v1.3.4

Security

• Pinned all dependencies -- starlette==1.1.0 (patches a vulnerability disclosed 2026-05-27), uvicorn==0.48.0, httpx==0.28.1, jinja2==3.1.6. Previously the image was built against unpinned versions, so affected builds should pull the updated image.

---

v1.3.3

(v1.3.0 notes included here due to CI issues causing a few fast follow panic-patches on this release.)

Fixed in v1.3.3

• Image pull failure -- the cleanup action (actions/delete-package-versions) was deleting platform-specific manifests that make up multi-architecture images, leaving the manifest index pointing to missing digests. Switched back to dataaxiom/ghcr-cleanup-action which is multi-arch aware and skips manifests referenced by a tagged image. Provenance attestation (mode=max) restored. Sorry, I'm still learning!

---

Added in v.1.3.0

• AdGuard Home support -- ph-intercept now works with AdGuard Home. A dedicated adguard/compose.yaml and adguard/README.md are included; drop it in alongside your existing AdGuard Home instance, fill in your URL and credentials, and go. Pi-hole behavior is unchanged. Thanks to @matthijsbro (dnsshooter) for the code headstart on AdGuard support.
• Timed disable for AdGuard -- the shield menu offers six durations: 30 sec, 1 min, 10 min, 1 hr, until tomorrow (seconds until midnight, computed at click time), and indefinite. The server auto-re-enables protection after the chosen duration.
• ADGUARD_IGNORE_DOMAINS -- comma-separated regex patterns; matching domains are filtered from the event stream and spawn no ships. Same behavior as PIHOLE_IGNORE_DOMAINS.

Changed in v.1.3.0

• HUD GRAVITY panel is labelled FILTER for AdGuard. Gravity/filter rule count formatting improved for both providers -- comma-separated below 100K, consistent K/M decimal precision above.
• Provider icon, dashboard link, and settings panel label adapt to the active provider.
• shadowBlur removed from entity client and domain text rendering -- measurable frame-rate improvement, particularly on lower-end hardware.

Fixed in v.1.3.0

• Intercept menu hover hitbox -- hover detection used <= on the right and bottom edges, causing a one-pixel overlap into the adjacent slot.

---

v1.3.2

Fixed

• Image pull failure -- provenance attestation (mode=max and mode=min) produced a manifest format incompatible with GHCR and some Docker clients. Disabled provenance entirely (provenance: false).

---

v1.3.1

Fixed

• Image pull failure -- provenance: mode=max in the build workflow produced a manifest format incompatible with GHCR and some Docker clients. Downgraded to mode=min.

---

v1.3.0

Added

• AdGuard Home support -- ph-intercept now works with AdGuard Home. A dedicated adguard/compose.yaml and adguard/README.md are included; drop it in alongside your existing AdGuard Home instance, fill in your URL and credentials, and go. Pi-hole behavior is unchanged. Thanks to @matthijsbro (dnsshooter) for the code headstart on AdGuard support.
• Timed disable for AdGuard -- the shield menu offers six durations: 30 sec, 1 min, 10 min, 1 hr, until tomorrow (seconds until midnight, computed at click time), and indefinite. The server auto-re-enables protection after the chosen duration.
• ADGUARD_IGNORE_DOMAINS -- comma-separated regex patterns; matching domains are filtered from the event stream and spawn no ships. Same behavior as PIHOLE_IGNORE_DOMAINS.

Changed

• HUD GRAVITY panel is labelled FILTER for AdGuard. Gravity/filter rule count formatting improved for both providers -- comma-separated below 100K, consistent K/M decimal precision above.
• Provider icon, dashboard link, and settings panel label adapt to the active provider.
• shadowBlur removed from entity client and domain text rendering -- measurable frame-rate improvement, particularly on lower-end hardware.

Fixed

• Intercept menu hover hitbox -- hover detection used <= on the right and bottom edges, causing a one-pixel overlap into the adjacent slot.

---

v1.2.0

Added

• Three new ships: Serenity, Normandy, and the Planet Express Ship.
• Expanded ship menu -- now shows 8 slots in a 4×2 grid (compact screens: 2×4), replacing the old single-row 4-slot layout.
• Sleep-detection timer -- a setInterval now monitors Date.now() for jumps and invalidates the sprite cache on machine wake. This covers the remaining blind spot where neither visibilitychange nor window focus fires (tab already focused when the machine sleeps).

Changed

• Carrier expanded to accommodate the new ships.

Fixed

• Drone missile tracking -- missiles now re-compute heading toward the target's live position every frame. Previously the bearing was locked at fire time, causing drones to miss enemies that had moved.

Visual

• Enterprise bitmap extended; nacelle positions and impulse drive flare adjusted. Impulse drive now renders in fire colors (orange/red) instead of blue. Thanks to @andrewmsprague for the NCC-1701 impulse drive tips.
• Drone explosions tuned: 80→50 particles, smaller radii, 1300ms→900ms duration, tighter blast rings.
• dimColor opacity raised across all ships for better visibility when docked in the carrier menu.
• Gravity update arrow larger.
• Splash screen tagline minimum font size bumped from 11 to 12 px.

Infrastructure

• Docker base image switched from python:3.14-slim to python:3.14-alpine3.23, meaningfully reducing image size.
• PYTHONDONTWRITEBYTECODE=1 and PYTHONUNBUFFERED=1 added to the image environment.
• pip, setuptools, and wheel removed from the final image layer.
• Non-root user now created with -H (no home directory) and -s /sbin/nologin (no login shell).

---

v1.1.6

Fixed

• Sprite visibility after foreground idle -- enemy and friendly bitmaps could become invisible if the browser window stayed open and focused while the machine was inactive. When no tab switch or minimize occurs, visibilitychange never fires; the browser can still silently reclaim GPU-backed offscreen canvas memory. The sprite cache is now also invalidated on window focus so sprites are rebuilt when the user returns.

---

v1.1.5

Security

• Container now runs as a non-root user (uid 1000) with ownership scoped to /app.
• All Linux capabilities dropped via cap_drop: ALL in compose.yaml.
• Hadolint Dockerfile linting added to the CodeQL workflow; findings surface in the GitHub Security tab on tagged releases.

Added

• PIHOLE_IGNORE_DOMAINS -- optional comma-separated regex patterns; matching domains are filtered from the event stream and spawn no ships. Case-insensitive. Example: .*\.local$,.*\.internal$. Thanks to @jamespo for the idea.

Changed

• Switched from FastAPI to Starlette, reducing dependencies and improving compatibility across ARM architectures.
• Docker build now targets six platforms: linux/amd64, linux/arm64, linux/arm/v7, linux/arm/v6, linux/386, linux/riscv64.

Visual

• Settings button bars now explode into three independently floating animated lines when the menu opens, with staggered spring transitions on open and a crisp snap-back on close.
• Clicking inside an open menu no longer closes it; only clicks outside dismiss it.
• Ship menu hover now correctly highlights only one slot at a time.
• Splash screen: black fill on first paint prevents a white flash; text centering corrected for the PH and tagline elements; resize skips if dimensions are unchanged.

---

v1.1.4

Fixed

• Pi-hole v6 passwordless mode -- authentication now checks the session.valid flag rather than sid presence, so instances with no password set are handled correctly. Thanks to u/Xanderlicious for the report.
• Pi-hole v6 query status coverage -- EDE-blocked queries (string status "EDE", integer status 18) are now counted as blocked; cached-stale queries (status 17) are now counted as cache hits. The stale "BLACKLIST" string status has been removed.
• Carrier state race -- the carrier now correctly departs if blocking is re-enabled before it finishes arriving (triggered by a rapid external toggle or returning from a backgrounded tab).
• Pihole mode exit race -- if enterPiholeMode was called while the exit animation timer was still pending, the game would bail out and stay dead. The timer is now cancelled and the game restarts cleanly.
• Starfield degradation -- if stars.json fails to load, the starfield now falls back gracefully instead of getting stuck before rendering.
• Background image injection -- BG_IMAGE is now validated as a local path or http(s):// URL before being written into CSS; character encoding expanded to cover ", ', and \.

Security

• Added Content-Security-Policy and Referrer-Policy response headers.
• Block timer values submitted via the API are now validated as positive integers server-side; invalid or negative values are discarded.
• Pi-hole dashboard link (HUD and settings menu) now validates https?:// before calling window.open.
• ESC navigation now explicitly rejects javascript: and data: scheme values in RETURN_URL. Other schemes remain supported.

Docs

• RETURN_URL documentation in README and compose.yaml updated to clarify the full range of accepted URL schemes.
• Meta description added to the page <head>.

Visual

• Enemy sprites are now rendered with imageSmoothingEnabled on, reducing jaggies when rotated.

Housekeeping

• Added .dockerignore to keep build contexts lean.
• Trimmed uvicorn[standard] to bare uvicorn, removing unused high-throughput extras and reducing the image size.
• query_poller tick errors are now logged at debug level instead of being silently swallowed.

---

v1.1.3

Fixed

• Domain Management blocks -- domains blocked via Pi-hole's exact denylist now correctly intercepted as enemies. Thanks to @AzuraLemonade.
• Embedding -- removed the X-Frame-Options: DENY header; PH Intercept can now be embedded in external dashboards. Thanks to @AzuraLemonade.

---