🎉 Version 2.2.0 - Security & Reliability
Features
- b817fb2 Apply SemVer update notice semantics
- 3ace0ec Add configurable security release settings
- 3231c5e Implement secure diagnostics secret reveal
Architecture & Refactoring
- a30eb5b Centralize localized redirect paths
- 66e83af Centralize cron field metadata
- 8c05c75 Extract repository form workflows
- 5b978e4 Share release card time updates
- 34255d0 Precompile release matchers
- 2d8eb95 Split Compose import responsibilities
- 029aa96 Separate login rate limit storage
- 3cdd990 Split auth configuration from bootstrap
- 7908c87 Share setup route availability guards
- 78cbd06 Centralize social authentication flows
- a196f7f Adapt Better Auth client responses
- d23ba08 Reuse authentication form workflows
- b2adef1 Separate diagnostic secret access policy
- d5f997f Centralize exposed action authorization
- 41036a9 Extract the settings update command
- 6eef439 Decompose auth routing and persistence concerns
- 4b30d8b Unify provider release result handling
- cbff1bf Split repository refresh network phases
- dc371d8 Centralize autosave lifecycle handling
- 4f6f687 Share notification queues across server bundles
- f5c85a0 Load independent page data concurrently
- 5307dfc Use worker pools for bounded concurrency
- 1fbea37 Share strict SMTP port validation
- 29290df Share diagnostics secret reveal dialog
- cf81cc3 Derive settings validation during render
- af415f2 Separate initial setup from login flow
- 7dd88ad Centralize default application settings
- b37a07c Refactor auth, proxy, notifications, and UI helpers
- a404cc2 Refactor settings, auth, and release helpers
- ec8d1b3 Refactor auth, diagnostics, provider, and notification flows
- 3a9a522 Refactor auth, release parsing, and stabilize secret reveal tests
- 865a3d7 Refactor shared client helpers and settings flows
- 85284e9 Refactor shared auth, storage, release, and UI helpers
Auth, Diagnostics & Reliability
- 30c328e Prevent setup gate ownership races
- 6437f83 Refresh shared time after idle periods
- 09d1e17 Recover stale setup bootstrap gates
- 6f24f0b Stabilize optimistic settings patches
- 1782ded Clean up failed JSON store writes
- 466309f Report stale sessions when unlinking social accounts
- 47410b3 Count only usable login methods
- 3419db8 Normalize passkey deletion errors
- b04d7b4 Isolate login method removal queues
- 906be6c Preserve direct account unlink contracts
- 82ba09a Serialize complete application update checks
- c61923e Reconcile autosaves across dialog sessions
- 72e0665 Report authentication email delivery failures
- 8dce3b2 Normalize invalid worker concurrency
- c744669 Allow passkey-backed social unlinking
- dcce03e Serialize social account unlinking
- 1a66abb Reconcile reverted autosave values
- 3f4b847 Clean up transient client resources
- 80dff6a Serialize system status updates
- 8b32519 Roll back partial settings updates
- 550048e Ignore stale autosave responses
- 7463080 Propagate authentication email failures
- 5d25d09 Canonicalize authentication redirects
- 7ce8195 Keep outbound timeouts active through response bodies
- 167c213 Handle background task rejections safely
- 73a70cf Validate SMTP port configuration
- 21a09d4 Isolate optional update status failures
- d35bb7c Persist abandoned notification cleanup
- 82e432d Fix reviewed reliability issues
- 71d798f Fix chronological GitHub tag fallback
- 8ca32f5 Discard stale background refresh results
- 383fb1a Restore access token normalization
- 9389359 Bound notification delivery retries
- 3da0ffb Restore focus after repository settings close
- e285def Batch repository provider resolution
- 71314f9 Persist failed notification deliveries
- 30c1775 Merge concurrent settings patches safely
- 4093c2e Validate persisted runtime data
- 60b3871 Preserve repository setting inheritance
- 01a5bfb Merge background refreshes into fresh repository state
- 01a6c83 Use provider-neutral release copy
- 57e1b1e Fix interactive element accessibility
- f38af5a Initialize network state from the browser
- 2485ff1 Filter complete GitLab and Codeberg tag fallbacks
- 14d6265 Fail closed on storage read errors
- 670ec3e Preserve fatal process error semantics
Security & Documentation
- 8f15c84 Validate repository imports at runtime
- 6496036 Harden setup bootstrap lock ownership
- 1a47738 Guard deletion of the final passkey
- 24e1943 Persist consumed secret reveal nonces
- bd08ebd Reject whitespace in new passwords
- 09d9d88 Bound internal network requests
- d5d611c Bind secret reveal proofs to their target
- 9b95088 Harden account credential management
- 5a44d58 Prevent global login overflow lockouts
- e88c4d3 Scope login rate limit capacity overflow
- 8f19c2b Release discarded outbound response bodies
- b42b302 Preserve active login lockouts at capacity
- 31b811d Harden login rate limit client identity
- bf626ee Bound in-memory login rate limit state
- 13fbdc4 Cancel discarded outbound response bodies
- ba5073b Retain login throttling without proxy addresses
- 7ef1e90 Scope login lockouts to client addresses
- 930680c Preserve IP login spray limits
- 8fd12d0 Require complete SMTP notification config
- c6851cd Validate data before storage writes
- 84ff447 Validate release regexes on the server
- 599bbde Prevent social login account enumeration
- cedbe22 Enforce nonce based content security policy
- 37abdb7 Preserve configured secret bytes
- 8871da2 Harden and unify password login handling
- 70b01cb Bound outbound HTTP request duration
- 14467f3 Redact invalid GitLab token configuration
- 9a7033f Harden setup lock and token checks
- 4740dc3 fix: sanitize notification release content
- cd7f1d3 fix: guard exported server actions with auth checks
Tests
- 61fd8bf Format test suite with Biome
- c5b4b4c Fix test suite lint violations
- 03efc0a Update import E2E file selectors
- 8392f4c Eliminate overlapping React test acts
- 8d9e74a Bound Vitest worker concurrency
- 3fa7464 Isolate background refreshes in action tests
- 10c6fd2 Type the account email test request mock
- 27bc515 Use Playwright Resolute images
- 3440e13 Apply Biome fixes to tests
- d52e96a Stabilize release filter tests
- f360295 Fix stale E2E selectors and fixtures
- aa95807 Fix test fixture type safety
- 57c2055 Use canonical test repository identifier
- 43b7886 Fix test typechecking and Biome diagnostics
- 25a0b6d Fix test typechecking and stabilize secret reveal test
Maintenance
- 38a3802 Bump version to 2.2.0
- 91a5c5d Update application dependencies
- 7a152d2 chore: update dependencies to latest versions
- 832cc88 Update auth, mail, and Next.js from 16.2.7 to 16.2.9 dependencies
- 1123cad Update dependencies and simplify GHCR import validation
- 037e1b2 chore(deps): update Next.js from 16.2.6 to 16.2.7 and dependencies
- 76d39f5 chore(deps): update @biomejs/biome 2.4.15->2.4.16, lucide-react 1.16.0->1.17.0, next-intl 4.12.0->4.13.0, nodemailer 8.0.9->8.0.10
Full Changelog: v2.1.0...v2.2.0