v1.11.0

Summary

• Backup jobs can now set their own schedule timezone, so a schedule like daily at 02:00 follows the job's local time instead of only the global application timezone.
• Interrupted backups now recover faster, and containers left stopped by a crashed backup are restarted automatically when recovery runs.
• Backup and restore run logs are now appended atomically, and local filesystem destinations now surface path validation errors directly while capping listings at 1000 entries.
• Responses now include defense-in-depth HTTP security headers, including HSTS when VolumeVault is served over HTTPS, without changing plain-HTTP or LAN-only deployments.
• Thanks to @Shyrka973 for the security & reliability review contribution included in this release.

Upgrade Notes

• This release does not include database migrations.
• No new environment variables or required manual configuration changes are needed.
• Existing backup jobs keep using the application default timezone unless you explicitly choose another timezone per job.

Verification

• Local verification before release included docker run --rm -v "/home/darkdragon/VolumeVault:/app" -w /app volumevault:local php artisan changelog:validate v1.11.0 --release --no-interaction.
• Local verification before release included docker run --rm -v "/home/darkdragon/VolumeVault:/app" -w /app volumevault:local php artisan test --compact tests/Feature/ChangelogTest.php.
• Local verification before release included docker run --rm -v "/home/darkdragon/VolumeVault:/app" -w /app volumevault:local php ./vendor/bin/pint --dirty --format agent.
• Local verification before release included npm run build.