You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Client-side metadata encryption — file and folder names are now encrypted client-side before upload; the server never sees plaintext names
Folder-key sharing model — O(folder) share creation: one encrypted folder key covers all files in a folder, eliminating per-file key wrapping overhead
Role-based folder grants and hierarchical permission tree UI — fine-grained per-folder role assignments with a visual tree that mirrors the team management interface; ceiling enforcement prevents escalation beyond parent grants
Encrypted audit log — sensitive audit events are stored encrypted at rest using a per-instance audit key; tables are RANGE-partitioned for efficient time-range queries
restrict_permissions ACL guards — delete, move, rename, and share operations now respect folder-level restriction flags; a compound rename+restrict bypass was also closed
Open registration flow — admins can enable public self-registration; a first_run_completed bypass was also closed
Custom Event Integrations panel — unified section in admin settings for managing notification channels; shared IP allowlist gate
Notification channel severity filter — per-channel minimum severity checkbox grid with a filter_min_severity column; startup migration handles existing rows
Operation result detail pages — batch operations (upload, move, etc.) now link to a per-operation detail view; includes build-ID stale-cache detection to prompt reload when the server has been updated
Client-side manifest search — file search now runs entirely in the browser against the local manifest, replacing a round-trip server query
Bug fixes
Fix team member visibility, activity feed, and key-rotation UX when a member's account has been deleted
Fix [object Object] in error toasts from _handle403 and un-normalised FastAPI detail fields
Fix database garbage cleanup gaps; blob deletion is now durable (survives restarts mid-cleanup)
Fix folder role grants: custom roles, Api.del calls, and NULL ip_address constraint
Fix team management: member roles display, add/remove role endpoints, badge timing, and recent-activity feed
Fix admin settings display and profile avatar selector
Fix NULL ip_address in security_events rows generated during audit-key operations
Fix integration modal tabs (CSS class mismatch) and modal theming
Fix duplicate _mkField declaration in admin.js
Fix has_org_access check; add folder-creator static row to the By User permission tab
Fix startup crash when partition-default creation races on first boot
Fix circular import in audit_key.py
Fix 4 failing E2E tests related to folder-key and trash-default handling
Infrastructure
Simplified release workflow: workflow_dispatch-triggered CI builds the Docker image and uploads assets to the draft; the operator publishes manually from the GitHub UI
