This release updates Redis-backed caching and request throttling to stay compatible with recent library changes that introduced breaking behavior. The result is a more reliable setup for background jobs and Redis-based features, without needing special workarounds in production.

This release includes a security-related update to address CVE-2026-33658 affecting file uploads via Active Storage. It also resolves compatibility issues with newer Redis connection pooling behavior, helping rate limiting and caching behave more reliably in production environments.

This release includes a targeted security update to address CVE-2026-33306 related to password hashing. It helps reduce the risk of exposure from the underlying vulnerability, with no expected changes to your day-to-day workflow.

Changelog entries now capture and display GitHub pull request labels separately from AI-generated tags. Public changelogs add a filter bar for tags and labels, with links that keep your selection as you paginate, making it easier to browse and share focused views.

This release removes third-party tracking and feedback scripts from the app and error pages, reducing external requests and tightening the set of allowed connections. It also avoids reporting transient GitHub server errors as alerts, keeping issue reporting focused on problems that need attention.

This release includes targeted security fixes across key libraries to help protect your app from issues like directory traversal, stored XSS, and SSRF. It also removes an unused rich text editor dependency to reduce exposure to a low-severity XSS risk and keep the frontend bundle leaner.