FIXED:
[MariaDB] CapabilityBoundingSet/AmbientCapabilities conflict with changes introduced in 10.4.34+, initially triggered in 10.5.25 release. See MariaDB/server@76a27155b4cd for further details.

CHANGED:
[MariaDB] Floor query_cache_size to nearest power of 2.

REMOVED:
[cgroup] Incompatible cgroupv1 configuration upon migration to v2.

NEW:
[SourceGuardian] PHP 8.3 support.

FIXED:
[Filesystem] getMountOptions() detects first path that starts with path.

CHANGED:
[Cgroup] Workaround for blkcg_iostat_update kernel panic present in 4.18.0-513.
[Internal] fatal()/report() supports symbolic messages.
[Scopes] php.version incorrectly reports next system version as multiPHP.
[WordPress] In event of PHP fatal error, still attempt to salvage database configuration.

NEW:
[Anyversion] direct()- apply raw command against nvm, pyenv, rbenv, goenv wrappers.
[Cgroup] Delegative authority technology preview. Unlimited suballocatable resource groups enforced kernel space by cgroupv2. See Resource enforcement.md.
[Internal] Jobs may be executed with suppression filters.
[Keyring] Secure storage of platform hints. Accompanying module "keyring". See Authentication.md.
[PHP] AVIF support on PHP 8.1+.
[Platform] Supervisory mode, set panel_headless=True + has_dns_only=True + webserver_type=null for a management-only variation. Works with DNS-only/testing licenses. Useful on hypervisors.
[Transfers] --all option performs transfer of all non-suspended sites on server.

FIXED:
[Anyversion] Reverse interpreter version to match least significant first otherwise "18" incorrectly matches 18.20 in [18.20,18.50] whereas wrapper pulls "18.50".
[Bootstrapper] Incorrect substitution in memory-ranged crashkernel values.
[Cgroup] Files in /etc/cgconfig.d ignored on startup.
[Ghost] Specifying localhost.localdomain may result in incorrect grant evaluation on dual-stack networks.
[Net] Interface address scope, off-by-one in removal.
[Opcenter] DeleteDomain hooks ignored in API.
[Subdomains] Subdomains created within /var/subdomain generate inaccessible paths.
[Tuned] Active profile must be set through tuned-adm.

CHANGED:
[Bootstrapper] Factor into consideration memory savings of disabling crashkernel when calculating memory threshold.
[Dashboard] Fetch load average as soon as possible before other requests are enqueued to reflect the normalized run-queue depth.
[Ghost] Remove older releases after successful update.
[Ghost] Switch to ghost-cli to apisnetworks/ghost-cli-lite, without systemd/Ubuntu mannerisms.
[MySQL] Perform quick, transactional database exports which no longer require table locks.
[PHP] Report identifier to syslog as php-fpm/siteXX-pool. Disambiguate startup errors in /var/log/messages plus facilitate identification of rogue syslog messages. Remove block on changing error_log setting, which has valid cases in WordPress when WP_DEBUG_LOG is true.
[Postfix] Downgrade SpamCop quality while row with Office365 continues, https://forum.spamcop.net/topic/73128-massive-spams-from-microsoft/.
[Postfix] postscreen DNS lists broken out to "postfix_dnsbl_sites". Default behavior of performing DNSBL checks behind postscreen can be reverted to old behavior (< 2.8) by setting postfix_postscreen_dnsbl_bypass=true in Bootstrapper. Bypassing DNSBL checks in Postscreen moves the checks to the smtpd client, which may be skipped entirely based upon results in client_access. Note, this method is less efficient but allows for a recipient to subvert any DNSBL checks.
[PostgreSQL] Update timezone with system.timezone scope.
[PowerDNS] Tag SOA creation with ctime, site, and server for better tracking.
[Scopes] apache.system-directive supports array values, e.g. ['BROTLI':false,'STRICT':true].
[Syslog] Standardize idents as <service>/<site><?-optional identifier>.
[System] CVE-2024-2961 hotfix. POC drops May 10.
[WordPress] Set FS_METHOD to "direct" on release fortification.

REMOVED:
[Backend] Remove PHP-FPM dependency in theme acquisition.
[Packages] bind-utils, use dig instead of host.
[PHP-FPM] Administratively set values for opcache.restrict_api, mirrors default and session.save_path, /tmp is preferred for its ephemeral storage but justification for permanent restriction is insufficient.
[PHP-FPM] Explicit controller names may be picked up with cgclassify + cgrules.conf.
[tuned] Dynamic tuning.

NEW:
[Internal] preempt() complement to defer(), pushes a deferred callback to head of queue.
[Internal] Symbolic messages, prefixed with ":", may be filtered by its symbol instead of literal message.
[Scopes] backups.automatic-database-exports, routine exports of database backups or triggered manually. See Backups.md.
[Scopes] system.process-limits, control vfs ulimit parameters. See Limits.md.
[Tests] "DEBUG_PRESERVE_SITE" env presence controls ephemeral account deletion. Used to examining unit tests post-mortem.
[Tests] Upgrade ladder test runner. Perform iterative upgrade on app against range. See tests/runners/.
[Web Apps] BookStack, Flarum, Invoice Ninja, and Vanilla Forums.
[Web Apps] Deferrable reconfigurables. Reconfigurables that may be set at install time yet only fire (apply) after installation or at invocation time on an installed app.

FIXED:
[API] Symlinks incorrectly copied as files.
[Bandwidth] Site without bandwidth records triggers a warning.
[Bootstrapper] Setting admin password before Postfix configured on an install loop prevents mail dispatch when bootstrapper-resume is started interactively.
[HTTP] Force-resolve target domains upon redirection.
[Laravel] Punycode domain names in composer.json.
[PHP] Workspace parent directory removed by periodic tmpfiles sweep is not recreated due to inadequate stat checks.
[Web Apps] PHP-FPM caches docroot referent resulting in spurious "No input file specified" upon reinstalling a relinked docroot path in a hot worker.
[Web Apps] Releases sorted by page.

CHANGED:
[Anyversion] Facilitate module builds by moving temporary directory to /var/tmp.
[API] file:delete will remove empty directories when $recurse is false.
[API] php:pool-set-state(), add support for "reload" to perform graceful reload of PHP-FPM.
[CLI] Success status reported. Previously level was blank.
[Datastream] Reduce read syscall overhead.
[GMail] Update MX records ASPMX2/3 to ALT3/4.
[Internal] Web Apps release fetch accepts version normalization callback.
[Laravel] Additional version check such that create-project package is at most 1 release behind target framework release date. Addresses condition in which laravel/framework 10.3.1 is requested yet laravel/laravel 10.3.3 boilerplate contains updated code in laravel/framework 10.10.1+. 10.0.5 would be the ideal candidate by timestamp.
[Laravel] Reconfigure APP_URL on SSL reconfiguration.
[MariaDB] Restore 11.0.1+ binary names.
[MultiPHP] Link PHP CLI binaries into /usr/local/bin if requested version varies from system.
[Transfer] Remote API access defaults to SSL.
[Web Apps] Add vendor link.
[Web Apps] Apps based on Composer no longer expect an approot beneath docroot.
[Web Apps] Graceful handling of irresolvable docroots. Application root shall report main document root when the domain is unbound to account.
[Web Apps] Subshell invocations of "php" binary pick up multiPHP directory.
[Web Apps] Silence "subdomain docroot is directory" in Web App update emails.

REMOVED:
[Internal] Duplicate download routine in Webapps, Util\HTTP.
[Login] Potentially confusing characters in set "iIloO0" from password reset dialog.

NEW:
[Anyversion] python, go API modules.

FIXED:
[Anyversion] Modified .bashrc files may lack rbenv/pyenv/nvm/goenv wiring. Always include in API calls.
[Cgroup] 5.x kernels before 5.8 lack root-level memory.stat, cpu.stat counters in cgroupv2. Approximate system usage through procfs. Requires a combination of mainline kernel from ELrepo + cgroupv2 to trigger.
[Cgroup] Erroneous "frozen" state in v2.
[Firewall] fail2ban.whitelist removal has no effect.
[Firewall] SASL failed login match.
[Opcenter] Modifying diskquota,quota must cancel pending amnesty rollback.

CHANGED:
[Ansible] 8.x compatibility.
[Bootstrapper] Forced reboot exits with 0 to allow ExecStartPost processing in abrupt termination.
[Discouse] 3.1 support.
[Mail] SMTP smuggling workaround on CentOS 7.
[Manage Mailboxes] Bulk add converts user to local delivery.
[Opcenter] Bypass logging local bandwidth.
[PostgreSQL] "unaccent" extension may be enabled.
[PostgreSQP] RPM key update.
[RPM] Convert MariaDB + MongoDB repositories to INI directives.
[vfs] VFS ulimits stored as templated dict. Any values encoded in there are repeated verbatim in FST/siteinfo/etc/security/limits.d/10-apnscp-user.conf.
[Wordpress] Implicitly update wp-cli-login upgrade.

REMOVED:
[pman] run()- scalar arguments are deprecated. An array or hash must be used in future versions.
[rspamd] v3.7.3 lock.

SECURITY:
[Logs] log:set-logrotation() permits arbitrary directives processed as root. A malicious script could be set as a postrotate action to grant elevated privileges. No such exploit is known to exist.

NEW:
[Joomla] v5 support.
[PHP] 8.3 support.
[Web Apps] Manifests support a "depth" parameter to separate the document root from application root of arbitrary depth.

FIXED:
[cgroup] cpuset controller requires cpus + mems to be declared. In case of cgroup,cpupin=None, this controller may be created with empty parameters upon boot for cgroupv1 resulting in cgclassify failure when explicitly bound.
[file] stat() missing file race condition.
[Opcenter] atomic writes forget mode/ownership.
[PHP Pools] Switching from user-owned to apache terminates all user processes on account.

NEW:
[Internal] Filesystem::atomicWrite() performs synchornous write followed by atomic libc rename() request. Intended to provide guarantee of non-partial reads.
[ionCube] PHP 8.2 support.
[SourceGuardian] PHP 8.2 support.
[webapps] available()- report Web Apps available for install.

FIXED:
[Configuration] Type representation in non-debug mode.
[Lararia] Jobs always generate new session. A race condition can arise in which the user requests install in UI, job begins to process, user logs out (destroys session), then elevated backend request goes to cold worker that cannot be resumed.
[Opcenter] cgroup,enabled always calls freshenSite() which in turn invalidates other sessions instantiated against site. Web Apps installed with first-time SSL issuance trigger this behavior introduced in #4f60e7ea, in which the installation shadow session has precedence. Perform loose inspection of parameters to determine freshenSite() requirement.
[PHP] Resuscitating a PHP-FPM pool from a failed state may encounter race condition on asynchronous socket re-enablement + restart operation.
[rspamd] hotfix rspamd/rspamd#4703 [BUG] 3.7.4 fails to start on RHEL 9.3
[vsftpd] C7 always performs rsa_cert_file directive check on start.
[web] Renaming subdomain creates index.html placeholder.

CHANGED:
[Backend] Pin hot worker to authentication context.
[Let's Encrypt] All DNS timeouts observe [dns] => lookup_timeout.
[Let's Encrypt] append() honors strict tolerance setting.
[pman] kill() runs as process owner if owner uid meets minimum UID and within user list.
[Users] Limit GECOS to 128 characters. Longer values may result in underruns in re-entrant getpwnam() implementations.

NEW:
[API] Expand common:get-ip{,6}-address to include pool when invoked as Appliance Administrator.
[API] misc:release-fsghost(), examine active processes for referenced file that exists solely in process space, in other words a file whose inode is no longer referenced in the OS. Covers situations where for example Postfix may update but file permissions are non-atomic which in turn may result in an invalid copy of postdrop without appropriate setuid permissions for injection into mail queue. Offending sites are frozen, processes terminated, and mount cache emptied before restoring to previous state.
[API] misc:run-cron(), run all or specific module crons immediately, bypassing timers.
[Cgroup] v2. Overhauled interface, fewer mountpoints, faster PHP-FPM startups. Run cpcmd scope:set cgroup.version 2 (reboot necessary).
[Internal] Error_Reporter::exception_convert() convert an exception into a lightweight message that retains frame info. Useful for capturing exception upgrades in nested code with retained context.
[Scopes] LDA delivery deletion controllable on a global scale using mail.spam-deletion-threshold. Likewise spam scoring threshold set by mail.spam-threshold. Deletion threshold may be overrode on a per-site basis, as well as score threshold with SpamAssassin. rspamd scoring threshold is still global.
[Web Apps] Document roots symlinked as subdirectories within existing domain structures treated as subsites within parent hostname ("subsite" feature).

FIXED:
[Backend] One-off housekeeping overwrites primary housekeeping/cron pid. If cron exits abnormally, backend cannot restart as it becomes untracked.
[Backend] Race condition between nsswitch systemd source removal in group database during install and cron.
[DAPHNIE] Truncating a value over field limit creates null dereference through unregistered cgroup statistic within metric provider. Introduce anonymous statistics whose type is inferred from database result.
[Database] [database] => concurrency_limit takes precedence over individual database limits.
[DNS] validate_template() Ephemeral account changes results in null invariant return.
[Laravel] Logic inversion precludes cache generation.
[Manage Users] Duplicate username label.
[OS] Shell timezone.
[PHP] .user.ini ignored without specifying DOCUMENT_ROOT environment var.
[Scopes] cp.config settings missing.
[Scopes] system.integrity-check deactivation delays deactivation until second run.

CHANGED:
[Bootstrapper] Report backend log if admin creation fails.
[Bootstrapper] Delay cron tasks until FST fully provisioned.
[Cgroup] Reinitialize blkio controller on bugged kernel to ensure monotonic counters properly reinitialized.
[DNS] Normalize Hetzner NS records.
[Laravel] Refer to laravel/laravel as installation basis instead of framework.
[Laravel] Run composer/artisan commands as approot owner.
[Let's Encrypt] During _acme-challenge TXT probe, explicitly request authoritative results to ensure propagation without forwarding in split-view DNS setups.
[Scripts] mapCheck removes orphaned sites.
[UI] Acquire screenshots on subpaths.
[Web Apps] Hostnames may be overwritten by rediscovering on multihomed directory.
[Web Apps] Updateable versions in UI follow webapp:is-current logic.
[Webmail] Changing webmail location attempts SSL issuance for new subdomain.
[Yum] Updating apps may now pull in new dependencies.

REMOVED:
[Ghost] Drop -D flag, originally a means to bypass permission checks but now unconditionally sets NODE_ENV=development.
[UI] Hide DNS tab when provider is "null".
[UI] Remove SPF Setup when provider is "null".
[Web Apps] Deduplicate same paths.

FIXED:
[Opcenter] systemd implements quasi subset of shell expansion without subshell execution. When forcing a housekeeping run, invoke sh directly to grab backend pid. Resolves Let's Encrypt certificate renewal if nightly panel updates disabled.

CHANGED:
[DNS] get_zone_data() on a parented domain returns null.
[Scopes] Both metrics.enabled + cp.update-policy pull in apnscp/install-services role.

NEW:
[Filesystem] Support differing filesystem types between / and /home.

FIXED:
[Backend] SIGCHLD handler consumes exit status before proc_get_status() may examine this. Use exit code contained in siginfo struct as workaround. Freeze panel PHP to 8.1.21 until GH#11498 rollback patch is released in 8.1.23.
[Cgroup] cpuacct controller loses precision on conversion.
[Web Apps] Screenshot storage location may be uninitialized.

CHANGED:
[Auth] An unspecified protocol in [auth] => server_query implies https.
[Bootstrapper] Observe custom mount options in /etc/fstab for / and /home.
[Bootstrapper] tmpfs_cleave_rate sets percentage total server memory allocated to /tmp. Final value is the exponentiated integer (base 2).
[file] Canonicalize paths in symlink calculations.
[multiPHP] Note when setting php.version scope would replace multiPHP build.

NEW:
[Scopes] kernel.crashguard, controls crashguard/kexec usage. kernel.panic-asr determines the timeout for an automated reboot in event of a panic.

FIXED:
[Cgroup] Kernel panic resetting blkio counter on non-root container between kernel 4.18.0-477 and 4.18.0-504
[DNS] Missing NS records yields invalid auto-generation.
[file] Incorrect bitwise symlink mask.
[Nextcloud] Propagate ENV to occ.
[Opcenter] Demoting primary domain loses domainmap lookup.
[Rampart] Unwrap nested ban reason.
[Scopes] system.monthly-integrity-check, update role reference.
[Task Scheduler] Setting CRON_TZ in unordered spool exceeds line boundary due to defect in dba_replace/dba_delete parsing in non-uniform ini file.
[Web Apps] Unhandled exception on PHP variant apps when PHP-FPM is disabled.
[Wordpress] Fetching a define() constant inhibits reuse on and after retrieved node.

CHANGED:
[admin] get_meta_from_domain() renamed to get_meta_from_site(). Deprecated, scheduled for removal in v4.
[Cgroup] Always create controllers in cgconfig.
[Cloudflare] Parse complex arguments if set in [dns] => provider_key. Support for 1000+ domain pagination.
[Ghost] Detection now looks for "GhostServer.js".
[Let's Encrypt] Staging removes all conflicting _acme-challenge TXT records.
[MySQL] Update ping() logic to anticipate mysqli_sql_exception.
[Opcenter] Optimize user/group/shadow operations.
[PostgreSQL] Previous implementation permitted superuser. Deny all database connections on rename.
[Scopes] apache.evasive-whitelist and rampart.fail2ban-whitelist remediate if whitelisted IP is presently banned.
[Scripts] mapCheck.php updates admin user within VFS.
[Transfer] Permit accounts with different MySQL and PostgreSQL prefixes.
[Wordpress] Reimplement theme versioning. Previously suspended due to wp-cli/extension-command#349.
[Wordpress] Update WP_SITEURL, WP_HOME during rename.

REMOVED:
[Opcenter] Expensive fuser check in lock detection.

FIXED:
[haproxy] haproxy pgdg channel removes override directory, conf.d/.

NEW:
[PHP] SVG imagick support.

FIXED:
[Internal] Bugs reported with an encoded backend send unsupported NUL bytes.
[Internal] Code rot in various routines.
[Metrics] Missing TimescaleDB v2 hook at RPM update.
[phpMyAdmin] Invalid client password throws unhandled exception.
[Transfer] Reapplying a completed migration checks old UUID value.

CHANGED:
[Bootstrapper] php/install-pecl-module renamed to php/install-extension.
[git] Trust ApisCP code root for git v2.39+.
[MySQL] Use MariaDB versioning instead of MySQL equivalence.
[PostgreSQL] v15 compatibility. Assigning permissions to a database requires explicit grants on "public" schema.
[Web Apps] Fallback to system PHP binary when multiPHP unavailable.

NEW:
[Core] PHP 8.1
[Discourse] v3.0. Requires Redis 6.2+ in apisnetworks/redis.
[Internal] Account\Enumerate::matches() performs free-form match against account on site, domain, invoice, or invoice group.
[php] pool_get_policy()- read settings from php-policy.yml; pool_set_policy()- admin-only overrides of policy settings, supports dot notation.
[Scopes] mysql.connection-limit, psql.connection-limit- set database server connection limits.

FIXED:
[Backend] fsize limit may not be overridden in subshell.
[CLI] DEBUG=0 may not be overrode from enabled state.
[CLI] Quoted expressions that contain a colon misinterpreted as keyed hash.
[DBus] GetUnit() always reports transformed unit name. Use GetUnitFileState to confirm presence of unit on server.
[DigitalOcean] Duplicate apex NS records.
[Drupal] Preserve .htaccess during docroot relocation.
[Joomla] Manager role returned as administrator.
[Manage Mailboxes] "Select All" selects filtered elements.
[Mange Users] JavaScript bindings inactive.
[Migrations] Mailbox detection skips Maildir imports through premature return.
[Nextcloud] Dispatcher rules missing in v26+.
[Opcenter] Setting [auth] => suspended_login=false blocks deleting of suspended accounts.
[Settings] Timezone modification applied asynchronously.
[WordPress] db_config() ignores pool version.

CHANGED:
[Bootstrapper] Cap make concurrency to 8.
[DNS Manager] Reset missing postback confirmation.
[Filesystem] Update major:minor block extraction to 64-bit implementation.
[Frontend] Bind to ::1 when IPv6 available.
[Opcenter] --fd usage supersedes immediate exit after json dump. Hard exit masks exit codes elsewhere in script.
[Opcenter] --reconfig regenerates logrotate cronjob as needed.
[php] CLI usage follows memory_limit value set in PHP policy.
[Scopes] Updating timezone with system.timezone updates timezone setting in VFS.
[Scripts] mapCheck replaces stale records in appldb.
[WordPress] Execute wp-cli as docroot owner.
[WordPress] SSO routine skips theme load.

REMOVED:
[ClamAV] Aggressive Foxhole signatures (11, 18, 20, 22, Zip-fs197).

FIXED:
[DNS] Infinite recursion on response that aligns on 2^14-1.
[Laravel] queue:seed, vendor:publish do not run on 9+.
[rspamd] Hotfix: Version 3.5 RPM (CentOS 7) fails to start up #4441.

NEW:
[Nexus] Show process counts.
[Web Apps] Specific upgrade version selectable.

FIXED:
[Drupal] Snapshot feature cannot export database with relocated docroot.
[PHP-FPM] enable --now implicitly reloads systemd. Perform analogous task over D-Bus.
[Web Apps] Apps with multiple subclasses lack base reconfigurable properties.

FIXED:
[Joomla] Bogus version check uses incorrect helper when installing with PHP 8.0.
[Laravel] v9+ incomplete installation.
[Logging] Uncaught exceptions or fatal() macros may remain unlogged.
[MySQL Manager] Commit #df88738c introduces additional name field.
[Opcenter] "artisan opcenter:plan --remove" cannot delete plan files.
[Web Apps] Changing username results in crash.

CHANGED:
[auth] Parented accounts return true in auth:is-demo().
[Bootstrapper] mysqlnd may be disabled by specifying php_native_mysql=False. Disabling mysqlnd will revert to libmysqlclient.
[Daphnie] Automatically wrap monotonic values.
[Migrations] Recursively look for mailbox type.
[SELinux] Set selinux=0 in kernel on disablement.
[UI] Enable strict sessions.
[upcp] Code and platform updates are now atomic. Releases will not update until all migrations on current release have completed successfully. Code will continue to update irrespective of migration status in edge mode.

REMOVED:
[Limits] Virtual memory/address space limit. Better memory restriction exists in cgroup memory controller. Imposing any such limit creates undesirable side-effect in V8 allocation, see nodejs/node #25933.
[PHP] Huge codepage support on new installs. Introduces marginal startup tax on multitenant environments, see php/php-src PR #10301

NEW:
[Opcenter] Native D-Bus communication. All systemd requests use D-Bus instead of systemctl.

FIXED:
[Dashboard] Invalid peak memory calculation.
[dns] Invalid assertion clones all subdomain records into target zone.
[file] Appliance Admin stat() access lost during refactor.

CHANGED:
[ModSecurity] Only ClamAV malware can may trigger 406 status. All other ModSecurity dispositions report 403.
[PHP] Update ionCube download location.

REMOVED:
[Git] 4 GB filesize restriction. Packfiles may grow beyond this resource limit resulting in undefined behavior.

SECURITY:
[file] Insufficient access control checks would permit accessing a file with 0xx4 permissions behind a directory with 0700 permissions. No directories within the virtual filesystem possess this permission pattern but improper use of root within a vfs could create files exhibiting this pattern.

NEW:
[DNS] Zone migration on provider change. Enable with [dns] => migrate.
[dns] zones()- report all zones for given authentication context.
[Drupal] 10.x support.
[email] convert_malbox()- convert between mdbox/sdbox/mbox/maildir formats. cPanel mailboxes are automatically converted upon import.
[Frontend] Use FPM instead of Apache SAPI. Improved stability, lower memory requirements.
[Internal] Process creation loggable by setting [core] => debug_proc when debug mode enabled.
[Internal] Volatile auth profiles, write-once, save-never variants of authentication contexts created through clone.
[Opcenter] IPv6 interface autodetection.
[php] pool_direct_read()- bypass HTTP routing, send request direct to PHP-FPM process.
[PHP] 8.2 support.
[PostgreSQL] pgsql.postgis-version scope. Enable/set PostGIS version on server.
[PostgreSQL] SSL support.
[Process] execve support. Commands passed as an array of parameters bypass /bin/sh subshell processing. ~50% performance improvement.
[Templates] Introduuce $user, $docroot, $hostname variables in docroot placeholder.
[Transfer] Synchronize multiPHP settings.
[UI] [demo] => admin_lock produces a read-only panel instance. Privileged execution still remains via cpcmd.
[upcp] Pass runtime values to Bootstrapper using --var=KEY=VAL. Replaces old "BSARGS=--extra-vars=x=y" format.

FIXED:
[Apache] IPv6 without IPv4 namebased hosting results in malformed Apache configuration.
[Bandwidth] Refresh daily site bandwidth usage.
[Bootstrapper] Mitogen persists an rpm lock in subshell resulting in read lock failure when mail.enabled scope is invoked.
[Bootstrapper] Extension build conflict in php/install-pecl-module if PHP package named "http".
[cgroup] "cpupin" setting persists after cleaning value.
[cgroup] peak memory usage resettable via [cgroup] => reset_peak.
[DNS Manager] Dismissing clone modal persists domain list.
[DNS Manager] Login domain displayed out of order.
[file] get_directory_contents() runs in exponential time.
[Filesystem] Device major integer wraparound.
[File Manager] Paths with plus interpreted as RFC 1866 space.
[Internal] Filesystem::interrogate() returns error when no open file handles exist.
[Internal] implement getgrgid(), getpwuid() within Role\Group, Role\User.
[Let's Encrypt] Replacing Let's Encrypt with non-LE certificate will attempt LE auto renewal.
[MySQL Manager] Max connections limited to 99.
[Network] Disabling IPv6 via net.ip6-enabled scope sets incorrect procfs value.
[Network] Take first routed IP address.
[Nextcloud] Canonicalize global subdomain.
[Nextcloud] Follow prescribed update policy, i.e. remove all files except config/ and data/ during update.
[Opcenter] Addon domains specified directly in aliases,aliases runtime are doubly-counted against license limit.
[Opcenter] Immediately update username/domain value if changed in EditDomain.
[PAM] Boundary metachar misuse.
[PHP-FPM] Adding cgroup controllers retains old cgroup controller list.
[PostgreSQL Manager] Max connections truncated to 99.
[Regex] Set PCRE_DOLLAR_ENDONLY flag on regexes used for validation purposes. Prevents CLI invocation that intentionally append a newline to value.
[Scripts] mapCheck tracks sites absent in other maps. Deletes database users in DB-VARIANT.usermap.
[Task Scheduler] MAILTO= idempotency violation.
[upcp] --reset updates Composer + runs pending migrations.
[upcp] Successive vars passed as BSARGS= environment variable ignored.
[Users] /bin/false + /sbin/nologin missing from CentOS 8.

CHANGED:
[Anvil] Report API throttle and retry time in response headers.
[auth] reset_password() returns password. Previously delivered password OOB as status message.
[Backend] Memory management improvements. Restart cron when [cron] => memory_limit watermark reached.
[Bootstrapper] Bypass existent repo configuration unless forced.
[Bootstrapper] Flush filesystem cache post-install to reduce perceived memory usage of panel.
[Bootstrapper] Passing --var=force=yes rebuilds all PHP modules.
[Bootstrapper] System PHP compilation reassigned to role php/install. php/build-from-source handles low-level builds.
[file] copy() follows cp behavior: preserve deep symlinks, copy referent at surface.
[file] Reject paths greater than OS PATH_MAX.
[file] stat() always works on shadow layer. Composite access must be done through file_stat_backend().
[Ghost] Restore Ghost 5 installation rights. Block 5.21 <= ver < 5.24.
[misc] cp_version() reports debug mode.
[Nextcloud] Adhere to Nextcloud security checks in multiowner setup. Switch occ execution context to match config/config.php owner.
[Opcenter] Improve deletion logic on mismatched username.
[PHP] clean_php Bootstrapper var affects extension source preservation after build.
[PHP-FPM] Bump MAIN pool startup to 3m for O(n^k) cgroupv1 parsing when ProtectHome is set.
[PHP Pools] Cache introspection/phpinfo() bypasses overzealous .htaccess rules through direct FastCGI request.
[pman] Set reasonable upper limit for maximum process CPU time. A process should not exceed its runtime limit, receiving a kill signal if exceeded. Double sanity check by adding CPU throttle 2x runtime.
[Subdomains] "Browse" defaults to active directory.
[Tuned] Increase sleep duration. Configurable in system/tuned role.
[UI] Directory browser creates directories recursively.
[Web Apps] Emptying existing docroot calls app's uninstall method if present.
[Webmail] Apply "use external opener" behavior.
[WordPress] Filter third-party WP-CLI output.
[WordPress] Run database discover as docroot owner.
[WordPress] Trim whitespace from closing PHP tags in SSO URL.

REMOVED:
[Anvil] Phase out exponential blocking algorithm. Adequate delays are incporated into password_verify(), stalling a connction blocks PHP-FPM worker processes.
[Cloudflare] Partner portal.

NEW:
[mysql] resolve_site_from_database- given a database[/table] format, resolve to site.
[pgsql] resolve_site_from_database- given a database[/table] format, resolve to site.
[php] pool_version_from_path- resolve PHP pool version from path.

FIXED:
[argos] list_monitored requires backend elevation.
[Bootstrapper] Explicit version sorting on CentOS 8 kernel selects incorrect default kernel on multiple majors.
[Bootstrapper] Mitogen detection in CentOS 8.
[Digitalocean] Follow pagination results.
[Digitalocean] CAA record normalization.
[Dovecot] Corrupt mtab in vfs prevents quota reporting.
[Hetzner] Normalize long TXT records.
[Metrics] TimescaleDB v2 metrics deletion.
[Opcenter] Activating a site from plan edit yields ghosted session.

[Redis] TCP binding attempted in unixsocket-only mode.
[rspamd] "daemonize yes" breaks Redis v6, cf redis/redis#7217.
[SSL] Quota overage inhibits installation.
[UI] Timezone configuration always reports UTC.
[upcp] Existent ssh-agent process killed at end of update.
[Users] Malformed branch permits uppercase characters after initial 2 chars.
[Versioning] Non-seequential versioning.

CHANGED:
[Backend] Lambda functions introduce memory leak over backend lifetime. Enable opcache to optimize out potential memory leaks in recurrent evaluation.
[Bootstrapper] Add support zipped PECL modules.
[Bootstrapper] PECL module discovery will now follow redirects.
[email] set-webmail-location() setting null resets webmail to system default.
[Internal] Convert MySQL connectivity issues into mysqli_sql_exception, improve robustness of starting backend during downed MySQL event.
[Joomla] Bump Joomlatools to 2.0. Enhance support for 4.x.
[Linode] Reinstate CAA flags parameter.
[Nextcloud] Custom version label.
[node] install() reports installed version for flexible versioning, e.g. 3.5 will return 3.5.7.
[Opcenter] Force-close connection upon database deletion to ensure all references to database discarded. Race condition encountered during unit testing with PHP 7.4/MariaDB 10.5.
[PHP] Use account timezone.
[PHP] Utilize larger temporary swap on PHP8+ builds to satisfy compiler requirements.
[PowerDNS] dns.powerdns-version may be set to "true" to default to ApisCP default.
[Quota] Restrict accidentally triggering a change to diskquota,quota or diskquota,fquota fields that would result in immediate overage.
[ruby] get_available()- returns all versions. Previously only each respective MAJ.MIN release was listed.
[ruby] install() reports installed version for flexible versioning, e.g. 3.5 will return 3.5.7.
[Screenshots] Disable feature in headless mode.
[UI] Filter webmail redirect subdomains.

REMOVED:
[Anvil] Expotential backoff algorithm. Original intention to thwart password timing attacks. password_verify() provides sufficient entropy during hash verification.
[Ghost] Block v5 until MySQL 8 requirement is resolved. Ref: https://forum.ghost.org/t/mariadb-support/33880