dgtlmoon Release Notes
Last updated: Apr 14, 2026
dgtlmoon Products
All dgtlmoon Release Notes (14)
- Apr 14, 2026
- Date parsed from source:Apr 14, 2026
- First seen by Releasebot:Apr 14, 2026
changedetection.io by dgtlmoon
0.54.9
changedetection.io adds Japanese, Portuguese (Brasil, Czech and Turkish translations, better diff and notification tokens, wildcard group assignment, custom group colours, simpler text extraction filters, and fixes for screenshots, imports, locale rendering and ignored trigger text.
What's Changed
- Add Japanese translation (ja) by @skkzsh in #4019
- Update Selenium RemoteConnection to use ClientConfig for timeout by @mikaelz in #4027
- Fix SCREENSHOT_MAX_HEIGHT not enforced: cap viewport step_size and clip stitched output to max capture height #3810 by @dgtlmoon in #4030
- Notification - Adding tokens {{diff_changed_from}} and {{diff_changed_to}} #3818 by @dgtlmoon in #4031
- Feature - Groups/tag - Apply a group by specifying a wildcard, ie mysite.com by @dgtlmoon in #4032
- Add Portuguese (Brasil) translation by @mstrey in #4033
- fix: word-level diff ignores include_change_type_prefix by @lawrence3699 in #4037
- Groups - Set custom colour for tag/group/label background by @dgtlmoon in #4040
- Fix/step failure notification crash by @dgtlmoon in #4041
- Test - Word level diff - Re #4037 by @dgtlmoon in #4042
- fix: XLSX import error messages report wrong row number after failed rows by @lawrence3699 in #4036
- Czech l12n by @svetlemodry in #4043
- Add Turkish translation by @hekwert in #4044
- Handle inline favicons - Re #3891 by @dgtlmoon in #4047
- Text filters - New simpler filter "Extract lines containing text" by @dgtlmoon in #4046
- Test improvement - text extract tidyup by @dgtlmoon in #4048
- Update Japanese translations for new strings and fix fragment handling by @skkzsh in #4050
- Fix strings not rendered in user's locale despite having .po entries by @skkzsh in #4051
- Ignore text should override trigger text (It should ignore the trigger text if it appears) by @dgtlmoon in #3450
New Contributors
- @skkzsh made their first contribution in #4019
- @mikaelz made their first contribution in #4027
- @lawrence3699 made their first contribution in #4037
- @hekwert made their first contribution in #4044
Full Changelog: 0.54.8...0.54.9
Original source - Apr 4, 2026
- Date parsed from source:Apr 4, 2026
- First seen by Releasebot:Apr 4, 2026
changedetection.io by dgtlmoon
0.54.8
changedetection.io fixes a CVE authentication bypass and improves CI test coverage in 0.54.8.
What's Changed
- CVE-2026-35490 - Authentication Bypass via Decorator Ordering
- Extendable theme pluggy implementation by @dgtlmoon in #4011
- CI - Ensure all unit tests are run by @dgtlmoon in #4022
- Update openapi-core requirement from ~=0.22 to ~=0.23 by @dependabot[bot] in #4009
Full Changelog: 0.54.7...0.54.8
Original source All of your release notes in one feed
Join Releasebot and get updates from dgtlmoon and hundreds of other software products.
- Mar 26, 2026
- Date parsed from source:Mar 26, 2026
- First seen by Releasebot:Mar 27, 2026
changedetection.io by dgtlmoon
0.54.7
changedetection.io releases security fixes for XPath and jq include filters, plus UI text tidy-up, quieter realtime socket logs, restock value improvements, translation fixes, and better last_error clearing when content stays the same.
Security
- XPath json-doc() Arbitrary File Read Bypass ( Similar fix as CVE-2026-29039 )
- CVE-2026-33981 - Environment Variable Disclosure via jq env Builtin in Include Filters
What's Changed
- UI - Text tidyup by @dgtlmoon in #3989
- Realtime - Suppress socket.io errors in logs by @dgtlmoon in #3991
- Restock - Add previous_price to restock values #3987 by @dgtlmoon in #3993
- fix: correct critical errors in Spanish (es) translation by @rasputino in #3994
- last_error should be cleared if page content was the same and there was no error by @dgtlmoon in #3997
- fix: Czech translation strings updated by @svetlemodry in #4008
New Contributors
- @rasputino made their first contribution in #3994
- @svetlemodry made their first contribution in #4008
Full Changelog: 0.54.6...0.54.7
Original source - Mar 17, 2026
- Date parsed from source:Mar 17, 2026
- First seen by Releasebot:Mar 18, 2026
changedetection.io by dgtlmoon
0.54.6
changedetection.io releases 0.54.6 with pluggable fetchers, improved JSONP handling, commit updates for pause/mute, and new contributor gains.
What's Changed
- Bump apprise from 1.9.7 to 1.9.8 by @dependabot[bot] in #3979
- fix: add commit calls for pause and mute operations by @yunhao-jiang in #3978
- Content Fetchers / Browsers - Improvements for pluggable extra fetchers/browsers. by @dgtlmoon in #3981
- JSONP - Attempt to strip out JSONP, treat as plaintext by @dgtlmoon in #3983
New Contributors
- @yunhao-jiang made their first contribution in #3978
Full Changelog: 0.54.5...0.54.6
Original source - Mar 13, 2026
- Date parsed from source:Mar 13, 2026
- First seen by Releasebot:Mar 14, 2026
changedetection.io by dgtlmoon
0.54.5
dgtlmoon rolls out 0.54.5 with a broad payload from encoding hardening and UTF-8 fixes to UI tweaks, API changes, and performance gains. It adds Spanish translation, adds a POST tag/group API tweak, and credits new contributor work, signaling a real product release.
What's Changed
- Restock - No need to extract the text because it's not used anyway by @dgtlmoon in #3951
- Content fetching -Better detection of other encodings, Replace/upgrade broken UTF-8 , Ensure rest of retrieved content is UTF-8 for the app by @dgtlmoon in #3954
- UI - Price amount is sometimes string or integer by @dgtlmoon in #3950
- CI - Bump the all group with 5 updates by @dependabot[bot] in #3955
- Various memory and CPU improvements by @dgtlmoon in #3960
- Add complete Spanish translation (es) by @adriangc24 in #3961
- Create (POST) tag/group through API do not save processor_config_restock_diff values by @dgtlmoon in #3968
- UI - Fixing Preview "GO" version button by @dgtlmoon in #3969
- API - Invert changes_only flag for include_equal parameter by @dgtlmoon in #3976
New Contributors
- @adriangc24 made their first contribution in #3961
Full Changelog: 0.54.4...0.54.5
Original source - Mar 4, 2026
- Date parsed from source:Mar 4, 2026
- First seen by Releasebot:Mar 14, 2026
changedetection.io by dgtlmoon
0.54.4
dgtlmoon announces a notable release with fixes to i18n confirmation text when clearing snapshot history, Python CI/test and API docs improvements, several CVEs addressed (XSS and XPath risks), backups security patches, plus new contributor acknowledgments; changelog spans 0.54.3 to 0.54.4.
What's Changed
- fix(i18n): accept translated confirmation text when clearing snapshot history by @eren-karakus0 in #3940
- Python 3.14 CI test and support by @dgtlmoon in #3941
- Updating API docs with better processor plugin info by @dgtlmoon in #3942
- CVE-2026-29038 - Reflected XSS in RSS Tag Error Response
- CVE-2026-29039 - XPath - Arbitrary File Read via unparsed-text()
- CVE-2026-29065 - fix(backups): patch zip slip advisory, zip bomb, upload size limit, UUID validation, secret.txt leakage, and download edge cases
New Contributors
- @eren-karakus0 made their first contribution in #3940
Full Changelog: 0.54.3...0.54.4
Original source - Feb 28, 2026
- Date parsed from source:Feb 28, 2026
- First seen by Releasebot:Mar 14, 2026
changedetection.io by dgtlmoon
0.54.3
dgtlmoon unveils 0.54.3 with French and Ukrainian translations, a small hostnames fetch-time fix, and a CVE-2026-27696 patch.
What's Changed
- Update messages.po in French translation by @RithyNicolasTAN in #3926
- Adding Ukrainian (uk) translations, rebuilding translations. by @dgtlmoon in #3936
- CVE-2026-27696 Small fix - Restricted hostnames can still be added but are only checked at fetch-time (not when rendering lists etc) by @dgtlmoon in #3938
New Contributors
- @RithyNicolasTAN made their first contribution in #3926
Full Changelog: 0.54.2...0.54.3
Original source - Feb 27, 2026
- Date parsed from source:Feb 27, 2026
- First seen by Releasebot:Mar 14, 2026
changedetection.io by dgtlmoon
0.54.2
dgtlmoon announces 0.54.2 release with improved notification tokens, extensible processor API, jsonpath-ng upgrade, and security checks.
What's Changed
- Fixing change_datetime notification token (and adding test) by @dgtlmoon in #3922
- Notification Token {{diff}} can accept arguments like {{diff_added(lines=5, context=2)}} by @dgtlmoon in #3923
- Processor extensible API for updating by @dgtlmoon in #3902
- Update jsonpath-ng requirement from ~=1.7.0 to ~=1.8.0 by @dependabot[bot] in #3929
- Bump the all group with 2 updates by @dependabot[bot] in #3931
- Unresolvable hostnames should still be added, they are security checked at fetch time by @dgtlmoon in #3933
Full Changelog: 0.54.1...0.54.2
Original source - Feb 23, 2026
- Date parsed from source:Feb 23, 2026
- First seen by Releasebot:Mar 14, 2026
changedetection.io by dgtlmoon
0.54.1
dgtlmoon patches SSRF and XSS in Watch URLs with changelog spanning 0.53.7 to 0.54.1.
CVE-2026-27696 - Server-Side Request Forgery (SSRF) via Watch URLs
set env var ALLOW_IANA_RESTRICTED_ADDRESSES to true to access IANA reserved URLs such as http://169.254.169.254, http://10.0.0.1/, http://127.0.0.1/, etc.
CVE-2026-27645 - Reflected XSS in RSS Single Watch request
Full Changelog
0.53.7...0.54.1
Original source - Feb 23, 2026
- Date parsed from source:Feb 23, 2026
- First seen by Releasebot:Mar 14, 2026
changedetection.io by dgtlmoon
0.53.7
dgtlmoon announces a release featuring upgrading flask-socketio, a dependency bump to 0.37.0, and full changelog coverage from 0.53.6 to 0.53.7.
What's Changed
- Upgrading flask-socketio ( #3910 ) by @dgtlmoon in #3918
- Bump referencing from 0.35.1 to 0.37.0 by @dependabot[bot] in #3677
- Dont pin referencing library by @dgtlmoon in #3919
- Full Changelog: 0.53.6...0.53.7
- Feb 21, 2026
- Date parsed from source:Feb 21, 2026
- First seen by Releasebot:Mar 14, 2026
changedetection.io by dgtlmoon
0.53.6
dgtlmoon announces Pip install updates removing a Flask patch and pinning, plus a fix for compression memory leak with flask-socketio, covering 0.53.5 to 0.53.6.
What's Changed
Pip installs - remove flask patch and pin library versions by @dgtlmoon in #3912 #3910
Fixing exclude compression (which has some kind of memory leak with flask-socketio)
Full Changelog: 0.53.5...0.53.6
Original source - Feb 19, 2026
- Date parsed from source:Feb 19, 2026
- First seen by Releasebot:Mar 14, 2026
changedetection.io by dgtlmoon
0.53.5
dgtlmoon releases 0.53.4 to 0.53.5 with backup restore improvements and metadata replacement fixes.
What's Changed
- Backup restore by @dgtlmoon in #3899
- Fixing bad replacement of metadata causing possible content removal #3906 by @dgtlmoon in #3908
Full Changelog: 0.53.4...0.53.5
Original source - Feb 18, 2026
- Date parsed from source:Feb 18, 2026
- First seen by Releasebot:Mar 14, 2026
changedetection.io by dgtlmoon
0.53.4
dgtlmoon unveils a new patch with UI fixes, watch processing hooks and real time status updates plus Puppeteer cleanup. It tackles time schedule edge cases, large HTML to text quirks, long content SPAs, and a migration cleanup from 0.53.3 to 0.53.4, signaling a formal release.
What's Changed
- Pluggy plugin hook for before and after a watch is processed by @dgtlmoon in #3888
- UI - Fixing realtime updates for status updates when checking by @dgtlmoon in #3889
- Fix time schedule off-by-one bug at exact end times for all durations and add comprehensive edge case tests Re #3846 by @dgtlmoon in #3890
- "Error 200 no content" - Some very large SPA pages make HTML to Text fail by dumping 10Mb+ into page header, strip extras. by @dgtlmoon in #3892
- Large html to text error 200 blank by @dgtlmoon in #3893
- Fix: Some SPAs with long content - Stripping tags must also find matching close tag by @dgtlmoon in #3895
- Puppeteer - Adding extra browser cleanup by @dgtlmoon in #3897
- Updates/migration - Re-run tag update, re-save to cleanup changedetection.json, code refactor by @dgtlmoon in #3898
- Full Changelog: 0.53.3...0.53.4
- Feb 16, 2026
- Date parsed from source:Feb 16, 2026
- First seen by Releasebot:Mar 14, 2026
changedetection.io by dgtlmoon
0.53.3
dgtlmoon announces an API update that skips server path validation to work on sub-paths and reverse proxies across 0.53.2 to 0.53.3.
What's Changed
API - Skip validation errors about server path (allows use on sub-paths/reverse proxy etc) by @dgtlmoon in #3886
Full Changelog: 0.53.2...0.53.3
Original source
This is the end. You've seen all the release notes in this feed!