This release adds 3 notable features for engineering teams evaluating rollout.
✓ No known CVEs patched in this version
Topics
+3 more
Affected surfaces
Summary
AI summaryAdded reports feature with endpoints and database support.
Changes in this release
| Type | Severity | Summary | CVE |
|---|---|---|---|
| Feature | Medium |
Added reports parameter to POST /app/create and POST /app/update endpoints. Added reports parameter to POST /app/create and POST /app/update endpoints. Source: granite4.1:8b-q6_K@2026-05-20 Confidence: high |
— |
| Feature | Medium |
When reports enabled, creates public report key in report_keys collection bound to app. When reports enabled, creates public report key in report_keys collection bound to app. Source: granite4.1:8b-q6_K@2026-05-20 Confidence: high |
— |
| Feature | Medium |
Added GET /report-keys/list to list report keys with app identity for current owner. Added GET /report-keys/list to list report keys with app identity for current owner. Source: granite4.1:8b-q6_K@2026-05-20 Confidence: high |
— |
| Feature | Medium |
Added POST /report-keys/regenerate to replace report key value for a given app. Added POST /report-keys/regenerate to replace report key value for a given app. Source: granite4.1:8b-q6_K@2026-05-20 Confidence: high |
— |
| Feature | Medium |
Toggling reports on app update creates or removes report key binding when flag changes. Toggling reports on app update creates or removes report key binding when flag changes. Source: granite4.1:8b-q6_K@2026-05-20 Confidence: low |
— |
| Feature | Medium |
Updating an app toggles creation or removal of its report‑key binding based on the `reports` flag change. Updating an app toggles creation or removal of its report‑key binding based on the `reports` flag change. Source: granite4.1:30b@2026-05-20-audit Confidence: low |
— |
| Bugfix | Medium |
Added integration tests for list and regenerate report key functionality with various user permissions. Added integration tests for list and regenerate report key functionality with various user permissions. Source: granite4.1:8b-q6_K@2026-05-20 Confidence: low |
— |
| Refactor | Medium |
Added indexes: unique app_id and owner lookup for listing in report_keys collection. Added indexes: unique app_id and owner lookup for listing in report_keys collection. Source: granite4.1:8b-q6_K@2026-05-20 Confidence: low |
— |
Full changelog
Features
- Added
reportsparameter toPOST /app/createandPOST /app/updateendpoints. - When
reportsis enabled, a public report key is created in thereport_keyscollection and bound to the app (one key per app). - Toggling
reportson app update creates or removes the report key binding when the flag changes. - Added
GET /report-keys/listto list report keys with app identity for the current owner (team users see only allowed apps). - Added
POST /report-keys/regenerateto replace the report key value for a given app.
Database
- Added
report_keyscollection indexes: uniqueapp_idand owner lookup for listing.
Maintenance
- Added integration tests:
TestListReportKeys,TestListReportKeysNoValues,TestListReportKeysWithSecondaryUser,TestListReportKeysAdminUserBeforeTeamUser,TestListReportKeysTeamUserPermissionDenied,TestListReportKeysTeamUser,TestRegenerateReportKey,TestFailedRegenerateReportKeyWithSecondaryUser,TestFailedRegenerateReportKeyWithTeamUser,TestRegenerateReportKeyTeamUser,TestListReportKeysNoValuesAfterUpdateAppReportsToFalse.
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About FaynoSync
Self-hosted Dynamic Update Server with statistics, supporting multiple updaters. Flexible features for seamless app updates and insights.
Related context
Beta — feedback welcome: [email protected]