v0.21.7

Security

Fixes four cross-tenant and input-validation advisories:

• GHSA-vwx9-7qcf-gg7f — cross-tenant IDOR on namespace endpoints reachable via API Key and JWT callers, allowing a caller to read, edit, delete or toggle session recording of a namespace they are not scoped to, and to enumerate namespaces across tenants on the list endpoint. (initially fixed in v0.21.6)
• GHSA-j72x-xfwg-783f — GET /api/devices/:uid returned the full device object for any authenticated caller, allowing cross-tenant disclosure of device metadata (hostname, MAC, OS, public key, remote address, last-seen).
• GHSA-9w9c-9w8m-w89q — GET /api/sessions/:uid returned the full session object for any authenticated caller, allowing cross-tenant disclosure of SSH session data (username, device UID, remote IP, authentication state, timestamps).
• GHSA-47r2-v3x6-wff9 — filter and sort query parameters on the device list accepted attacker-controlled identifiers as BSON keys, enabling HTTP 500 crash-DoS and blind regex extraction via $regex values.

Full Changelog: v0.21.6...v0.21.7

v0.21.6

Security

Fixes GHSA-vwx9-7qcf-gg7f — cross-tenant IDOR on namespace endpoints reachable via API Key and JWT callers, allowing a caller to read, edit, delete or toggle session recording of a namespace they are not scoped to, and to enumerate namespaces across tenants on the list endpoint. Reported by @Edu0x01.

What's Changed

• fix(api): prevent cross-tenant access via API Key and JWT by @gustavosbarreto

Full Changelog: v0.21.5...v0.21.6

v0.24.1

What's Changed

• feat(ui-react): add admin user management pages by @luizhf42 in #6086
• feat(ui): add admin namespace management by @luizhf42 in #6105
• feat(ui-react): handle token query param on Login page for admin login-as-user by @luizhf42 in #6110
• fix(ui-react): fix connection announcement overflow in admin namespace details by @luizhf42 in #6109
• feat(ui-react): add admin device list and detail pages by @luizhf42 in #6113
• ui: bump defu from 6.1.4 to 6.1.6 in /ui by @dependabot[bot] in #6115
• ui: bump lodash from 4.17.23 to 4.18.1 in /ui by @dependabot[bot] in #6111
• fix(ci): temporarily pin claude-code-action to 1.0.88 by @luizhf42 in #6125
• feat(ui-react): add admin firewall rules list and detail pages by @luizhf42 in #6116
• ci: add SBOM generation to release workflows by @otavio in #6112
• fix(ui-react): resolve prettier and eslint formatting conflicts by @luizhf42 in #6126
• ui: bump turndown from 7.2.2 to 7.2.4 in /ui by @dependabot[bot] in #6122
• ui: bump vuetify from 3.12.3 to 3.12.5 in /ui by @dependabot[bot] in #6121
• ui: bump sass from 1.98.0 to 1.99.0 in /ui by @dependabot[bot] in #6120
• api: bump github.com/lib/pq from 1.12.1 to 1.12.3 in /api by @dependabot[bot] in #6119
• ui: bump @vue/runtime-dom from 3.5.31 to 3.5.32 in /ui by @dependabot[bot] in #6118
• chore(deps-dev): bump vite from 7.3.1 to 7.3.2 in /ui-react by @dependabot[bot] in #6117
• ui: bump qrcode.vue from 3.8.0 to 3.8.1 in /ui by @dependabot[bot] in #6123
• fix(api): add id tiebreaker to paginated queries by @gustavosbarreto in #6127
• fix(ui-react): use server-side filtering for device search by @luizhf42 in #6129
• fix(ui-react): use plain strings for public key filter tags by @luannmoreira in #6128
• fix(api): qualify column names in device queries with JOINs by @gustavosbarreto in #6130
• fix(api): place AND operator before connector filter in device list by @gustavosbarreto in #6131
• fix(api): compute device online status in session queries by @luizhf42 in #6137
• fix(store): add missing "lt" operator to PG filter parser by @gustavosbarreto in #6140
• feat(cli): add namespace enumeration capabilites by @geovannewashington in #6132
• chore: bump shellhub version to v0.24.1 by @gustavosbarreto in #6141

Full Changelog: v0.24.0...v0.24.1

v0.24.0

PostgreSQL as Default Database

PostgreSQL is now the default and only supported database backend. MongoDB is no longer required.

If upgrading from v0.22.x or earlier, upgrade to v0.23.0 first to run the automatic migration pipeline, then upgrade to v0.24.0. See the migration guide for details.

v0.23.0

Database Migration (MongoDB to PostgreSQL)

This release introduces the automatic migration pipeline from MongoDB to PostgreSQL. On startup, ShellHub reads all data from MongoDB, writes it to PostgreSQL, and runs a deep field-by-field validation to ensure data integrity.

Set SHELLHUB_DATABASE=migrate in your .env to enable the migration. The migration status is exposed via GET /api/migration/status and shown in the UI.

The next release (v0.24.0) will switch the default database to PostgreSQL, completing the transition.

New React UI

The new admin interface built with React is now available alongside the existing Vue UI:

• Generated API SDK with TanStack Query, replacing the Axios/Zustand layer
• Role-based permission system
• Admin panel with dashboard and license management
• Session recording playback
• Password recovery, sign-up, and account confirmation flows
• Two-factor authentication (TOTP)
• Connect-via-terminal UX improvements

CLI

• New user list command
• TTY allocation is now disabled when stdout is not a terminal

Infrastructure

• Go 1.25.8
• golangci-lint v2.11.3
• Decoupled enterprise entry point from community module
• SAML types removed from core models

v0.22.0

ShellHub v0.22.0

The React Release

v0.22.0 is the biggest frontend change in ShellHub's history. The entire UI has been rebuilt from scratch in React with TypeScript, replacing the Vue-based frontend that served the project for years. This release also lays the groundwork for the upcoming PostgreSQL migration.

For the full story behind these changes, see Inside ShellHub #1.

New React UI

The new frontend ships as the default at /. The legacy Vue UI remains accessible at /v1 during the transition period.

Highlights compared to the previous frontend:

• No more Vuetify lock-in. The new UI uses Tailwind CSS with a custom design system, giving full control over styling without fighting a component library.
• Multi-session terminal. The old terminal opened one SSH session in a modal. The new one supports multiple concurrent sessions with a taskbar — minimize, restore, and fullscreen.
• Secure Vault. Store encrypted SSH private keys in the browser for password-protected key authentication directly from the web terminal.
• Welcome wizard. A guided onboarding flow for new users after account creation.
• Better error handling. Connection failures, expired sessions, and network drops show inline banners with clear messages instead of silently failing.

Unified Open-Core Architecture

The Cloud/Enterprise layer has been merged into the API binary. Instead of running a separate service, enterprise features are now compiled into the same binary and activated by configuration. This simplifies deployment, eliminates inter-service calls, and makes transactions across community and enterprise code truly atomic.

Agent Improvements

• Yamux multiplexing. The agent now uses multistream and yamux instead of an HTTP server for device communication, improving reliability and reducing overhead.
• Native static binary. Replaced the standalone runc dependency with a native static binary, simplifying agent distribution.
• PTY deadlock fix. Resolved a window-change deadlock that could freeze terminal sessions under load.
• ARMv6 support fix. Corrected architecture targeting for ARMv6 devices.

Infrastructure

• ACME-DNS support for web endpoint wildcard certificates — an alternative to DigitalOcean and Cloudflare DNS providers.
• MongoDB → PostgreSQL migration tooling is included in this release as groundwork for the v0.23.0 transition. Not yet active by default.
• Generic store test suite that validates both MongoDB and PostgreSQL implementations against the same test cases.

Bug Fixes

• Fixed namespace device counter cache discrepancies
• Fixed license device limit enforcement
• Fixed recovery email conflict check against empty strings
• Fixed trailing comma in agent config.json env array
• Improved web terminal error handling and reconnection

Updated Stack

• Go 1.24.13
• Node.js 24 (LTS)
• Alpine 3.22

New Contributors

• @geovannewashington made their first contribution in #5954

---

Full Changelog: v0.21.5...v0.22.0

v0.21.5

What's Changed

• ui: bump typescript-eslint from 8.50.1 to 8.51.0 in /ui by @dependabot[bot] in #5686
• agent: bump github.com/labstack/echo/v4 from 4.14.0 to 4.15.0 in /agent by @dependabot[bot] in #5683
• api: bump github.com/labstack/echo/v4 from 4.14.0 to 4.15.0 in /api by @dependabot[bot] in #5682
• ssh: bump github.com/labstack/echo/v4 from 4.14.0 to 4.15.0 in /ssh by @dependabot[bot] in #5681
• ui: bump vuetify from 3.11.5 to 3.11.6 in /ui by @dependabot[bot] in #5685
• ui: bump eslint-plugin-jest from 29.11.1 to 29.12.1 in /ui by @dependabot[bot] in #5684
• feat: simplify issue templates to reduce friction by @gustavosbarreto in #5689
• chore: remove documentation and security links from issue templates by @gustavosbarreto in #5691
• test(ui): improve main UI's store modules' tests by @luizhf42 in #5657
• feat: allow immediate device slot reuse after deletion by @gustavosbarreto in #5688
• test(ui): enhance main UI's store module tests by @luizhf42 in #5692
• test(ui): improve Admin's store modules' tests by @luizhf42 in #5693
• test(ui): improve useTablePreferences composable tests by @luizhf42 in #5694
• fix: exclude removed devices from DeviceConflicts checks by @gustavosbarreto in #5695

Full Changelog: v0.21.4...v0.21.5

v0.21.4

What's Changed

• ui: bump vuetify from 3.11.0 to 3.11.2 in /ui by @dependabot[bot] in #5602
• ui: bump typescript-eslint from 8.48.0 to 8.48.1 in /ui by @dependabot[bot] in #5596
• fix(ui): fix MemberInvite's email label spacing by @luizhf42 in #5608
• chore(deps): bump actions/setup-node from 6.0.0 to 6.1.0 by @dependabot[bot] in #5607
• cli: bump github.com/spf13/cobra from 1.10.1 to 1.10.2 in /cli by @dependabot[bot] in #5601
• ui: bump express from 4.21.2 to 4.22.1 in /ui by @dependabot[bot] in #5599
• agent: bump github.com/spf13/cobra from 1.10.1 to 1.10.2 in /agent by @dependabot[bot] in #5597
• api: bump github.com/spf13/cobra from 1.10.1 to 1.10.2 in /api by @dependabot[bot] in #5598
• docker: api: bump alpine from 3.22.2 to 3.23.0 in /api by @dependabot[bot] in #5606
• docker: ssh: bump alpine from 3.22.2 to 3.23.0 in /ssh by @dependabot[bot] in #5605
• docker: cli: bump alpine from 3.22.2 to 3.23.0 in /cli by @dependabot[bot] in #5604
• docker: gateway: bump alpine from 3.22.2 to 3.23.0 in /gateway by @dependabot[bot] in #5603
• feat(ui): show namespace type in SettingNamespace component by @luizhf42 in #5609
• ui: bump vue-tsc from 3.1.5 to 3.1.7 in /ui by @dependabot[bot] in #5600
• fix(ui): fix SettingTags behavior with no tags in list by @luizhf42 in #5610
• fix(ui): correct admin table background and improve test selectors by @luannmoreira in #5586
• fix(ui): items-per-page input handling only on blur DataTable by @luannmoreira in #5612
• feat(agent): add support for optional environment variables in install.sh by @gustavosbarreto in #5613
• feat(ui): add new Tags view separate from Settings by @luizhf42 in #5611
• refactor(ui): improve terminal connection UI and add SSHID helper by @gustavosbarreto in #5614
• fix(ui): enable TagSelector even when namespace has no tags by @luizhf42 in #5615
• refactor(ui): add settings button to namespace switcher by @gustavosbarreto in #5617
• refactor(ui): remove stats store usage from device UI components by @luannmoreira in #5590
• fix(api): support X-Tenant-ID header in tag requests by @heiytor in #5618
• refactor(ui): refactor Tags API wrapper and store by @luizhf42 in #5616
• refactor(ui): simplify and validate items-per-page input handling by @luannmoreira in #5619
• fix(ui): fix Connection Announcement edit dialog by @luizhf42 in #5621
• fix(ui): fix SSHID Helper related issues by @luizhf42 in #5620
• agent: bump golang.org/x/sys from 0.38.0 to 0.39.0 in /agent by @dependabot[bot] in #5627
• ssh: bump github.com/labstack/echo/v4 from 4.13.4 to 4.14.0 in /ssh by @dependabot[bot] in #5631
• ui: bump asciinema-player from 3.12.1 to 3.13.4 in /ui by @dependabot[bot] in #5635
• ui: bump typescript-eslint from 8.48.1 to 8.49.0 in /ui by @dependabot[bot] in #5636
• docker: ui: bump nginx from 1.29.3-alpine to 1.29.4-alpine in /ui by @dependabot[bot] in #5637
• api: bump golang.org/x/crypto from 0.45.0 to 0.46.0 in /api by @dependabot[bot] in #5634
• ui: bump eslint-plugin-jest from 29.2.1 to 29.5.0 in /ui by @dependabot[bot] in #5640
• feat(ui): add "Add Private Key" button to TerminalLoginForm's select by @luizhf42 in #5622
• test(ui): add API mocks to DevicesDropdown tests by @luizhf42 in #5624
• refactor(ui): move hasNamespaces computed to namespaces store by @luizhf42 in #5623
• ui: bump sass from 1.94.2 to 1.96.0 in /ui by @dependabot[bot] in #5639
• ui: bump vuetify from 3.11.2 to 3.11.3 in /ui by @dependabot[bot] in #5638
• bump(ui): revert Node.js LTS version bump by @luizhf42 in #5644
• chore(deps): bump actions/upload-artifact from 5 to 6 by @dependabot[bot] in #5643
• chore(deps): bump actions/cache from 3 to 5 by @dependabot[bot] in #5642
• chore(deps): bump actions/download-artifact from 6 to 7 by @dependabot[bot] in #5641
• agent: bump golang.org/x/crypto from 0.45.0 to 0.46.0 in /agent by @dependabot[bot] in #5630
• agent: bump github.com/labstack/echo/v4 from 4.13.4 to 4.14.0 in /agent by @dependabot[bot] in #5628
• api: bump github.com/labstack/echo/v4 from 4.13.4 to 4.14.0 in /api by @dependabot[bot] in #5632
• refactor(api): migrate membership invitations to a dedicated collection by @heiytor in #5532
• feat(ui): implement new invitations menu, view, dialogs and management system by @luizhf42 in #5585
• feat(ui): add items per page persistence to DataTable by @luizhf42 in #5646
• test(ui): update InvitationList snapshot by @luizhf42 in #5645
• feat(ui): create PageHeader component and refactor views by @gustavosbarreto in #5647
• fix(ui): suppress Sass legacy JS API deprecation warnings by @gustavosbarreto in #5648
• feat(ui): add FormBricks survey to setup wizard flow by @gustavosbarreto in #5649
• test(ui): add @pinia/testing and mount helper for tests by @luizhf42 in #5650
• feat(ui): add Rename Device button to accepted devices list by @luizhf42 in #5651
• feat(ui): use PageHeader in TeamInvitations view by @luizhf42 in #5652
• fix(ui): replace text-white with theme-safe emphasis colors by @luannmoreira in #5653
• fix(ui): standardize WebEndpoints search bar placement by @luannmoreira in #5654
• feat(ui): add onboarding survey to setup wizard by @gustavosbarreto in #5656
• test(ui): improve AppLayout tests by @luizhf42 in #5655
• refactor(ui): replace page titles in admin with PageHeader component by @luannmoreira in #5658
• docker: api: bump alpine from 3.23.0 to 3.23.2 in /api by @dependabot[bot] in #5668
• docker: cli: bump alpine from 3.23.0 to 3.23.2 in /cli by @dependabot[bot] in #5667
• ui: bump vue-tsc from 3.1.8 to 3.2.1 in /ui by @dependabot[bot] in #5665
• docker: gateway: bump alpine from 3.23.0 to 3.23.2 in /gateway by @dependabot[bot] in #5664
• ui: bump @vue/runtime-dom from 3.5.25 to 3.5.26 in /ui by @dependabot[bot] in #5663
• ui: bump eslint from 9.39.1 to 9.39.2 in /ui by @dependabot[bot] in #5662
• ui: bump vue-router from 4.6.3 to 4.6.4 in /ui by @dependabot[bot] in #5660
• fix(api): preserve null values for unique indexed fields in UserUpdate by @heiytor in #5670
• refactor(ui): improve session play button and active status display by @luannmoreira in #5659
• fix(tests): support testcontainers in Docker-in-Docker environment by @gustavosbarreto in #5671
• ui: bump typescript-eslint from 8.49.0 to 8.50.1 in /ui by @dependabot[bot] in #5676
• ui: bump sass from 1.96.0 to 1.97.1 in /ui by @dependabot[bot] in #5675
• ui: bump eslint-plugin-jest from 29.5.0 to 29.11.1 in /ui by @dependabot[bot] in #5674
• ui: bump vuetify from 3.11.3 to 3.11.5 in /ui by @dependabot[bot] in #5673
• ui: bump asciinema-player from 3.13.4 to 3.13.5 in /u...

v0.21.3

What's Changed

• refactor(api,openapi): simplify tag endpoints by @heiytor in #5594
• chore: bump shellhub version to v0.21.3 by @gustavosbarreto in #5595

Full Changelog: v0.21.2...v0.21.3

v0.21.2

What's Changed

• fix(ui): fix Welcome dialog opening behavior by @luizhf42 in #5587
• fix: ensure nsenter and setpriv match the target architecture by @CloudCray in #5588
• chore: bump shellhub version to v0.21.2 by @gustavosbarreto in #5591

New Contributors

• @CloudCray made their first contribution in #5588

Full Changelog: v0.21.1...v0.21.2

What's Changed

• fix(ui): fix Welcome dialog opening behavior by @luizhf42 in #5587
• fix: ensure nsenter and setpriv match the target architecture by @CloudCray in #5588
• chore: bump shellhub version to v0.21.2 by @gustavosbarreto in #5591
• fix(agent): include primary group in ListGroups by @gustavosbarreto in #5592

New Contributors

• @CloudCray made their first contribution in #5588

Full Changelog: v0.21.1...v0.21.2

What's Changed

• fix(ui): fix Welcome dialog opening behavior by @luizhf42 in #5587
• fix: ensure nsenter and setpriv match the target architecture by @CloudCray in #5588
• chore: bump shellhub version to v0.21.2 by @gustavosbarreto in #5591
• fix(agent): include primary group in ListGroups by @gustavosbarreto in #5592
• ci: update DigitalOcean Spaces credentials in OpenAPI workflow by @gustavosbarreto in #5593

New Contributors

• @CloudCray made their first contribution in #5588

Full Changelog: v0.21.1...v0.21.2