_version (1e54522 )backup,proxy: busybox-tar compat on restore; opt-out for HTTP redirect (#71 ) (3bbabfb )backup: cap gzip decompression on restore to prevent compression bomb (65c99a5 )backup: credential sourcing, container naming, download path, s3 uploader (8ee41be )backup: use SAVE for redis with BGSAVE+poll as fallback (43349a8 )backup: validate restore tar stream before piping to docker exec (090a10c )build: drop HTTPListenAddr reference that leaked from WIP (e525359 )cli: improve Docker/Compose missing error message (30efae8 )cmd: only mark backfill complete on full success (7e19cfc )compose: expand ValidateComposeSecurity to cover container-escape vectors (de00950 )compose: preserve default network on InjectSharedNetwork (#9 ) (25d5d65 )config: git_sync YAML key (snake_case) + install git in container (e7d3657 )configsync: debouncer race + sentinel collision + docstring (38c5ed3 )configsync: preserve DB rows across sidecar reapply (969342e )configsync: stage-all after orphan prune + app sidecar delete (73a8dc7 )config: update test for 5-tier defaults (d063095 )deploy,ci: proper WS keepalive + use GHCR mirror in main CI e2e (9b6adc8 )deployer,reconciler: prevent double-dispatch race on API-driven deploys (aab0604 )deployer: check fmt.Sscanf return (errcheck lint) (90fd42c )deps: bump go directive to 1.26.2 (98da666 )deps: bump postcss to 8.5.12 (c2761bf )docker: health check uses HTTP and configurable port (87978f5 )e2e,templates: use real adminer tag, accept Unstable for code-volume templates (8d6c2f1 )e2e: accept unstable/failed badge in slow-templates deploy test (e6bc7b5 )e2e: accommodate mirrored image refs and slower GHCR pulls (8b64038 )e2e: adapt template tests to new wizard + resilient manifest check (35f90aa )e2e: bump 03b Node API budget to 18 min for slow CI image pulls (44f885e )e2e: bump deploy expect + test timeout for slower GHCR on CI (cb02705 )e2e: fix 6 remaining test failures (63a3117 )e2e: fix Advanced button click in endpoints test (b2ef5c5 )e2e: fix final 4 test failures (c1ea26f )e2e: fix final 5 failures with resilient assertions (7466235 )e2e: fix last 2 test failures (eeb6e59 )e2e: fix lockout test cascade and path traversal fixture (532ed2e )e2e: fix rate limiting and deploy wizard selectors (06ffc42 )e2e: fix remaining selector and state issues (97022e5 )e2e: fix remaining selector issues and test expectations (5fd5aea )e2e: fix selectors and flows based on actual UI (92636e6 )e2e: fix selectors based on actual UI components (f044251 )e2e: poll with reload for restart button after start (80a858c )e2e: restore test.setTimeout for 03b Node+Postgres (0d963ca )e2e: simplify Advanced test to verify section exists (7d673fd )e2e: templates-deploy-all missed the Browse templates click (7431b13 )e2e: try dispatchEvent for Advanced click (3a261a9 )e2e: use API to ensure app running before restart test (fb62035 )e2e: use evaluate for Advanced section click (ca1dae3 )e2e: use getByRole with force click for Advanced (f2ffe24 )e2e: wait for restart button after start (no modal) (6380043 )gitsync: detach webhook handler context to prevent goroutine leak (#12 ) (6bea9a2 )gitsync: extend suppress tail + no-rebound + poll loop tests (97c8aa4 )gitsync: make sync robust + surface errors (90e1e99 )gitsync: scrub secrets from probe errors and surface decrypt failures (5bc9aa2 )gitsync: stageAllowed now stages tracked-file deletions (2c3ce71 )lint: address CI findings + harden pre-push hook (74c5f63 )logbuf: strip ANSI escapes and cap per-line bytes (bfeb79d )metrics: align rollup thresholds with view windows (7711e4e )metrics: query all feeder tiers so longer ranges show unrolled data (3d630c0 )metrics: use single timestamp per collection cycle (e1d2dec )packaging: harden simpledeploy.service systemd unit (4b7a47e )proxy,api,e2e: dedupe TLS policies, restore force deploy, fix test bugs (cbe5fe2 )proxy,deployer,api: port-stripped host lookup, deploy auth, super-admin guard (5a08a6d )proxy: inject default security headers on Caddy app responses (fa66b6e )proxy: wire http_listen_addr and default to :80 for HTTP->HTTPS redirect (864b8fb )reconciler,ui,e2e: routes-only refresh + reliable status-badge assertion (75b1341 )reconciler: apply ValidateComposeSecurity in scan loop (3f01aba )reconciler: normalize stale compose_path when apps_dir changes (5aa7214 )refresher race + WS deadline + slow-pull e2e timeouts (b9b44eb )
resolve four residual e2e failures (proxy TLS + test stability) (6e5a834 )
security hardening across Go codebase (087320f )
security: batch hardening (M-15, L-09, L-10, L-11) (2a77363 )security: bind management dashboard to 127.0.0.1 by default (10896af )security: pin published host ports to 127.0.0.1 (f09161f )security: preserve audit log on app purge; sentinel on full purge (481caac )security: tighten file modes for secrets and app config (59cae8f )sqlite backup tmp uses source basename; postinstall locks down dirs (82d7736 )
stabilize three remaining e2e flakes (6b46c51 )
store,e2e: allow 'unstable'/'failed' app status; raise 03b timeout (43625dd )store,gitsync: conflict alerts insert null rule_id + regression test (1a86112 )store: isolate audit retention table; clean SyncEligible read (9730bf1 )store: log fireAppHook lookup errors + tighten DeleteAlertRule + clean test dead code (c92b45b )store: migration 017 makes alert_history.rule_id nullable (1ca2989 )store: scan avg(mem_bytes) as float64 to handle SQLite avg() return type (edb6a93 )templates: nginx-static TCP healthcheck + accept Failed in deploy-all (90bee72 )templates: pg_isready uses POSTGRES_USER, not hardcoded "postgres" (6fd3811 )ui: Add Service button not working in deploy wizard (33a412b )ui: Advanced section not expanding due to ComposeFile typo (162e678 )ui: align archive view with PascalCase App fields (9989c6b )ui: aria-label on access mode buttons so e2e selectors match (02e9deb )ui: cap app overview memory total at host memory (0112b3e )ui: community recipes modal transparent due to undefined bg token (6af253c )ui: compact activity rows wrap summary on its own line so it stays readable (9d3eeb0 )ui: container label mismatch causing empty charts (e1798d0 )ui: correct vite dev proxy target and port (7779200 )ui: deploy log coloring based on content not stream (82170d4 )ui: deploy wizard review fixes (5104dbd )ui: endpoint custom TLS, detailed service cards, per-service edit (8c7c78c )ui: endpoint display, service field, YAML mode sync (45681cd )ui: export isValidIPv4 missed in 5922df4 786754c )ui: fix env var Add button, remove dead code (0ad7789 )ui: fix wizard strategy field name mismatch with detect API (bd900af )ui: honor ?tab= query on system page (622ea8c )ui: improve service edit UX (ffbce78 )ui: improve users page UX - modals, card layout, key date fix (9c9bd15 )ui: include summed bytes in Total memory tooltip (e4e5435 )ui: make users page and form modals mobile friendly (1f5bcad )ui: premature deploy toast + stuck deploy screen (64a01b8 )ui: refresh dashboard on failed deploy; add endpoints UI in visual editor; include compose services in endpoint dropdown (6917fbc )ui: remove duplicate ids declaration in loadMetrics (23ec466 )ui: remove undefined compose reference in SettingsTab read-only view (096c445 )ui: rename app overview activity card to Recent Deployments (46fa12d )ui: render StatusBar in Layout so mode badge is visible (12f0e02 )ui: RepeatableField empty row disappearing on add (dcaff58 )ui: simplify settings layout (b6f3708 )ui: Svelte compile errors in alerts module (cfc50da )ui: tooltip showing undefined, mem subtitle showing single container (12ead4b )ui: uniform card borders, file path headers in YAML mode (5100e82 )ui: use $derived for reactive statusColor in BackupHealthCard (80e161e )update template image tags that no longer exist on Docker Hub (d1146c2 )
use config values for rate limiter instead of hardcoded 10/min (55f41b9 )
Performance Improvements
e2e: cut runtime by ~40% via configurable intervals + compose restart (aa6e0fa )e2e: shard templates workflow + prepull + storageState + parallel (#7 ) (ea5260e )
You can’t perform that action at this time.
