Skip to content

Horilla CRM v1.12.2 – Authentication Security, Activity Workflow & Platform Enhancement Release

Latest
Latest

Choose a tag to compare

View all tags
@horilla-opensource horilla-opensource released this 19 Jun 18:27
· 2 commits to master since this release
1.12.2
2fc9e2d

Release Date: 19 June 2026
Version: 1.12.2
Status: Security Hardening, Mail System Enhancements, Activity Workflow Improvements & Platform Stability Release

Horilla CRM v1.12.2

Horilla CRM v1.12.2 focuses on strengthening platform security, improving mail reliability, enhancing activity workflow navigation, refining user experience, and increasing overall platform stability.

This release introduces login protection against brute-force attacks, forgot-password security improvements, mail content snapshot preservation, activity navigation fixes, forecast performance optimizations, sidebar improvements, attachment sanitization enhancements, and multiple UI consistency updates across the platform.

The result is a more secure, reliable, and maintainable CRM platform with improved workflow continuity and better user experience.

This release focuses on:

🔒 Security Hardening & Authentication Protection
📧 Mail System Reliability & Template Improvements
📅 Activity Workflow & Navigation Enhancements
⚡ Performance Optimization & Stability Improvements
🌍 Localization & Translation Updates
🎨 UI/UX Consistency Improvements
🏗️ Platform Architecture & Maintainability

The result is a more secure, stable, and user-friendly CRM platform.

Highlights

🔒 Security Hardening

Brute-Force Login Protection

Added protection against credential stuffing and repeated login attempts:

  • Lock an IP address after multiple failed login attempts
  • Automatic lockout duration enforcement
  • Clear failed-attempt counters after successful authentication
  • Audit logging for lockout events

Forgot Password Security Improvements

Improved password reset workflow security:

  • Prevent user enumeration attacks
  • Return consistent responses regardless of account existence
  • Log suspicious password reset attempts internally
  • Avoid exposing account information to external users

Attachment Sanitization Enhancements

Strengthened attachment handling:

  • Sanitize attachment titles before saving
  • Apply HTML allow-list sanitization to attachment descriptions
  • Ensure consistent protection across forms, APIs, and admin actions

Mail Preview Security Improvements

Enhanced mail preview validation:

  • Improved ownership verification checks
  • Prevent unauthorized access to mail previews
  • Reduce false-positive security warnings during preview rendering

📧 Mail & Notification Enhancements

Rendered Mail Snapshot Storage

Mail content is now preserved exactly as sent:

  • Store rendered subject at send time
  • Store rendered email body at send time
  • Preserve recipient-specific template substitutions
  • Ensure accurate future preview and audit history

Mail Template Management Improvements

Improved administration and usability:

  • Fixed mail template permission handling
  • Corrected edit and delete permission validation
  • Improved row navigation behavior in template lists

Mail Preview Experience

  • Improved preview rendering consistency
  • Fixed context-related rendering issues
  • Enhanced modal styling and spacing

📅 Activity Workflow Improvements

Improved Tab Navigation

Activity workflows now preserve context correctly:

  • Maintain active tabs after creating activities
  • Maintain active tabs after deleting activities
  • Maintain active tabs after status updates
  • Maintain active tabs after bulk actions

Activity List Reliability

  • Fixed incorrect tab restoration behavior
  • Improved tab-to-activity mapping
  • Standardized reload behavior across activity modules

Email Activity Visibility

  • Fixed ownership filtering issues that could hide valid email records
  • Improved visibility behavior for users with ownership-based permissions

Performance & Stability Improvements

Forecast Performance Optimization

Reduced unnecessary database activity:

  • Eliminated multiple N+1 query scenarios
  • Added aggregation-based calculations
  • Added caching for repeated fiscal-year checks
  • Improved chart generation performance

Settings Reliability

Improved configuration loading:

  • Ensure local settings load after app extensions
  • Allow custom overrides to consistently take precedence

Requirements & Environment Setup

  • Added PostgreSQL support through psycopg2-binary
  • Simplified dependency management
  • Reduced package version pinning conflicts

🌍 Internationalization & Localization

Translation Updates

Expanded and refreshed localization resources:

  • Updated root translation catalogs across supported locales
  • Added forecast translations for Arabic, German, and French
  • Expanded booking and CRM translation coverage
  • Improved translation consistency across modules

Forecast Localization

  • Added localization support for newly introduced forecast labels
  • Improved translation coverage in forecast workflows

🎨 User Experience Improvements

Sidebar & Navigation

Improved menu behavior and navigation accuracy:

  • Fixed active-link detection in sub-sidebars
  • Prevent duplicate menu identifiers
  • Improved HTMX navigation consistency

Filter Panel Improvements

Resolved filter panel issues in tabbed views:

  • Correctly target active filter panels
  • Prevent interactions with hidden tab content
  • Improve filter behavior across complex interfaces

Keyboard Shortcuts

  • Fixed shortcut update errors
  • Improved reload handling when shortcut records are unavailable
  • Enhanced shortcut management reliability

Mail Interface

  • Improved preview modal styling consistency
  • Better spacing and layout handling
  • Improved visual consistency with platform design standards

🏗️ Platform & Architecture

Module Namespace Improvements

Renamed internal web utilities:

  • Renamed horilla.http to horilla.web
  • Avoid Python standard library naming conflicts
  • Improve compatibility with Django management commands

Approval Framework Enhancements

  • Added dedicated approval job detail rendering template
  • Improved HTMX-based approval workflows
  • Enhanced approval page layout consistency

Meeting Module Improvements

  • Restricted modal-only views to HTMX requests
  • Prevent invalid direct access to partial-render templates

📚 Documentation

Updated documentation for:

  • Horilla web utility package
  • Sidebar menu architecture
  • Approval workflow rendering
  • Platform configuration handling
  • Internal module structure updates

🛠️ Major Fixes

Security

  • Added brute-force login protection
  • Prevented forgot-password user enumeration
  • Fixed attachment sanitization gaps
  • Improved mail preview access validation

Mail

  • Fixed mail template permission checks
  • Fixed preview rendering inconsistencies
  • Preserved rendered email content snapshots

Activity

  • Fixed tab navigation after create, delete, status updates, and bulk actions
  • Fixed incorrect activity tab restoration
  • Fixed email visibility filtering issues

Forecast

  • Fixed active tab selection issues
  • Improved forecast localization
  • Optimized database queries and chart generation

UI

  • Fixed filter panel behavior in tabbed views
  • Fixed sidebar active-link detection
  • Fixed keyboard shortcut management issues
  • Improved mail modal styling consistency

Platform

  • Fixed local settings override order
  • Resolved package naming conflicts with Python stdlib
  • Added PostgreSQL dependency support

📜 Changelog Summary

v1.12.2 (19 June 2026)

Added

  • IP-based login protection
  • Rendered mail subject snapshots
  • Rendered mail body snapshots
  • Approval job detail partial templates
  • PostgreSQL dependency support

Improved

  • Activity workflow navigation
  • Forecast performance
  • Sidebar navigation behavior
  • Mail preview experience
  • Translation coverage
  • Configuration loading reliability

Fixed

  • Forgot-password user enumeration vulnerability
  • Activity tab restoration issues
  • Mail template permission handling
  • Mail preview rendering issues
  • Forecast tab selection problems
  • Filter panel targeting issues
  • Shortcut key management errors
  • Email ownership filtering behavior

🎯 Impact

Horilla CRM v1.12.2 strengthens platform security, improves workflow continuity, and enhances overall reliability.

This release:

  • Protects authentication workflows against common attack vectors
  • Improves email auditing and historical accuracy
  • Reduces workflow interruptions during activity management
  • Enhances forecast performance and scalability
  • Improves platform navigation consistency
  • Expands localization coverage
  • Provides a more maintainable and stable platform foundation

Overall

v1.12.2 is a security, reliability, and workflow-focused release that strengthens authentication protection, improves mail handling, enhances activity navigation, optimizes platform performance, and delivers a more consistent user experience across the Horilla CRM platform. 🚀

Assets 2
Loading