Superset

vdesktop-v1.12.3 scope: desktop Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 7d AI Agents & Assistants

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Topics

agentic-ai ai-agents claude-code cli codex coding-agents

+13 more

cursor-agent desktop-app developer-tools electron git-worktree llm mcp opencode orchestration parallel-agents tui vibe-coding worktrees

Affected surfaces

deps auth

ReleasePort's take

Moderate signal

editorial:auto 7d

This release patches Dependabot advisories for the better‑auth and hono dependencies and removes the remote‑control web terminal feature.

Why it matters: Patch severity 40 for runtime dependency issues; removal of a core UI component triggers immediate workflow changes.

Summary

AI summary

Updates desktop, marketing, and deps across a mixed release.

Changes in this release

Type	Severity	Summary	CVE
Breaking	High	Remove the remote-control web terminal feature. Remove the remote-control web terminal feature. Source: llm_adapter@2026-06-05 Confidence: high	—
Feature	Low	Add drag‑and‑drop file upload into the v2 Files tab. Add drag‑and‑drop file upload into the v2 Files tab. Source: llm_adapter@2026-06-05 Confidence: high	—
Dependency	Medium	Patch flagged Dependabot advisories for better-auth and hono dependencies. Patch flagged Dependabot advisories for better-auth and hono dependencies. Source: llm_adapter@2026-06-05 Confidence: high	—
Bugfix
Bugfix	Medium	Stop idle TanStack DB SQLite writes that churn disk and bloat the file. Stop idle TanStack DB SQLite writes that churn disk and bloat the file. Source: llm_adapter@2026-06-05 Confidence: high	—
Bugfix	Medium	Scope v2 notifications and ports to sidebar‑visible workspaces. Scope v2 notifications and ports to sidebar‑visible workspaces. Source: llm_adapter@2026-06-05 Confidence: high	—
Bugfix	Medium	Recover remote terminal after laptop sleep/wake cycles. Recover remote terminal after laptop sleep/wake cycles. Source: llm_adapter@2026-06-05 Confidence: high	—
Bugfix	Medium	Guard terminal resume against in‑flight connect attempts. Guard terminal resume against in‑flight connect attempts. Source: llm_adapter@2026-06-05 Confidence: high	—
Bugfix	Medium	Repair CI Test job by adding verifyOrgOwner to v2‑project test mock. Repair CI Test job by adding verifyOrgOwner to v2‑project test mock. Source: llm_adapter@2026-06-05 Confidence: high	—
Bugfix	Medium	Decide workspace‑delete cleanup based on git state, not error text. Decide workspace‑delete cleanup based on git state, not error text. Source: llm_adapter@2026-06-05 Confidence: high	—

Full changelog

What's Changed

chore(desktop): bump version to 1.12.2 by @saddlepaddle in https://github.com/superset-sh/superset/pull/5072
feat(marketing): add Google Ads gtag tracking by @AviPeltz in https://github.com/superset-sh/superset/pull/5074
fix(deps): patch flagged Dependabot advisories (better-auth, hono) by @AviPeltz in https://github.com/superset-sh/superset/pull/5118
fix(desktop): attach desktop_version as a renderer super property by @saddlepaddle in https://github.com/superset-sh/superset/pull/5117
Remove the remote-control web terminal feature by @saddlepaddle in https://github.com/superset-sh/superset/pull/5105
fix(desktop): stop idle tanstack-db.sqlite writes that churn disk and bloat the file by @saddlepaddle in https://github.com/superset-sh/superset/pull/5129
feat(desktop): drag-and-drop file upload into v2 Files tab by @AviPeltz in https://github.com/superset-sh/superset/pull/5082
fix(desktop): scope v2 notifications and ports to sidebar-visible workspaces by @saddlepaddle in https://github.com/superset-sh/superset/pull/5134
fix(desktop): recover remote terminal after laptop sleep/wake by @saddlepaddle in https://github.com/superset-sh/superset/pull/5135
fix(desktop): guard terminal resume against in-flight connect by @saddlepaddle in https://github.com/superset-sh/superset/pull/5137
fix(trpc): repair CI Test job — add verifyOrgOwner to v2-project test mock by @saddlepaddle in https://github.com/superset-sh/superset/pull/5136
fix(host-service): decide workspace-delete cleanup on git state, not error text by @saddlepaddle in https://github.com/superset-sh/superset/pull/5138

Full Changelog: https://github.com/superset-sh/superset/compare/desktop-v1.12.2...desktop-v1.12.3

Breaking Changes

Remove the remote-control web terminal feature

Security Fixes

Patch flagged Dependabot advisories for better-auth and hono dependencies

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Superset

Get notified when new releases ship.

About Superset

Code Editor for the AI Agents Era - Run an army of Claude Code, Codex, etc. on your machine

All releases →