• Fix dependency problem under Python 3.11.

• Harden security
• Add bad request method
• Bump cryptography und PyOpenSSL
• Fix ajenti-upgrade script path in venv
• Split interceptors of security errors and server errors

• Update cryptography, gipc and gevent versions
• Catch gipc errors
• Use escape from html module
• Fix TFA config not loaded properly
• [core] Upgrade to FontAwesome 6.4.2
• [power] Fix power requests

• Update cryptography library
• Harden base url for password reset email
• Only allow same origin in cors policy
• [Core] Fix sudo elevation
• [Dns api] Add sharing id for gandi provider

• Update cryptography, pyopenssl and socketio
• Migrate to http.cookies for Py >= 3.11

• Update gevent to 22.10.2
• Update gipc to 1.5.0
• [Core] Add input type to messagebox (useful for passwords)
• [Core] Update Angular
• [Dashboard] Fix loadavg on systems without /proc/loadavg
• [DNS API] Add new plugin to manage external DNS
• [Iptables] Add new plugin to list chains and rules

• Fix empty smtp config load. See #1422.
• Accept more http requests.
• Allow XML bodies and responses.
• Prevent cgi bug with binary content.
• Support for http basic auth.
• Upgrade cryptography and pyOpenSSL versions.
• Ignore plugins with wrong yml syntax.
• Avoid unwanted redirections.
• [Services] Fix missing enabled attribute.
• [Filesystem] Rename files.
• [Network] Fix loading wrong config files in /etc/netplan.

Commits

• Add TOTP code verification at login and TOTP management in user space
• Allow HEAD requests on GET targets
• Allow body for PATCH requests
• Fix encoding problems when locales are not available
• Fix dummy loop in ajenti-panel when using venv
• [Services] Catch systemctl openration errors. Fix #1407

Documentation

• Fix a few typos #1401 (Tim Gates)

Commits

• Add trusted_proxies and trusted_domains parameters to config file (kiarn)
• Allow resources requests from trusted domains (kiarn)
• Add view parameter for custom index.html (kiarn)
• Fix config structure for smtp.yml (kiarn)

• Add support for Rocky Linux
• Replace @url decorator with @get, @post, @delete ...
• Replace deprecated sha1 digest algorithm with sha256.
• Full breadcrumb in filemanager plugin
• New option 'force' in ssl config to enable redirect from port 80 to https port
• Replace deprecated imp with importlib
• Upgrade to new versions of gipc, gevent and PyOpenSSL
• Add signout method to perform actions on logout
• Force latin-1 encoding in url to fix locales problems
• Implement more shell colons for more languages support
• Minor fixs in common plugins

Since the support of sha1 is dropped, it's necessary to renew all client certificates in use.
It's recommended to renew the server certificate too.