• bundle/dev-0.129.0 632e48dc50

    CT-Ops customer bundle dev-0.129.0
    All checks were successful
    Build and publish development Docker images / Resolve development image versions (push) Successful in 7s
    Release / Detect merged release PR (push) Successful in 10s
    Release / Create release tags (push) Has been skipped
    Release / Build agent darwin/arm64 (push) Has been skipped
    Release / Build agent windows/amd64 (push) Has been skipped
    Release / Build agent windows/arm64 (push) Has been skipped
    Release / Build agent darwin/amd64 (push) Has been skipped
    Release / Build agent linux/amd64 (push) Has been skipped
    Release / Build agent linux/arm64 (push) Has been skipped
    Release / Create or update release PR (push) Successful in 14s
    Release / Build and publish ansible-api image (push) Has been skipped
    Release / Build and publish ingest image (push) Has been skipped
    Release / Build and publish web image (push) Has been skipped
    Release / Build ansible-api image (push) Successful in 0s
    Release / Publish agent release (push) Has been skipped
    Release / Publish ansible-api release (push) Has been skipped
    Release / Build web image (push) Successful in 0s
    Release / Publish customer bundle (push) Has been skipped
    Release / Build ingest image (push) Successful in 0s
    Release / Publish web release (push) Has been skipped
    Release / Publish ingest release (push) Has been skipped
    Release / Publish customer bundle release (push) Has been skipped
    Build and publish development Docker images / Build and publish web dev image (push) Successful in 5m13s
    Build and publish development Docker images / Build and publish ingest dev image (amd64) (push) Successful in 8m1s
    Build and publish development Docker images / Publish development customer bundle (push) Successful in 1m6s
    Build and publish development Docker images / Build and publish ingest dev image (arm64) (push) Successful in 10m18s
    Build and publish development Docker images / Publish ingest dev multi-arch tag (push) Successful in 43s
    Pre-release

    simon released this 2026-06-18 06:54:56 +00:00 | 19 commits to main since this release

    CT-Ops customer bundle v0.129.0 roll-up changelog

    Published 2026-06-18

    Included products

    • Customer bundle: v0.128.1 -> v0.129.0
    • Web: v0.257.1 -> v0.258.0
    • Agent: v0.50.0
    • Ingest: v0.32.1
    • Ansible API: v0.5.0
    • CT-Vault API: v0.1.4

    Component changes

    Customer bundle v0.129.0

    Features

    • upgrade: add development bundle channel (9bdc6fd)

    Bug Fixes

    • release: publish dev bundle rollup assets (d01e5e8)
    • host-editor: keep remote file list scrollable (a275f18)
    • release: stream bundle release body payloads (1db54b7)

    Web v0.258.0

    Features

    • upgrade: add development bundle channel (9bdc6fd)

    Bug Fixes

    • host-editor: keep remote file list scrollable (a275f18)

    Agent v0.50.0

    No change in this bundle.

    Ingest v0.32.1

    No change in this bundle.

    Ansible API v0.5.0

    No change in this bundle.

    CT-Vault API v0.1.4

    No change in this bundle.

    Images:

    • docker.io/carrtechdev/ct-ops-web@sha256:a24605d3b4ab808c7ff59eda3df1d746a0fbdaf4594f872993f2d58014ab2acf
    • carrtechdev/ct-ops-ingest@sha256:ab4b1aa9a0ab56491f8d8dd87c22ecdab7a63afa980a674dc14ad8f1b4533277

    Roll-up changelog assets:

    • ct-ops-bundle-rollup-dev-0.129.0.md
    • ct-ops-bundle-rollup-dev-0.129.0.json
    Downloads
  • web/v0.258.0 77011a2fc3

    web v0.258.0
    Some checks failed
    Build and publish development Docker images / Resolve development image versions (push) Has been skipped
    Build and publish development Docker images / Build and publish web dev image (push) Has been skipped
    Build and publish development Docker images / Build and publish ingest dev image (amd64) (push) Has been skipped
    Build and publish development Docker images / Build and publish ingest dev image (arm64) (push) Has been skipped
    Build and publish development Docker images / Publish ingest dev multi-arch tag (push) Has been skipped
    Build and publish development Docker images / Publish development customer bundle (push) Has been skipped
    Release / Detect merged release PR (push) Successful in 9s
    Release / Create or update release PR (push) Has been skipped
    Release / Create release tags (push) Successful in 12s
    Release / Build agent darwin/amd64 (push) Has been skipped
    Release / Build agent linux/arm64 (push) Has been skipped
    Release / Build agent windows/amd64 (push) Has been skipped
    Release / Build agent darwin/arm64 (push) Has been skipped
    Release / Build agent windows/arm64 (push) Has been skipped
    Release / Build agent linux/amd64 (push) Has been skipped
    Release / Build and publish ingest image (push) Has been skipped
    Release / Build and publish ansible-api image (push) Has been skipped
    Release / Publish agent release (push) Has been skipped
    Release / Build ingest image (push) Successful in 0s
    Release / Build ansible-api image (push) Successful in 0s
    Release / Publish ingest release (push) Has been skipped
    Release / Publish ansible-api release (push) Has been skipped
    Release / Build and publish web image (push) Successful in 5m29s
    Release / Publish customer bundle (push) Has been skipped
    Release / Build web image (push) Successful in 0s
    Release / Publish web release (push) Successful in 10s
    Release / Publish customer bundle release (push) Failing after 51s
    Stable

    Ghost released this 2026-06-17 15:59:02 +00:00 | 24 commits to main since this release

    Published by Forgejo Actions.\n\nImage:\n- carrtechdev/ct-ops-web@sha256:a8d95aac346d22d16e8e7b2cce39b0ec177e42c88ca10431285d616675771aed

    Downloads
  • bundle/v0.129.0 77011a2fc3

    CT-Ops customer bundle v0.129.0
    Some checks failed
    Build and publish development Docker images / Resolve development image versions (push) Has been skipped
    Build and publish development Docker images / Build and publish web dev image (push) Has been skipped
    Build and publish development Docker images / Build and publish ingest dev image (amd64) (push) Has been skipped
    Build and publish development Docker images / Build and publish ingest dev image (arm64) (push) Has been skipped
    Build and publish development Docker images / Publish ingest dev multi-arch tag (push) Has been skipped
    Build and publish development Docker images / Publish development customer bundle (push) Has been skipped
    Release / Detect merged release PR (push) Successful in 9s
    Release / Create or update release PR (push) Has been skipped
    Release / Create release tags (push) Successful in 12s
    Release / Build agent darwin/amd64 (push) Has been skipped
    Release / Build agent linux/arm64 (push) Has been skipped
    Release / Build agent windows/amd64 (push) Has been skipped
    Release / Build agent darwin/arm64 (push) Has been skipped
    Release / Build agent windows/arm64 (push) Has been skipped
    Release / Build agent linux/amd64 (push) Has been skipped
    Release / Build and publish ingest image (push) Has been skipped
    Release / Build and publish ansible-api image (push) Has been skipped
    Release / Publish agent release (push) Has been skipped
    Release / Build ingest image (push) Successful in 0s
    Release / Build ansible-api image (push) Successful in 0s
    Release / Publish ingest release (push) Has been skipped
    Release / Publish ansible-api release (push) Has been skipped
    Release / Build and publish web image (push) Successful in 5m29s
    Release / Publish customer bundle (push) Has been skipped
    Release / Build web image (push) Successful in 0s
    Release / Publish web release (push) Successful in 10s
    Release / Publish customer bundle release (push) Failing after 51s
    Stable

    Ghost released this 2026-06-17 15:59:01 +00:00 | 24 commits to main since this release

    CT-Ops customer bundle v0.129.0 roll-up changelog

    Published 2026-06-17

    Included products

    • Customer bundle: v0.128.1 -> v0.129.0
    • Web: v0.257.1 -> v0.258.0
    • Agent: v0.50.0
    • Ingest: v0.32.1
    • Ansible API: v0.5.0
    • CT-Vault API: v0.1.4

    Component changes

    Customer bundle v0.129.0

    Features

    • upgrade: add development bundle channel (9bdc6fd)

    Bug Fixes

    • release: publish dev bundle rollup assets (d01e5e8)
    • host-editor: keep remote file list scrollable (a275f18)
    • release: stream bundle release body payloads (1db54b7)

    Web v0.258.0

    Features

    • upgrade: add development bundle channel (9bdc6fd)

    Bug Fixes

    • host-editor: keep remote file list scrollable (a275f18)

    Agent v0.50.0

    No change in this bundle.

    Ingest v0.32.1

    No change in this bundle.

    Ansible API v0.5.0

    No change in this bundle.

    CT-Vault API v0.1.4

    No change in this bundle.

    Images:

    • docker.io/carrtechdev/ct-ops-web@sha256:a8d95aac346d22d16e8e7b2cce39b0ec177e42c88ca10431285d616675771aed
    • docker.io/carrtechdev/ct-ops-ingest@sha256:5298b73ddaa9fb0b11c898410fd69fde55a55960e5af4daf893088c61ded0ddc

    Roll-up changelog assets:

    • ct-ops-bundle-rollup-v0.129.0.md
    • ct-ops-bundle-rollup-v0.129.0.json
    Downloads
  • bundle/dev-0.128.1 2464fe9488

    CT-Ops customer bundle dev-0.128.1
    All checks were successful
    CI Policy / Workflow runner policy (push) Successful in 7s
    Build and publish development Docker images / Resolve development image versions (push) Successful in 7s
    Release / Detect merged release PR (push) Successful in 9s
    Release / Create release tags (push) Has been skipped
    Release / Build agent linux/arm64 (push) Has been skipped
    Release / Build agent linux/amd64 (push) Has been skipped
    Release / Build agent darwin/arm64 (push) Has been skipped
    Release / Build agent darwin/amd64 (push) Has been skipped
    Release / Build agent windows/amd64 (push) Has been skipped
    Release / Build agent windows/arm64 (push) Has been skipped
    Release / Create or update release PR (push) Successful in 14s
    Release / Build and publish web image (push) Has been skipped
    Release / Build and publish ingest image (push) Has been skipped
    Release / Build and publish ansible-api image (push) Has been skipped
    Release / Build ansible-api image (push) Successful in 0s
    Release / Publish ansible-api release (push) Has been skipped
    Release / Publish agent release (push) Has been skipped
    Release / Publish customer bundle (push) Has been skipped
    Release / Build web image (push) Successful in 0s
    Release / Build ingest image (push) Successful in 0s
    Release / Publish web release (push) Has been skipped
    Release / Publish customer bundle release (push) Has been skipped
    Release / Publish ingest release (push) Has been skipped
    Build and publish development Docker images / Build and publish web dev image (push) Successful in 5m0s
    Build and publish development Docker images / Build and publish ingest dev image (amd64) (push) Successful in 8m4s
    Build and publish development Docker images / Publish development customer bundle (push) Successful in 1m10s
    Build and publish development Docker images / Build and publish ingest dev image (arm64) (push) Successful in 11m12s
    Build and publish development Docker images / Publish ingest dev multi-arch tag (push) Successful in 43s
    Pre-release

    simon released this 2026-06-17 15:47:45 +00:00 | 25 commits to main since this release

    CT-Ops customer bundle v0.128.1 roll-up changelog

    Published 2026-06-17

    Included products

    • Customer bundle: v0.128.1
    • Web: v0.257.1
    • Agent: v0.50.0
    • Ingest: v0.32.1
    • Ansible API: v0.5.0
    • CT-Vault API: v0.1.4

    Component changes

    Customer bundle v0.128.1

    Bug Fixes

    • release: resolve bundle images from production tags (0e6c3e7)

    v0.128.0

    Features

    • upgrade: support development image channel (0f52203)

    v0.127.1

    Bug Fixes

    • host-editor: share tools panel empty state (7e36e98)

    v0.127.0

    Features

    • host-editor: add file tabs and browser actions (#690) (e439ae4)

    v0.126.3

    Bug Fixes

    • host-editor: browse remote directories from root (87ceb5c)

    v0.126.2

    Bug Fixes

    • host-editor: make blocked path preset explicit (e0cf20b)

    v0.126.1

    Bug Fixes

    • web: score actionable risk posture (b3d6d1a)

    v0.126.0

    Features

    • host-editor: add persistent editor panel (07b4a43)

    v0.125.2

    Bug Fixes

    • host-editor: accept trusted ssh host fingerprints (93f1f7e)

    v0.125.1

    Bug Fixes

    • host-editor: clarify SSH host key denial (3190adb)

    v0.125.0

    Features

    • host-editor: add SSH-backed remote file editor (e1bbe16)

    v0.124.0

    Features

    • hosts: add host editor access policy (b5dfcad)

    v0.123.0

    Features

    • search LDAP when adding domain accounts (d5cc0a1)

    v0.122.0

    Features

    • track domain service accounts (82b743c)

    v0.121.3

    Bug Fixes

    • itil: improve service impact UX (b9a7391)

    v0.121.2

    Bug Fixes

    • notifications: fill trend chart date buckets (9bc05c5)

    v0.121.1

    Bug Fixes

    • web: expand container network fullscreen dialog (2c3c56a)

    v0.121.0

    Features

    • web: add container exploit risk details (03d7f52)

    v0.120.1

    Bug Fixes

    • web: use global date formatter across app (24c4ee2)

    v0.120.0

    Features

    • settings: add global date format preference (4c64d0c)

    v0.119.3

    Bug Fixes

    • web: include CT-CVE script deps in image (13e85ee)

    v0.119.2

    Bug Fixes

    • ct-cve: repair inventory hash scan (dc8fbc3)

    v0.119.1

    Bug Fixes

    • settings: move host intelligence settings (d827fd0)

    v0.119.0

    Features

    • docker: add central Grype scan worker pool (380ac57)

    v0.118.1

    Bug Fixes

    • docker: serialize central grype scans (48676c2)

    v0.118.0

    Features

    • docker: reuse central image scan results (9752bbb)

    v0.117.7

    Bug Fixes

    • containers: add image scan request button (171d15d)

    v0.117.6

    Bug Fixes

    • containers: show readable exploit risk labels (246a5aa)

    v0.117.5

    Bug Fixes

    • docker: label image scans by Grype exploit risk (97a1146)

    v0.117.4

    Bug Fixes

    • bundle: backfill bundled agent on start (8a8db51)

    v0.117.3

    Bug Fixes

    • bundle: replace agent binary during upgrades (13f63ce)

    v0.117.2

    Bug Fixes

    • bundle: publish bundle-only agent binary releases (7ec3f9e)

    v0.117.1

    Bug Fixes

    • bundle: include agent binary in customer bundle (5a9b58f)

    v0.117.0

    Features

    • itil: expand operations and CMDB workbench (b9b276d)

    Bug Fixes

    • docker: allow larger syft sboms (15e0084)

    v0.116.2

    Bug Fixes

    • docker: allow long image scan uploads (3e579e1)

    v0.116.1

    Bug Fixes

    • docker: allow grype database updates (d131235)

    v0.116.0

    Features

    • logs: add host log error purge (5a66a82)

    Bug Fixes

    • ingest: align log ignores query with schema (252ccc0)
    • hosts: improve container network graph layout (91d8f30)

    v0.115.4

    Bug Fixes

    • docker: persist image scan rows with ids (bf89787)

    v0.115.3

    Bug Fixes

    • logs: require http context for 5xx scan matches (525a077)

    v0.115.2

    Bug Fixes

    • checks: ignore suppressed log scan findings (c08ec42)

    v0.115.1

    Bug Fixes

    • checks: stack log scan chart counts (414c2e0)

    v0.115.0

    Features

    • monitoring: allow multiple check alerts (b8817d1)

    v0.114.1

    Bug Fixes

    • checks: summarise log scan output (d2d3605)

    v0.114.0

    Features

    • db: compress retained metric hypertables (9211dd9)

    v0.113.6

    Bug Fixes

    • release: trigger soft delete removal deployment (c9833f5)

    v0.113.5

    Bug Fixes

    • hosts: spread network graph nodes (96468b1)

    v0.113.4

    Bug Fixes

    • certificates: hard delete replaced renewals (69f283b)

    v0.113.3

    Bug Fixes

    • ci: gate web release bundle dispatch (cf8f0d5)

    v0.113.2

    Bug Fixes

    • web: show container io deltas in charts (7ff6821)
    • certificates: retire replaced certificate renewals (b66154e)
    • ci: use build digest output for release images (#584) (60a8319)

    v0.113.1

    Bug Fixes

    • ct-cve: resolve removed package findings (1781c98)

    v0.113.0

    Features

    • docker: support server image scanning mode (e2cf44f)

    v0.112.3

    Bug Fixes

    • web: bundle detected app icons (a8003ce)

    v0.112.2

    Bug Fixes

    • security: allow app icon image CDN (707f80b)

    v0.112.1

    Bug Fixes

    • bundle: retry customer image pulls (0bca223)

    v0.112.0

    Features

    • docker: add image vulnerability scanning (4cdec33)

    v0.111.0

    Features

    • hosts: show detected app icons (deba7e2)

    v0.111.0

    Features

    • hosts: show detected app icons (deba7e2)

    v0.110.0

    Features

    • hosts: show log error rows on host overview (3766ed6)

    v0.109.0

    Features

    • networks: map discovered internal connections (4e86061)

    v0.108.1

    Bug Fixes

    • hosts: remove log error dial labels (058806b)

    v0.108.0

    Features

    • hosts: highlight host log search matches (643cab7)

    v0.107.0

    Features

    • hosts: add log error overview card (f409fa9)
    • hosts: open logs from error summary (faed414)

    v0.106.3

    Bug Fixes

    • hosts: debounce vulnerability search (5c5b90e)

    v0.106.2

    Bug Fixes

    • ct-cve: preserve finding import status (9483797)

    v0.106.1

    Bug Fixes

    • hosts: show log error dial breakdown (5712bd4)

    v0.106.0

    Features

    • hosts: add log error summary tabs (b38451c)

    v0.105.0

    Features

    • hosts: show service resource usage (d6a9520)

    v0.104.0

    Features

    • logs: add host log error scanning (1d6b336)

    v0.103.3

    Bug Fixes

    • dsum: preserve rollover task creation dates (515cbb1)

    v0.103.2

    Bug Fixes

    • dsum: expire standups at local midnight (95304bd)

    v0.103.1

    Bug Fixes

    • web: keep linked service graph roots together (aefac91)

    v0.103.0

    Features

    • web: add host potential savings report (adae589)

    v0.102.0

    Features

    • dsum: add table scheduling and engineer filters (040201b)

    v0.101.0

    Features

    • itil: display services by relationships (6baeede)

    v0.100.0

    Features

    • cmdb: add impact relationship vocabulary (536137f)

    v0.99.1

    Bug Fixes

    • services: preserve table hierarchy order (60388d0)

    v0.99.0

    Features

    • cmdb: link services to monitored resource health (9a47b85)

    Bug Fixes

    • web: roll open DSUM items forward (7a12e38)

    v0.98.0

    Features

    • services: add graph node context menu (69b180c)

    v0.97.2

    Bug Fixes

    • services: improve graph hierarchy layout (3696dbc)

    v0.97.1

    Bug Fixes

    • web: prevent service form select overlap (cdaaf24)

    v0.97.0

    Features

    • cmdb: add reference data options (85c8f7e)

    v0.96.1

    Bug Fixes

    • web: simplify DSUM action list (11d87a7)

    v0.96.0

    Features

    • itil: add CMDB and service model (1ddeacc)

    v0.95.1

    Bug Fixes

    • web: enable DSUM engineer view controls (1b683ca)

    v0.95.0

    Features

    • web: add DSUM engineer organiser view (936e4aa)

    v0.94.1

    Bug Fixes

    • web: confirm DSUM deletions (d0bf2b3)

    v0.94.0

    Features

    • web: improve DSUM task engineer summary (a59907b)

    v0.93.1

    Bug Fixes

    • web: add empty workspace icon (3f0e4e4)

    v0.93.0

    Features

    • web: add live editable DSUM boards (804b572)

    v0.92.2

    Bug Fixes

    • web: show DSUM title in workspace tabs (da387f8)

    v0.92.1

    Bug Fixes

    • web: allow closing final workspace tab (5b5d846)

    v0.92.0

    Features

    • web: add manual DSUM history actions (56ed589)

    v0.91.0

    Features

    • web: add workspace tab context actions (d054498)

    v0.90.0

    Features

    v0.89.0

    Features

    • web: add dsum stand-up view (475269a)

    v0.88.0

    Features

    • incidents: add incident workspace (c5e35c9)

    v0.87.1

    Bug Fixes

    • dashboard: disambiguate engineer event check query (fff2a3f)

    v0.87.0

    Features

    • dashboard: surface engineer operational events (370f776)

    v0.86.0

    Features

    • monitoring: consolidate host alerts into checks (270e1b5)

    v0.85.1

    Bug Fixes

    • upgrade: refresh release-owned image tag overrides (55e87b3)

    v0.85.0

    Features

    • work-queue: add engineer issue workflow (1062eab)

    v0.84.0

    Features

    • web: add check interval units (12e2985)

    v0.83.4

    Bug Fixes

    • web: darken check chart tooltip values (9ceceb5)

    v0.83.3

    Bug Fixes

    • web: align service account overview dial colours (55e2021)

    v0.83.2

    Bug Fixes

    • release: support local image overrides in bundles (995ad2a)

    v0.83.1

    Bug Fixes

    • monitoring: show relevant check history metrics (44ed2a4)

    v0.83.0

    Features

    • monitoring: add Docker volume size checks (bf0960a)

    v0.82.2

    Bug Fixes

    • dashboard: prioritize expired service accounts (879420b)

    v0.82.1

    Bug Fixes

    • monitoring: measure folder usage for disk checks (0094e71)

    v0.82.0

    Features

    • dashboard: add service account overview (909b5cc)

    v0.81.0

    Features

    • services: add alert actions (27ed59b)

    v0.80.0

    Features

    • web: add risk posture detail page (76ea9a2)

    v0.79.0

    Features

    • monitoring: add path size checks (886a9e4)

    v0.78.1

    Bug Fixes

    • services: secure agent service refreshes (87f90d9)

    v0.78.0

    Features

    • patch-status: refresh host patch telemetry (c43b768)

    v0.77.2

    Bug Fixes

    • agent: resend patch telemetry on reconnect (afa5512)

    v0.77.1

    Bug Fixes

    • patch-status: report host patch telemetry (ec1b4dd)

    v0.77.0

    Features

    • hosts: enrich host patch status detail (edbf921)

    v0.76.1

    Bug Fixes

    • hosts: restrict host logs to text files (5327268)

    v0.76.0

    Features

    • automation: show generated host group inventory (834c78d)

    v0.75.0

    Features

    • automation: label trial runs in history (c5aadf9)

    v0.74.1

    Bug Fixes

    • automation: align job list columns (08f1ccb)

    v0.74.0

    Features

    • hosts: add service status and live log tabs (dba1ee9)

    v0.73.1

    Bug Fixes

    • automation: reset launch button after completed runs (abaeab4)

    v0.73.0

    Features

    • automation: show job template run health (c99d6f4)

    v0.72.3

    Bug Fixes

    • automation: refresh job launch status (7d8a142)

    v0.72.2

    Bug Fixes

    • web: restrict read-only service account controls (ee79f67)

    v0.72.1

    Bug Fixes

    • auth: add setup email sign out (89a4a1d)

    v0.72.0

    Features

    • automation: add job launch options (0a7707b)

    v0.71.7

    Bug Fixes

    • automation: show ct-automation host counters (194ac86)

    v0.71.6

    Bug Fixes

    • automation: map ct-automation live event hosts (06df25e)

    v0.71.5

    Bug Fixes

    • automation: refresh ct-automation run mirrors live (b998c9b)

    v0.71.4

    Bug Fixes

    • automation: allow editing template targets (f551bf1)

    v0.71.3

    Bug Fixes

    • automation: refresh host status summaries (ec9e4d4)

    v0.71.2

    Bug Fixes

    • automation: harden template save retries (7636ba0)

    v0.71.1

    Bug Fixes

    • automation: refresh CT-Automation inventory before launch (43dc13d)

    v0.71.0

    Features

    • automation: improve CT-Automation job run history (84b8eb5)

    v0.70.2

    Bug Fixes

    • automation: refresh ct-automation launches (0f30f91)

    v0.70.1

    Bug Fixes

    • ingest: handle duplicate certificate renewals (d34a8c3)

    v0.70.0

    Features

    • automation: add CT-Automation run drill-down tabs (317d0a6)

    v0.69.9

    Bug Fixes

    • automation: accept current run summary responses (b9cc705)

    v0.69.8

    Bug Fixes

    • automation: accept direct launch run responses (22d71fa)

    v0.69.7

    Bug Fixes

    • automation: sync ct-automation inventory before template save (7455a95)

    v0.69.6

    Bug Fixes

    • automation: delete CT-Automation repositories (0a658d2)

    v0.69.5

    Bug Fixes

    • automation: purge failed repository credentials (11010ee)

    v0.69.4

    Bug Fixes

    • web: preserve repository SSH key newline (26edb62)

    v0.69.3

    Bug Fixes

    • web: validate repository SSH keys (4ad1b94)

    v0.69.2

    Bug Fixes

    • web: include git in runtime image (8e4a61b)

    v0.69.1

    Bug Fixes

    • web: include ssh-keyscan in runtime image (9ed3fc8)

    v0.69.0

    Features

    • automation: test ct-automation repositories (52ce750)

    v0.68.0

    Features

    • automation: configure ct-automation repositories (45f8dda)

    v0.67.2

    Bug Fixes

    • terminal: disable mobile username autocapitalization (2565fa1)

    v0.67.1

    Bug Fixes

    • certificates: restore deleted tracked certificates (a84e444)

    v0.67.0

    Features

    • web: add workspace tab refresh controls (f884b42)

    v0.66.1

    Bug Fixes

    • web: confirm certificate deletion (a2065c9)

    v0.66.0

    Features

    • tools: add user favourite tools page (4417046)

    v0.65.5

    Bug Fixes

    • automation: open job creation in modal (e2b3442)

    v0.65.4

    Bug Fixes

    • web: publish quieter e2e output (df7a5bb)

    v0.65.3

    Bug Fixes

    • web: preserve distinct workspace tab content (6e029c0)

    v0.65.2

    Bug Fixes

    • web: repair workspace tab switching (9381a39)

    v0.65.1

    Bug Fixes

    • web: preserve workspace tab state on switch (3f9a5a5)

    v0.65.0

    Features

    • web: add dashboard workspace tabs (c40bde1)

    v0.64.0

    Features

    • automation: improve ct-automation credential tab (0347f97)

    v0.63.1

    Bug Fixes

    • automation: align ct-automation credential creation (43c3a92)

    v0.63.0

    Features

    • automation: add CT-Automation credential creation (6812324)

    v0.62.4

    Bug Fixes

    • automation: clarify CT-Automation jobs workflow (92d8efa)

    v0.62.3

    Bug Fixes

    • agent: allow offline agents to renew credentials (a60b442)

    v0.62.2

    Bug Fixes

    • automation: require external automation services (781120f)

    v0.62.1

    Bug Fixes

    • automation: guard user table migration references (a952732)

    v0.62.0

    Features

    • automation: add CT-Automation run summaries (5b66cde)

    v0.61.0

    Features

    • automation: add live CT-Automation run log (171dc96)

    v0.60.0

    Features

    • automation: launch CT-Automation jobs (2a08c06)

    v0.59.0

    Features

    • automation: save ct automation job templates (7d2e0a2)

    v0.58.0

    Features

    • automation: add CT-Automation credential selector (9e39866)

    v0.57.0

    Features

    • automation: add host group inventory step (9af76e9)

    v0.56.0

    Features

    • automation: add repository playbook discovery step (3940c7e)

    v0.55.0

    Features

    • automation: add ct-automation job wizard shell (6eaadd0)

    v0.54.0

    Features

    • automation: add ct-automation connection settings (983947e)

    v0.53.0

    Features

    • automation: define ct-automation client contract (9d28fd3)

    v0.52.3

    Bug Fixes

    • agent: allow takeover of stale active hosts (2856571)

    v0.52.2

    Bug Fixes

    • agent: wait for takeover client cert (f204b6b)

    v0.52.1

    Bug Fixes

    • service-accounts: separate expiring password buckets (6249f2b)

    v0.52.0

    Features

    • agent: add inactive host takeover approval (f3f7976)

    v0.51.0

    Features

    • service-accounts: add expiry policy dashboard counts (ee08c22)

    v0.50.4

    Bug Fixes

    • agents: delete terminal vault credentials with hosts (ee9ad7e)

    v0.50.3

    Bug Fixes

    • web: rename vulnerability posture panel (cd7f833)

    v0.50.2

    Bug Fixes

    • web: resolve latest agent version live (522fc90)

    v0.50.1

    Bug Fixes

    • agent: renew JWTs before expiry (76f5330)

    v0.50.0

    Features

    • web: add Docker container network graph (872d197)

    v0.49.0

    Features

    • hosts: show resource usage details (74bbaa6)

    v0.48.1

    Bug Fixes

    • dashboard: show short agent downtime (15da585)

    v0.48.0

    Features

    • dashboard: show agent connection stability (85f7d80)

    v0.47.2

    Bug Fixes

    • releases: render release note markdown once (64bd50b)

    v0.47.1

    Bug Fixes

    • dashboard: widen agent status chart (a033643)

    v0.47.0

    Features

    • web: show vulnerability CVE breadth (11391ec)

    v0.46.2

    Bug Fixes

    • web: align dashboard vulnerability counts (08db01d)

    v0.46.1

    Bug Fixes

    • web: serialize overview availability date parameters (746a3cb)

    v0.46.0

    Features

    • dashboard: show seven day agent availability (f8c44ba)

    v0.45.2

    Bug Fixes

    • web: clarify CT-Vault member identifiers (6c7fa74)

    v0.45.1

    Bug Fixes

    • vulnerabilities: count relevant report findings (5b05896)

    v0.45.0

    Features

    • vulnerabilities: add executive posture overview (df3ea6f)

    v0.44.0

    Features

    • web: add dashboard drill-down links (ff2ea50)

    v0.43.1

    Bug Fixes

    • web: correct dashboard vulnerability dial segments (ba38c01)

    v0.43.0

    Features

    • branding: update CT login logo (2c8d47b)

    v0.42.0

    Features

    • web: add overview vulnerability posture (7b5a9fb)

    v0.41.0

    Features

    • web: refresh overview branding (96930ee)

    v0.40.1

    Bug Fixes

    • upgrade: ignore stale env backups during backup (08445e5)

    v0.40.0

    Features

    • terminal: add personal vault credential login (74aa8e6)

    v0.39.2

    Bug Fixes

    • password-manager: rebrand integration as ct-vault (3fab9ce)

    v0.39.1

    Bug Fixes

    • releases: fetch update status without caching (549e453)

    v0.39.0

    Features

    • releases: publish customer bundle rollup changelog (7c90173)

    v0.38.2

    Bug Fixes

    • releases: read installed bundle version at runtime (5752184)

    v0.38.1

    Bug Fixes

    • release: preserve image repository for digest capture (68a0b0c)

    v0.38.0

    Features

    • upgrade: add host-side systemd updater (ec33703)

    v0.37.2

    Bug Fixes

    • releases: align displayed version with customer bundle (171d6fb)

    v0.37.1

    Bug Fixes

    • release: derive missing Docker publish tags (7c1bca3)

    v0.37.0

    Features

    • releases: add bundle update panel (9eb7ddb)

    v0.36.2

    Bug Fixes

    • release: preserve reusable workflow tag inputs (92c7e38)

    v0.36.1

    Bug Fixes

    • ct-cve: avoid inventory push timeout (3a3a86c)

    v0.36.0

    Features

    • reports: filter vulnerabilities by network (cd01f79)

    v0.35.2

    Bug Fixes

    • release: repair ansible image workflow yaml (3d3bb3b)

    v0.35.1

    Bug Fixes

    • release: no-op disabled image publishes (cd223ed)

    v0.35.0

    Features

    • vulnerabilities: clarify report metrics and export (411faa5)

    Bug Fixes

    • release: gate component image jobs (876767d)

    v0.34.2

    Bug Fixes

    • release: refresh Forgejo release metadata (92620ab)

    v0.34.1

    Bug Fixes

    • ct-cve: ship RPM source EVR inventory fix in customer bundle (#87) (fdc9530)

    v0.34.0

    Features

    • hosts: ship affected-host visibility for CVE details in customer bundle (#85) (48ecfbc)

    v0.33.1

    Bug Fixes

    • hosts: ship host vulnerability CVE counting fix in customer bundle (#82) (f424133)

    v0.33.0

    Features

    • hosts: ship improved vulnerability finding controls in customer bundle (#71) (8ce0a25)

    Bug Fixes

    • release: ship portable customer bundle templates (#79) (653d293)

    v0.32.1

    Bug Fixes

    • web: ship stale inventory failure banner fix in customer bundle (#68) (cbba5fd)

    v0.32.0

    Features

    • hosts: ship paginated vulnerability findings in customer bundle (#66) (4936dde)

    v0.31.5

    Bug Fixes

    • tasks: ship patch task dispatch fix in customer bundle (#64) (74b6c69)

    v0.31.4

    Bug Fixes

    • ct-cve: ship finding callback persistence fix in customer bundle

    v0.31.3

    Bug Fixes

    • ct-cve: ship callback retry fixes in customer bundle

    v0.31.2

    Bug Fixes

    • ct-cve: ship printable inventory package fingerprints in customer bundle

    v0.31.1

    Bug Fixes

    • upgrade: show customer bundle and CT-Ops versions during upgrade

    v0.31.0

    Features

    • ct-cve: ship automatic package-change inventory pushes in customer bundle

    v0.30.0

    Features

    • ct-cve: ship manual inventory push in customer bundle

    v0.29.0

    Features

    • ct-cve: ship simple CT-CVE pairing in customer bundle
    • web: ship documentation sidebar link in customer bundle

    v0.28.10

    Bug Fixes

    • calendar: ship inclusive all-day host event date display in customer bundle

    v0.28.9

    Bug Fixes

    • ingest: ship web-aligned agent update discovery in customer bundle
    • web: ship stale server action recovery in customer bundle

    v0.28.8

    Bug Fixes

    • release: ship agent 0.38.2 web image in customer bundle

    v0.28.7

    Bug Fixes

    • release: ship calendar all-day event web image in customer bundle

    v0.28.6

    Bug Fixes

    • web: ship container inventory fix in customer bundle

    v0.28.4

    Bug Fixes

    • release: skip existing Forgejo bundle assets on rerun

    v0.28.3

    Bug Fixes

    • release: package bundles with the latest component image tags

    v0.28.2

    Bug Fixes

    • upgrade: download customer bundles from Forgejo (6a07269)

    v0.28.0

    Features

    • ansible: add simple pairing flow (79d8e20)

    v0.27.3

    Bug Fixes

    • settings: improve LDAP certificate editing (44e5492)

    v0.27.2

    Bug Fixes

    • terminal: prefer host IP for SSH sessions (1388ea3)

    v0.27.1

    Bug Fixes

    • hosts: clean docker rows on delete (306848b)

    v0.27.0

    Features

    • terminal: support custom SSH ports (36872a6)

    v0.26.0

    Features

    • deploy: add SSH access to agent dev containers (8bea994)

    v0.25.1

    Bug Fixes

    • ldap: align add form with AD defaults (d1deb2b)

    v0.25.0

    Features

    • password-manager: refresh unlocked vault entries (525f7ee)

    v0.24.0

    Features

    • web: add Ansible automation runbook (afd64cd)

    v0.23.0

    Features

    v0.22.0

    Features

    v0.21.0

    Features

    • hosts: add activity dialog association tabs (d8ed7dc)

    v0.20.3

    Bug Fixes

    • password-manager: align launch assertion tenant claims (aebc947)

    v0.20.2

    Bug Fixes

    • dev: connect agent containers to dev network (29807ef)

    v0.20.1

    Bug Fixes

    • agent: include token in enrollment view command (370aa08), closes #1426

    v0.20.0

    Features

    v0.19.4

    Bug Fixes

    • dev-stack: run web containers as local user (ed83e98)

    v0.19.3

    Bug Fixes

    • web: rename host admin tab to activity (6a1c69c)

    v0.19.2

    Bug Fixes

    • web: resolve focused validation issues (59adfef)

    v0.19.1

    Bug Fixes

    • calendar: refresh host-linked entries automatically (#1415) (76363c7)

    v0.19.0

    Features

    • web: improve host container telemetry views (#1409) (b143565)

    Bug Fixes

    • agents: show enrolment install URL when viewing tokens (#1412) (eb90bd4)
    • calendar: contain operations calendar scrolling (#1406) (2235d87)

    v0.18.1

    Bug Fixes

    • auth: prevent prehydration login form submits (aaeb305)

    v0.18.0

    Features

    • dev: expose local stack for agent testing (fb3d5dc)

    v0.17.0

    Features

    • dev: add local full-stack dev launcher (3b3d96c)

    v0.16.0

    Features

    v0.15.1

    Bug Fixes

    • ingest: close docker inventory rows before lifecycle inserts (#1392) (cba037a)

    v0.15.0

    Features

    • web: add host admin tab for notes (9c1fd6d)

    v0.14.1

    Bug Fixes

    • docker: collect running container metrics (8e5dca4)

    v0.14.0

    Features

    • docker: add container alert rules (b76feb2)

    v0.13.0

    Features

    • docker: add container lifecycle timeline (a527cb6)

    v0.12.0

    Features

    • docker: add top container rankings (04a75c5)

    v0.11.0

    Features

    • ingest: add docker telemetry retention sweeper (3e236b5)

    v0.10.0

    Features

    • web: add host docker retention override (11dd597)

    v0.9.0

    Features

    • settings: add Docker metric retention setting (0231f78)

    v0.8.0

    Features

    • web: add docker container metric charts (b7f06f3)

    v0.7.0

    Features

    • docker: upload container telemetry batches (83a9de4)

    v0.6.0

    Features

    v0.5.0

    Features

    • ingest: upsert docker container inventory (#1353) (376e81e)

    v0.4.0

    Features

    v0.3.0

    Features

    • ingest: persist Docker runtime status (2be7dff)

    v0.2.0

    Features

    • proto: add Docker telemetry contract (6801f46)
    • proto: add Docker telemetry contract (3a5251b)

    v0.1.7

    Bug Fixes

    • ansible: scope ping logs by host name (f13561f)

    v0.1.6

    Bug Fixes

    • automation: hide ansible controls when disabled (0250e35)

    v0.1.5

    Bug Fixes

    • upgrade: avoid self-overwriting running script (7cb15a6)

    v0.1.4

    Bug Fixes

    • web: remove auth secrets from Docker build args (#1329) (e91baf7)

    v0.1.3

    Bug Fixes

    • bundle: verify ansible profile image pin (1db8184)

    v0.1.2

    Bug Fixes

    • bundle: resolve released image version tags (68dd07c)

    v0.1.1

    Bug Fixes

    • ansible-api: report hostnames in ping output (1af0cb6), closes #1316
    • ansible: scope ping output per host (96ea431)
    • bundle: release customer bundle independently (026dbdb)

    Web v0.257.1

    Bug Fixes

    • host-editor: share tools panel empty state (7e36e98)

    v0.257.0

    Features

    • host-editor: add file tabs and browser actions (#690) (e439ae4)

    v0.256.3

    Bug Fixes

    • host-editor: browse remote directories from root (87ceb5c)

    v0.256.2

    Bug Fixes

    • host-editor: make blocked path preset explicit (e0cf20b)

    v0.256.1

    Bug Fixes

    • web: score actionable risk posture (b3d6d1a)

    v0.256.0

    Features

    • host-editor: add persistent editor panel (07b4a43)

    v0.255.2

    Bug Fixes

    • host-editor: accept trusted ssh host fingerprints (93f1f7e)

    v0.255.1

    Bug Fixes

    • host-editor: clarify SSH host key denial (3190adb)

    v0.255.0

    Features

    • host-editor: add SSH-backed remote file editor (e1bbe16)

    v0.254.0

    Features

    • hosts: add host editor access policy (b5dfcad)

    v0.253.0

    Features

    • search LDAP when adding domain accounts (d5cc0a1)

    v0.252.0

    Features

    • track domain service accounts (82b743c)

    v0.251.3

    Bug Fixes

    • itil: improve service impact UX (b9a7391)

    v0.251.2

    Bug Fixes

    • notifications: fill trend chart date buckets (9bc05c5)

    v0.251.1

    Bug Fixes

    • web: expand container network fullscreen dialog (2c3c56a)

    v0.251.0

    Features

    • web: add container exploit risk details (03d7f52)

    v0.250.1

    Bug Fixes

    • web: use global date formatter across app (24c4ee2)

    v0.250.0

    Features

    • settings: add global date format preference (4c64d0c)

    v0.249.2

    Bug Fixes

    • web: include CT-CVE script deps in image (13e85ee)

    v0.249.1

    Bug Fixes

    • settings: move host intelligence settings (d827fd0)

    v0.249.0

    Features

    • docker: add central Grype scan worker pool (380ac57)

    v0.248.3

    Bug Fixes

    • containers: add image scan request button (171d15d)

    v0.248.2

    Bug Fixes

    • containers: show readable exploit risk labels (246a5aa)

    v0.248.1

    Bug Fixes

    • docker: label image scans by Grype exploit risk (97a1146)

    v0.248.0

    Features

    • itil: expand operations and CMDB workbench (b9b276d)

    v0.247.0

    Features

    • logs: add host log error purge (5a66a82)

    Bug Fixes

    • hosts: improve container network graph layout (91d8f30)

    v0.246.1

    Bug Fixes

    • checks: stack log scan chart counts (414c2e0)

    v0.246.0

    Features

    • monitoring: allow multiple check alerts (b8817d1)

    v0.245.1

    Bug Fixes

    • checks: summarise log scan output (d2d3605)

    v0.245.0

    Features

    • db: compress retained metric hypertables (9211dd9)

    v0.244.3

    Bug Fixes

    • release: trigger soft delete removal deployment (c9833f5)

    v0.244.2

    Bug Fixes

    • hosts: spread network graph nodes (96468b1)

    v0.244.1

    Bug Fixes

    • web: show container io deltas in charts (7ff6821)

    v0.244.0

    Features

    • docker: support server image scanning mode (e2cf44f)

    v0.243.2

    Bug Fixes

    • web: bundle detected app icons (a8003ce)

    v0.243.1

    Bug Fixes

    • security: allow app icon image CDN (707f80b)

    v0.243.0

    Features

    • docker: add image vulnerability scanning (4cdec33)

    v0.242.0

    Features

    • hosts: show detected app icons (deba7e2)

    v0.242.0

    Features

    • hosts: show detected app icons (deba7e2)

    v0.241.0

    Features

    • hosts: show log error rows on host overview (3766ed6)

    v0.240.0

    Features

    • networks: map discovered internal connections (4e86061)

    v0.239.1

    Bug Fixes

    • hosts: remove log error dial labels (058806b)

    v0.239.0

    Features

    • hosts: highlight host log search matches (643cab7)

    v0.238.0

    Features

    • hosts: add log error overview card (f409fa9)
    • hosts: open logs from error summary (faed414)

    v0.237.2

    Bug Fixes

    • hosts: debounce vulnerability search (5c5b90e)

    v0.237.1

    Bug Fixes

    • hosts: show log error dial breakdown (5712bd4)

    v0.237.0

    Features

    • hosts: add log error summary tabs (b38451c)

    v0.236.0

    Features

    • hosts: show service resource usage (d6a9520)

    v0.235.0

    Features

    • logs: add host log error scanning (1d6b336)

    v0.234.3

    Bug Fixes

    • dsum: preserve rollover task creation dates (515cbb1)

    v0.234.2

    Bug Fixes

    • dsum: expire standups at local midnight (95304bd)

    v0.234.1

    Bug Fixes

    • web: keep linked service graph roots together (aefac91)

    v0.234.0

    Features

    • web: add host potential savings report (adae589)

    v0.233.0

    Features

    • dsum: add table scheduling and engineer filters (040201b)

    v0.232.0

    Features

    • itil: display services by relationships (6baeede)

    v0.231.0

    Features

    • cmdb: add impact relationship vocabulary (536137f)

    v0.230.1

    Bug Fixes

    • services: preserve table hierarchy order (60388d0)

    v0.230.0

    Features

    • cmdb: link services to monitored resource health (9a47b85)

    Bug Fixes

    • web: roll open DSUM items forward (7a12e38)

    v0.229.0

    Features

    • services: add graph node context menu (69b180c)

    v0.228.2

    Bug Fixes

    • services: improve graph hierarchy layout (3696dbc)

    v0.228.1

    Bug Fixes

    • web: prevent service form select overlap (cdaaf24)

    v0.228.0

    Features

    • cmdb: add reference data options (85c8f7e)

    v0.227.1

    Bug Fixes

    • web: simplify DSUM action list (11d87a7)

    v0.227.0

    Features

    • itil: add CMDB and service model (1ddeacc)

    v0.226.1

    Bug Fixes

    • web: enable DSUM engineer view controls (1b683ca)

    v0.226.0

    Features

    • web: add DSUM engineer organiser view (936e4aa)

    v0.225.1

    Bug Fixes

    • web: confirm DSUM deletions (d0bf2b3)

    v0.225.0

    Features

    • web: improve DSUM task engineer summary (a59907b)

    v0.224.1

    Bug Fixes

    • web: add empty workspace icon (3f0e4e4)

    v0.224.0

    Features

    • web: add live editable DSUM boards (804b572)

    v0.223.2

    Bug Fixes

    • web: show DSUM title in workspace tabs (da387f8)

    v0.223.1

    Bug Fixes

    • web: allow closing final workspace tab (5b5d846)

    v0.223.0

    Features

    • web: add manual DSUM history actions (56ed589)

    v0.222.0

    Features

    • web: add workspace tab context actions (d054498)

    v0.221.0

    Features

    v0.220.0

    Features

    • web: add dsum stand-up view (475269a)

    v0.219.0

    Features

    • incidents: add incident workspace (c5e35c9)

    v0.218.1

    Bug Fixes

    • dashboard: disambiguate engineer event check query (fff2a3f)

    v0.218.0

    Features

    • dashboard: surface engineer operational events (370f776)

    v0.217.0

    Features

    • monitoring: consolidate host alerts into checks (270e1b5)

    v0.216.0

    Features

    • work-queue: add engineer issue workflow (1062eab)

    v0.215.0

    Features

    • web: add check interval units (12e2985)

    v0.214.3

    Bug Fixes

    • web: darken check chart tooltip values (9ceceb5)

    v0.214.2

    Bug Fixes

    • web: align service account overview dial colours (55e2021)

    v0.214.1

    Bug Fixes

    • monitoring: show relevant check history metrics (44ed2a4)

    v0.214.0

    Features

    • monitoring: add Docker volume size checks (bf0960a)

    v0.213.2

    Bug Fixes

    • dashboard: prioritize expired service accounts (879420b)

    v0.213.1

    Bug Fixes

    • monitoring: measure folder usage for disk checks (0094e71)

    v0.213.0

    Features

    • dashboard: add service account overview (909b5cc)

    v0.212.0

    Features

    • services: add alert actions (27ed59b)

    v0.211.0

    Features

    • web: add risk posture detail page (76ea9a2)

    v0.210.0

    Features

    • monitoring: add path size checks (886a9e4)

    v0.209.1

    Bug Fixes

    • services: secure agent service refreshes (87f90d9)

    v0.209.0

    Features

    • patch-status: refresh host patch telemetry (c43b768)

    v0.208.1

    Bug Fixes

    • patch-status: report host patch telemetry (ec1b4dd)

    v0.208.0

    Features

    • hosts: enrich host patch status detail (edbf921)

    v0.207.1

    Bug Fixes

    • hosts: restrict host logs to text files (5327268)

    v0.207.0

    Features

    • automation: show generated host group inventory (834c78d)

    v0.206.0

    Features

    • automation: label trial runs in history (c5aadf9)

    v0.205.1

    Bug Fixes

    • automation: align job list columns (08f1ccb)

    v0.205.0

    Features

    • hosts: add service status and live log tabs (dba1ee9)

    v0.204.1

    Bug Fixes

    • automation: reset launch button after completed runs (abaeab4)

    v0.204.0

    Features

    • automation: show job template run health (c99d6f4)

    v0.203.3

    Bug Fixes

    • automation: refresh job launch status (7d8a142)

    v0.203.2

    Bug Fixes

    • web: restrict read-only service account controls (ee79f67)

    v0.203.1

    Bug Fixes

    • auth: add setup email sign out (89a4a1d)

    v0.203.0

    Features

    • automation: add job launch options (0a7707b)

    v0.202.7

    Bug Fixes

    • automation: show ct-automation host counters (194ac86)

    v0.202.6

    Bug Fixes

    • automation: map ct-automation live event hosts (06df25e)

    v0.202.5

    Bug Fixes

    • automation: refresh ct-automation run mirrors live (b998c9b)

    v0.202.4

    Bug Fixes

    • automation: allow editing template targets (f551bf1)

    v0.202.3

    Bug Fixes

    • automation: refresh host status summaries (ec9e4d4)

    v0.202.2

    Bug Fixes

    • automation: harden template save retries (7636ba0)

    v0.202.1

    Bug Fixes

    • automation: refresh CT-Automation inventory before launch (43dc13d)

    v0.202.0

    Features

    • automation: improve CT-Automation job run history (84b8eb5)

    v0.201.1

    Bug Fixes

    • automation: refresh ct-automation launches (0f30f91)

    v0.201.0

    Features

    • automation: add CT-Automation run drill-down tabs (317d0a6)

    v0.200.9

    Bug Fixes

    • automation: accept current run summary responses (b9cc705)

    v0.200.8

    Bug Fixes

    • automation: accept direct launch run responses (22d71fa)

    v0.200.7

    Bug Fixes

    • automation: sync ct-automation inventory before template save (7455a95)

    v0.200.6

    Bug Fixes

    • automation: delete CT-Automation repositories (0a658d2)

    v0.200.5

    Bug Fixes

    • automation: purge failed repository credentials (11010ee)

    v0.200.4

    Bug Fixes

    • web: preserve repository SSH key newline (26edb62)

    v0.200.3

    Bug Fixes

    • web: validate repository SSH keys (4ad1b94)

    v0.200.2

    Bug Fixes

    • web: include git in runtime image (8e4a61b)

    v0.200.1

    Bug Fixes

    • web: include ssh-keyscan in runtime image (9ed3fc8)

    v0.200.0

    Features

    • automation: test ct-automation repositories (52ce750)

    v0.199.0

    Features

    • automation: configure ct-automation repositories (45f8dda)

    v0.198.2

    Bug Fixes

    • terminal: disable mobile username autocapitalization (2565fa1)

    v0.198.1

    Bug Fixes

    • certificates: restore deleted tracked certificates (a84e444)

    v0.198.0

    Features

    • web: add workspace tab refresh controls (f884b42)

    v0.197.1

    Bug Fixes

    • web: confirm certificate deletion (a2065c9)

    v0.197.0

    Features

    • tools: add user favourite tools page (4417046)

    v0.196.5

    Bug Fixes

    • automation: open job creation in modal (e2b3442)

    v0.196.4

    Bug Fixes

    • web: publish quieter e2e output (df7a5bb)

    v0.196.3

    Bug Fixes

    • web: preserve distinct workspace tab content (6e029c0)

    v0.196.2

    Bug Fixes

    • web: repair workspace tab switching (9381a39)

    v0.196.1

    Bug Fixes

    • web: preserve workspace tab state on switch (3f9a5a5)

    v0.196.0

    Features

    • web: add dashboard workspace tabs (c40bde1)

    v0.195.0

    Features

    • automation: improve ct-automation credential tab (0347f97)

    v0.194.1

    Bug Fixes

    • automation: align ct-automation credential creation (43c3a92)

    v0.194.0

    Features

    • automation: add CT-Automation credential creation (6812324)

    v0.193.3

    Bug Fixes

    • automation: clarify CT-Automation jobs workflow (92d8efa)

    v0.193.2

    Bug Fixes

    • automation: require external automation services (781120f)

    v0.193.1

    Bug Fixes

    • automation: guard user table migration references (a952732)

    v0.193.0

    Features

    • automation: add CT-Automation run summaries (5b66cde)

    v0.192.0

    Features

    • automation: add live CT-Automation run log (171dc96)

    v0.191.0

    Features

    • automation: launch CT-Automation jobs (2a08c06)

    v0.190.0

    Features

    • automation: save ct automation job templates (7d2e0a2)

    v0.189.0

    Features

    • automation: add CT-Automation credential selector (9e39866)

    v0.188.0

    Features

    • automation: add host group inventory step (9af76e9)

    v0.187.0

    Features

    • automation: add repository playbook discovery step (3940c7e)

    v0.186.0

    Features

    • automation: add ct-automation job wizard shell (6eaadd0)

    v0.185.0

    Features

    • automation: add ct-automation connection settings (983947e)

    v0.184.0

    Features

    • automation: define ct-automation client contract (9d28fd3)

    v0.183.2

    Bug Fixes

    • agent: allow takeover of stale active hosts (2856571)

    v0.183.1

    Bug Fixes

    • service-accounts: separate expiring password buckets (6249f2b)

    v0.183.0

    Features

    • agent: add inactive host takeover approval (f3f7976)

    v0.182.0

    Features

    • service-accounts: add expiry policy dashboard counts (ee08c22)

    v0.181.3

    Bug Fixes

    • agents: delete terminal vault credentials with hosts (ee9ad7e)

    v0.181.2

    Bug Fixes

    • web: rename vulnerability posture panel (cd7f833)

    v0.181.1

    Bug Fixes

    • web: resolve latest agent version live (522fc90)

    v0.181.0

    Features

    • web: add Docker container network graph (872d197)

    v0.180.0

    Features

    • hosts: show resource usage details (74bbaa6)

    v0.179.1

    Bug Fixes

    • dashboard: show short agent downtime (15da585)

    v0.179.0

    Features

    • dashboard: show agent connection stability (85f7d80)

    v0.178.2

    Bug Fixes

    • releases: render release note markdown once (64bd50b)

    v0.178.1

    Bug Fixes

    • dashboard: widen agent status chart (a033643)

    v0.178.0

    Features

    • web: show vulnerability CVE breadth (11391ec)

    v0.177.2

    Bug Fixes

    • web: align dashboard vulnerability counts (08db01d)

    v0.177.1

    Bug Fixes

    • web: serialize overview availability date parameters (746a3cb)

    v0.177.0

    Features

    • dashboard: show seven day agent availability (f8c44ba)

    v0.176.2

    Bug Fixes

    • web: clarify CT-Vault member identifiers (6c7fa74)

    v0.176.1

    Bug Fixes

    • vulnerabilities: count relevant report findings (5b05896)

    v0.176.0

    Features

    • vulnerabilities: add executive posture overview (df3ea6f)

    v0.175.0

    Features

    • web: add dashboard drill-down links (ff2ea50)

    v0.174.1

    Bug Fixes

    • web: correct dashboard vulnerability dial segments (ba38c01)

    v0.174.0

    Features

    • branding: update CT login logo (2c8d47b)

    v0.173.0

    Features

    • web: add overview vulnerability posture (7b5a9fb)

    v0.172.0

    Features

    • web: refresh overview branding (96930ee)

    v0.171.0

    Features

    • terminal: add personal vault credential login (74aa8e6)

    v0.170.2

    Bug Fixes

    • password-manager: rebrand integration as ct-vault (3fab9ce)

    v0.170.1

    Bug Fixes

    • releases: fetch update status without caching (549e453)

    v0.170.0

    Features

    • releases: publish customer bundle rollup changelog (7c90173)

    v0.169.1

    Bug Fixes

    • releases: read installed bundle version at runtime (5752184)

    v0.169.0

    Features

    • upgrade: add host-side systemd updater (ec33703)

    v0.168.1

    Bug Fixes

    • releases: align displayed version with customer bundle (171d6fb)

    v0.168.0

    Features

    • releases: add bundle update panel (9eb7ddb)

    v0.167.0

    Features

    • reports: filter vulnerabilities by network (cd01f79)

    v0.166.0

    Features

    • vulnerabilities: clarify report metrics and export (411faa5)

    v0.165.1

    Bug Fixes

    • ct-cve: send RPM source EVR in inventory (#87) (fdc9530)

    v0.165.0

    Features

    • hosts: show affected hosts for CVE details (#85) (48ecfbc)

    v0.164.1

    Bug Fixes

    • hosts: count host vulnerabilities by CVE (#82) (f424133)

    v0.164.0

    Features

    • hosts: improve vulnerability finding controls (#71) (8ce0a25)

    Bug Fixes

    • release: use portable customer bundle templates (#79) (653d293)

    v0.163.1

    Bug Fixes

    • web: hide stale inventory failure banner (#68) (cbba5fd)

    v0.163.0

    Features

    • hosts: paginate vulnerability findings (#66) (4936dde)

    v0.162.3

    Bug Fixes

    • tasks: show final task errors when no output was captured (#64) (74b6c69)

    v0.162.2

    Bug Fixes

    • ct-cve: persist finding callback timestamp conflicts

    v0.162.1

    Bug Fixes

    • ct-cve: use internal callback URL for pairing

    v0.162.0

    Features

    • ct-cve: add manual inventory push

    v0.161.0

    Features

    • ct-cve: add simple pairing flow
    • web: add documentation sidebar link

    v0.160.3

    Bug Fixes

    • calendar: show all-day host event dates inclusively

    v0.160.2

    Bug Fixes

    • web: recover stale server action clients

    v0.160.1

    Bug Fixes

    • release: bake agent 0.38.2 into web image

    v0.160.0

    Features

    • calendar: add all-day event creation from week views

    v0.159.5

    Bug Fixes

    • web: hide not-present container inventory rows

    v0.159.3

    Bug Fixes

    • release: inline Forgejo web image publish

    v0.159.2

    Bug Fixes

    • web: include agent binary checksum sidecars

    v0.159.1

    Bug Fixes

    • web: simplify host container screen (002cc40)

    v0.159.0

    Features

    • ansible: add simple pairing flow (79d8e20)

    v0.158.2

    Bug Fixes

    • settings: improve LDAP certificate editing (44e5492)

    v0.158.1

    Bug Fixes

    • hosts: clean docker rows on delete (306848b)

    v0.158.0

    Features

    • terminal: support custom SSH ports (36872a6)

    v0.157.1

    Bug Fixes

    • ldap: align add form with AD defaults (d1deb2b)

    v0.157.0

    Features

    • password-manager: refresh unlocked vault entries (525f7ee)

    v0.156.0

    Features

    • web: add Ansible automation runbook (afd64cd)

    v0.155.0

    Features

    v0.154.0

    Features

    v0.153.0

    Features

    • hosts: add activity dialog association tabs (d8ed7dc)

    v0.152.2

    Bug Fixes

    • password-manager: align launch assertion tenant claims (aebc947)

    v0.152.1

    Bug Fixes

    • agent: include token in enrollment view command (370aa08), closes #1426

    v0.152.0

    Features

    v0.151.4

    Bug Fixes

    • dev-stack: run web containers as local user (ed83e98)

    v0.151.3

    Bug Fixes

    • web: rename host admin tab to activity (6a1c69c)

    v0.151.2

    Bug Fixes

    • web: resolve focused validation issues (59adfef)

    v0.151.1

    Bug Fixes

    • calendar: refresh host-linked entries automatically (#1415) (76363c7)

    v0.151.0

    Features

    • web: improve host container telemetry views (#1409) (b143565)

    Bug Fixes

    • agents: show enrolment install URL when viewing tokens (#1412) (eb90bd4)
    • calendar: contain operations calendar scrolling (#1406) (2235d87)

    v0.150.1

    Bug Fixes

    • auth: prevent prehydration login form submits (aaeb305)

    v0.150.0

    Features

    • dev: add local full-stack dev launcher (3b3d96c)

    v0.149.0

    Features

    v0.148.0

    Features

    • web: add host admin tab for notes (9c1fd6d)

    v0.147.1

    Bug Fixes

    • docker: collect running container metrics (8e5dca4)

    v0.147.0

    Features

    • docker: add container alert rules (b76feb2)

    v0.146.0

    Features

    • docker: add container lifecycle timeline (a527cb6)

    v0.145.0

    Features

    • docker: add top container rankings (04a75c5)

    v0.144.0

    Features

    • web: add host docker retention override (11dd597)

    v0.143.0

    Features

    • settings: add Docker metric retention setting (0231f78)

    v0.142.0

    Features

    • web: add docker container metric charts (b7f06f3)

    v0.141.0

    Features

    • docker: upload container telemetry batches (83a9de4)

    v0.140.0

    Features

    v0.139.0

    Features

    • ingest: upsert docker container inventory (#1353) (376e81e)

    v0.138.0

    Features

    v0.137.0

    Features

    • ingest: persist Docker runtime status (2be7dff)

    v0.136.2

    Bug Fixes

    • automation: hide ansible controls when disabled (0250e35)

    v0.136.1

    Bug Fixes

    • web: remove auth secrets from Docker build args (#1329) (e91baf7)

    v0.136.0

    Features

    v0.135.2

    Bug Fixes

    • web: cover bundle restart port guard regression (#1307) (94c90c4)

    v0.135.1

    Bug Fixes

    • web: cover customer start script query regression (#1304) (557d214)

    v0.135.0

    Features

    • automation: add feature flags and ansible provider foundation (#1301) (d8959fc)

    v0.134.0

    Features

    • password-manager: add instance audit view (d990582)

    Bug Fixes

    • password-manager: hide vault mutation UI for read-only roles (#1300) (c33362f)

    v0.133.1

    Bug Fixes

    • password-manager: simplify vault member settings (9d0b301)

    v0.133.0

    Features

    • password-manager: add entry field copy controls (fef37e3)

    v0.132.1

    Bug Fixes

    • agent: align enrolment token environment (713f007)

    v0.132.0

    Features

    • web: surface instance name context (230cd2c)

    v0.131.11

    Bug Fixes

    • auth: prevent cached session data after account changes (b6a6947)

    v0.131.10

    Bug Fixes

    • web: refresh people list after invite conflicts (#1280) (56f571d)

    v0.131.9

    Bug Fixes

    • auth: create configured standalone instance scope (132af34)

    v0.131.8

    Bug Fixes

    • auth: show unscoped direct signups in people (13147cb)

    v0.131.7

    Bug Fixes

    • auth: hold direct signups for role assignment (c553185)

    v0.131.6

    Bug Fixes

    • auth: persist direct signup instance membership (5aab11e)

    v0.131.5

    Bug Fixes

    • web: guard team invites without instance scope (8c4bebc)

    v0.131.4

    Bug Fixes

    • password-manager: tolerate undecryptable vault records (da67394)

    v0.131.3

    Bug Fixes

    • password-manager: fetch rotation public keys (f2a9acf)

    v0.131.2

    Bug Fixes

    • password-manager: surface vault rotation feedback (60ea344)

    v0.131.1

    Bug Fixes

    • password-manager: allow standalone launch assertions (1ece1e3)

    v0.131.0

    Features

    • web: remove instance scope from web baseline (0b41340)
    • web: remove instance scope from web baseline (c1a8e54)

    v0.130.0

    Features

    • web: remove org inputs from reporting surfaces (bb0e67f)
    • web: remove org inputs from reporting surfaces (98fa687)

    v0.129.3

    Bug Fixes

    • web: restore standalone admin access (b5ab5f1)

    v0.129.2

    Bug Fixes

    • web: allow standalone sidebar routes (c77d54b)

    v0.129.1

    Bug Fixes

    v0.129.0

    Features

    • web: remove org ids from task 11 surfaces (#1235) (46cfa5e)

    v0.128.0

    Features

    • web: remove org scope from task runs and schedules (#1232) (16f1f47)

    v0.127.0

    Features

    • web: remove org scope from host detail core (#1226) (d540a3d)
    • web: remove org scope from host groups and networks (#1229) (19045b8)
    • web: remove org scope from host settings slice (#1228) (48184a2)

    v0.126.0

    Features

    • web: remove org scope from host inventory (#1223) (8fe035f)

    v0.125.0

    Features

    • web: remove instance onboarding from auth setup (#1218) (863f40e)

    v0.124.5

    Bug Fixes

    • release: bake latest agent manifest into ct-ops images (79a22a4)

    v0.124.4

    Bug Fixes

    • calendar: lay out overlapping timed events (7aaf6b1)
    • web: cover generated ct-ops TLS certificate SAN (2f4d62e)

    v0.124.3

    Bug Fixes

    • web: resolve latest agent download release (1113753)

    v0.124.2

    Bug Fixes

    • calendar: replace operations calendar renderer (#1197) (5e56336)

    v0.124.1

    Bug Fixes

    • hosts: hard-delete pending certificate signing rows (f4b64af)

    v0.124.0

    Features

    v0.123.2

    Bug Fixes

    • calendar: restore time grid slot layout (8ae2c58)

    v0.123.1

    Bug Fixes

    • calendar: improve operations calendar layouts (1f8f474)

    v0.123.0

    Features

    • calendar: add operations planning calendar (80d6217)

    v0.122.4

    Bug Fixes

    v0.122.3

    Bug Fixes

    • notifications: await inbox mutation refreshes (c922465), closes #998

    v0.122.2

    Bug Fixes

    v0.122.1

    Bug Fixes

    • notifications: await bell mark-read before navigation (#1179) (2d43715)

    v0.122.0

    Features

    • web: configure CT-CVE connector in app (415cac3)

    v0.121.1

    Bug Fixes

    • web: await network mutation refreshes (62778fe), closes #996

    v0.121.0

    Features

    • password-manager: add entry password visibility toggles (47ab2b4)

    Bug Fixes

    • web: replace CT-Ops logo asset (dc2138a)

    v0.120.1

    Bug Fixes

    • web: improve password manager generator layout (#1165) (513402c)

    v0.120.0

    Features

    • web: add CarrTech logo and favicon (b46f58d)

    Bug Fixes

    • web: update patch status chart semantics (c49c095)

    v0.119.0

    Features

    v0.118.0

    Features

    • password-manager: add SSH key pair view and copy actions (a8fed28)

    v0.117.0

    Features

    • password-manager: add SSH key pair entries (217f25d)

    v0.116.9

    Bug Fixes

    • web: reject blocked certificate checker ports (2dc255f)

    v0.116.8

    Bug Fixes

    v0.116.7

    Bug Fixes

    • profile: derive updates from session (7327b43), closes #1112

    v0.116.6

    Bug Fixes

    • auth: align LDAP session cookie with secure auth URL (2626387)

    v0.116.5

    Bug Fixes

    • ldap: support UPN login search (12f1c4b)

    v0.116.4

    Bug Fixes

    • auth: select LDAP login integration (d5f3ee7)

    v0.116.3

    Bug Fixes

    • password-manager: rename vault settings action (9ddcbc2)

    v0.116.2

    Bug Fixes

    • password-manager: use icon entry actions (f61da1a)

    v0.116.1

    Bug Fixes

    v0.116.0

    Features

    • password-manager: harden vault secret handling (722a50c)

    v0.115.0

    Features

    • profile: add 2fa qr setup code (c233b83)

    v0.114.0

    Features

    • auth: add user two-factor enforcement (9f41683)
    • password-manager: add entry templates (c6789fb)

    v0.113.1

    Bug Fixes

    • password-manager: require confirmation for vault exports (acedafc)

    v0.113.0

    Features

    • terminal: trust SSH host keys from agents (2ab4e2e)

    v0.112.0

    Features

    • password-manager: focus workspace on passwords (94d6d39)

    v0.111.1

    Performance Improvements

    • password-manager: reduce browser workload (55b4681)

    v0.111.0

    Features

    • password-manager: add member recipient selector (#1101) (1695481)

    v0.110.4

    Bug Fixes

    • auth: respect invite signup verification policy (d4601b2)

    v0.110.3

    Bug Fixes

    • password-manager: pin api image from release descriptor (5238842)

    v0.110.2

    Bug Fixes

    • certs: block DNS rebinding in tracked refresh (73ade2b), closes #968

    v0.110.1

    Bug Fixes

    • password-manager: close hosted readiness gaps (#1087) (ab85db7)

    v0.110.0

    Features

    v0.109.0

    Features

    • password-manager: add sharing and rotation workspace (#1072) (f467941)

    v0.108.0

    Features

    • web: add password manager vault workspace (#1067) (79dfa04)

    v0.107.0

    Features

    Bug Fixes

    • authz: require write access for instance mutations (1f2d660)

    v0.106.0

    Features

    v0.105.1

    Bug Fixes

    v0.105.0

    Features

    • web: add password manager client and browser crypto (#1053) (23884c9)

    v0.104.0

    Features

    • web: add password manager launch assertions (#1048) (cfc60dd)

    v0.103.20

    Bug Fixes

    • audit: record privileged lifecycle mutations (c779ed0), closes #960

    v0.103.19

    Bug Fixes

    • web: tighten production script csp (ca642c6), closes #950

    v0.103.18

    Bug Fixes

    • security: ignore spoofed bundle transfer origins (f93f6ca)

    v0.103.17

    Bug Fixes

    • auth: allow Better Auth bootstrap under RLS (ac3cbd7), closes #1029

    v0.103.16

    Bug Fixes

    v0.103.15

    Bug Fixes

    • security: restrict agent ca rotation (fbab9f9)

    v0.103.14

    Bug Fixes

    • db: fail closed for instance RLS scope (0612b94), closes #980

    v0.103.13

    Bug Fixes

    v0.103.12

    Bug Fixes

    v0.103.11

    Bug Fixes

    • web: stabilize e2e isolation and db pooling (#978) (943f372)

    v0.103.10

    Bug Fixes

    • auth: scope LDAP login to instance slug (f5e331e)

    v0.103.9

    Bug Fixes

    • ct-cve: share service nonce replay protection (d4df6b0), closes #910

    v0.103.8

    Bug Fixes

    • db: add licence verifier migration snapshot (#966) (aee2b9d)

    v0.103.7

    Bug Fixes

    • agent: verify downloaded agent binaries (4846ba0), closes #959

    v0.103.6

    Bug Fixes

    • alerts: redact Slack webhook URLs (046a74e)

    v0.103.5

    Bug Fixes

    • web: verify agent enrolment TLS by default (#958) (1fe3dbc)

    v0.103.4

    Bug Fixes

    v0.103.3

    Bug Fixes

    • authz: derive privileged action actors from session (#952) (db28c0c)

    v0.103.2

    Bug Fixes

    • bundle-transfer: verify host bundle downloads (99dbfe8), closes #935

    v0.103.1

    Bug Fixes

    • agent: use configured installer origin (f09e229)

    v0.102.2

    Bug Fixes

    • auth: gate LDAP 2FA on issued challenge (#933) (3ca1b14)

    v0.102.1

    Bug Fixes

    v0.100.1

    Bug Fixes

    • notifications: bind inbox actions to session user (#922) (e8d7252)

    v0.97.2

    Bug Fixes

    • alerts: block stored private notification targets (#904) (eda2d31)

    v0.97.1

    Bug Fixes

    • web: require tooling auth for agent lifecycle actions (#900) (561efa4)

    v0.96.4

    Bug Fixes

    • web: limit e2e database pool usage (d14c2f2)

    v0.96.3

    Bug Fixes

    v0.96.2

    Bug Fixes

    • web: repair licence key upgrade permissions (#862) (ef422a4)

    v0.96.1

    Bug Fixes

    • web: trigger licence verifier image release (#859) (0d01a3c)

    v0.96.0

    Features

    • licence: persist verifier keys for rotation (#854) (94a66a9)

    v0.95.1

    Bug Fixes

    • auth: preserve invite redemption during signup (#852) (fbd3a47)

    v0.95.0

    Features

    v0.94.3

    Bug Fixes

    • web: accept postgres env in entrypoint (#847) (271c05c)

    v0.94.2

    Bug Fixes

    • install: encode generated database passwords (#843) (a8ddc88)

    v0.94.1

    Bug Fixes

    v0.94.0

    Features

    v0.93.0

    Features

    • web: schedule CT-CVE inventory pushes (#831) (a7434ab)

    v0.92.2

    Bug Fixes

    • web: recognise secure auth session cookies (#829) (a3e30c1)

    v0.92.1

    Bug Fixes

    • web: prevent stale auth redirect loops (#827) (614de18)

    v0.92.0

    Features

    • web: persist CT-CVE connection status (#825) (a7af2ea)

    v0.91.0

    Features

    • web: add CT-CVE inventory export helper (#823) (85676e2)

    v0.90.0

    Features

    v0.89.0

    Features

    • web: add ct-cve service token boundary (#818) (ffd7529)

    v0.88.0

    Features

    v0.87.0

    Features

    v0.86.0

    Features

    v0.85.0

    Features

    • web: add seat capacity licence payload (#796) (7f8725a)

    v0.84.3

    Bug Fixes

    • web: delete patch status rows with hosts (#782) (4404cf0)

    v0.84.2

    Bug Fixes

    • web: restore tokenized agent enrolment command (#778) (073febe)

    v0.84.1

    Bug Fixes

    v0.84.0

    Features

    • web: support multi-role team membership (#771) (db57845)

    Bug Fixes

    • web: restrict tooling access to engineer roles (#768) (9a7d607)

    v0.83.0

    Features

    • vuln: harden confirmed Linux CVE matching (#764) (6929342)

    v0.82.3

    Bug Fixes

    • web: avoid build-doc editor hydration mismatch (#748) (1d8aebb)

    v0.82.2

    Bug Fixes

    • web: revoke stale sessions for inactive users (#757) (be66e20)

    v0.82.1

    Bug Fixes

    • agent: stop leaking enrolment tokens in install URLs (#753) (0552877)

    v0.82.0

    Features

    • web: improve build docs markdown editor (#732) (7db8fd3)

    v0.81.0

    Features

    v0.80.2

    Bug Fixes

    • web: end terminal sessions on logout (#731) (7ab6f2d)

    v0.80.1

    Bug Fixes

    • web: add stable selectors for directory lookup e2e (#727) (5428d48)

    v0.80.0

    Features

    Bug Fixes

    • web: allow certificate checks on private hosts (#724) (be685be)

    v0.79.0

    Features

    v0.78.0

    Features

    • web: add vulnerability management interface (#717) (ebebd7b)

    v0.77.1

    Bug Fixes

    • web: add network and enrolment e2e coverage (966675e)

    v0.77.0

    Features

    v0.76.1

    Bug Fixes

    • web: send auth emails via SMTP relay (#706) (c8b071f)

    v0.76.0

    Features

    Bug Fixes

    • web: refresh filtered certificate results (#701) (49f3dad)

    v0.75.4

    Bug Fixes

    • web: move host networks tab to infrastructure (#687) (f4f8cdc)

    v0.75.3

    Bug Fixes

    • web: add local account password reset (#695) (8060e3a)

    v0.75.2

    Bug Fixes

    v0.75.1

    Bug Fixes

    • web: sanitise LDAP configuration responses (#686) (791c6f7)

    v0.75.0

    Features

    • web: reorganise administration settings (#679) (bcdb0ce)

    v0.74.3

    Bug Fixes

    v0.74.2

    Bug Fixes

    • web: stabilise schedule form e2e selectors (#682) (0fcedfb)

    v0.74.1

    Bug Fixes

    v0.74.0

    Features

    • web: prompt for SMTP relay test recipient (#674) (3582481)

    v0.73.8

    Bug Fixes

    • web: enforce a single style for simple reads (#672) (818ba03)

    v0.73.7

    Bug Fixes

    • auth: persist security throttles across replicas (#667) (e05b5a2)

    v0.73.6

    Bug Fixes

    • web: require admin auth for LDAP settings actions (#664) (4062b53)

    v0.73.5

    Bug Fixes

    • web: enforce LDAP TLS certificate validation (#662) (8639cf8)
    • web: restore schema metadata unit tests (#657) (7b404b4)

    v0.73.4

    Bug Fixes

    • auth: bind invite redemption to invited email (#656) (ff3b469)

    v0.73.3

    Bug Fixes

    • web: add missing dashboard and host e2e coverage (#654) (9953996)

    v0.73.2

    Bug Fixes

    • certificates: verify tracked refreshes by default (#652) (5d634bb)

    v0.73.1

    Bug Fixes

    v0.73.0

    Features

    v0.72.0

    Features

    • auth: add email verification resend flow (bd23fd9)
    • auth: add email verification resend flow (ad767f5)
    • notifications: purge old soft-deleted rows (fd0b96f)
    • notifications: purge old soft-deleted rows (593a8cd)

    v0.71.0

    Features

    • auth: make email verification optional (#626) (755f3f3)

    v0.70.20

    Bug Fixes

    • web: validate licence revocation bundles (#624) (20507d2)

    v0.70.19

    Bug Fixes

    v0.70.18

    Bug Fixes

    • security: validate jsonb metadata at runtime (#620) (8e2adaf)

    v0.70.17

    Bug Fixes

    • auth: require BETTER_AUTH env configuration (#612) (a09e9ea)

    v0.70.16

    Bug Fixes

    • web: retry pnpm install in docker build (#590) (6778770)

    v0.70.15

    Bug Fixes

    • release: ship digest-pinned compose bundle (e42347c)
    • release: ship digest-pinned compose bundle (a292b49)

    v0.70.14

    Bug Fixes

    • web: remove root startup from web image (#591) (e1aa368)

    v0.70.13

    Bug Fixes

    • certificates: use X509Certificate for untrusted parsing (a889dd6)
    • certificates: use X509Certificate for untrusted parsing (bd65122)

    v0.70.12

    Bug Fixes

    • agent: enforce enrolment token expiry and usage caps (5a3ef14)
    • agent: enforce enrolment token expiry and usage caps (a783c2c)

    v0.70.11

    Bug Fixes

    • web: validate trusted origins for mutations (2bf5662)
    • web: validate trusted origins for mutations (a7cb750)

    v0.70.10

    Bug Fixes

    • auth: add per-account login lockout (H-01) (#582) (1c15c9e)

    v0.70.9

    Bug Fixes

    • web: require org auth for server actions (#578) (bdfacb9)

    v0.70.8

    Bug Fixes

    v0.70.7

    Bug Fixes

    • web: block private notification test targets (#573) (043a5a7)

    v0.70.6

    Bug Fixes

    • security: lock down certificate checker SSRF surface (#570) (824bfb9)

    v0.70.5

    Bug Fixes

    • security: require SSH credentials for terminal access (#566) (c0616dc)

    v0.70.4

    Bug Fixes

    • auth: require email verification for local sign-ups (#564) (e10d30a)

    v0.70.3

    Bug Fixes

    • web: derive team management actor from session (#562) (8aad96b)
    • web: transfer bundles via agent connection (#561) (48fc4a0)

    v0.70.2

    Bug Fixes

    • web: stream bundle transfers server-side (#559) (b74e194)

    v0.70.1

    Bug Fixes

    • web: align bundle transfer route with ssh2 types (#557) (1d29c21)

    v0.70.0

    Features

    • web: transfer bundler archives to hosts (#555) (cb21cff)

    v0.69.0

    Features

    • web: fetch latest GitLab target version (#553) (322b11f)

    v0.68.1

    Bug Fixes

    • auth: scope LDAP login links to instance (96d28df), closes #273

    v0.68.0

    Features

    • web: add GitLab air-gap bundler (c6ba334)

    v0.67.2

    Bug Fixes

    • web: improve Jenkins plugin download status (78b127c)
    • web: improve Jenkins plugin download status (f6747f6)

    v0.67.1

    Bug Fixes

    • web: harden installer release checks (83d84f3)
    • web: harden installer release checks (e43e090)

    v0.67.0

    Features

    • web: Jenkins bundler — recursive plugin dependency traversal (d646a01)
    • web: Jenkins bundler — recursive plugin dependency traversal (be1c7d7)

    v0.66.0

    Features

    • web: drop Java compat check, add offline-script Jenkins bundle (87477aa)

    v0.65.2

    Bug Fixes

    • web: Jenkins bundler — query LTS catalogue, drop hard-coded Java baselines (7e0b91e)
    • web: Jenkins bundler — query LTS catalogue, drop hard-coded Java baselines (f166274)

    v0.65.1

    Bug Fixes

    • web: Jenkins bundler — live Java requirement, allow WAR-only (a2a2b97)
    • web: Jenkins bundler — live Java requirement, allow WAR-only (c2ca272)

    v0.65.0

    Features

    • web: add Jenkins WAR + plugins air-gap bundler (3f5892d)
    • web: Jenkins WAR + plugins air-gap bundler (16f570a)

    Bug Fixes

    • web: make Jenkins bundler proxy SSRF-safe (ded99d9)

    v0.64.1

    Bug Fixes

    • web: propagate skip_verify to bootstrap curl in install script (#517) (4190c52)

    v0.64.0

    Features

    • deploy: bundle nginx TLS terminator with pinned-cert rotation (#514) (b3a43c9)

    v0.63.0

    Features

    • security: mTLS on all agent↔server gRPC (#511) (81da1fd)

    v0.62.0

    Features

    • web: bake agent binaries into the web image (#508) (aa052eb)

    Bug Fixes

    • web: cascade delete host_network_memberships when deleting host (#510) (9f76abf)

    v0.61.8

    Bug Fixes

    • security: require re-approval after keypair rotation and restrict direct terminal access (#503) (f3cd3c9)

    v0.61.7

    Bug Fixes

    • sec: H-24 add composite index on host_metrics; M-17 hash enrolment tokens (#501) (4c88ef5)

    v0.61.6

    Bug Fixes

    • sec: enforce GCM auth tag length; sanitise log interpolation (d23c174)
    • sec: M-07 terminal regex, H-03/H-04 LDAP encryption, M-14 crypto-lint CI, M-29 autoApprove gate (feb0a87)
    • sec: M-07 tighten terminal username regex; H-03/H-04 per-record salt + LDAP key; M-14 crypto-lint CI; M-29 restrict autoApprove tokens to super_admin (5b151c4)
    • sec: move nosemgrep annotations inline with createDecipheriv calls (abc77a2)
    • sec: remove console.warn with tainted parameters from autoApprove gate (4d18106)
    • sec: remove user-supplied label from autoApprove audit log (81e8921)
    • terminal: support same-origin WebSocket for Cloudflare tunnel (195a6ec)
    • terminal: support same-origin WebSocket for Cloudflare tunnel (490882e)

    v0.61.5

    Bug Fixes

    • sec: H-05 encrypt bindDn and tlsCertificate for LDAP configs at rest (880b446)
    • sec: H-06 raise minimum password length to 12 characters (6eb847f)
    • sec: H-09 align LDAP session cookie signing with Hono's exact format (61bd0f9)

    v0.61.4

    Bug Fixes

    • auth/db/ldap: rate limits, host deletion TOCTOU, LDAP filter injection (H-25, M-21, C-04, M-32) (3cc7911)
    • auth: add per-IP rate limiting to auth-adjacent endpoints (H-25) (0c4853d)
    • certs: move SSRF guard to fetchCertificateFromUrl to restore CodeQL-clean shape (41a2d80)
    • certs: suppress intentional CodeQL certificate-validation alert in fetch.ts (ab9bc18)
    • db: move host existence check inside transaction with FOR UPDATE (M-21) (096cdc0)
    • ldap: escape user input in LDAP filter strings to prevent injection (M-32) (43b857c)
    • security: LDAP enumeration/timing (M-01), error leaks (M-02), CodeQL suppression (1596c9b)
    • security: SSRF denylist for cert fetch; rate-limit agent install/download (H-15, H-13) (54a72ff)
    • security: SSRF denylist, agent rate limits, LDAP enumeration/timing, error leaks (H-15, H-13, M-01, M-02) (74d5b2e)
    • ssrf: extract SSRF guard to lib/net/ssrf-guard.ts; restore fetch.ts to main (a3bdc6c)

    v0.61.3

    Bug Fixes

    • security: require HTTPS for notification webhooks, restrict SMTP ports, remove default DB password (M-12, H-31) (9d05c3e)

    v0.61.2

    Bug Fixes

    • security: agent/latest caching+rate-limit, licence JWT typ, entrypoint fail-fast (M-25, M-03, L-12) (7c8d3b0)
    • security: assert JWT typ header in licence validation; fail-fast env var checks (M-03, L-12) (168cfe6)

    v0.61.1

    Bug Fixes

    • certs: cap TLS cert size/chain depth and reject dangerous cert-file paths (M-19, M-11) (4801101)
    • certs: cap TLS cert size/chain depth and reject dangerous cert-file paths (M-19, M-11) (c26af0b)

    v0.61.0

    Features

    • licence: add LICENCE_PUBLIC_KEY env var override with dev-key-in-prod rejection (26c65fc), closes #399
    • licence: LICENCE_PUBLIC_KEY env var override with dev-key-in-prod rejection (b7af559)

    Bug Fixes

    • auth: always include BETTER_AUTH_URL in trustedOrigins (a78d927)
    • auth: always include BETTER_AUTH_URL in trustedOrigins (5ab0388)
    • certs: bound upload size and require PEM format in trackCertificateFromUpload (b7fdb85), closes #342
    • reports: use tab prefix for CSV formula-injection mitigation (M-23) (588d073), closes #338

    v0.60.0

    Features

    • tasks: add cron-driven scheduled task runner (#456) (deee1cc)

    Bug Fixes

    • certificates: drop SHA1 fingerprint from cert checker (3765bad)
    • certificates: drop SHA1 fingerprint from cert checker (#348) (4ae8106)
    • security: constant-time comparison for admin key + cert fingerprint (740f489)
    • security: constant-time comparison for admin key + cert fingerprint (#352) (245eacd)

    v0.59.2

    Bug Fixes

    • web: satisfy react-hooks purity / set-state-in-effect rules (49225a9)
    • web: satisfy react-hooks purity / set-state-in-effect rules (0940029)

    v0.59.1

    Bug Fixes

    • notes: visibility toggle label wraps and overlaps tabs (6e7ef1c)

    v0.59.0

    Features

    • notes: host detail integration (PR 3) (e876237)
    • notes: host detail integration (PR 3) (f1b3b9a)

    v0.58.0

    Features

    • licence: bind licences to install via activation token (41a912e)
    • licence: bind licences to install via activation token (7a5d03c)

    v0.57.1

    Bug Fixes

    • licence: align issuer and audience across sign and verify paths (314c1c9)
    • licence: align issuer/audience between sign and verify (43bf32c)

    v0.57.0

    Features

    • licence: bake production public key into the web image (66703a9)
    • licence: bake production public key into the web image (f96a813)

    Bug Fixes

    • db: make 0037 migration idempotent for domain_accounts.deleted_at (8dbfadf)
    • db: make migration 0037 idempotent for domain_accounts.deleted_at (b001797)

    v0.56.0

    Features

    • web: add Cmd+K command palette scaffold (f6c7273)

    v0.55.1

    Bug Fixes

    • security: add auth/org check to deleteCertificate (#281) (48bbbd1)
    • security: add auth/org check to deleteCertificate (C-09) (60a8a16)

    v0.55.0

    Features

    • notes: data layer for shared engineer notes (e3b12ed)
    • notes: data layer for shared engineer notes (PR 2) (5515967)

    v0.54.1

    Bug Fixes

    • correct docs base path and rename simonjcarr/infrawatch to carrtech-dev/ct-ops (1a5dc35)
    • correct docs base path and replace simonjcarr/infrawatch references (349eacd)

    v0.54.0

    Features

    • paginate, filter, sort hosts page and add fleet overview (6a4d604)
    • paginate, filter, sort hosts page and add fleet overview (1390de4)

    Bug Fixes

    • move filter-reset setState out of useEffect (d6b7ddb)

    v0.53.0

    Features

    • split host Tools tabs so Tasks shows only user-triggered runs (d8335e7)

    v0.52.0

    Features

    • enforce Pro/Enterprise licence gates on certificates, service accounts, and reports (4c653ba)
    • enforce Pro/Enterprise licence gates on certs, service accounts, and reports (86151d9)

    v0.51.0

    Features

    • expand licence tier model with feature flags, guard, and docs (3ff4665)
    • expand licence tier model with feature flags, guard, and docs (a38810c)
    • tag assignment for hosts (settings, enrolment, CLI, bulk rules) (ddf5b16)
    • tag assignment for hosts across settings, enrolment, CLI, and bulk rules (58cf0cd)

    Bug Fixes

    • use next/link for Bulk Tag cross-reference on Tag Rules page (f4865f3)

    v0.50.0

    Features

    • infrawatch-loadtest tool for capacity planning (fef4da8)
    • infrawatch-loadtest tool for capacity planning (993d2c8)

    v0.49.0

    Features

    • certificates: track certificates from the Certificate Checker (d8dcdfa)
    • certificates: track certificates from the Certificate Checker (e5eaf8a)

    v0.48.0

    Features

    • certificate checker — paste + drag-drop for certs and keys (1a9f828)
    • certificate checker — paste + drag-drop for certs and keys (f4070ef)

    v0.47.0

    Features

    • add SSL certificate checker tool (082d372)
    • ingest: dedupe host registrations by hostname / IP overlap (8e34db9)
    • SSL certificate checker tool (8853991)

    Bug Fixes

    • read enrolment URL from AGENT_DOWNLOAD_BASE_URL env var (b3fed72)
    • use NEXT_PUBLIC_APP_URL for agent enrolment install URL (295e27c)
    • use NEXT_PUBLIC_APP_URL for agent enrolment install URL (66de4a8)

    v0.46.0

    Features

    • download agents as zip for offline/manual install (ae060f9)
    • download agents as zip for offline/manual install (7df1f04), closes #244

    v0.45.0

    Features

    • group filter always visible and humanise LDAP timestamps (75e53fe)
    • group filter always visible and humanise LDAP timestamps (07235c2)

    Bug Fixes

    • portal directory-lookup suggestions out of card overflow (b5b874e)
    • portal directory-lookup suggestions out of card overflow (38d8063)

    v0.44.2

    Bug Fixes

    • disable set-state-in-effect rule for one-shot hydration effect (9630a11)
    • hydrate terminal panel state after mount to avoid SSR mismatch (48f9ed2)
    • terminal panel hydration mismatch breaking dashboard interactivity (e255a9a)

    v0.44.1

    Bug Fixes

    • surface server-action errors in directory lookup (1698e91)
    • surface server-action errors in directory lookup typeahead (5fe5ea0)

    v0.44.0

    Features

    • directory user lookup (live LDAP query, no sync) (b96037d)
    • directory user lookup (live LDAP query, no sync) (dd954ca)

    v0.43.0

    Features

    • terminal text size settings (global + per-tab) (4332aab)
    • terminal text size settings (global default + per-tab override) (11635d4)

    v0.42.0

    Features

    • add tab colours, reorder, rename, and split panes to terminal (f5f7df9)
    • tab colours, reorder, rename, and split panes for terminal (9c464d9)

    v0.41.3

    Bug Fixes

    • avoid setState-in-effect lint error in HostNodeTerminalDialog (9e9f374)
    • move terminal dialog to parent to survive context menu unmount (6696382)
    • Open Terminal from network graph context menu now works (667f100)

    v0.41.2

    Bug Fixes

    • restore pointer-events on host nodes for context menu to work (a16c20a)
    • restore pointer-events on host nodes so right-click context menu works (ac14b8e)

    v0.41.1

    Bug Fixes

    • switch network graph context menu to onNodeContextMenu approach (3f3946d)
    • switch network graph context menu to React Flow onNodeContextMenu (be8392f)

    v0.41.0

    Features

    • add right-click context menu to network graph host nodes (eb8dfdf)
    • add right-click context menu to network graph host nodes (d7a2fa8)

    v0.40.0

    Features

    • replace moving circles with subtle dashed bezier edge animation (e219ea7)
    • subtle dashed bezier edges on network graphs (ee56359)

    v0.39.0

    Features

    • add animated flowing dots to network graph edges (08c5f22)
    • animated flowing dots on network graph edges (bc0edf5)

    Bug Fixes

    • make React Flow controls and minimap respect dark mode (ac27713)

    v0.38.0

    Features

    • add network topology graph visualizations (9543b4b)
    • add network topology graph visualizations (e42213e)

    v0.37.0

    Features

    • add network management with CIDR-based auto-assignment (2be6169)
    • add network management with CIDR-based auto-assignment (0550654)

    v0.36.2

    Bug Fixes

    • reports: sliding window rate limit (3/10s), errors in modal (54001af)
    • reports: sliding window rate limit (3/10s), fix error message, show errors in modal (52d2c1d)

    v0.36.1

    Bug Fixes

    • reports: chart labels visible in dark mode, reduce export rate limit (31d0a0d)
    • reports: chart labels visible in dark mode, reduce export rate limit to 10s (f1eadce)

    v0.36.0

    Features

    • reports: add first-seen column, OS/version charts, and fix export data (83ecf13)
    • reports: first-seen column, OS/version charts, and fix export data (dc12bd9)

    v0.35.1

    Bug Fixes

    • reports: clickable hostnames and fix CSV/PDF export (b17e619)
    • reports: make hostnames clickable and fix CSV/PDF export parameters (6843695)

    v0.35.0

    Features

    • reports: unify software search results into a single sortable table (1ae7c42)
    • reports: unify software search results into single sortable table (5ad70bb)

    v0.34.6

    Bug Fixes

    • agents: delete software_scans before task_run_hosts in deleteHost (1b95ee4)
    • agents: delete software_scans before task_run_hosts in deleteHost cascade (f6c9217)

    v0.34.5

    Bug Fixes

    • agents: complete deleteHost FK cascade for all referencing tables (7faea5a)
    • agents: complete deleteHost FK cascade for all referencing tables (c6dcb2a)

    v0.34.4

    Bug Fixes

    • agents: delete notifications before alert_instances when deleting host (fd0e78d)
    • agents: delete notifications before alert_instances when deleting host (4a38216)

    v0.34.3

    Bug Fixes

    • ingest: persist JWT signing key in database to survive volume resets (385caa2)
    • ingest: persist JWT signing key in database to survive volume resets (661d2a3)

    v0.34.2

    Bug Fixes

    • inventory: surface failed scan errors in host inventory tab (cb94381)
    • inventory: surface failed scan errors in host inventory tab (26b9095)

    v0.34.1

    Bug Fixes

    • inventory: poll for scan completion and show live scan status (7276799)
    • inventory: poll for scan completion and show live scan status (8f7eae3)

    v0.34.0

    Features

    • reports: overhaul software report UX and fix inventory wipe bug (19167fe)
    • reports: overhaul software report UX and fix inventory wipe bug (4f49c92)

    v0.33.3

    Bug Fixes

    • monitoring: eliminate false 100% CPU spikes and fix alert double-evaluation (01e7146)
    • monitoring: eliminate false 100% CPU spikes and fix alert double-evaluation (4e6ca6a)

    v0.33.2

    Bug Fixes

    • reports: use sentinel for "All sources" Select value (423694f)
    • reports: use sentinel for "All sources" Select value (d1efd71)

    v0.33.1

    Bug Fixes

    • reports: remove dead useDebounce hook and fix React fragment key (1802104)
    • reports: remove dead useDebounce hook and fix React fragment keys (923b4b7)

    v0.33.0

    Features

    • software-inventory: full software inventory and reporting feature (e98cf6f)
    • software-inventory: installed software tracking, global reports, and export (903e772)

    v0.32.0

    Features

    • hosts: remote agent uninstall on host deletion (0613f6c)
    • hosts: remote agent uninstall on host deletion (8b3fe3d)

    v0.31.1

    Bug Fixes

    • terminal: pin terminal panel to bottom of viewport (8c648cc)
    • terminal: pin terminal panel to bottom of viewport (4e532e1)

    v0.31.0

    Features

    • hosts: add notification severity and trend charts to metrics tab (e009d6c)
    • hosts: notification severity and trend charts on metrics tab (271df68)

    v0.30.0

    Features

    • notifications: add time-range selector to notification trend chart (04c2392)
    • notifications: time-range selector on notification trend chart (40e8b96)

    v0.29.1

    Bug Fixes

    • notifications: soft-delete notifications and fix chart axis label colours (1508afb)
    • notifications: soft-delete notifications and fix chart axis label colours (5742c30)

    v0.29.0

    Features

    • notifications: add bulk actions, charts, and mark-unread support (31a956f)
    • notifications: bulk actions, severity charts, and mark-unread support (25671ef)

    v0.28.0

    Features

    • notifications: add Slack, Telegram, and in-app notification channels (69c00ff)
    • notifications: Slack, Telegram, and in-app notification channels (6bc5799)

    v0.27.0

    Features

    • terminal: remember last username and reconnect on exit (33711ea)
    • terminal: remember last username and reconnect on exit (167b83a)

    Bug Fixes

    • terminal: use useMemo instead of useEffect for saved username (f5ff889)

    v0.26.0

    Features

    • terminal: persist tabs across browser refresh (a8b3dc3)
    • terminal: persist tabs across browser refresh via sessionStorage (94da926)

    v0.25.1

    Bug Fixes

    • terminal: move provider above sidebar for context access (f465ff3)
    • terminal: move TerminalPanelProvider above sidebar so trigger has context (2bf71c6)

    v0.25.0

    Features

    • terminal: persistent bottom panel with tabs (67aad5d)
    • terminal: redesign as persistent bottom panel with tabs (1031bfd)

    Bug Fixes

    • terminal: resolve lint errors for setState-in-effect and unused vars (ca5e9fe)

    v0.24.0

    Features

    • terminal: require per-user host authentication (8539f5d)
    • terminal: require per-user host authentication for terminal sessions (5a51c21)

    v0.23.3

    Bug Fixes

    • terminal: add DB session diagnostics for agent connection debugging (fbf89b9)
    • terminal: add real-time session diagnostics to trace agent connection failure (6bb458e)

    v0.23.2

    Bug Fixes

    • terminal: add agent connection signaling and diagnostic messages (ae7183f)
    • terminal: add agent connection signaling and diagnostics (c4549e5)

    v0.23.1

    Bug Fixes

    • terminal: show xterm container during connecting state to fix 0x0 dimensions (e40f6d6)
    • terminal: show xterm container during connecting to fix 0x0 PTY (48032dc)

    v0.23.0

    Features

    • terminal: add WebSocket terminal and restructure host page tabs (8313aa4)
    • terminal: add WebSocket terminal and restructure host page tabs (71d37d3)

    v0.22.0

    Features

    • tasks: add service autocomplete, interactive terminal, and task history management (6246d21)
    • tasks: service autocomplete, interactive terminal, and task history management (b2601a1)

    Bug Fixes

    • terminal: replace useEffect setState with setInterval callback to satisfy react-hooks/set-state-in-effect (3ac45f6)

    v0.21.0

    Features

    • tasks: add custom script runner and service management task types (50c5eaa)
    • tasks: add custom script runner and service management task types (471baf1)

    v0.20.0

    Features

    • metrics: add chart zoom and smart metrics bucketing (73db515)
    • metrics: add chart zoom and smart metrics bucketing (07b12cd)

    v0.19.0

    Features

    • profile: add dark mode with per-user theme preference (065b7b3)
    • profile: add dark mode with per-user theme preference (ad01296)

    v0.18.0

    Features

    • tasks: add task cancellation with agent-side process kill and UI (017e9e0)
    • tasks: add task cancellation with agent-side process kill and UI (81315a1)

    v0.17.1

    Bug Fixes

    • tasks: resolve patch output deadlock, add timeouts and debug UI (74a9a87)
    • tasks: resolve patch output deadlock, add timeouts and debug UI (7bfd4f8)

    v0.17.0

    Features

    • tasks: add general agent task framework with Linux host patching (#106) (1a6b48a)
    • tasks: add general agent task framework with Linux host patching (#106) (4cd4efa)

    v0.16.0

    Features

    • hosts: add host groups with strategic collapsible nav (#105) (d75cf5e)
    • hosts: host groups + strategic collapsible nav (#105) (5883273)

    v0.15.0

    Features

    • agents: add copy actions to enrollment token list (14bd87e)
    • agents: add copy actions to enrollment token list (#101) (c850aa8)

    v0.14.3

    Bug Fixes

    • ldap: cap TLS certificate preview at 5 lines with vertical scroll (17245ca)
    • ldap: cap TLS certificate preview at 5 lines with vertical scroll (3923409)

    v0.14.2

    Bug Fixes

    • ldap: properly constrain TLS certificate preview within modal (10103cb)
    • ldap: properly constrain TLS certificate preview within modal (5e70044), closes #92

    v0.14.1

    Bug Fixes

    • ldap: constrain TLS certificate preview to modal width (f160e3c)
    • ldap: constrain TLS certificate preview to modal width (6d76f44), closes #92

    v0.14.0

    Features

    • agent: auto re-register after host deletion (b6de1d8)
    • agent: auto re-register after host deletion; fix service accounts UI (1eb533d)

    v0.13.0

    Features

    • phase4: service accounts, LDAP login & identity management (c5ba9c1)

    v0.12.2

    Bug Fixes

    • ci: add validate-migrations.js to ESLint ignores and add dev.sh (8590f9b)

    v0.12.1

    Bug Fixes

    • db: add migration timestamp validation (644d265)
    • db: add migration timestamp validation to prevent skipped migrations (b915029)

    v0.12.0

    Features

    • ldap: add edit dialog for LDAP configs and TLS certificate upload (6fc619f)
    • phase4: service accounts, LDAP sync & directory management (db3ebf6)

    v0.11.1

    Bug Fixes

    • phase4: fix migration ordering, metadata overwrite & add password/lock tracking (96a9fd0)
    • phase4: fix migration ordering, metadata overwrite & add password/lock tracking (1e303c2)

    v0.11.0

    Features

    • phase4: restructure service accounts, add host settings & LDAP login (da1cc9b)
    • phase4: restructure service accounts, add host settings & LDAP login (cda5150)

    Bug Fixes

    • lint: use const for existingUser, remove unused TAG_LENGTH (39e38ba)

    v0.10.1

    Bug Fixes

    • db: bump migration 0014 timestamp to be monotonically after 0013 (039d084)
    • db: bump migration 0014 timestamp to be monotonically after 0013 (2ace491)

    v0.10.0

    Features

    • phase4: implement service account and SSH key discovery (a175e9a)
    • phase4: service account and SSH key discovery (ba4c754)

    v0.9.0

    Features

    • CI pr-checks workflow, system health page, and debt documentation cleanup (aba140c)
    • CI pr-checks, system health page, gen_cuid fix, and PROGRESS.md cleanup (fc30879)

    Bug Fixes

    • ci: fix all PR Checks lint and Go build failures (99253fe)

    v0.8.4

    Bug Fixes

    • web: fix certificate page crashes — server action mismatches and invalid date RangeError (5c0941b)
    • web: fix RangeError in certificate chain dates — Go uses snake_case JSON keys (4dcd267)

    v0.8.3

    Bug Fixes

    • web: replace server action queryFns with API routes on certificates pages (52cb1c5)
    • web: resolve Failed to find Server Action errors on certificates pages (7b219e8)

    v0.8.2

    Bug Fixes

    • web: stop calling server action from useQuery on certificate detail page (66b3fd6)
    • web: stop calling server action from useQuery on certificate detail page (e4c8117)

    v0.8.1

    Bug Fixes

    • web: fix EACCES on agent-dist volume mount (b098402)
    • web: fix EACCES on agent-dist volume mount by using root entrypoint (909494d)

    v0.8.0

    Features

    • checks: add cert_file check type and fix cert result display (bcb6cfb)

    v0.7.1

    Bug Fixes

    • ci: track agent-dist dir so Docker COPY succeeds in CI (15ee866)
    • ci: track agent-dist dir so Docker COPY succeeds in CI (288291d)

    v0.7.0

    Features

    • web: add certificate check type to Add Check dialog (64e1192)
    • web: add certificate check type to Add Check dialog (42f8ea3)

    v0.6.1

    Bug Fixes

    • web: agent self-update 503 — baked fallback + manifest version sync (42a2626)
    • web: agent self-update 503 — baked fallback + manifest version sync (1a5670d)

    v0.6.0

    Features

    • certificates: implement Phase 3 certificate lifecycle management (cf6826b)
    • certificates: Phase 3 — certificate lifecycle management (6de140e)

    v0.5.1

    Bug Fixes

    • web: use ISO string for Date params in db.execute() raw SQL queries (822d9df)
    • web: use ISO string for Date params in db.execute() raw SQL queries (78bf7d1)

    v0.5.0

    Features

    • web: heartbeat interval chart on host metrics tab (270d79c)

    Bug Fixes

    • agent: gRPC reconnect reliability + heartbeat interval chart (02baa79)

    v0.4.0

    Features

    • phase2: alert history pagination, TimescaleDB CAGGs, metric retention (63f5676)
    • phase2: alert history pagination, TimescaleDB CAGGs, metric retention (ac5ff93)

    v0.3.0

    Features

    • dist: customer bundle + hardcoded agent repo + first-run start.sh (d055a59)
    • dist: customer bundle, hardcoded agent repo, first-run start.sh (711cd04)

    v0.2.0

    Features

    • agent --version flag, UI version in sidebar, update-available badge (2e93adf)
    • agent --version flag, UI version in sidebar, update-available badge (5468ffb)
    • agent,ingest,web: collect real system metrics and add host detail page (da19fae)
    • agent: add --tls-skip-verify flag to agent install flow (c6abbdc)
    • agent: add --tls-skip-verify flag to agent install flow (ab124d2)
    • agent: add automated releases, distribution, and self-update (bc315dc)
    • agent: agent install, TLS, cross-platform builds, and auto-download (b12296d)
    • agent: multi-platform service install and version-aware binary cache (b875381)
    • agent: one-command install with token and add -token/-address CLI flags (cd3c228)
    • agent: pin required agent version and auto-download on startup (dd037af)
    • agent: server-hosted binaries and agent self-install (87ba22c)
    • alerts: host silencing + fix migration runner skipping pending entries (460bf0c)
    • alerts: test notifications, edit channels, and SMTP dispatch (7ff498b)
    • alerts: test notifications, edit channels, and SMTP dispatch (bcd42fb)
    • checks: add ad-hoc agent queries for port and service discovery (dfad656)
    • checks: add ad-hoc agent queries for port and service discovery (cfafed1)
    • checks: add check definition system with port, process, and HTTP checks (76d0a01)
    • checks: add check definition system with port, process, and HTTP checks (d33c458)
    • initial monorepo commit — Phase 0 foundation (ca9b1f9)
    • metrics: metric history, TimescaleDB hypertable, and offline chart visualisation (c5081dc)
    • metrics: persist metric history and add chart with offline visualisation (bc2b3d9)
    • Phase 0 — user profiles, settings, team management, and feature gating (585998c)
    • Phase 1 — Go agent, gRPC ingest service, and host inventory UI (ddf5a0a)
    • web: add SMTP email notification channel for alert rules (2003bfa)
    • web: add SSE streaming and host detail real-time updates (3f823b3)
    • web: alert rule builder, state machine, and webhook notifications (94f1509)
    • web: alert rules, notifications, and global alert defaults (89926ce)
    • web: global alert defaults that auto-apply to new hosts on agent approval (c60cad9)
    • web: prewarm agent binary cache on server startup (8eae9d8)
    • web: SSE streaming and host detail real-time updates (704c738)

    Bug Fixes

    • add standalone-compatible migration script for Docker deployments (6c56773)
    • add workspace node_modules/.bin to PATH in builder stage (dbab3a3)
    • agent: derive required agent version from release-please manifest (5e97869)
    • agent: update required agent version to v0.9.0 (833ad8d)
    • checks: remove type exports from 'use server' file causing ReferenceError (90939f2)
    • checks: remove type exports from 'use server' file causing ReferenceError (26285e8)
    • copy apps/web/node_modules from deps stage into builder (2db1423)
    • copy workspace config into builder stage so pnpm resolves node_modules (f957fbf)
    • correct both Dockerfiles for monorepo workspace builds (1485264)
    • correct standalone paths for pnpm monorepo in web Dockerfile (075f144)
    • team: restore soft-deleted users on re-invite instead of re-registering (f29bb96)
    • use monorepo root context for web Docker build (a3500b2)
    • web: remove instrumentationHook from next.config (built-in since Next.js 15) (f1bea56)

    Agent v0.50.0

    Features

    • docker: reuse central image scan results (9752bbb)

    v0.49.4

    Bug Fixes

    • docker: label image scans by Grype exploit risk (97a1146)

    v0.49.3

    Bug Fixes

    • docker: allow larger syft sboms (15e0084)

    v0.49.2

    Bug Fixes

    • docker: allow long image scan uploads (3e579e1)

    v0.49.1

    Bug Fixes

    • logs: require http context for 5xx scan matches (525a077)

    v0.49.0

    Features

    • docker: support server image scanning mode (e2cf44f)

    v0.48.0

    Features

    • docker: add image vulnerability scanning (4cdec33)

    v0.47.0

    Features

    • networks: map discovered internal connections (4e86061)

    v0.46.0

    Features

    • hosts: show service resource usage (d6a9520)

    v0.45.0

    Features

    • logs: add host log error scanning (1d6b336)

    v0.44.0

    Features

    • monitoring: add Docker volume size checks (bf0960a)

    v0.43.1

    Bug Fixes

    • monitoring: measure folder usage for disk checks (0094e71)

    v0.43.0

    Features

    • monitoring: add path size checks (886a9e4)

    v0.42.1

    Bug Fixes

    • services: secure agent service refreshes (87f90d9)

    v0.42.0

    Features

    • patch-status: refresh host patch telemetry (c43b768)

    v0.41.3

    Bug Fixes

    • agent: resend patch telemetry on reconnect (afa5512)

    v0.41.2

    Bug Fixes

    • patch-status: report host patch telemetry (ec1b4dd)

    v0.41.1

    Bug Fixes

    • hosts: restrict host logs to text files (5327268)

    v0.41.0

    Features

    • hosts: add service status and live log tabs (dba1ee9)

    v0.40.2

    Bug Fixes

    • agent: wait for takeover client cert (f204b6b)

    v0.40.1

    Bug Fixes

    • agent: renew JWTs before expiry (76f5330)

    v0.40.0

    Features

    • web: add Docker container network graph (872d197)

    v0.39.0

    Features

    • hosts: show resource usage details (74bbaa6)

    v0.38.4

    Bug Fixes

    • ct-cve: send RPM source EVR in inventory (#87) (fdc9530)

    v0.38.3

    Bug Fixes

    • agent: dispatch patch tasks from heartbeat (#64) (74b6c69)

    v0.38.2

    Bug Fixes

    • agent: close Docker socket polling connections (#33) (08e6600)

    v0.38.1

    Bug Fixes

    • docker: collect running container metrics (8e5dca4)

    v0.38.0

    Features

    • docker: upload container telemetry batches (83a9de4)

    v0.37.0

    Features

    v0.36.0

    Features

    • agent: collect Docker container inventory (2f18d7b)

    v0.35.0

    Features

    • agent: report Docker runtime status (d3a44b5)

    v0.34.5

    Bug Fixes

    • agent: align enrolment token environment (713f007)

    v0.34.4

    Bug Fixes

    • ingest: remove instance-scoped agent identity (#1248) (3be0471)

    v0.34.3

    Bug Fixes

    • agent: cover self-update HTTP client defaults (08b6b9e)

    v0.34.2

    Bug Fixes

    • hosts: ignore virtual bridge IPs for host dedupe (7110f42)

    v0.34.1

    Bug Fixes

    • agent: round patch age partial days up (43cb491)

    v0.34.0

    Features

    • terminal: trust SSH host keys from agents (2ab4e2e)

    v0.33.0

    Features

    • vuln: ingest red hat csaf package fixes (#786) (624b52f)

    v0.32.3

    Bug Fixes

    • agent: stop leaking enrolment tokens in install URLs (#753) (0552877)

    v0.32.2

    Bug Fixes

    • release: correct package changelog paths (#711) (3dd5f74)

    v0.32.1

    Bug Fixes

    • agent: restore automatic self-updates (#699) (43b7cf6)

    v0.32.0

    Features

    v0.31.0

    Features

    • web: reorganise administration settings (#679) (bcdb0ce)

    v0.30.8

    Bug Fixes

    • agent: cap buffered heartbeat task output (cc5384b)
    • agent: cap buffered heartbeat task output (ae69da9)

    v0.30.7

    Bug Fixes

    v0.30.6

    Bug Fixes

    • agent: validate config file ownership and mode (#614) (8451d1f)

    v0.30.5

    Bug Fixes

    • agent: preserve inherited script timeouts (c2643c5)
    • agent: preserve inherited script timeouts (6e52742)

    v0.30.4

    Bug Fixes

    • agent: constrain custom script tasks (#604) (5580168)

    v0.30.3

    Bug Fixes

    • agent: disable unsigned self-update (7fc1101)
    • agent: disable unsigned self-update (fea0879)

    v0.30.2

    Bug Fixes

    v0.30.1

    Bug Fixes

    • security: require SSH credentials for terminal access (#566) (c0616dc)

    v0.30.0

    Features

    • deploy: bundle nginx TLS terminator with pinned-cert rotation (#514) (b3a43c9)

    v0.29.0

    Features

    • security: mTLS on all agent↔server gRPC (#511) (81da1fd)

    v0.28.3

    Bug Fixes

    • sec: M-07 terminal regex, H-03/H-04 LDAP encryption, M-14 crypto-lint CI, M-29 autoApprove gate (feb0a87)
    • sec: M-07 tighten terminal username regex; H-03/H-04 per-record salt + LDAP key; M-14 crypto-lint CI; M-29 restrict autoApprove tokens to super_admin (5b151c4)

    v0.28.2

    Bug Fixes

    • agent: write to Windows Event Log when running as a service (#463) (254739e)

    v0.28.1

    Bug Fixes

    • agent: create agent and uninstall logs with 0640 (#357) (51a7d56)
    • agent: create agent and uninstall logs with mode 0640 (2a82873)

    v0.28.0

    Features

    • loadtest: widen synthetic CPU/memory to 0-100 (2f946f6)
    • loadtest: widen synthetic CPU/memory to 0-100 range (6f61737)

    v0.27.1

    Bug Fixes

    • correct docs base path and rename simonjcarr/infrawatch to carrtech-dev/ct-ops (1a5dc35)
    • correct docs base path and replace simonjcarr/infrawatch references (349eacd)

    v0.27.0

    Features

    • tag assignment for hosts (settings, enrolment, CLI, bulk rules) (ddf5b16)
    • tag assignment for hosts across settings, enrolment, CLI, and bulk rules (58cf0cd)

    v0.26.2

    Bug Fixes

    • release registration semaphore before heartbeat loop (4ebd195)
    • release registration semaphore before heartbeat loop (f4eb44b)

    v0.26.1

    Bug Fixes

    • normalize negative agent indexes in ConnPool.Get (c094110)
    • normalize negative agent indexes in ConnPool.Get (92cd151)

    v0.26.0

    Features

    • infrawatch-loadtest tool for capacity planning (fef4da8)
    • infrawatch-loadtest tool for capacity planning (993d2c8)

    v0.25.0

    Features

    • ingest: dedupe host registrations by hostname / IP overlap (8e34db9)

    v0.24.1

    Bug Fixes

    • inventory: add per-collector logging and ingest scan diagnostics (21beda1)
    • inventory: add per-collector logging and ingest scan-start diagnostics (4598052)

    v0.24.0

    Features

    • reports: overhaul software report UX and fix inventory wipe bug (19167fe)
    • reports: overhaul software report UX and fix inventory wipe bug (4f49c92)

    v0.23.2

    Bug Fixes

    • monitoring: eliminate false 100% CPU spikes and fix alert double-evaluation (01e7146)
    • monitoring: eliminate false 100% CPU spikes and fix alert double-evaluation (4e6ca6a)

    v0.23.1

    Bug Fixes

    • agent: alias windows/registry import to avoid conflict with tasks.registry var (492502f)
    • agent: alias windows/registry import to avoid conflict with tasks.registry var (6f6d08f)

    v0.23.0

    Features

    • software-inventory: full software inventory and reporting feature (e98cf6f)
    • software-inventory: installed software tracking, global reports, and export (903e772)

    v0.22.1

    Bug Fixes

    • agent: escape systemd cgroup when uninstalling remotely (a05f6c9)
    • agent: escape systemd cgroup when uninstalling remotely (d36111b)

    v0.22.0

    Features

    • hosts: remote agent uninstall on host deletion (0613f6c)
    • hosts: remote agent uninstall on host deletion (8b3fe3d)

    v0.21.2

    Bug Fixes

    • terminal: cross-distro su with dropped privileges (9a0e6b0)
    • terminal: use su with dropped privileges instead of login for cross-distro compatibility (dcc6857)

    v0.21.1

    Bug Fixes

    • terminal: use login instead of su for per-user auth (a6fa358)
    • terminal: use login instead of su for per-user authentication (d07b957)

    v0.21.0

    Features

    • terminal: require per-user host authentication (8539f5d)
    • terminal: require per-user host authentication for terminal sessions (5a51c21)

    v0.20.1

    Bug Fixes

    • agent: set TERM, HOME, and prefer bash for terminal PTY (f094ac3)
    • agent: set TERM, HOME, and prefer bash for terminal PTY (ea9a899)

    v0.20.0

    Features

    • terminal: add WebSocket terminal and restructure host page tabs (8313aa4)
    • terminal: add WebSocket terminal and restructure host page tabs (71d37d3)

    v0.19.0

    Features

    • tasks: add custom script runner and service management task types (50c5eaa)
    • tasks: add custom script runner and service management task types (471baf1)

    v0.18.0

    Features

    • tasks: add task cancellation with agent-side process kill and UI (017e9e0)
    • tasks: add task cancellation with agent-side process kill and UI (81315a1)

    v0.17.1

    Bug Fixes

    • tasks: resolve patch output deadlock, add timeouts and debug UI (74a9a87)
    • tasks: resolve patch output deadlock, add timeouts and debug UI (7bfd4f8)

    v0.17.0

    Features

    • tasks: add general agent task framework with Linux host patching (#106) (1a6b48a)
    • tasks: add general agent task framework with Linux host patching (#106) (4cd4efa)

    v0.16.0

    Features

    • agent: auto re-register after host deletion (b6de1d8)
    • agent: auto re-register after host deletion; fix service accounts UI (1eb533d)

    v0.15.0

    Features

    • agent: add -uninstall flag (4069a90)
    • agent: add -uninstall flag to remove agent service and files (b4f7b5d)

    v0.14.1

    Bug Fixes

    • phase4: fix migration ordering, metadata overwrite & add password/lock tracking (96a9fd0)
    • phase4: fix migration ordering, metadata overwrite & add password/lock tracking (1e303c2)

    v0.14.0

    Features

    • phase4: implement service account and SSH key discovery (a175e9a)
    • phase4: service account and SSH key discovery (ba4c754)

    v0.13.1

    Bug Fixes

    • agent: make check delivery resilient to stream reconnects and hostID failures (251455d)
    • agent: make check delivery resilient to stream reconnects and hostID resolution failures (abf93d3)

    v0.13.0

    Features

    • checks: add cert_file check type and fix cert JSON display (9ad2882)
    • checks: add cert_file check type and fix cert result display (bcb6cfb)

    v0.12.0

    Features

    • certificates: implement Phase 3 certificate lifecycle management (cf6826b)
    • certificates: Phase 3 — certificate lifecycle management (6de140e)

    v0.11.3

    Bug Fixes

    • agent: fresh gRPC conn per stream attempt + TCP keepalive (7426d3e)
    • agent: gRPC reconnect reliability + heartbeat interval chart (02baa79)

    v0.11.2

    Bug Fixes

    • agent: reset heartbeat backoff after stable stream (fe139da)
    • agent: reset heartbeat backoff after stable stream (3a2a68b)

    v0.11.1

    Bug Fixes

    • agent: self-update now survives systemd and Restart=always (18c6d5c)
    • agent: self-update survives systemd (syscall.Exec + Restart=always) (ef17a26)

    v0.11.0

    Features

    • agent --version flag, UI version in sidebar, update-available badge (2e93adf)
    • agent --version flag, UI version in sidebar, update-available badge (5468ffb)

    v0.10.0

    Features

    • alerts: test notifications, edit channels, and SMTP dispatch (7ff498b)

    Bug Fixes

    • agent,ingest: add gRPC keepalive to prevent silent stream death (008aba8)

    v0.9.1

    Bug Fixes

    • agent: reuse HTTP client and reset stream dedup map on reconnect (8f8e1df)
    • agent: reuse HTTP client and reset stream dedup map on reconnect (b6214ed)

    v0.9.0

    Features

    • agent: agent install, TLS, cross-platform builds, and auto-download (b12296d)

    Bug Fixes

    • agent: build all platform binaries to the correct dist directory (ce54b74)

    v0.8.0

    Features

    • agent: add --tls-skip-verify flag to agent install flow (c6abbdc)
    • agent: add --tls-skip-verify flag to agent install flow (ab124d2)

    v0.7.0

    Features

    • checks: add ad-hoc agent queries for port and service discovery (dfad656)
    • checks: add ad-hoc agent queries for port and service discovery (cfafed1)

    v0.6.0

    Features

    • checks: add check definition system with port, process, and HTTP checks (76d0a01)
    • checks: add check definition system with port, process, and HTTP checks (d33c458)

    v0.5.1

    Bug Fixes

    • agent,ingest: populate OS and architecture on hosts (7cdd25b)

    v0.5.0

    Features

    • agent,ingest,web: collect real system metrics and add host detail page (da19fae)
    • agent: add tls_skip_verify option and improve install config merging (5ff70a5)

    v0.4.0

    Features

    • agent: multi-platform service install and version-aware binary cache (b875381)
    • agent: server-hosted binaries and agent self-install (87ba22c)

    v0.3.0

    Features

    • agent: one-command install with token and add -token/-address CLI flags (cd3c228)

    v0.2.0

    Features

    • agent: add automated releases, distribution, and self-update (bc315dc)
    • initial monorepo commit — Phase 0 foundation (ca9b1f9)
    • Phase 1 — Go agent, gRPC ingest service, and host inventory UI (ddf5a0a)

    Ingest v0.32.1

    Bug Fixes

    • ct-cve: repair inventory hash scan (dc8fbc3)

    v0.32.0

    Features

    • docker: add central Grype scan worker pool (380ac57)

    v0.31.1

    Bug Fixes

    • docker: serialize central grype scans (48676c2)

    v0.31.0

    Features

    • docker: reuse central image scan results (9752bbb)

    v0.30.11

    Bug Fixes

    • containers: show readable exploit risk labels (246a5aa)

    v0.30.10

    Bug Fixes

    • docker: label image scans by Grype exploit risk (97a1146)

    v0.30.9

    Bug Fixes

    • docker: allow larger syft sboms (15e0084)

    v0.30.8

    Bug Fixes

    • docker: allow grype database updates (d131235)

    v0.30.7

    Bug Fixes

    • ingest: align log ignores query with schema (252ccc0)

    v0.30.6

    Bug Fixes

    • docker: persist image scan rows with ids (bf89787)

    v0.30.5

    Bug Fixes

    • checks: ignore suppressed log scan findings (c08ec42)

    v0.30.4

    Bug Fixes

    • release: trigger soft delete removal deployment (c9833f5)

    v0.30.3

    Bug Fixes

    • certificates: hard delete replaced renewals (69f283b)

    v0.30.2

    Bug Fixes

    • certificates: retire replaced certificate renewals (b66154e)

    v0.30.1

    Bug Fixes

    • ct-cve: resolve removed package findings (1781c98)

    v0.30.0

    Features

    • docker: support server image scanning mode (e2cf44f)

    v0.29.0

    Features

    • docker: add image vulnerability scanning (4cdec33)

    v0.28.0

    Features

    • networks: map discovered internal connections (4e86061)

    v0.27.1

    Bug Fixes

    • ct-cve: preserve finding import status (9483797)

    v0.27.0

    Features

    • logs: add host log error scanning (1d6b336)

    v0.26.0

    Features

    • cmdb: add reference data options (85c8f7e)

    v0.25.0

    Features

    • itil: add CMDB and service model (1ddeacc)

    v0.24.0

    Features

    • monitoring: add Docker volume size checks (bf0960a)

    v0.23.1

    Bug Fixes

    • services: secure agent service refreshes (87f90d9)

    v0.23.0

    Features

    • patch-status: refresh host patch telemetry (c43b768)

    v0.22.1

    Bug Fixes

    • patch-status: report host patch telemetry (ec1b4dd)

    v0.22.0

    Features

    • hosts: add service status and live log tabs (dba1ee9)

    v0.21.4

    Bug Fixes

    • ingest: handle duplicate certificate renewals (d34a8c3)

    v0.21.3

    Bug Fixes

    • agent: allow offline agents to renew credentials (a60b442)

    v0.21.2

    Bug Fixes

    • agent: allow takeover of stale active hosts (2856571)

    v0.21.1

    Bug Fixes

    • agent: wait for takeover client cert (f204b6b)

    v0.21.0

    Features

    • agent: add inactive host takeover approval (f3f7976)

    v0.20.1

    Bug Fixes

    • agent: renew JWTs before expiry (76f5330)

    v0.20.0

    Features

    • web: add Docker container network graph (872d197)

    v0.19.0

    Features

    • hosts: show resource usage details (74bbaa6)

    v0.18.4

    Bug Fixes

    • ct-cve: avoid inventory push timeout (3a3a86c)

    v0.18.3

    Bug Fixes

    • ct-cve: send RPM source EVR in inventory (#87) (fdc9530)

    v0.18.2

    Bug Fixes

    • ct-cve: retry failed finding callbacks

    v0.18.1

    Bug Fixes

    • ct-cve: send printable inventory package fingerprints

    v0.18.0

    Features

    • ct-cve: push inventory after package changes

    v0.17.3

    Bug Fixes

    • ingest: align agent update discovery with web

    v0.17.2

    Bug Fixes

    • terminal: prefer host IP for SSH sessions (1388ea3)

    v0.17.1

    Bug Fixes

    • hosts: clean docker rows on delete (306848b)

    v0.17.0

    Features

    • terminal: support custom SSH ports (36872a6)

    v0.16.0

    Features

    • dev: add local full-stack dev launcher (3b3d96c)

    v0.15.1

    Bug Fixes

    • ingest: close docker inventory rows before lifecycle inserts (#1392) (cba037a)

    v0.15.0

    Features

    • docker: add container alert rules (b76feb2)

    v0.14.0

    Features

    • docker: add container lifecycle timeline (a527cb6)

    v0.13.0

    Features

    • ingest: add docker telemetry retention sweeper (3e236b5)

    v0.12.0

    Features

    • docker: upload container telemetry batches (83a9de4)

    v0.11.0

    Features

    • ingest: upsert docker container inventory (#1353) (376e81e)

    v0.10.0

    Features

    • ingest: persist Docker runtime status (2be7dff)

    v0.9.7

    Bug Fixes

    • ingest: remove instance-scoped agent identity (#1248) (3be0471)

    v0.9.6

    Bug Fixes

    • release: bake latest agent manifest into ct-ops images (79a22a4)

    v0.9.5

    Bug Fixes

    • hosts: ignore virtual bridge IPs for host dedupe (7110f42)

    v0.9.4

    Bug Fixes

    v0.9.3

    Bug Fixes

    • ingest: consume enrolment tokens atomically (#1146) (f631974)

    v0.9.2

    Bug Fixes

    • terminal: throttle ssh authentication attempts (23512dd)

    v0.9.1

    Bug Fixes

    • ingest: throttle unauthenticated registrations (511056b)

    v0.9.0

    Features

    • terminal: trust SSH host keys from agents (2ab4e2e)

    v0.8.9

    Bug Fixes

    • certs: block DNS rebinding in tracked refresh (73ade2b), closes #968

    v0.8.8

    Bug Fixes

    • ingest: bind heartbeat JWT to mTLS identity (62d113f), closes #1055

    v0.8.7

    Bug Fixes

    v0.8.6

    Bug Fixes

    • terminal: require pinned SSH host keys (#973) (ae5d5cb)

    v0.8.5

    Bug Fixes

    • ingest: reject cross-org agent re-registration (1b2df29)

    v0.8.4

    Bug Fixes

    • ingest: prevent agent identity takeover on re-registration (639fe92), closes #909

    v0.8.3

    Bug Fixes

    • alerts: block stored private notification targets (#904) (eda2d31)

    v0.8.2

    Bug Fixes

    • install: encode generated database passwords (#843) (a8ddc88)

    v0.8.1

    Bug Fixes

    • vuln: prefer full rpm evr for matching (#788) (4024fc4)

    v0.8.0

    Features

    • vuln: ingest red hat csaf package fixes (#786) (624b52f)

    v0.7.0

    Features

    • vuln: match rhel-compatible rpm hosts (#772) (ff68d4a)

    v0.6.2

    Bug Fixes

    • ingest: use canonical agent release repository (#765) (ac68119)

    v0.6.1

    Bug Fixes

    • ingest: enforce inventory JWT expiry (#762) (94603ba)

    v0.6.0

    Features

    v0.5.0

    Features

    v0.4.3

    Bug Fixes

    • release: correct package changelog paths (#711) (3dd5f74)

    v0.4.2

    Bug Fixes

    • ingest: repair stuck task timeout interval encoding (#705) (7a47d3a)

    v0.4.1

    Bug Fixes

    • agent: restore automatic self-updates (#699) (43b7cf6)

    v0.4.0

    Features

    v0.3.1

    Bug Fixes

    • certificates: verify tracked refreshes by default (#652) (5d634bb)

    v0.3.0

    Features

    v0.2.1

    Bug Fixes

    • ingest: restrict terminal websocket origins (#639) (1e56c0f)

    v0.2.0

    Features

    • notifications: purge old soft-deleted rows (fd0b96f)
    • notifications: purge old soft-deleted rows (593a8cd)

    v0.1.6

    Bug Fixes

    • ingest: cap inventory chunk size (fc60ae3)
    • ingest: cap inventory chunk size (4b0a3d8)

    v0.1.5

    Bug Fixes

    • ingest: cap grpc message and stream limits (#608) (730e8e4)

    v0.1.4

    Bug Fixes

    v0.1.3

    Bug Fixes

    • security: reject invalid heartbeat jwt fallback (660985b)
    • security: reject invalid heartbeat jwt fallback (64d0f13)

    v0.1.2

    Bug Fixes

    • security: require SSH credentials for terminal access (#566) (c0616dc)

    v0.1.1

    Bug Fixes

    • ingest: set ReadHeaderTimeout on JWKS/healthz HTTP server (45fc1b5)
    • ingest: set ReadHeaderTimeout on JWKS/healthz HTTP server (7237a66)

    Ansible API v0.5.0

    Features

    • ansible: add simple pairing flow (79d8e20)

    v0.4.0

    Features

    v0.3.3

    Bug Fixes

    • ansible: scope ping logs by host name (f13561f)

    v0.3.2

    Bug Fixes

    • ansible: scope ping output per host (96ea431)

    v0.3.1

    Bug Fixes

    v0.3.0

    Features

    v0.2.0

    Features

    • automation: add feature flags and ansible provider foundation (#1301) (d8959fc)

    CT-Vault API v0.1.4

    Version changed; no local changelog entries were found for this component.

    Images:

    • docker.io/carrtechdev/ct-ops-web@sha256:c482718012617761bb2e5a375674bc085af96031b3ca5e19a4437b3ff96be0f2
    • carrtechdev/ct-ops-ingest@sha256:b020c1da7dbf0eb19f09c7eb8739b8b2aadf832881df60ead15aba4242671254

    Roll-up changelog assets:

    • ct-ops-bundle-rollup-dev-0.128.1.md
    • ct-ops-bundle-rollup-dev-0.128.1.json
    Downloads
  • bundle/v0.128.1 4ec39017ef

    CT-Ops customer bundle v0.128.1
    All checks were successful
    SAST / gosec (agent) (push) Has been skipped
    SAST / semgrep (push) Has been skipped
    SAST / trivy (filesystem) (push) Has been skipped
    SAST / crypto-lint (no weak hashes / ciphers) (push) Has been skipped
    Secret Scan / gitleaks (push) Has been skipped
    SAST / trivy (config / IaC) (push) Has been skipped
    SAST / gosec (ingest) (push) Has been skipped
    Release / Detect merged release PR (push) Successful in 9s
    Release / Create or update release PR (push) Has been skipped
    Release / Create release tags (push) Successful in 10s
    Release / Build agent windows/amd64 (push) Has been skipped
    Release / Build agent darwin/arm64 (push) Has been skipped
    Release / Build agent linux/amd64 (push) Has been skipped
    Release / Build agent darwin/amd64 (push) Has been skipped
    Release / Build agent linux/arm64 (push) Has been skipped
    Release / Build and publish ingest image (push) Has been skipped
    Release / Build and publish web image (push) Has been skipped
    Release / Build and publish ansible-api image (push) Has been skipped
    Release / Build ansible-api image (push) Successful in 0s
    Release / Publish ansible-api release (push) Has been skipped
    Release / Publish customer bundle (push) Has been skipped
    Release / Publish agent release (push) Has been skipped
    Release / Build web image (push) Successful in 0s
    Release / Build ingest image (push) Successful in 0s
    Release / Publish web release (push) Has been skipped
    Release / Publish ingest release (push) Has been skipped
    Release / Publish customer bundle release (push) Successful in 1m0s
    Stable

    Ghost released this 2026-06-17 12:49:10 +00:00 | 31 commits to main since this release

    CT-Ops customer bundle v0.128.1 roll-up changelog

    Published 2026-06-17

    Included products

    • Customer bundle: v0.128.0 -> v0.128.1
    • Web: v0.257.1
    • Agent: v0.50.0
    • Ingest: v0.32.1
    • Ansible API: v0.5.0
    • CT-Vault API: v0.1.4

    Component changes

    Customer bundle v0.128.1

    Bug Fixes

    • release: resolve bundle images from production tags (0e6c3e7)

    Web v0.257.1

    No change in this bundle.

    Agent v0.50.0

    No change in this bundle.

    Ingest v0.32.1

    No change in this bundle.

    Ansible API v0.5.0

    No change in this bundle.

    CT-Vault API v0.1.4

    No change in this bundle.
    Images:

    • docker.io/carrtechdev/ct-ops-web@sha256:c6d838120697e539c9812f2fc440a3976885f0dbe9dc5a5f19cb75d390b0b663
    • docker.io/carrtechdev/ct-ops-ingest@sha256:5298b73ddaa9fb0b11c898410fd69fde55a55960e5af4daf893088c61ded0ddc

    Roll-up changelog assets:

    • ct-ops-bundle-rollup-v0.128.1.md
    • ct-ops-bundle-rollup-v0.128.1.json
    Downloads
  • web/v0.257.1 7274befff7

    web v0.257.1
    All checks were successful
    SAST / semgrep (push) Has been skipped
    SAST / gosec (ingest) (push) Has been skipped
    Secret Scan / gitleaks (push) Has been skipped
    SAST / trivy (filesystem) (push) Has been skipped
    SAST / trivy (config / IaC) (push) Has been skipped
    SAST / crypto-lint (no weak hashes / ciphers) (push) Has been skipped
    SAST / gosec (agent) (push) Has been skipped
    Release / Detect merged release PR (push) Successful in 9s
    Release / Create or update release PR (push) Has been skipped
    Release / Create release tags (push) Successful in 12s
    Release / Build agent darwin/amd64 (push) Has been skipped
    Release / Build agent darwin/arm64 (push) Has been skipped
    Release / Build agent linux/arm64 (push) Has been skipped
    Release / Build agent windows/amd64 (push) Has been skipped
    Release / Build agent linux/amd64 (push) Has been skipped
    Release / Build and publish ingest image (push) Has been skipped
    Release / Publish agent release (push) Has been skipped
    Release / Build and publish ansible-api image (push) Has been skipped
    Release / Build ingest image (push) Successful in 0s
    Release / Build ansible-api image (push) Successful in 0s
    Release / Publish ingest release (push) Has been skipped
    Release / Publish ansible-api release (push) Has been skipped
    Release / Build and publish web image (push) Successful in 6m3s
    Release / Publish customer bundle (push) Has been skipped
    Release / Build web image (push) Successful in 0s
    Release / Publish web release (push) Successful in 10s
    Release / Publish customer bundle release (push) Successful in 1m1s
    Stable

    Ghost released this 2026-06-17 06:51:20 +00:00 | 36 commits to main since this release

    Published by Forgejo Actions.\n\nImage:\n- carrtechdev/ct-ops-web@sha256:c6d838120697e539c9812f2fc440a3976885f0dbe9dc5a5f19cb75d390b0b663

    Downloads
  • bundle/v0.127.1 7274befff7

    CT-Ops customer bundle v0.127.1
    All checks were successful
    SAST / semgrep (push) Has been skipped
    SAST / gosec (ingest) (push) Has been skipped
    Secret Scan / gitleaks (push) Has been skipped
    SAST / trivy (filesystem) (push) Has been skipped
    SAST / trivy (config / IaC) (push) Has been skipped
    SAST / crypto-lint (no weak hashes / ciphers) (push) Has been skipped
    SAST / gosec (agent) (push) Has been skipped
    Release / Detect merged release PR (push) Successful in 9s
    Release / Create or update release PR (push) Has been skipped
    Release / Create release tags (push) Successful in 12s
    Release / Build agent darwin/amd64 (push) Has been skipped
    Release / Build agent darwin/arm64 (push) Has been skipped
    Release / Build agent linux/arm64 (push) Has been skipped
    Release / Build agent windows/amd64 (push) Has been skipped
    Release / Build agent linux/amd64 (push) Has been skipped
    Release / Build and publish ingest image (push) Has been skipped
    Release / Publish agent release (push) Has been skipped
    Release / Build and publish ansible-api image (push) Has been skipped
    Release / Build ingest image (push) Successful in 0s
    Release / Build ansible-api image (push) Successful in 0s
    Release / Publish ingest release (push) Has been skipped
    Release / Publish ansible-api release (push) Has been skipped
    Release / Build and publish web image (push) Successful in 6m3s
    Release / Publish customer bundle (push) Has been skipped
    Release / Build web image (push) Successful in 0s
    Release / Publish web release (push) Successful in 10s
    Release / Publish customer bundle release (push) Successful in 1m1s
    Stable

    Ghost released this 2026-06-17 06:51:19 +00:00 | 36 commits to main since this release

    CT-Ops customer bundle v0.127.1 roll-up changelog

    Published 2026-06-17

    Included products

    • Customer bundle: v0.127.0 -> v0.127.1
    • Web: v0.257.0 -> v0.257.1
    • Agent: v0.50.0
    • Ingest: v0.32.1
    • Ansible API: v0.5.0
    • CT-Vault API: v0.1.4

    Component changes

    Customer bundle v0.127.1

    Bug Fixes

    • host-editor: share tools panel empty state (7e36e98)

    Web v0.257.1

    Bug Fixes

    • host-editor: share tools panel empty state (7e36e98)

    Agent v0.50.0

    No change in this bundle.

    Ingest v0.32.1

    No change in this bundle.

    Ansible API v0.5.0

    No change in this bundle.

    CT-Vault API v0.1.4

    No change in this bundle.
    Images:

    • docker.io/carrtechdev/ct-ops-web@sha256:c6d838120697e539c9812f2fc440a3976885f0dbe9dc5a5f19cb75d390b0b663
    • docker.io/carrtechdev/ct-ops-ingest@sha256:5298b73ddaa9fb0b11c898410fd69fde55a55960e5af4daf893088c61ded0ddc

    Roll-up changelog assets:

    • ct-ops-bundle-rollup-v0.127.1.md
    • ct-ops-bundle-rollup-v0.127.1.json
    Downloads
  • web/v0.257.0 cc319d84f4

    web v0.257.0
    All checks were successful
    SAST / gosec (agent) (push) Has been skipped
    SAST / gosec (ingest) (push) Has been skipped
    SAST / trivy (filesystem) (push) Has been skipped
    SAST / semgrep (push) Has been skipped
    SAST / crypto-lint (no weak hashes / ciphers) (push) Has been skipped
    SAST / trivy (config / IaC) (push) Has been skipped
    Secret Scan / gitleaks (push) Has been skipped
    Release / Detect merged release PR (push) Successful in 10s
    Release / Create or update release PR (push) Has been skipped
    Release / Create release tags (push) Successful in 12s
    Release / Build agent darwin/amd64 (push) Has been skipped
    Release / Build agent linux/amd64 (push) Has been skipped
    Release / Build agent darwin/arm64 (push) Has been skipped
    Release / Build agent windows/amd64 (push) Has been skipped
    Release / Build agent linux/arm64 (push) Has been skipped
    Release / Build and publish ingest image (push) Has been skipped
    Release / Build and publish ansible-api image (push) Has been skipped
    Release / Publish agent release (push) Has been skipped
    Release / Build ingest image (push) Successful in 0s
    Release / Build ansible-api image (push) Successful in 0s
    Release / Publish ingest release (push) Has been skipped
    Release / Publish ansible-api release (push) Has been skipped
    Release / Build and publish web image (push) Successful in 6m3s
    Release / Publish customer bundle (push) Has been skipped
    Release / Build web image (push) Successful in 0s
    Release / Publish web release (push) Successful in 11s
    Release / Publish customer bundle release (push) Successful in 1m1s
    Stable

    Ghost released this 2026-06-16 21:55:29 +00:00 | 38 commits to main since this release

    Published by Forgejo Actions.\n\nImage:\n- carrtechdev/ct-ops-web@sha256:ec074c1175d013fa1708d37e9d62523a52345108fc3b591b1fc5e76baf9d23d6

    Downloads
  • bundle/v0.127.0 cc319d84f4

    CT-Ops customer bundle v0.127.0
    All checks were successful
    SAST / gosec (agent) (push) Has been skipped
    SAST / gosec (ingest) (push) Has been skipped
    SAST / trivy (filesystem) (push) Has been skipped
    SAST / semgrep (push) Has been skipped
    SAST / crypto-lint (no weak hashes / ciphers) (push) Has been skipped
    SAST / trivy (config / IaC) (push) Has been skipped
    Secret Scan / gitleaks (push) Has been skipped
    Release / Detect merged release PR (push) Successful in 10s
    Release / Create or update release PR (push) Has been skipped
    Release / Create release tags (push) Successful in 12s
    Release / Build agent darwin/amd64 (push) Has been skipped
    Release / Build agent linux/amd64 (push) Has been skipped
    Release / Build agent darwin/arm64 (push) Has been skipped
    Release / Build agent windows/amd64 (push) Has been skipped
    Release / Build agent linux/arm64 (push) Has been skipped
    Release / Build and publish ingest image (push) Has been skipped
    Release / Build and publish ansible-api image (push) Has been skipped
    Release / Publish agent release (push) Has been skipped
    Release / Build ingest image (push) Successful in 0s
    Release / Build ansible-api image (push) Successful in 0s
    Release / Publish ingest release (push) Has been skipped
    Release / Publish ansible-api release (push) Has been skipped
    Release / Build and publish web image (push) Successful in 6m3s
    Release / Publish customer bundle (push) Has been skipped
    Release / Build web image (push) Successful in 0s
    Release / Publish web release (push) Successful in 11s
    Release / Publish customer bundle release (push) Successful in 1m1s
    Stable

    Ghost released this 2026-06-16 21:55:27 +00:00 | 38 commits to main since this release

    CT-Ops customer bundle v0.127.0 roll-up changelog

    Published 2026-06-16

    Included products

    • Customer bundle: v0.126.3 -> v0.127.0
    • Web: v0.256.3 -> v0.257.0
    • Agent: v0.50.0
    • Ingest: v0.32.1
    • Ansible API: v0.5.0
    • CT-Vault API: v0.1.4

    Component changes

    Customer bundle v0.127.0

    Features

    • host-editor: add file tabs and browser actions (#690) (e439ae4)

    Web v0.257.0

    Features

    • host-editor: add file tabs and browser actions (#690) (e439ae4)

    Agent v0.50.0

    No change in this bundle.

    Ingest v0.32.1

    No change in this bundle.

    Ansible API v0.5.0

    No change in this bundle.

    CT-Vault API v0.1.4

    No change in this bundle.
    Images:

    • docker.io/carrtechdev/ct-ops-web@sha256:ec074c1175d013fa1708d37e9d62523a52345108fc3b591b1fc5e76baf9d23d6
    • docker.io/carrtechdev/ct-ops-ingest@sha256:5298b73ddaa9fb0b11c898410fd69fde55a55960e5af4daf893088c61ded0ddc

    Roll-up changelog assets:

    • ct-ops-bundle-rollup-v0.127.0.md
    • ct-ops-bundle-rollup-v0.127.0.json
    Downloads
  • web/v0.256.3 8efe97cbca

    web v0.256.3
    All checks were successful
    SAST / gosec (ingest) (push) Has been skipped
    SAST / semgrep (push) Has been skipped
    SAST / trivy (filesystem) (push) Has been skipped
    SAST / gosec (agent) (push) Has been skipped
    SAST / crypto-lint (no weak hashes / ciphers) (push) Has been skipped
    SAST / trivy (config / IaC) (push) Has been skipped
    Secret Scan / gitleaks (push) Has been skipped
    Release / Detect merged release PR (push) Successful in 9s
    Release / Create or update release PR (push) Has been skipped
    Release / Create release tags (push) Successful in 14s
    Release / Build agent darwin/amd64 (push) Has been skipped
    Release / Build agent linux/amd64 (push) Has been skipped
    Release / Build agent darwin/arm64 (push) Has been skipped
    Release / Build agent linux/arm64 (push) Has been skipped
    Release / Build and publish ingest image (push) Has been skipped
    Release / Build agent windows/amd64 (push) Has been skipped
    Release / Publish agent release (push) Has been skipped
    Release / Build and publish ansible-api image (push) Has been skipped
    Release / Build ingest image (push) Successful in 0s
    Release / Build ansible-api image (push) Successful in 0s
    Release / Publish ingest release (push) Has been skipped
    Release / Publish ansible-api release (push) Has been skipped
    Release / Build and publish web image (push) Successful in 6m4s
    Release / Publish customer bundle (push) Has been skipped
    Release / Build web image (push) Successful in 0s
    Release / Publish web release (push) Successful in 10s
    Release / Publish customer bundle release (push) Successful in 1m16s
    Stable

    Ghost released this 2026-06-16 20:29:21 +00:00 | 40 commits to main since this release

    Published by Forgejo Actions.\n\nImage:\n- carrtechdev/ct-ops-web@sha256:e61e34437bd67e5ee716de4dafc268c51e8ac541261f5011282b0bfd926f6049

    Downloads