Releases

This release adds visibility into Pricore's own release lifecycle and makes navigating package commits one click faster.

New Features

• Release notes viewer: The sidebar version label now opens a modal listing the latest release notes from GitHub, with a small indicator next to the version when a newer release is available. Releases are fetched lazily and cached for 24h, so no scheduler is required.

Improvements

• Package versions: Commit hashes in the package versions list are now clickable and link to the provider's commit URL.

Fixes

• Updated dependencies

Fixes

• Fixed a horizontal scrollbar appearing when dropdown menus were opened

Fixes

• Increased health check start period to 90s to prevent check failures

Fixes

• Added support for version names containing slashes #85 – thanks @joenivl!
• Fixed an issue where meta title would not be replaced by Inertia (caused by Inertia 3 upgrade)

This release improves the setup experience, fixes GitHub repository discovery, and adds version tag links.

New Features

• Tag/Version Links (#62): Package versions now link to their tag or release page on GitHub, GitLab, and Bitbucket, making it easy to view release details directly from Pricore.
• Security Advisory Sync During Setup: The install command now prompts to sync security advisories, giving new installations immediate vulnerability coverage.

Fixes

• Fixed GitHub repository listing not showing private repos. The correct API endpoints are now used for both personal and organization repositories.

Fixes

• Fixed mixed HTTP/HTTPS URL generation when running behind a reverse proxy that terminates SSL. Pricore now forces HTTPS for all generated URLs when APP_URL is configured with an https:// scheme. (#80)

Fixes

• Fixed organization settings pages rendering blank content after the Inertia.js v3 upgrade

This release centers on security auditing, a major new feature that brings vulnerability tracking and advisory matching to your Pricore registry. It also includes an Inertia.js v3 upgrade and several smaller fixes.

New Features

• Package Version Security Auditing (#55): Pricore now syncs security advisories from the Packagist Security Advisories API and matches them against your package versions using semver constraint checking. Packages are automatically scanned after repository and mirror syncs. The new organization-level security overview page shows severity stats and per-package vulnerability summaries, with badges on version lists and details in version dialogs. Org admins receive email notifications when new vulnerabilities are detected, and composer audit works natively against your Pricore registry.

Improvements

• Inertia.js v3: Upgraded from Inertia.js v2 to v3 for both the Laravel backend and React frontend.

Fixes

• Fixed missing activity log descriptions for mirror and SSH key events, which previously displayed awkward phrasing like "Test User Mirror added"

Bug Fixes

• Fix issue where package versions prefixed with v would not be returned by Composer endpoint