[SECURITY] restrict wheel su to MINUID, 1000 on RHEL7+. Restricted daemons expose sockets into virtual filesystem that would allow primary account user, also in wheel, to masquerade as these services potentially injecting arbitrary commands into its socket [Scopes] GUI now available [Nexus] display storage, bandwidth utilization. Optional inode utilization support (configure in Account > Settings) [File Manager] use fixed-width font in editor [Opcenter] promoting an addon domain to primary is now atomic. Prior to, doing so first required dropping the domain and thus deleting email addresses associated with the addon domain before it could be promoted to primary. [Auth] Clients that successfully reset their password via login portal and when [auth] => update_restrictions_on_reset is set, if IP login restrictions are present the IP address that successfully resets password will be added to the IP restriction list. [Dovecot] hibernation now enabled by default. Each IMAP mailbox spawns a separate process, approximately 5-10 MB per. Hibernation freezes these per-mailbox listeners into a single process and thaws into a new process when activity is received on the inbox. [Migrations] permit numeric email addresses when conflict strategy is "namespaced" [admin] API command get_usage($type, array $sites) allows usage retrieval for storage or bandwidth of all or a subset of sites