We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
e5aa1b7
Security + hardening release (no new features) covering everything since 1.3.0: stored-XSS fix on the public app page, DNS-rebinding-safe outbound HTTP + SSRF blocklist hardening, HKDF at-rest key derivation, rate-limit / auth hardening (loopback API bind, MFA limits, YAML-alias DoS, locale path validation, proxy header allowlist), the F-Droid index timestamp fix, a dependency refresh (Tiptap v3, marked 18, dompurify 3, PyJWT 2.13, mypy 2) with six mypy-2 bug fixes, and ops hardening (worker healthcheck + app re-copy). Bumps backend, frontend, docs and the User-Agent to 1.4. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>