Skip to content

v2026-03-26.1

Choose a tag to compare

@itsDNNS itsDNNS released this 26 Mar 09:59
6e73a5b

Security

  • Supply chain hardening: All Python dependencies pinned to exact versions with cryptographic hashes. Docker base image pinned to SHA256 digest. All GitHub Actions pinned to commit SHAs. New pip-audit CI job detects known vulnerabilities on every push/PR. Dependabot configured for automated weekly updates. (#294)
  • Smokeping proxy hardening: Validate full PNG signature (ISO 15948) before serving proxied responses. Added X-Content-Type-Options: nosniff and restrictive CSP header to prevent content injection. (#298)
  • ReDoS fixes: Replaced backtracking-prone regex in CM3000 driver and bounded quantifier in modulation engine. (#298)
  • Webhook URL no longer logged: Notification channel setup no longer writes the webhook URL to application logs. (#298)

Improvements

  • Python 3.13: Runtime upgraded from Python 3.12 to 3.13. (#296)

Bug Fixes

  • Sagemcom login crash: Fixed crash on XMO_INVALID_SESSION_ERR during Sagemcom session recovery.

Documentation

  • README: Added CGM4981COM to hardware table, updated BQM, Connection Monitor, Event Log, and Speedtest feature descriptions.
  • Wiki: Roadmap updated to v2026-03-26 with all recently shipped features marked as complete.