v2.5.37 – v2.5.38 — 2026-07-05¶
Security - govulncheck added as a release gate + 7 exploited CVEs fixed (incl. SQL injection in pgx, JWT, x/crypto, x/net) + golangci-lint quality baseline
Audit fixes - Enhance importer made idempotent (re-runs no longer fail) - DNS editor quotes TXT/SPF records (no more 422 on save) - Subdomain/alias/domain records honor the per-domain IP; domain IP is now editable and re-applied on change - Desktop/mobile action parity: set-password (customers) + node-restore (backup) now on mobile too
i18n - 6 phantom keys fixed; missing keys fall back to English instead of German