1.20.0 (2026-03-22)
- ci: remove unsupported --release-notes flag from wingetcreate (83b61fc)
- cve: add client-side false positive filter and deduplication (0571dfb)
- disk-tools: add Large File Finder and Empty Folder Cleaner (08403eb)
- ui: update sidebar, dashboard, components, and locale translations (38e1683)
1.19.1 (2026-03-22)
- cve: show only critical/high vulns, add descriptions and NVD links (bb72b4d)
1.19.0 (2026-03-22)
- use Get-CimInstance for driver scans and propagate update errors (ba47ee7)
1.18.0 (2026-03-22)
- ci: trigger website deploy on release and add release notes to winget manifest (caff018)
- privacy: disable stealth mode toggle when macOS firewall is off (#40) (e778766)
- add duplicate file finder tool (#43) (6e74a20)
- add Game Mode for Windows gaming optimization (#44) (7d20579)
- cli: verbose/quiet modes, granular exit codes, JSON audit, Prometheus metrics (#39) (e24815e)
- cloud: notify renderer when threat blacklist is updated (53b71c8)
- rework dashboard as Command Center layout (#45) (cb05a0b)
1.17.0 (2026-03-21)
- ci: add notarization debug logging and build timeout (7bd0558)
- ci: use wingetcreate URL pipe syntax for architecture and scope overrides (5332220)
- security: validate cloud remote-access boolean fields in IPC (#31) (b5d3439)
1.16.2 (2026-03-21)
- ci: add winget architecture override and disable choco publish (a84ccf7)
1.16.1 (2026-03-21)
1.16.0 (2026-03-20)
1.15.0 (2026-03-19)
1.14.0 (2026-03-18)
- browsers: correct Helium Windows path and add missing database rules (8e3c11b)
- cloud-agent: add new browsers to cloud-agent browser scan list (c4dd384)
- darwin: correct Helium macOS path and add missing browsers to shutdown list (b39e9f5)
- gaming: correct Amazon Games log path, remove Playnite (0832ae3)
- gaming: remove Genshin Impact and Overwatch 2 cleaners (3128674)
- linux: add Supermium, Helium, and Cromite to browser shutdown list (0997d7c)
- browsers: add Thorium, Supermium, Helium, and Cromite cleaning support (b3fea2c)
- gaming: add cleaners for popular games and launchers (07e2c0a)
- privacy: add AI, browser telemetry controls and expand bloatware list (c9d3853)
- privacy: fix AI setting registry keys, skip browser checks when uninstalled (77b8b70)
1.13.0 (2026-03-18)
- ci: pass single URL to match winget manifest installer count (8a1878d)
- registry: back up SYSTEM/HKCR hives and remove rotated log targets (9f9bb85)
- registry: check files not dirs in path resolution, inspect rundll32 DLLs (1c8c107)
- registry: check WOW6432Node in findMissingClsidDll, fix backup filename (35d5c02)
- registry: expand env vars in uninstall scan paths via shared helper (f5c6f9b)
- registry: handle PATH-resolved commands and evaluate COM views independently (f981580)
- registry: handle unquoted paths with spaces, remove unsafe singleFileTargets (3d104b0)
- registry: match REG_EXPAND_SZ uninstall values, flag broken COM registrations, expand backups (e3c53cd)
- registry: only check service root keys, skip child subkeys (edf20a1)
- registry: preserve full exe paths and require broken uninstaller for orphan detection (8498159)
- registry: require all COM views broken before flagging, expand service env vars (e2bb59c)
- registry: require missing install directory before flagging uninstall entries (c9f8e3a)
- registry: scan HKCU/WOW6432Node client hives, fix quoted rundll32 parsing (5d3793f)
- registry: scan WOW6432Node BHO hive for 32-bit orphaned entries (9f13381)
- registry: skip relative service paths and only check native COM view (9808863)
- registry: split EventMessageFile on commas too and check PrimaryModule (0bff7c1)
- registry: try full string as path candidate in extractExePath (ed16a64)
- registry: use extractExePath() for all command-line path parsing (289a94a)
- registry: WOW64-aware CLSID lookups, validate EventMessageFile, drop duplicate targets (3a27695)
- rules: correct macOS/Linux paths and fix rules-bot template injection (b0ccff4)
- rules: correct misleading descriptions for Google caches and Windows Update (c0d583a)
- rules: remove debconf target and fix registry scan query flags (8a3272e)
- rules: remove live SRUM database from cleanup targets (7c3ad2f)
- rules: remove unsafe targets and use WOW64-aware context menu scan (a01096d)
- startup: add ConsoleConnect trigger for Windows Fast Startup (bc47e06)
- startup: revert startup state if auto-enable fails for scheduled scans (6ac6673)
- startup: use XML-based task creation and surface errors to UI (28f1260), closes #20
- add contributor tooling for cleaner rules (b6a6200)
- rules: add Claude, Sublime Text, Termius, Ledger Live, and more (ef2dd70)
- rules: add cleaning rules for browser forks, Kodi, qBittorrent, HandBrake, ccache, and Java (33c59fb)
- rules: expand system cleaning targets and registry orphan detection (22f39d6)
1.12.0 (2026-03-18)
- ci: pass duplicate URL to resolve winget manifest multi-match error (52fbdb5)
- extract cleaner rules into community-editable JSON files (3a2b345)
1.11.0 (2026-03-18)
- linux: support libasound2 on older Ubuntu versions (60b5c0e)
- linux: use apt-cache policy for more reliable package detection (2d6c503)
- linux: use apt-get --dry-run for package detection (e9e28d6)
- add database optimizer, shortcut cleaner, and disk repair tools (301d502)
1.10.0 (2026-03-17)
- macos: fix tray icon, dock restore, and expand malware scanner coverage (25e74d1)
- use path.win32.join for consistent backslash separators in win32 paths (5d25238)
- enhance malware scanner with expanded detection and add tests (4065011)
1.9.0 (2026-03-17)
- resolve bugs, race conditions, security issues, and dead code (d5e3795)
- expand cleaners with new targets, browsers, apps, and safety fixes (497a561)
1.8.1 (2026-03-17)
- cloud: improve Linux server detection and send isServer in registration (b17c581)
- cloud: skip desktop notifications in daemon/headless mode (31ebb14)
1.8.0 (2026-03-17)
- privacy: remove unsafe sysctl hardening settings (9f669b0)
- cloud: add server-only security checks to health reports (5875d06)
1.7.0 (2026-03-17)
- disable macOS code signing to prevent Team ID mismatch crash (ec923d3)
- improve long-running stability and reduce resource usage (d3ab953)
- use Restart=always in systemd service so daemon restarts after auto-update (2b9eabe)
- cloud: add SSH hardening checks to health reports (639e4a7)
1.6.0 (2026-03-16)
- darwin: use socketfilterfw for reliable firewall status reporting (49b198c)
- handle winget installer-type-changed errors correctly (1fee6c6)
- renderer: improve privacy feedback, cross-platform updater labels, and window frame (09eba37)
- suppress interactive prompts in install.sh for unattended installs (b7b9056)
- darwin: add elevated execution, startup deletion, and filter Apple apps (61bcb28)
- dashboard: comprehensive one-click scan with malware, privacy, and update checks (1ee3ff1)
- malware: add macOS malware signatures, code signing, and plist analysis (20995fe)
- uninstaller: add batch selection and multi-uninstall (249c21d)
1.5.2 (2026-03-16)
- run winget updates sequentially to avoid lock contention (354d4b0)
- set HOME=/root in systemd unit for correct config path (3e993f6)
1.5.1 (2026-03-15)
- flush settings before exit in CLI config set (a6576b4)
- install runtime deps and use CLI for config in install.sh (82f37d6)
1.5.0 (2026-03-15)
- use large-file upload flow for VirusTotal submissions (54f028f)
- fix UI lag from perf monitor rendering overhead (ea4fa1f)
1.4.10 (2026-03-15)
- rename Chocolatey package ID to usekudu (3904bf1)
1.4.9 (2026-03-15)
- add Chocolatey package and automated publishing (99d5c14)
1.4.8 (2026-03-15)
- pass Azure credentials as env vars for Windows code signing (ec7c325)
1.4.7 (2026-03-15)
- set shell to bash for build step to fix Windows PowerShell error (b33dd87)
1.4.6 (2026-03-15)
- allow-no-subscriptions for Azure login in CI (62d895f)
1.4.5 (2026-03-15)
- move Azure signing config to CI-only to fix mac/linux validation error (4c02e75)
1.4.4 (2026-03-15)
- add Azure Trusted Signing for Windows builds, parallel malware scan, and misc improvements (eb3f9df)
1.4.3 (2026-03-15)
- silently succeed for unsupported platform scan types and unwrap data envelope in payload fetch (1a7cbb5)
1.4.2 (2026-03-15)
- add cloud scan handlers for browser, app, gaming, recycle-bin, and uninstall-leftovers (6cea8a6)
1.4.1 (2026-03-15)
- race condition in payload fetch and revert incorrect success:true for unsupported platforms (14e727b)
1.4.0 (2026-03-15)
- fetch full command payload when broadcast arrays are trimmed (d530df3)
1.3.0 (2026-03-15)
- require admin elevation via manifest instead of runtime re-launch (f870da1)
1.2.3 (2026-03-15)
- threat monitor tab not appearing despite blacklist being loaded (2494c7b)
1.2.2 (2026-03-15)
- auto-updater crash from dynamic require of platform elevation module (f3d9e5f)
1.2.1 (2026-03-15)
- preserve admin elevation after auto-update and show threat monitor tab (7378696)
1.2.0 (2026-03-15)
- add threat monitor, cloud agent enhancements, and IPC security hardening (b952490)
1.1.3 (2026-03-15)
1.1.2 (2026-03-15)
- AppImage hangs on headless Linux without FUSE (8faed7f)
- install script overwrites AppImage binary via old symlink (a71eb4e)
1.1.1 (2026-03-14)
- install script wrapper auto-injects --no-sandbox for root (fb81a09)
1.1.0 (2026-03-14)
- daemon crash on headless Linux without X server (d9fe47d)
1.0.5 (2026-03-14)
- cloud agent not connecting after initial device link (42e6e47)
1.0.4 (2026-03-14)
- update repository URLs from dbfx to adventdevinc (dede320)
1.0.3 (2026-03-14)
- elevation relaunch not starting new instance on Windows (807f50b)