v16.7.8

8b3b9a5 (Respect lockOverride when using withLock, 2024-11-27)
9c09329 (Clean up remaining locks on state settle, 2024-11-21)
3c6e9dd (Refactor update-locks implementation, 2024-11-19)
d8f54c0 (Refactor lockfile module, 2024-11-15)

v16.7.7

7e1cafa (Firewall: allow DNS requests from custom Docker bridge networks, 2024-11-08)

v16.7.6

1b747f6 (Update firewall documentation, 2024-11-07)

v16.7.5

3d3f659 (Delete apps not in target from db by appUuid instead of appId, 2024-11-04)

v16.7.4

Update express to v4.20.0 [SECURITY]

Notable changes

• deps: [email protected]
• deps: [email protected]
• deps: [email protected]
• Remove link renderization in html while using res.redirect
• deps: [email protected]
• deps: encodeurl@~2.0.0
• Deprecate passing options.maxAge and options.expires to res.clearCookie

expressjs/express (express)

v4.20.0

Compare Source

==========

• deps: [email protected]
  • Remove link renderization in html while redirecting
• deps: [email protected]
  • Remove link renderization in html while redirecting
• deps: [email protected]
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
• Remove link renderization in html while using res.redirect
• deps: [email protected]
  • Adds support for named matching groups in the routes using a regex
  • Adds backtracking protection to parameters without regexes defined
• deps: encodeurl@~2.0.0
  • Removes encoding of \, |, and ^ to align better with URL spec
• Deprecate passing options.maxAge and options.expires to res.clearCookie
  • Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

List of commits

f2aaf73 (Update express to v4.20.0 [SECURITY], 2024-10-28)

v16.7.3

619f644 (Add NXP support to balenaOS secure boot, 2024-09-23)

v16.7.2

57a17ea (Use bookworm image to source journalctl binaries, 2024-10-18)

v16.7.1

ed1c18e (Add support for init field from compose, 2024-09-09)

v16.7.0

Report app release update status to the API

The Supervisor now reports the status of a release update/install in a new update_status field as part of the state report. This field will be used by the backend to populate the homonymous field on the Device resource on the API and allow users to filter the device list based on its value.

This field may have the following values

• rejected means that the target release has required services that do not meet the necessary requirements to run.
• aborted means that the supervisor has given up on trying to install a new release. There are currently no conditions under which the supervisor returns this state, but future work could allow the supervisor to abort an update, for instance, after a number of failed download tries.
• downloading indicates that the release images are being downloaded
• downloaded indicates that the release images have been downloaded and the supervisor is waiting for locks to apply changes (depending on the update strategy)
• applying changes means that the supervisor is performing actions to install the new release, i.e. killing old containers and making volumes/network/container changes.
• done means that the target has been reached and no more changes are required.

On the API side, users will be able to identify update issues by looking at the update_status field and the last_update_status_event. A device with update status different than done indicates something is preventing the supervisor from downloading/installing the new release.

List of commits

e9a52e6 (Store rejected apps in the database, 2024-06-27)
227fee9 (Set the app update status when reporting state, 2024-06-06)
48e526e (Refactor contracts validation code, 2024-06-14)
e9f460f (Add update status to types, 2024-06-05)
9b819e4 (Update typescript to 5.5.4, 2024-08-22)

v16.6.1

788afee (Remove unused patchDevice function, 2024-08-29)