Tags

FIXED:
[imagick] Severe performance regression in 3.4.4 impacting WordPress media uploads. Switch to dev releases until resolved.
[polkit] GDBus errors on service restart in CentOS 7.

CHANGED:
[Add User] add link back to Manage Users.
[ghost] follow recommended Node version.
[MXRoute] implement API lookups to determine public MX/fallback MX records.
[WordPress] squelch plugin/theme version query warnings for commercial plugins.

NEW:
[AddDomain] --bootstrap will automatically issue SSL for the domain upon creation. See Plans.md for further details. May be configured globally by setting [letsencrypt] => auto_bootstrap.
[Composer] Composer 2.0 support for new installs.
[Kernel] add support for querying BLS layouts.
[ImageMagick] policy management via software/imagick role.
[UI] alter login appearance via [style] => verbose_login.
[Yum] implement post-transaction actions for dnf-based systems (CentOS 8+).

FIXED:
[Bootstrapper] various idempotency fixes.
[file] takeover_user() applies permissions as if previous user still owner.
[PHP-FPM] Restarting PHP-FPM services could result in vanishing socket caused by out-of-order execution.
[PostgreSQL] Startup may not always have /run/postgresql available.

CHANGED:
[bwcron] Suspension logic rotated such that stopgap > notify, stopgap is now checked before notify threshold.
[Cloudflare] restrict API management of .cf, .ga, .gq, .ml, .tk TLDs per Cloudflare's policy.
[Nexus] implement password sharing in welcome email.
[Postfix] relax mandatory header insertion to locally originating mail only. Resolves potential condition where forwarded mail breaks DKIM.

REMOVED:
[Laravel] cache priming while apache,jail=1

FIXED:
[MySQL] database grants on newly-created databases lack privilege editing.

CHANGED:
[Discourse] follow Docker guidelines with Node version (v10). Pass HTTP protocol type to backend for CSP conformance.
[Node] installed() allows weak matching on versions, i.e. node:installed 10.2 will match 10.2 or 10.2.5.
[Ruby] installed() allows weak matching on versions, i.e. ruby:installed 2 will match 2, 2.7, or 2.7.5.
[WordPress] suspend versioning support on theme updates. A nasty bug exists in WP-CLI that leaves a theme deleted if an update fails. See wp-cli/extension-command#263.

NEW:
[Auth] geolocation security notices may use self-hosted GeoLite2 database. See SECURITY.md.
[Databases] double-throw safety switch for mysql and pgsql services. Prior to, the only means to delete databases/grants on an account was to remove the account. A DTSS has been added that allows these to be removed by setting enabled=0 and dbaseprefix=None in the corresponding service definition. See MySQL.md.
[PHP] multiPHP role in Bootstrapper, php/multiphp. This role will update and build new native multiPHPs during a platform scrub. Setting apache.php-multi will persist settings now for use with php/multiphp.
[PowerDNS] turnkey AXFR clustering. See PowerDNS.md.

FIXED:
[Bootstrapper] ionCube work directory is not always created.
[Cloudflare] weak record check via $parameter omission always fails.
[Cloudflare] reformat parameter if "key" index looks like a token.
[Dovecot] rewriting a subject on learning spam as ham results in cache corruption/segfault in Dovecot 2.2.36.4.
[email] address_exists()- catch-alls always return false.
[Geoip] IPv6 geolocation reports as invalid.
[PostgreSQL] add missing v12 support in filesystem template.
[rspamd] event order isn't guaranteed on Firefox resulting in persistent authentication screen.
[ruby] incorrect coalesce order reports useless error reason in do().
[Scopes] mail.smart-host cannot be disabled.
[Settings] Cannot deselect Nexus app settings.
[Spam Filter] delivery threshold applied for User Administrator resulting in error.
[Systemd] non-existent services reported as present by incorrect status code comparison in systemctl.
[WordPress] prior skiplist entries are transmogrified on edit.

CHANGED:
[Bootstrapper] bypass account creation when license class disallows it.
[Bootstrapper] reduce has_low_memory requirement by 9 MB. Larger systems reserve more memory for hotpluggable CPUs that create adverse install conditions for low-memory mode.
[crontab] list_users()- ignore temporary files created as "#tmp".
[DAPHNIE] increase max_locks_per_transaction for large hypertable environments.
[DeleteDomain] error when --since and identifier arguments omitted.
[License] add language restrictions.
[Migrations] bogus catch-alls now deliver to the named user unless a separate passwd entry exists for user.
[MySQL] database_exists()- query INFORMATION_SCHEMA as a reliable oracle of database presence. Previously, grants were examined, which could result in spurious results.
[PowerDNS] add Monit profile.

REMOVED:
[Dashboard] Google Analytics loads only when needed.

NEW:
[Bootstrapper] MariaDB 10.5 support.
[DeleteDomain] --filter=XYZ may be specified to delete domains that match a suspension reason (see Plans.md).
[git] clean() removes untracked files from repository.
[SuspendDomain] suspension reasons may be given with --reason=XYZ. A template may be specified with --template=ABC. Reasons are shown upon login when [auth] => show_suspension_reason is enabled.

FIXED:
[PowerDNS] correct condition in which configuring PowerDNS as default provider, then installing PowerDNS on same server would utilize different API keys.
[SOAP] traits and proxied modules were improperly listed in WSDL.
[Terminal] discover non-standard SSH port.

CHANGED:
[Argos] monitoring of /home partition if different.
[Bandwidth] autofix missing spans.
[Bootstrap] bootstrapper-resume service may timeout on lower performing hardware during installation cycle. Increase timer to 3 minutes.
[Bootstrapper] SpamAssassin filter threshold may be configured using spamassassin_scan_threshold.
[DNS] add check to use systemd-resolve service ("resolve") in nsswitch.conf on derelict upstream DNS resolvers.
[UI] Upgrade jQuery 3.5.1.

REMOVED:
[MySQL] editing control user hostname (localhost). For remote connections for primary user, change 127.0.0.1. localhost is always used for phpMyAdmin access.

NEW:
[Web Apps] "Forget Application" option. Discards any stored information about the web app. Useful with previously detected subdirectories.

FIXED:
[Vacation] affected domains may be listed multiple times.
[Vacation] message does not immediately update on alteration.
[vsftpd] restart service after system SSL update.
[Web Apps] allow "Release Fortification" for unknown apps.
[Web Apps] add authorization check for HTTP/1.0 domain enroll/unenroll actions.

CHANGED:
[UI] add debug mode indicator.

NEW:
[AddDomain] --notify passed to AddDomain will dispatch a welcome email upon provisioning.
[cgroup] volatile cgroup resources, specifically resources set by the "cgroup" service class, may be temporarily suspended.
[Composer] [webapps] => composer_volatile applies memory volatility during composer operations, specifically install, which can use a remarkable amount of memory solving.
[node] get_default()- get default interpreter for a given path.
[Scopes] apache.mutex Scope, quickly change synchronization mutex.

FIXED:
[firewalld] flush nft tables when backend chages. Switching firewalld backend from nft to iptables persists default drop-all policy that takes priority, blocking any permit rules.
[joomla] version check fires before update, reporting incorrect update status.
[Login] autofilled fields do not transition.
[mysql] permit IPv6 addresses.
[Preferences] various fixes that would result in preferences being overwritten or partially updated.
[Webapps] git fails on relocated documented root.

CHANGED:
[apnscpd] disable cron processing/job runner when [apnscpd] => cron_resolution is 0
[auth] changing password clears Dovecot authentication cache used by IMAP/POP3/SMTP.
[ghost] relax memory minimum to 768 MB.
[Metrics] trade storage for memory during metric compression. Reduce window over which compression runs.
[Nexus] add "Login As" option after account is created.
[Nexus] define "units" validator range.
[Sessions] automate corrupted session table recovery. MariaDB is designed to recover tables in the background upon detecting corruption; however, in 10.3 this is scantly seen. Add a startup check and automate recovery if apnscpsession.php is the last file in the backtrace.
[Webapps] git snapshot uses application root instead of docroot.
[Webapps] UI update triggers Update Assurance if configured.
[wordpress] explicitly set --version= flag if version specified to plugin/theme. Some plugins/themes are known to block WP CLI from correctly detecting remote version (see wp-cli/wp-cli issues #370, #1123).

REMOVED:
[dnf] dnf "best" package usage.
[OS] crashkernel support on installs with less than 2 GB.

SECURITY:
[common] preference cache uses built-in Redis serializer, which could allow an attacker to store a carefully crafted class instance as a preference value. No known attack vector exists presently, but if preferences had a vulnerability to store an arbitrary object or attacker had direct access to modify raw preference data, it would thus be feasible to leverage. Use a whitelist of acceptable objects to unserialize.

FIXED:
[build] check composer.lock timestamp on each update to ensure ./composer install is installed as needed during batch updates.
[Nextcloud] reapply read/write access to config.php depending on Fortification mode.
[Summary] report service limits.
[Web Apps] "Show Detected Apps" hides all apps.

CHANGED:
[Discourse] support 2.4.0+
[Firewalld] restart firewalld when switching FirewallBackend types. A full flush is required otherwise all network operations are blocked.
[Opcenter] sort services on edit hook.
[pgsql] incorrect field in add-user() parameterization.
[Postfix] always add missing headers. Broken mail clients, such as Windows Mail, do not set a Message-ID header resulting in quarantined mail.
[rspamd] disable RBL checks for ESMTPA transactions.
[Scopes] add scope change to history.
[Web Apps] separate into individual repositories. Native apps may be overridden by placing the corresponding app in config/custom/webapps/name, then running ./composer dump-autoload -o followed by systemctl restart apiscp.
[WordPress] use native mod_rewrite template. Resolves double-append cases when permalinks are updated in panel.

REMOVED:
[Preferences] hrtime() uses arbitrary origin and thus unsuitable for synchronization checks.

[composer] Force package update, resigning a tag on acomposer update does not update the composer packages when reapplying the tag. This will be addressed in v3.2.2
[firewalld] Switching from nftables to iptables requires a reboot to properly flush tables. A workaround for a rebootless change will be addressed in v3.2.2

3.2 release 🎉
 Web Apps facility rewrite, significant improvements to functionality.

NEW:
[Bootstrapper] BSARGS= environment variable for passing off --extra-vars=$BSARGS to ansible-playbook, e.g. `env BSARGS="--force=yes" upcp -sb`
[CLI] "serialize" output/input format added. Uses builtin PHP serialization to pass objects around unadulterated.
[Dashbord] add Argos glance.
[DNS] Katapult, Hetzner DNS providers. Katapult is an upcoming premium VPS, Hetzner provides free DNS service.
[dns] verify(), verified(), challenges() API calls for third-party DNS providers that require additional challenges.
[git] add_ignore(), list_ignored_files()manage ignored files for git repository.
[web] get_all_hostnames_from_path()given a docroot, find all hostnames that serve from this base location.
[webapp] general purpose Web App module. Don't know the web app installed under a document root, but want to update it? cpcmd -d mydomain.com webapp:update mydomain.com. All family methods are exposed through this module except install().
[webapp] get_reconfigurable()get a reconfigurable value either transient or fixture.
[Web Apps] learn, write, release are now callable from API. wordpress:fortify("mydomain.com","","learn", [10]);
[Web Apps] fortification_modes()list all Fortification modes available to an app.
[Web Apps] Nextcloud 1-click support.
[Web Apps] Manifests. Bolt on Fortification and database snapshot/rollback support to any document root on your account. Manifest Fortification may define additional modes in addition to an app's base modes.
[Web Apps] notification controls via Account > Settings.
[Web Apps] third-party support. See @apisnetworks/apiscp-webapp-demo for a sample application.
[WordPress] AST parser allows for tighter integration with wp-config.php. Changing Fortification to "write" mode for example rewrite FS_METHOD to 'direct' automatically. May be used in hooks as well (see WordPress.md).
[WordPress] Site duplication and rename support. Easily migrate a WP site from staging to production with one click!

FIXED:
[file] stat calls could report an invalid user if the user were removed and recreated with the same site ID/user ID combination.
[DeleteDomain] flush global error log prior to deletion. Epehemeral account generation may erroneously report failure if global state is error prior to deletion.
[Migrations] update IPv6 on migration
[Web Apps] corrupted sites during update will no longer terminate an update batch.

CHANGED:
[Core] bump PHP to 7.4.
[Datastream] support 2^22 PIDs, which allows for worker pinning when PID exceeds 65536.
[Let's Encrypt] disable wildcard SSL if null driver is used.
[Laravel] Update Laravel to 6/LTS, Horizon to 3.
[mysql, pgsql] clone() may now duplicate a database into an empty destination.
[mysql, pgsql] export() may now export a database onto an empty file.
[PHP] libsodium always enabled for PHP 7.2+.
[Postfix] CentOS 8/systemd sendmail compatibility. RestrictAddressFamilies requires AF_NETLINK support. Setting PrivateDevices or RestrictAddressFamilies, in addition to other directives, irrevocably enables NoNewPrivileges=yes, which prevents postdrop setgid helper from temporarily granting the invoking process "postdrop" membership. This requires either opening /var/spool/postfix/maildrop to world or using ACLs to grant apache user write/execute permissions to directory. Pursuing this route blocks future developments in multi-user pools as well as running pool same-user (cPanel compatibility mode), leaving supplementary group addition the only appropriate route.
[PostgreSQL] PostGIS install-time option via `pgsql_has_postgis`.
[PowerDNS] pdns server no longer explicitly enabled if using PowerDNS provider unless `powerdns_enabled` is set to true.
[Rampart] disabling FTP/mail services disables respective log monitoring profiles.
[UI] convert collapse to flyout menu. Minor UI tweaks.
[UI] "search" promoted into reusable component.
[Web Apps] report Fortification mode in meta gutter.

FIXED:
[Bootstrapper] force major update policy on resume before 3.2.0 is released.
[Email] "Mail" appended onto destination mailbox on rename.
[Lararia] disable Laravel's builtin exception handler for ApisCP. A slew of deprecation errors are introduced by the 7.3 to 7.4 migration fully rectified in 3.2.0.
[PHP] HOTFIX: CentOS 8/systemd sendmail compatibility. RestrictAddressFamilies requires AF_NETLINK support. Setting PrivateDevices or RestrictAddressFamilies, in addition to other directives, irrevocably enables NoNewPrivileges=yes, which prevents postdrop setgid helper from temporarily granting the invoking process "postdrop" membership. This requires either opening /var/spool/postfix/maildrop to world or using ACLs to grant apache user write/execute permissions to directory. Pursuing this route blocks future developments in multi-user pools as well as running pool same-user (cPanel compatibility mode), leaving supplementary group addition the only appropriate route. Long-term fix is to assign client certificates for each PHP-FPM user.

FIXED:
[Backups] "snapshot" in database causes infinite loop on purge
[Dashboard] Rampart unban throws post is not defined error
[email] modify_mailbox()- address change adssumes "root" user

SECURITY:
[MySQL] UMASK= unconventionally applied as an additive mask instead of subtractive. UMASK=0077 appends these permissions instead of stripping g-rwx,o-rwx to data files exposing potentially confidential data to secondary users within the account.

NEW:
[Web Apps] Update Assurance. Post-update hook that monitors for deviations in update page size and rolls back automatically if encountered. Parameter threshold may be configured via [webapps] => assurance_drift.
[letsencrypt] solve()- complete pending challenges from challenges(). See SSL.md for examples.
[Cronus] variable interval job scheduling.
[Ruby, Node] lazy-load support for nvm/rbenv helpers. Prior, having both present could impart a 1-2s lag on shell initialization. Add LAZY_LOAD_XXX=1 in .bashrc to control this behavior. See Ruby.md.
[argos] Dashboard integration, monitoring API.
[email] user_mailboxes()- get a list of mailboxes affiliated with the named user.
[git] head()- show repo HEAD commit.

FIXED:
[Opcenter] a failure in an edit chain causes subsequent domain edits to fail.
[Subdomains] editing a subdomain defaults ownership to first user.
[Error Reporter] broken session deserialization blocks backtrace reports.
[PostgreSQL] editing user via EditDomain applies the wrong password to .pgpass.
[Vacation Responder] always set vacation message, which when setting vacation for secondary user for first time did not populate the message resulting in spurious "File not found" errors.
[MySQL] privileged password cannot be discovered when seteuid, such as with job runner.
[Bootstrapper] dnf i18n idempotency checks.
[Kernel] rebuild grub2.cfg on kernel change.

CHANGED:
[Screenshots] batch runs in hourly intervals. Cleanup chromium work directories.
[Subdomains, Addon Domains] enqueue docroot changes.
[Spam Filter] renamed from SpamAssassin Configuration Wizard. Add support for deliver threshold.
[argos] disambiguate existing config* API methods to config_relay.
[Core] misc:debug-session hooks into request lifecycle earlier - immediately following session initialization.
[Web Apps] deduplicate several preflight checks into Webapps::parseInstallOptions().
[Vacation Responder] clarify "no duplicates" option. Show affected email addresses when enabling vacation mode.
[git] add()- ignore files that cannot be added due to permissions if no fileset specified.'
[License] -f/--force flag overrides panel's best effort not to replace a perfectly fine license.

SECURITY:
Move .php denial to accounts specifically configured without apache,jail=0. Prior, it would be possible to side-step authorization policy if the request URI were a .php resource with .php explicitly appended. All other related resources would continue to be blocked as normal. A corresponding httpd-2.4.43-3 package has been released in coordination.

NEW:
[Core] API callbacks. See Hooks.md.

FIXED:
[Database] appldb incorrectly owned by "root", which during image packaging via clean.sh, prevented root from being dropped.
[SSL Certificates] domain sorting.
[Yum] package solving kicks out nightly package updates from added third-party deps with PostgreSQL.
[apnscpFunctionInterceptor] session context inherited from global context.
[Opcenter] propagate bandwidth changes when unit changes independent of threshold.
[HTTP] IPv6 fixes during self-referential reachability checks.
[rspamd] MX checks. Firewall rules do not inspect supplementary groups until iptables 1.8.4.
[.htaccess Manager] various maladies.
[Chromedriver] certain call pathways could persist chromedriver binary longer than necessary.
[dns] nested parented domains.
[Drupal] various installation blockers

CHANGED:
[system/limits] PAM-imposed limits configurable via limit_<NAME>_<TYPE> where name is the resource imposition and type hard or soft.
[PHP Pools] PHP5.6 compatibility during PHP-FPM interrogation.
[Let's Encrypt] report pruned SSL hostnames to account holder during issuance.
[Let's Encrypt] transient requests may be debugged from command-line using env DEBUG=1.
[Screenshots] interface extracted into general-purpose template in master::partials.shared.wa-screenshot.
[discourse] report debugging information directly when invoked from command-line with env DEBUG=1.

REMOVED:
[FST] go packages obviated by goenv

NEW:
[Bootstrapper] "has_dns_only" build option installs a lightweight ApisCP for use with DNS-only.
[Dashboard] show ban reason, corresponding API command rampart:get-reason().
[DNS] $hostname available in DNS templates as a composition of $subdomain + $zone.
[DNS Manager] show DNS zone information in Toolbox.
[Mail] MXRoute provider (see docs.apiscp.com/admin/mail/Mxroute/).
[Process] unshare support. Namespace resources (files, PIDs, UIDs, network) prior to running a process.
[Scopes] cp.screenshots - enable screenshot support; cp.whitelist-login - always permit CP login (see SECURITY.md for Anvil).
[stats] vmstat()- report virtual memory statistics.
[UI] rspamd app now available for admins.
[Web Apps] learning mode duration.
[Web Apps] screenshot support. Enabled automatically if has_low_memory wasn't set at install time. May be manually enabled using the cp.screenshots Scope. web:inventory-capture() performs an en masse screenshot acquitisition.

FIXED:
[Dev] prune unreachable methods during intellisense stub generation.
[file] recursive chown repeatedly calls fsmount for each directory chown'd
[Import] accept mailman list names with underscores.
[PHP] PHP-FPM cache inspection could leave behind its inspection script in certain conditions.
[PHP] webp support for PHP 7.4.
[Process] argument decomposition incorrectly handles nested quotes.
[Opcenter] "True"/"False" parsed as literals.
[Scopes] cp.config automatic postback ignores numeric input types.
[Virtualhosting] binding additional IPs before nm readies drops the active interface from nm's control. Relocate virtualhosting.service until after network-online.target to ensure nm has completed upstream acquisition. ISO/IEC 9899:2011 workaround for last IP in multihomed environment.

CHANGED:
[admin] admin:collect() now supports invoice selection. Works with both primary and subordinate accounts (billing,invoice/billing,parent_invoice).
[billing] implement billing:get-package-type().
[Bootstrapper] improved CentOS 8+ support.
[build] Always drop privileges using git. If root privileges are required for git hooks, set "apnscp_build_helper" in Bootstrapper with a custom build script. set-repo-user.sh in build/ may be used to update remote credentials to the effective username if previously supplied credentials assumed "root".
[cgroup] get-usage() CPU cumulative usage refers to 24 hours, previously 240 hours. Add cumsystem, cumuser that refer to cumulative usage since uptime. system/user fields refer to same value over 24 hour window.
[DNS] get-records() accepts "null" as subdomain to list all records.
[Firewall] change 25/TCP restriction from "postfix" gid to more generic, "mail" gid. Allows rspamd to perform MX checks as well.
[Import] detect corrupted HOME paths from backup source.
[MySQL] database renames apply correct DDL statements.
[MySQL Manager] display database size charged on disk.
[PHP] imagick enabled by default. Simplify multiPHP extension builds + configuration (see PHP-FPM.md).
[PHP] detach pool .service binding from php-fpm such that pools have two-way binding to named .socket and propagated action through group or "php-fpm" master service. Requires `EditDomain --reconfig --all` to appyl retroactively.
[PHP] Relocate composer referent to /usr/share/pear/composer.phar, inline with wp-cli and other PHP utilities.
[Postfix] simplify SMTPS/ESMTP mode settings (see SMTP.md). Always encrypt smarthost transmission set via mail.smart-host. Prior to, encryption was opportunistic.
[Process] suid/sgid options no longer wrap the command in /bin/sh. "Fork" process types may accept open/close callbacks.
[watch] lockdown()- support web user ("apache") as a target user after learning mode completes.
[Web Apps] perform validity check before updating web apps. Prevents potential loop on updating a ghosted web app.
[wordpress] purge WP-CLI cache periodically. Recovery mode resets theme to twentyXXX.

REMOVED:
[dns] check-zone() authoritative_ns requirement. Intended for use internally with BIND. Still used for PTR checks in IpCommon\ip_allocated() for now.

NEW:
[Core] CentOS/RHEL 8 support.
[PHP] track sending scripts via mail.add_x_header=1.
[rampart] get_reason(): show ban reason for IP.

FIXED:
[Bootstrapper] aggressive substitution rule removes vendor-specific kernel parameters on XFS servers.
[DNS Manager] Remove branding from DNS Manager (issue #32)
[Dovecot] indexing cannot connect to indexer service due to visibility.
[PHP] libphpX.so never stripped from httpd.conf.
[Web Apps] email option always overrode with common:get_email() value.
[WordPress] skiplist does not trigger per-asset updates.

CHANGED:
[dns] add_record_conditionally()- A and AAAA records honor CNAME presence.
[Net] improve remote IP detection resiliency.
[Postfix] reduce message size to 100 MB.

NEW:
[Bootstrapper] kernel_automated_reboot controls unassisted reboots after kernel upgrade.
[Opcenter] Internal/reserved IPv4/IPv6 address sensibility checks for CloudFlare, Delegated Whitelist.
[pgsql] change_owner(), get_owner()- manage database ownership in PostgreSQL.
[telemetry] telemetry is now enabled by default. See Metrics.md.
[WordPress] "Manage Packages" feature now available in Web Apps. Functions as a backdoor to disable plugins/themes in an inconsistent state, as well as manage update settings. skip_asset(), unskip_asset(), asset_summary() API methods added to facilitate.

FIXED:
[Bootstrapper] various idempotency fixes. UEFI support.
[DataStream] multi-mode reports failed commands.
[Logrotate] btmp never rotated out on weekly basis due to unmatchable regex.
[MySQL] 10.4 mysql.user field fixes.
[Net] hairpin check defaults to gateway address if not previously configured as with a namebased hosting.
[Opcenter] ssh,port_index does not initialize when ssh,enabled is flipped on during an edit.
[WordPress] numerous fixes to updating third-party/commercial plugins.

CHANGED:
[DNS] Parented zones now use the parent zone instead of creating a separate zone. A parented zone is one in which the parent and child reside on the same account. If a child is created as a new domain, then a separate zone will be created or in the case of CloudFlare, fail.
[Migrations] remediation improvements, ".boxtrapper" handling, detect previously relocated subpaths.
[upcp] drop privileges on git usage.
[Web Apps] Joomla!, Laravel, Drupal, Ghost, and WordPress produce additional debugging information when debug mode is enabled (see DEBUGGING.md).

REMOVED:
[aliases] change_domain() no longer requires the domain to not be listed in aliases,aliases.
[PHP] Remove mod_php from non-low-memory servers.

[admin] collect() can filter on "active" field (true/false) to select accounts that are active or suspended.
[Any-version] account admin may now update shims.
[Argos] validate relay password.
[Bootstrapper] ~2 minute performance bump by refactoring mail/configure-postfix role.
[Bootstrapper] tolerate really weird kernel configurations.
[Bootstrapper] various idempotency fixes.
[ClamAV] remove packages on disablement.
[Cloudflare] proxy only permitted records. Improve error message reporting during CF outage.
[Dovecot] block learning in stressed environments.
[file] reset_path()- when user is empty string, it defaults to current user. "null" still bypasses reset.
[FST] remove rm -rf sudo helper. Conflicts with moving essential services, such as PHP-FPM, to /.socket. May be enabled via [ssh] => sudo_support.
[helpers.sh] su VIRTUSER accepts all normal arguments.
[Letsencrypt] loquacious nameservers may stuff a TXT record beyond what is necessary during ACME challenge resulting in a pause up to the timeout interval.
[Letsencrypt] retry IP check for slow DNS servers.
[Mail] remove "postfix" user when mail is disabled on an account effectively disabling sendmail usage.
[Migrations] Fix condition in which SSL certificates do not activate without second EditDomain post-migration.
[Migrations] limit remediation suggestion to 32 characters per system limitation.
[Migrations] server-to-server migrations, domain suspension may be postponed with --no-suspend flag.
[Monit] scramble default password.
[MySQL] users may contain a period in their username.
[Nexus] IPv6 addresses with numeric leading hextet are incorrectly parsed as an array index.
[Opcenter] add sanity checks to prefix presence before discarding MySQL/PostgreSQL databases.
[Opcenter] correct condition in which promoting an alias to primary domain without explicitly removing the domain from aliases,aliases causes duplicate key on address rename.
[PHP] migrating from non-jail to jail also migrates directives from .htaccess. Controlled via [httpd] => fpm_migration.
[phpMyAdmin, phpPgAdmin] correct condition in which SSO fails if behind CloudFlare.
[phpMyAdmin, phpPgAdmin] updating a password may now optionally reset the password to the specified value.
[Postfix] /etc/postfix/master.d allows for per-site overrides (see Customizing.md).
[Rampart] malware jail, integrates into mod_security/ClamAV filtering.
[Rampart] non-essential logs are tailed on startup thus improving startup time.
[Storage Tracker] correct rendering as Picasso painting.
[Task Scheduler] MAILTO supported.
[Telemetry] range() accepts a negative $begin to look behind n seconds.
[Telemetry] fix condition in which compressed metrics block deletion of a site.
[UI] filters support ESC/ENTER hotkeys.
[UI] update default placeholder.
[WordPress] db_config()- workaround for segfaults if the output buffer fills during database inquiry.
[WordPress] enable debug mode in WP-CLI when ApisCP debugging enabled.
[WordPress] fix condition in lower versions with patch are preferred to those without.

[Bootstrapper] correct condition that would cause Mitogen to fail an assertion check

[Scopes] mysql.remote-access, pgsql.remote-access, ftp.insecure-ssl scopes added
[Telemetry] JIT metric support, Rampart logging
[Opcenter] improve quota fetch throughput, partition enumeration on large (> 500) installs
[PHP] add webp support
[PHP] prevent loading pool for opcache statistics if ActiveState is deactivated
[phpMyAdmin] 4.9+ SSO fixes
[Error Reporter] all unhandled exceptions set exit code 255
[DNS] zone validation wait threshold now configurable via [dns] => validation_wait
[cgroups] add "io" service limit, a 24-hour combined storage bandwidth limit
[Apache] VirtualHost prioritization (see Apache.md)
[admin] get_usage() reports cgroup data. Cache behavior controlled via [cgroup] => prefetch_ttl, usage controlled by show_usage option