Release history
ntfy releases
Send push notifications to your phone or desktop using PUT/POST
All releases
11 shown
v2.22.0
Security relevant
Security fixes
- SSRF vulnerability in web push endpoint allow-list regex (GHSA-w9hq-5jg7-q4j7)
Notable features
- Access tokens can now be set to never expire in web app
- Fixed web app crash on account page for tokens without last access time
Full changelog
Bug fixes + maintenance:
- Tighten web push endpoint allow-list regex to prevent SSRF via unanchored pattern matching (GHSA-w9hq-5jg7-q4j7, thanks to @MightyNawaf for reporting)
- Fix web app not allowing access tokens to be changed to never expire (#1693/#1694, thanks to @lastsamurai26 for reporting and to @ShipItAndPray for fixing)
- Fix web app crashing on account page for tokens without a last access time (#1651, #1684, thanks to @Pulsar7 and @rzhli for reporting)
v2.20.1
Bug fix
Added disable_http2=true S3 URL option to work around HTTP/2 stream errors with S3-compatible providers.
v2.20.0
New feature
Breaking changes
- Attachment directory behavior changed: files matching message ID format with no database entries will be deleted
Notable features
- S3-compatible object storage for attachments
- OpenRC init service
v2.19.2
Bugfix
Fixed race condition in web push subscriptions causing constraint violations. Routed authorization queries to read-only replicas to reduce primary database load.
v2.19.1
Bug fix
Fixed invalid UTF-8 character handling in HTTP headers causing PostgreSQL insert failures. Fixed database-url validation rejecting postgresql:// connection strings.
v2.19.0
New feature
Notable features
- PostgreSQL read replica support
- Interactive config generator
v2.18.0
New feature
Notable features
- PostgreSQL support as alternative database backend
v2.17.0
New feature
Notable features
- Priority field templating
- Copy to clipboard action
- Unread message indicator on favicon
v2.16.0
New feature
Notable features
- Update and delete notifications
- Heartbeat/dead man's switch notifications
- Windows service support