Releases v0.93.0
Compare
Sorry, something went wrong.
No results found
0.93.0 (2026-06-29)Added
add a Simple mode to the New Schedule flow (#1495 ) (3bece54 )
add cron scheduling mode for image update checks (#1460 ) (7320a86 )
add node update alerts with changelog tab and skip-version handling (#1463 ) (315e8b6 )
add ON/OFF toggle for host threshold alerts (#1456 ) (b7dd9dc )
add per-stack project env file selection for Docker Compose (#1457 ) (a698aaa )
add posture reasons and review queue to Security overview (#1462 ) (0384c47 )
add Reduced motion setting and polish chrome, files, and stack-detail (#1501 ) (b5810a9 )
add syntax highlighting to .env editor tab (#1459 ) (3bf677a )
appearance: add Calm/Signature visual style, readability mode, and chart palette (#1407 ) (8d9e657 )files: copy & duplicate, bulk actions, disk-backed uploads, and an accessible file tree (#1409 ) (37e6e48 )fleet: cross-node bulk label assign with authoritative label discovery (#1389 ) (d26ab58 )make all security features available on every tier (#1502 ) (04e6902 )
per-stack storage inventory and portability guardrails (#1399 ) (9ea2864 )
purge scan data for deleted images and stacks (#1467 ) (26d557a )
resources: render anonymous volume names readably in the volume browser (#1429 ) (401980f )scheduler: add helper text and risk badges to scheduled action picker (#1449 ) (7982251 )scheduler: consistent action targeting in Scheduled Operations (#1431 ) (bc8c051 )scheduler: flag one-shot tasks in the Scheduled Operations table (#1433 ) (2c70e11 )scheduler: group schedule action picker by operator intent (#1446 ) (cc78873 )security: action-posture Security dashboard with exploit intel and triage (#1424 ) (f794702 )security: gate deploys on exploitation risk, not just severity (#1432 ) (6527bc9 )security: prioritization-led Overview charts (posture + exploit intel) (#1427 ) (b163078 )security: surface Compose internet-reachability exposure in posture (#1442 ) (3a22f59 )show container name in structured log output (#1452 ) (f1f64ec )
show node and fleet targets on schedule timeline pills (#1480 ) (5960c1e )
sidebar: surface partial status for multi-container stacks (#1426 ) (bb4ddde )sortable resource tables and richer dashboard stack-health columns (#1498 ) (60536aa )
split Host Alerts into Host Alerts, Container Alerts, and Stacks guardrails (#1461 ) (e9c262a )
stacks: browse and edit mounted volume files in the explorer (#1403 ) (b9d8e9f )stacks: per-stack environment inventory and secret-safe guardrails (#1397 ) (57a0856 )
Fixed
always reconcile the scan banner with the current policy verdict (#1488 ) (3343630 )
bind fleet stop-by-label to the exact confirmed nodes and stacks (#1506 ) (1dc12f7 )
bind the node-update changelog to the advertised release version (#1492 ) (4cf0405 )
block file-explorer binds that overlap Sencho's application directory (#1479 ) (3e2f045 )
build: patch bundled Docker CLI golang.org/x/net to v0.55.0 (#1421 ) (7c5ba1c )classify degraded remote stacks as partial on the compatibility path (#1511 ) (e9c2c0c )
clear stale node-update changelog notes when a refetch fails (#1494 ) (ed06900 )
clear structured log viewer rows on stack switch (#1448 ) (79f840a ), closes #1444
contain file-explorer binds into Sencho's system directories (#1484 ) (73f4bc2 )
contain file-explorer binds into Sencho's temporary and tool directories (#1487 ) (3386c63 )
contain file-explorer binds that reach dangling symlinked managed paths (#1490 ) (bee0dfd )
contain file-explorer binds that reach symlinked Sencho-managed paths (#1489 ) (349ee1f )
contain file-explorer writes and browse reachable out-of-base binds (#1465 ) (1c82e3e )
containers: guard container and port reads with stack:read (#1416 ) (82cc139 )copy the full finding set when reusing a cached scan for the deploy gate (#1476 ) (000a592 )
dependency-map: stop flagging env-var bind mounts as missing volumes (#1468 ) (5e2194f )deploy: preserve compose.override.yml when Mesh is enabled (#1420 ) (b753d2d )deploy: verify atomic-deploy backup integrity before restore (#1422 ) (96b3c49 )differentiate security action links and add suppression editing (#1500 ) (083442d )
distinguish failed image-update checks from "up to date" (#1470 ) (d9b7911 )
drift: reconcile the drift ledger on deploy and timestamp its history (#1405 ) (f9c6c5f )drift: stop flagging declared external networks as drift (#1402 ) (b611f41 )editor: suppress global hotkeys while the code editor is focused (#1413 ) (1c5b271 ), closes #1410 enforce the originating user's role on remote WebSocket connections (#1508 ) (ef164f0 )
enforce the signed-in user's role on cross-node proxied requests (#1505 ) (78a742f )
explain why a failed pre-deploy scan blocks a deploy (#1477 ) (628400a )
export the full vulnerability list to CSV (#1472 ) (e3b3c3b )
fire a one-time schedule on the exact chosen date and time (#1497 ) (cf0db36 )
gate cross-node HTTP and stop-by-label on remote RBAC capability (#1509 ) (997a6bb )
harden cross-node fleet label actions and guard container reads (#1503 ) (05c483f )
honor suppressions in the informational scan policy evaluation (#1481 ) (7c12081 )
keep security posture accurate for secret-only scans and any-severity KEVs (#1475 ) (89a13f5 )
keep the scan banner consistent with the deploy gate after suppression changes (#1485 ) (04e9d18 )
keep the schedule's stack selected on prefill and edit (#1496 ) (a6d431f )
load the full vulnerability list in the scan detail sheet (#1483 ) (1bca75a )
make Reduced motion gate overlays, standardize the tab band, and polish fleet/snapshots (#1504 ) (d6ce60d )
name matched risk inputs in policy block messages (#1471 ) (ca496c8 )
name matched risk inputs in policy scan banner and alerts (#1473 ) (1de49f8 )
networking: treat host-network services as host-exposed in summaries (#1430 ) (2eafee3 )persist a one-time schedule's run time so edit and disable keep its year (#1499 ) (ba57c67 )
preflight: suppress node-state checks when the Docker snapshot is unavailable (#1423 ) (2ed0164 )probe remote RBAC capability live and enforce exact stop-result membership (#1510 ) (a7144d4 )
rank exploit-risk findings before the cap and disclose truncation (#1482 ) (7c9c640 )
rank the exploit-risk cap by the same tiers the overview list shows (#1486 ) (c2b508e )
rate-limit: key authenticated requests by verified JWT, not unverified decode (#1412 ) (9480cc9 )reject atomic restore when a checksummed backup file is missing (#1466 ) (eaf0642 )
render node-update changelog notes as formatted markdown (#1474 ) (6256131 )
render node-update changelog only for the advertised release version (#1493 ) (dd49ef6 )
request registry tokens with the target repository scope (#1478 ) (2911ccf )
require node:read for fleet topology reads and hide Fleet without it (#1507 ) (dd76b13 )
schedule the first image-update check on the cron cadence after a restart (#1491 ) (3ad807b )
scheduler: reject 6-field cron in Scheduled Operations (#1435 ) (db8bb70 )search: don't open the command palette via Cmd/Ctrl+K while typing (#1414 ) (f91227d )security: fix Security page table layouts and exploit-risk pagination (#1434 ) (330f9f1 )skip Docker Compose $$ escaped variables in Anatomy parser (#1450 ) (ba1be3c )
stack the volume browser panels on phones so the file preview is readable (#1512 ) (8bec32d )
stacks: harden stack file path containment against symlink escapes (#1415 ) (69ba0e6 )
You can’t perform that action at this time.
