Skip to content

Oikos

v0.55.16 Bugfix

This release fixes issues for SREs watching stability and regressions.

Published 2d Productivity & Wikis
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

docker family family-planner home-automation planner-app privacy-first
+4 more
progressive-web-app pwa self-hosted selfhosted-apps

Affected surfaces

auth breaking_upgrade

Summary

AI summary

Fixed TRUST_PROXY parsing so numeric values are treated as hop counts, returning the real client IP behind proxies.

Changes in this release

Bugfix Medium

Correctly parses TRUST_PROXY numeric values as hop count, returning real client IP.

Correctly parses TRUST_PROXY numeric values as hop count, returning real client IP.

Source: llm_adapter@2026-06-02

Confidence: high
Full changelog

Fixed

  • TRUST_PROXY environment variable is now parsed correctly: numeric values like 1 are treated as a hop count (not an IP address), so req.ip returns the real client IP when running behind a reverse proxy such as Traefik or nginx. Subnet strings (e.g. 172.16.0.0/12) and named values (loopback) continue to work as before.
  • .env.example documents TRUST_PROXY with examples for Traefik/Docker setups.
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Oikos

Get notified when new releases ship.

Sign up free

About Oikos

Family planner for small households

All releases →

Related context

Related tools

Beta — feedback welcome: [email protected]