This release brings essential fixes and improvements that build on the foundation laid in v4.0.0-beta.435, focusing on security patches, Livewire modernization, API enhancements, and service template additions.

🚀 Major Features

Complete Livewire Legacy Model Binding Migration (#6862)

Modernized 25+ Livewire components from legacy binding to explicit properties, enabling future-proof architecture.

Migration Scope:

• ✅ 25+ components migrated
• ✅ 150+ explicit properties added
• ✅ 0 legacy bindings remaining
• ✅ legacy_model_binding flag disabled

Major Components:

• Application/General.php (53 fields) - Largest migration
• Security/PrivateKey/Show.php (4 fields)
• Storage/Form.php (8 fields)
• Source/Github/Change.php (16 fields)
• Project/Shared/* (ResourceLimits, HealthChecks, Storages)
• Service/* (StackForm, EditDomain, EditCompose, Database)
• All Database General components (8 database types)

Critical Fixes:

• 🐛 Collection/string confusion in EditDomain
• 🐛 Parent component sync after save
• 🐛 Empty FQDN field on load
• 🐛 Lifecycle hooks not firing
• 🐛 Duplicate HTML IDs with auto-generated unique IDs
• 🐛 Fixed Monaco editor @entangle errors

Statistics: 1,715 additions, 532 deletions, 46 files changed

Authentication Pages Redesign (#6906)

Aligned all auth pages with new onboarding design for consistent user experience.

Pages Updated:

• login, register, forgot-password, reset-password
• two-factor-challenge, confirm-password

Design Changes:

• Removed white/gray card backgrounds
• Consistent centered layout with large Coolify heading
• Color-coded alerts with icons
• Segmented auto-advancing 2FA input
• Paste-compatible 2FA code entry
• Updated email error messages for security (prevents enumeration)
• Applied border styling to match onboarding

Admin User Deletion Command (#6907)

New comprehensive command for deleting users with full resource cleanup.

Features:

• Full resource cleanup (applications, databases, services)
• Team ownership transfers and management
• Server deletion for user-owned teams
• Stripe integration (cloud instances)
• Safety features: dry-run mode, phase confirmations, state tracking
• Instance agnostic (works on self-hosted and cloud)

Replaces:

• admin:remove-user (deleted)
• cloud:delete-user (now deprecated alias)

Bug Fixes:

• Correct resource filtering by team ownership
• Fixed relationship access (using method calls)
• Proper lock management with Ctrl+C handling
• Stripe cancellation after DB commit
• Self-hosted support (skips Stripe operations)

✨ Core Features

API Enhancements (#6899)

Added three new API endpoints with comprehensive documentation.

Cancel Deployment API

• POST /api/v1/deployments/{uuid}/cancel
• Cancel queued/in_progress deployments
• Docker container cleanup with docker rm -f
• Process termination by PID
• Detailed cancellation logging

Database Backup Creation API

• POST /api/v1/databases/{uuid}/backups
• Cron expressions and predefined frequencies
• S3 storage integration with validation
• Retention policy configuration (local and S3)
• Optional immediate backup trigger
• Authorization via manageBackups gate

List GitHub Apps API

• GET /api/v1/github-apps
• Team-owned and system-wide apps
• Sensitive data filtering (client_secret, webhook_secret)
• Team isolation enforced

Test Coverage: 30+ tests across 3 comprehensive suites

Service Templates

New Templates:

• SigNoz (#5386) - Observability platform with:

  • Telemetry configuration
  • SMTP and Alert Manager setup
  • OTEL collector with healthcheck
  • Latest tags for all services
  • JWT secret auto-generation

• Cap (#6011) - Open-source Loom alternative

  • S3 storage support (local/remote)
  • Environment variable documentation
  • Co-authored by @ShadowArcanist

Template Updates:

• Ente Photos (#6883) - Added SMTP configuration
• n8n (#6835) - Updated to v1.114.4 with deprecation env vars
• Plausible (#6475) - Fixed swapped clickhouse configs
• Shlink (#6475) - Fixed double https:// issue

🔒 Critical Security Fixes

Session Management (#6893)

CRITICAL: Fixed password changes not invalidating user sessions.

• Changed isDirty() to wasChanged() in updated() hooks
• Sessions now properly invalidated on password change
• Prevents session hijacking after password reset
• Fixed in 3 locations:
  • DeletesUserSessions trait (password changes)
  • InstanceSettings (helper_version changes)
  • ServerSetting (sentinel service restart)

Test Coverage: 15 tests across 3 suites

Privilege Escalation (#6884)

Fixed critical privilege escalation vulnerability in team invitation system.

Command Injection Prevention (#6887)

Secured git ls-remote operations against command injection attacks.

TrustHosts Middleware (#6889)

Implemented middleware to handle FQDN and IP address trust logic for improved security.

🐛 Bug Fixes

Deployment & Build

• Null Environment Variables (#6886)

  • Handle null values in bash escaping functions
  • Prevents deployment failures
  • 29 tests passing

• Docker Compose Parsing (#6891, #6895)

  • Fixed array labels in preg_match
  • Added type checks before processing labels
  • Handles array label values by converting to strings
  • Unit tests added

UI/UX

• Service Textarea Focus (#6897)

  • Removed wire:model.blur causing form dirty state reset
  • Fixed jarring UI flicker on domains input
  • Changed to deferred synchronization

• Input Focus Styling (#6900)

  • Updated to border-left focus instead of ring-based
  • Consistent styling with input-sticky utility

• Hetzner Cloud Rendering (#6902)

  • Fixed onboarding back button navigation
  • Proper state restoration with $currentState

• Ports Exposes Null (#6901)

  • Added default value for Docker Compose Example
  • Fixes NOT NULL constraint violation

📝 Documentation & Infrastructure

GHCR Cleanup Workflow (#6903)

Automated cleanup of untagged container images from GitHub Container Registry.

Features:

• Deletes only untagged versions (keeps all tagged images)
• Runs every 6 hours + manual trigger
• Up to 100 versions per run
• Testing phase on coolify-testing-host image

Expected Impact:

• Current: 16,000+ untagged versions
• Reduces storage bloat
• Faster registry operations

Service Updates

• Preview Deployment Updates (#6876)

  • Added service name in update job for better tracking

• API Enabled in Dev (#6890)

  • API enabled by default in development mode
  • Production remains secure (disabled by default)

📊 Statistics

• 25 merged PRs since v4.0.0-beta.435
• ~3,000+ lines added
• ~700+ lines removed
• 80+ files changed
• 60+ new tests
• 2 new service templates
• 3 major template updates
• 4 critical security fixes

🙏 Credits

Thank you to all contributors since v435:

@andrasbacsai, @GauthierPLM, @titouv, @ariqpradipa, @xwxfox, @yipfram, @stylefieber, @ShadowArcanist, @thereis

And thanks to everyone who reported issues and helped test!

Generated by Andras & Jean-Claude, hand-in-hand.

What's Changed

• fix: prevent command injection in git ls-remote operations by @andrasbacsai in #6887
• fix: handle null environment variable values in bash escaping by @andrasbacsai in #6886
• fix: critical privilege escalation in team invitation system by @andrasbacsai in #6884
• Enable API by default in development mode by @andrasbacsai in #6890
• feat: implement TrustHosts middleware to handle FQDN and IP address trust logic by @andrasbacsai in #6889
• Fix preg_match error with array labels by @andrasbacsai in #6895
• Fix: Domains input dirty state reset on blur by @andrasbacsai in #6897
• fix: docker compose parsing by @andrasbacsai in #6891
• fix: use wasChanged() instead of isDirty() in updated hooks by @andrasbacsai in #6893
• feat: include service name in preview deployment updates by @thereis in #6876
• Update input focus styling to border-left by @andrasbacsai in #6900
• Seed Docker Compose Example with ports_exposes by @andrasbacsai in #6901
• Add Cancel Deployment API endpoint by @andrasbacsai in #6899
• Fix Hetzner Cloud rendering in onboarding by @andrasbacsai in #6902
• Add GHCR untagged image cleanup workflow by @andrasbacsai in #6903
• Update auth pages to match onboarding design by @andrasbacsai in #6906
• Update Coolify text size on auth pages by @andrasbacsai in #6908
• Admin command for deleting users by @andrasbacsai in #6907
• Complete Livewire legacy model binding migration (25+ components) by @andrasbacsai in #6862
• feat(service): add signoz template by @GauthierPLM in #5386
• Update plausible.yaml and shlink.yaml - clickhouse config contents were swapped; fixing double...

This PR represents a major milestone in Coolify's evolution, bringing comprehensive Hetzner Cloud integration, custom webhook notifications, enhanced Docker image handling, onboarding redesign, and numerous stability and security improvements.

🚀 Major Features

Hetzner Cloud Integration (#6817, #6840, #6842, #6843, #6863, #6866)

Complete integration with Hetzner Cloud, enabling users to create and manage servers directly from Coolify.

Core Features:

• ✨ Server creation and deletion via Hetzner API
• ✨ Automatic server status synchronization with retry mechanism
• ✨ Deletion failure notification system with email alerts
• ✨ Rate limit handling for API requests
• ✨ Retry functionality for server validation process

Cloud-Init Script Support:

• ✨ Cloud-init script support for Hetzner server creation
• ✨ Cloud-init scripts management UI in Security section
• ✨ YAML validation for cloud-init scripts
• ✨ Dropdown selection for existing scripts
• ✨ Global search integration for cloud-init scripts
• 📝 Documentation clarifying cloud-init script compatibility

Network & Configuration:

• ✨ IPv4/IPv6 network configuration for server creation
• ✨ Support for selecting additional SSH keys from Hetzner
• ✨ Modal support for creating private keys in server creation flow
• ✨ Pricing display on server creation button (e.g., "€12.99/mo")
• ✨ CPU vendor information for server types

UI Improvements:

• ✨ Hetzner affiliate link in token form to support Coolify
• ✨ Enhanced datalist component with unified input container
• ✨ Improved placeholder text for token name input

Implementation Details:

• 🔨 Implement ValidHostname validation rule
• 🐛 Improved error logging and handling in ServerConnectionCheckJob
• 🐛 Update Hetzner server status handling to prevent unnecessary database calls
• 🐛 Correct dispatch logic for Hetzner server status refresh

📊 Statistics: 55 commits, 4,452 additions, 411 deletions, 104 files changed

Custom Webhook Notifications (#6837)

Complete webhook notification system allowing users to receive real-time notifications about events via HTTP POST requests.

Core Features:

• Custom Webhook Notifications: Send POST requests to user-defined HTTP/HTTPS endpoints when events occur
• Database Schema: New webhook_notification_settings table with encrypted URL storage and per-event toggles
• Event Toggles: Fine-grained control over 12+ notification types (deployments, backups, scheduled tasks, server events)
• Webhook Delivery: Queued job system with retry logic (5 attempts, 10s backoff)
• Rich Payloads: All webhook payloads include resource UUIDs and direct URLs to Coolify resources

UI/UX Enhancements:

• Dedicated Webhook Page: Full settings interface with form validation and test notification
• Password-Protected URLs: Webhook URLs displayed as password fields for security
• POST Badge Indicator: Visual HTTP method indicator positioned before the URL input
• Responsive Layout: Organized notification settings in categorized cards

Supported Events:

• Deployments: success, failed, status_changed
• Backups: success, failed, success_with_s3_warning
• Scheduled Tasks: success, failed
• Server: docker_cleanup, high_disk_usage, reachable/unreachable, server_patch_check

📊 Statistics: 14 commits, 32 files changed, +900 additions / -15 deletions

Enhanced User Onboarding (#6855)

Complete redesign of the user onboarding experience with a modern, centered UI, enhanced UX flow, and Hetzner Cloud integration.

Core Features:

• Modern UI Redesign: Centered, card-based layout with clean design
• 3-Step Progress Indicator: Visual progress component showing completed, current, and upcoming steps
• Hetzner Cloud Integration: Users can now create Hetzner servers directly from onboarding
• Separate SSH Key Input Modes: Distinct textareas for "Generate with Coolify" (readonly) vs "Add your own" (editable)

Bug Fixes:

• Project Loading on Refresh: Projects now load correctly when refreshing the Project Setup page
• Browser Back Button: Removed aggressive redirects to welcome page
• SSH Key Auto-Selection: First SSH key is auto-selected by default
• State Persistence: Livewire URL binding enables proper browser navigation

📊 Statistics: 4 commits, 5 files changed, +851 additions / -428 deletions

✨ Core Features

Docker & Container Management

Docker Image Enhancements

• SHA256 Hash Support for Deployments (#6472)

  • Enhanced DockerImageParser to detect and handle image hashes
  • Updated UI forms with better guidance for hash input
  • Modified deployment logic to use @sha256: format
  • Comprehensive test coverage for all hash scenarios

• Auto-Parse Docker Image References (#6879)

  • Users can paste complete Docker image references (e.g., nginx:stable@sha256:abc123...)
  • Automatically parses and populates image name, tag, and SHA256 fields
  • Smart behavior: only auto-parses when fields are empty
  • Handles all formats: registries with ports, digests, tags

• Fix Docker Image Digest Handling (#6878, #6879)

  • Fixed double-decoration bug in Docker image names
  • Replaced manual regex with robust DockerImageParser utility
  • Prevents malformed image names like nginx:abc123@sha256

Service & Template Improvements

• Elasticsearch with Kibana (#6470) - Service template with token-based authentication
• Ente Photos (#6511) - Self-hosted photo service template
• pgAdmin (#6563) - PostgreSQL admin interface with auto-network connection (#6861)
• Swetrix Analytics (#6735) - Privacy-focused analytics alternative
• Rybbit (#6631) - Service template
• Lobe Chat (#6655) - AI chat interface with local DB
• Gotify (#6793) - Self-hosted notification service
• NewAPI (#6753) - API template
• Once Campfire (#6557) - Basecamp's Campfire app
• Gramps Web (#6559) - Genealogy web application

Template Updates & Fixes

• Homarr (#6778) - Updated to new image version 1.40.0
• Convex (#6576) - Updated documentation URL and image
• Docmost (#6710) - Added mail environment variables
• Bluesky PDS (#6636) - Fixed JWT generation and email envs
• Ente Photos (#6802) - Fixed PostgreSQL connection and MinIO CORS issues
• Mattermost (#6538) - Removed healthcheck command (shell not available)
• Filebrowser (#6589) - Corrected healthcheck for wget vs curl
• Traccar (#6721) - Fixed "no available server" error
• Moodle (#6806) - Added healthcheck
• Documenso (#6831) - Added missing Resend API environment variables
• Bitnami to BitnamileLegacy (#6764) - Updated image references across all templates

Deployment & Build System

• Environment Variable Management

  • Standardized .env file handling across all deployment methods (#6826)
  • Fixed environment variable cache refresh after adding new variables (#6790)
  • Save build-time .env file before build to prevent inclusion in images (#6826)
  • Fixed API validation to allow all environment variable fields (#6860)
  • Save runtime environment variables when skipping build (#6845)

• Build Process Improvements

  • Docker build commands wrapped with environment variable exports (#6826)
  • Fixed static site publish directory double slash in build logs (#6871)
  • Added default NIXPACKS_NODE_VERSION for Nixpacks applications (#6770)
  • Warning for NIXPACKS_NODE_VERSION in Node.js configurations (#6844)
  • Fixed base_directory default and inclusion in submit method (#6843)

• Deployment Fixes

  • Fixed pure Dockerfile deployment failure due to missing .env file (#6873)
  • Fixed PR build logs URL to use environment UUID (#6850)
  • Handle all ProcessStatus values in PR updates (#6868)
  • Sanitize branch names for Docker tag compatibility (#6843)

Git Integration

• Git Redirect Handling (#6869)
  • Fixed deployment failures when Git repositories use redirects (e.g., tangled.sh → tangled.org)
  • Replaced line-based parsing with regex pattern matching for commit SHA extraction
  • Added security improvement with escapeshellarg() for repository URLs
  • Comprehensive test coverage for all redirect scenarios
  • Universal fix for all Git hosting services with redirects

Database Management

• Database Security & Stability

  • Added authorization checks to all database Livewire components (#6872)
  • Fixed TypeError when destination server is not configured (#6870)
  • Migrated database components from legacy model binding (#6859)
  • Fixed container name conflict when updating port mappings (#6858)

• Backup Enhancements (#6791)

  • Enhanced backup job with S3 upload handling
  • New BackupSuccessWithS3Warning notification class
  • Track local backup success and S3 upload errors separately
  • Added s3_uploaded boolean field to track S3 status
  • Fixed backup job to use backup_log_uuid for container naming (#6844)

Proxy & Network

• Proxy Configuration (#6787)

  • Enhanced proxy configuration regeneration by extracting custom commands
  • Added function to preserve custom Traefik commands during regeneration
  • Unit tests to validate custom command extraction

• Read-Only Volume Handling (#6774)

  • Introduced isReadOnlyVolume method for volume models
  • Enhanced UI to display notifications for read-only volumes
  • Prevent modification actions for read-only volumes

🎨 UI/UX Enhancements

Global Search & Navigation

• Searchable Terminal Selector (#6854)

  • Replaced standard dropdown with advanced searchable datalist component
  • Real-time search filtering for servers/containers
  • Visual improvements with smooth animations

• **Global Search Improvements...

• fix(deployments): build / runtime envs should work better now.
• feat(deployments): generate SERVICE_NAME environment variables from Docker Compose services

Issues

• fix #6738

What's Changed

• v4.0.0-beta.434 by @andrasbacsai in #6755
• feat(deployments): generate SERVICE_NAME environment variables from Docker Compose services by @andrasbacsai in #6757

Full Changelog: v4.0.0-beta.433...v4.0.0-beta.434

• feat(ui): enhance resource operations interface with dynamic selection for cloning and moving resources.
• feat(ui): new deployment running indicator instead of the dashboard one.
• feat(core): added https://tangled.org git repo support.
• fix(ui): improve docker registry image helper text clarity.
• fix(ui): correct HTML structure and improve clarity in Docker cleanup options.
• fix(ui): Persistent storage views look better.
• revert(deployment): Reverted Application Deployment Job to v429 version, because it causing problems like #6740, #6737.

Issues

• fix #6733
• fix #6731

What's Changed

• fix(ui): improve docker registry image helper text clarity by @Cinzya in #6718
• v4.0.0-beta.433 by @andrasbacsai in #6730

Full Changelog: v4.0.0-beta.432...v4.0.0-beta.433

• feat(compose): activated git based compose application watch paths.
• feat(nixpacks): add custom required things to Symfony deployments.
• feat(ui): Change theme-color meta tag to change dynamically when the theme is toggled.
• fix(watch-paths): handle all type of watch paths regexes.
• fix(env): warning signs for wrongly set build time variables are looking good now.
• fix(ui): improve mobile sidebar close behavior.
• fix(ui): long text on helper popup not wrapping based on screensize
• fix(compose): some compose based apps that has dot in their name parsed wrongly.
• chore(ui): improve application healthcheck page.

Issues

• fix #6291
• fix #6674
• fix #6668
• fix #5800
• fix #2755
• fix #6565
• fix #6716
• fix #6175

What's Changed

• feat(core): update coolify logo files by @Cryszon in #6541
• refactor: improve ENV handling during installation and upgrades by @peaklabs-dev in #6497
• Fix team invitation email case sensitivity bug by @heavygee in #6628
• fix(service): beszel missing required environment variables by @ShadowArcanist in #6678
• fix(service): Bugsink CSRF validation error by @ShadowArcanist in #6676
• chore(ui): move terminal access settings to security page by @ShadowArcanist in #6675
• fix(ui): fix typo "instaled" to "installed by @Zurki in #6673
• chore(ui): improve docker cleanup page by @ShadowArcanist in #6671
• fix(ui): improve mobile sidebar close behavior by @nikitashmidt in #6609
• feat: 👀 Show Watch Paths field for Docker Compose applicationsFeature/watch paths for services by @ossamalafhel in #6598
• feat: Add SSH command process timeout configuration by @ahmadw13 in #6574
• fix(socialite): add custom base URL support for GitLab provider in OAuth settings by @sepcnt in #6572
• fix: resolve scroll lock issue after closing quick search modal with escape key by @andrasbacsai in #6727
• fix: prevent quick search modal duplication from keyboard shortcuts by @andrasbacsai in #6728
• fix(ui): long text on helper popup not wrapping based on screensize by @ShadowArcanist in #6725
• chore(ui): improve application healthcheck page by @ShadowArcanist in #6724
• feat(ui): Change theme color by @nikitashmidt in #6714
• v4.0.0-beta.432 by @andrasbacsai in #6699

New Contributors

• @Cryszon made their first contribution in #6541
• @heavygee made their first contribution in #6628
• @Zurki made their first contribution in #6673
• @nikitashmidt made their first contribution in #6609
• @ossamalafhel made their first contribution in #6598
• @ahmadw13 made their first contribution in #6574
• @sepcnt made their first contribution in #6572

Full Changelog: v4.0.0-beta.431...v4.0.0-beta.432

Fixing ssh/ssl issue caused by a bug in openssh-client.

What's Changed

• v4.0.0-beta.431 by @andrasbacsai in #6694

Full Changelog: v4.0.0-beta.430...v4.0.0-beta.431

• fix(ui): shared env variable view.
• fix(envs): escape special multiline envs when they are needed for --build-args.
• fix(ui): Only show env warnings for wrongly defined build args when they are defined by the user and not the buildpack (like for nixpacks).

Issues

• fix #6688
• fix #6679

What's Changed

• Add Automated PR Comments with Docs instructions by @Cinzya in #6686
• Fix preview url port by @michnhokn in #6685
• v4.0.0-beta.430 by @andrasbacsai in #6689
• fix(deployment-job): enhance build time variable analysis by @andrasbacsai in #6691

New Contributors

• @michnhokn made their first contribution in #6685

Full Changelog: v4.0.0-beta.429...v4.0.0-beta.430

• feat(envs): Introduce Docker Secrets for enhanced security during builds. You can enable it on the environment variables tab.
• feat(envs): Introduce is_buildtime and is_runtime environment variable flags.
• feat(ux): New quciksearch function with / or cmd + k.
• feat(docker-network): Improve detection of special network modes.
• feat(api): Able to query, modify & delete database backups through the API.
• feat(api): Able to create, query, modify & delete Github Apps through the API.
• feat(environment-variables): implement environment variable analysis for build-time issues.
• fix(status): App/Service status fixed, restarting state also handled (this bug was introduced in the previous release).
• fix(deployment): Improve deployment cancel process.
• fix(pr-deployment): In case of any error during deployment, make sure the preview container is not removed. In some edge cases it was removed.
• fix(api): Log API returns stderr as well.
• fix(clone): Cloning whole proejct environments fixed.
• fix(api): Hide sensitive email change fields in team member responses.
• fix(git): Remove ~ from forbidden characters in git URLs (sourcehut uses it).
• fix(domains): Url validation silently fails with surrounding whitespace.
• ui(metrics): Improve metrics's UI.

Issues

• fix #6624
• fix #6649
• fix #6632
• fix #6645
• fix #6658
• fix #6232
• fix #6478
• fix #5672

What's Changed

• helper image ++ by @andrasbacsai in #6617
• feat(docker): add build secrets by @andrasbacsai in #6629
• chore(ui): improve sentinel metrics by @ShadowArcanist in #6657
• chore(ui): improve proxy configuration page by @ShadowArcanist in #6667
• fix(ui): incorrect proxy config file path by @ShadowArcanist in #6666
• fix(ui): non-error deployment debug log lines appear red in light mode by @ShadowArcanist in #6659
• fix: hide sensitive email change fields in team member responses (#GHSA-927g-56xp-6427) by @WangYihang in #6644
• feat: Improve detection of special network modes by @jvdboog in #6235
• remove ~ from forbidden characters in git URLs by @mrhappyma in #6509
• fix(domains) url validation silently fails with surrounding whitespace by @QarthO in #6496
• Change favicon image type to PNG and SVG by @terijaki in #6556
• [Enhancement]: See and manage DB backups via API by @DanielHemmati in #5697
• (service): disable posthog by @ShadowArcanist in #6677
• v4.0.0-beta.429 by @andrasbacsai in #6647

New Contributors

• @WangYihang made their first contribution in #6644
• @jvdboog made their first contribution in #6235
• @mrhappyma made their first contribution in #6509
• @QarthO made their first contribution in #6496
• @terijaki made their first contribution in #6556
• @DanielHemmati made their first contribution in #5697

Full Changelog: v4.0.0-beta.428...v4.0.0-beta.429

Bunch of fixes related to deployments issues in v427.

What's Changed

• chore(deps): bump axios from 1.8.4 to 1.12.0 in /docker/coolify-realtime by @dependabot[bot] in #6604
• v4.0.0-beta.428 by @andrasbacsai in #6616

Full Changelog: v4.0.0-beta.427...v4.0.0-beta.428

Important

• feat(environment-variables): Removed Is Build variable? option from everywhere.
  This means that all environment variables are available by default during buildtime and runtime.
  But in the same time, we introduced a Buildtime Only? feature, which will let you set an env variable to available ONLY during buildtime - it is useful for special secrets, like npm auth tokens that are only required durind buildtime, etc.

Others

• feat(ui): Show current version in changelog view, so you will know which releases you should check.
• feat(core): All ssh commands will use retry mechanism to prevent one-time network/other related issues.
• feat(pull request): By default, only repository (or organization) collaborators or people with higher privileges could auto-deploy pull requests. You can allow anyone to be able to do this in the Advanced settings (if you have pull requests enabled).
• fix(ui): Wrong link in email settings page.
• fix(api): Regenerate labels if domain changed through the API.
• fix(changelogs): Instances fetch Github Releases from our custom CDN to prevent Github rate limit.
• fix(service-outline): update SECRET_KEY environment variable in getoutline.yaml to use SERVICE_HEX_32_OUTLINE
• fix(core): ownership issues with some docker-compose file based deployments.
• fix(proxy): Proxy configuration randomly resets to default. Now it is not.
• fix(volumes): Database volumes could not be updated (was readonly).
• fix(cloning): Cloning with PR deployments are now fixed.
• refactor(db): Cleanup unused models/tables.

Issues

• fix #6281
• fix #6546
• fix #5156
• fix #6495
• fix #6216
• fix #5747
• fix #6520
• fix #3079
• fix #4976

What's Changed

• fix(ui): transactional email settings link on members page by @blazingh in #6491
• fix: appwrite template - 500 errors, missing env vars etc. by @ChiragAgg5k in #6510
• chore(deps-dev): bump vite from 6.3.5 to 6.3.6 by @dependabot[bot] in #6577
• Add SERVICE_NAME variable for docker compose services by @Arnaud-IFEA in #6170
• v4.0.0-beta.427 by @andrasbacsai in #6507

New Contributors

• @blazingh made their first contribution in #6491
• @ChiragAgg5k made their first contribution in #6510
• @Arnaud-IFEA made their first contribution in #6170

Full Changelog: v4.0.0-beta.426...v4.0.0-beta.427