Version 1.0.39

• Server Notifications: Improve notification text for server add/remove activity.
• Docs: Add ToS and Privacy Policy.
• Security Hardening: Redact secrets from web hook detail output log (best effort).
• Bug Fix: UI crash in getWFParamPreviewHTML for omitted optional number param values. Ref #175.
• Add THREAT_MODEL.md file for security audits.
• Typo fix in docs and sample config: outbound_blacklist and outbound_whitelist should be blacklist and whitelist, in the airgap config.
• Security Hardening: Secrets API: Ensure secret key names don't match any bad strings (i.e. proto and the like).
• Security Hardening: API handler: Disallow any params matching bad key names (i.e. proto and the like).
• Security Hardening: Remove macro substitution support from system hook shell exec command (was undocumented anyway).
• Security Hardening: Lock down more built-in plugin fields to administrator-only (HTTP URL, Docker Run Command, etc.).
• Security Hardening: Check secret variable key names for illegal strings (i.e. proto and the like).
• Security Hardening: Increase default secret key length to 32 chars in container-start.sh
• api_get_latest_monitor_data: Allow both GET and POST parameters. Fixes #214.

Version 1.0.38

• Server Monitor Alerts: Use correct server label and stripped hostname in notification text.

Version 1.0.37

• Feature: Customize sidebar section visibility in the user settings screen.
• Server Data Explorer: Add hover tooltips for all Plugin IDs, for easier identification. Fixes #211.
• Welcome Doc: Fix wording to properly describe when the guide auto-disappears. Fixes #212.
• CLI Doc: Remove unused section.

Version 1.0.36

• Feature: Recover admin access from Docker / containerized systems using a special environment variable.
• UI Tweak: Set all password input field fonts to monospace.

Version 1.0.35

• UI Improvement: Add visual group separators for sorted event table, for specific columns (e.g. category, tags, plugin, targets).
• UI Tweak: Improve icons for linked events and workflows, to show arrow pointing right (more clear).
• Bug Fix: Export dialog was broken for workflows. Fixes #208.

Version 1.0.34

• UI Tweak: When an event has a "Run Event" action attached and enabled, change the default icon.
• UI Tweak: Apply hostname strip regex to conductor ID display, to be consistent with server hostnames.
• UI Tweak: Show different default icons for events / workflows if they are disabled.

Version 1.0.33

• Server UI: Several visual changes to better denote server groups, and if they were manually or auto-assigned.
• Server Groups: Correctly handle the case when a group is deleted with servers that had manually assigned the group.
  • Note that if by deleting a group the server is no longer assigned to any groups, it is automatically switched to autoGroup mode.
• Unbase Config: Add missing autoGroup column index.
• UI Fix: Show correct "All"/"None" word when group list is empty (alerts / monitors match "All" if none assigned, servers do not).

Version 1.0.32

• Bug Fix: Crasher if a server group is deleted with active servers that match only said group.

Version 1.0.31

• Docker Container Startup: Fix typo which failed to auto-generate the secret key on first launch. Fixes #202.

Version 1.0.30

• Fix possible XSS attack on job detail screen when job description contains raw HTML.