Changelog

usulnet v26.2.1 — Beta — 2026-02-12

Added

• RDP Connection Management: Full CRUD with PostgreSQL persistence, password encryption (AES-256-GCM), TCP connectivity testing, and per-user connection isolation
• Runbook Condition Steps: Container status checks (running/stopped/exited) and string comparison operators (eq/neq/contains)
• Runbook API Call Steps: HTTP client with configurable method, URL, body, auth headers, timeout caps (30s), and response validation
• Container Rename: End-to-end rename via Docker API through the service layer
• OAuth/OIDC SSO Login: Complete OAuth authorization flow with CSRF state validation and auto-provisioning
• Profile Management Routes: Preferences, theme toggle, session management, and GDPR data export
• SFTP Rename: Frontend now performs real rename API calls (was placeholder alert)
• License System Tests: ~160 tests covering validation, enforcement, expiry, and edition gating

Fixed

• SSH Connection Test JSON Injection: Replaced unsafe string interpolation with json.Encoder for safe serialization
• Silent Error Handling (20+ handlers): Stack operations, volume/network prune, security scans, update checks, and connection CRUD now display flash error/success messages instead of silently discarding errors
• CSRF Token Generation: Token now generated on login and TOTP verification (was empty)
• NPM Proxy Settings Lost on Update: All 14+ NPM settings now preserved through create/update flows
• User Role Dropdown Not Pre-Selected: Role matched against roles table for edit form
• Labels Nil Map Panic: Added nil check before accessing container labels in stack builder
• json.Unmarshal Errors Ignored (7 locations): Container settings and runbook steps now validate JSON input
• Dockerfile BuildKit Compatibility: Added BUILDPLATFORM default for environments without buildx
• Git Provider Detection: Fixed hardcoded "gitea" provider in editor hub connections
• sendBulkResultToast Panic: Added bounds check before string slicing

Improved

• Input Validation: Name/host/URL required checks added across webhooks, registries, runbooks, database and LDAP connections
• Checkbox Consistency: All form toggles now check both "true" and "on" values
• Session Error Logging: Logout, host switch, and flash message session saves now log warnings on failure
• Dashboard System Info: Populated from Docker host info (was TODO stub)
• Stacks API User Context: User ID extracted from JWT for version create/restore operations

Tests

• 503 unit tests across crypto, models, HTTP utils, and validation packages
• ~160 license system tests (validation, middleware enforcement, fingerprinting)
• All tests run with -race detection

Security

• Database migration for RDP connections with proper constraints and unique indexes
• RDP passwords encrypted at rest via AES-256-GCM
• SFTP rename includes CSRF token validation
• SSH delete responses use safe JSON encoding
• Runbook API call step: 30s timeout cap, 4KB response body limit

Full Changelog: https://github.com/fr4nsys/usulnet/compare/v26.2.0...v26.2.1