Releases

Release notes and changelog for Pricore.

View on GitHub

Fixes

  • Added support for version names containing slashes #85 – thanks @joenivl!
  • Fixed an issue where meta title would not be replaced by Inertia (caused by Inertia 3 upgrade)

View on GitHub

This release improves the setup experience, fixes GitHub repository discovery, and adds version tag links.

New Features

  • Tag/Version Links (#62): Package versions now link to their tag or release page on GitHub, GitLab, and Bitbucket, making it easy to view release details directly from Pricore.
  • Security Advisory Sync During Setup: The install command now prompts to sync security advisories, giving new installations immediate vulnerability coverage.
image

Fixes

  • Fixed GitHub repository listing not showing private repos. The correct API endpoints are now used for both personal and organization repositories.

View on GitHub

Fixes

  • Fixed mixed HTTP/HTTPS URL generation when running behind a reverse proxy that terminates SSL. Pricore now forces HTTPS for all generated URLs when APP_URL is configured with an https:// scheme. (#80)

View on GitHub

Fixes

  • Fixed organization settings pages rendering blank content after the Inertia.js v3 upgrade

View on GitHub

This release centers on security auditing, a major new feature that brings vulnerability tracking and advisory matching to your Pricore registry. It also includes an Inertia.js v3 upgrade and several smaller fixes.

New Features

  • Package Version Security Auditing (#55): Pricore now syncs security advisories from the Packagist Security Advisories API and matches them against your package versions using semver constraint checking. Packages are automatically scanned after repository and mirror syncs. The new organization-level security overview page shows severity stats and per-package vulnerability summaries, with badges on version lists and details in version dialogs. Org admins receive email notifications when new vulnerabilities are detected, and composer audit works natively against your Pricore registry.

Improvements

  • Inertia.js v3: Upgraded from Inertia.js v2 to v3 for both the Laravel backend and React frontend.

Fixes

  • Fixed missing activity log descriptions for mirror and SSH key events, which previously displayed awkward phrasing like "Test User Mirror added"

View on GitHub

Bug Fixes

  • Fix issue where package versions prefixed with v would not be returned by Composer endpoint

View on GitHub

This releases fixes a layout overflow issue in the version detail modal.

Bug Fixes

  • Fixed version detail modal content overflowing when the version name or description is long

View on GitHub

Pricore v0.49.0 adds archive size visibility to the package version list and fixes SSH key generation in Docker.

New Features

  • Archive Size Display: Package version archives now track and display their file size in the UI. The "Dist available" badge is replaced with the actual archive size (e.g., "1.2 MB") and a tooltip indicating the mirror is stored and served by Pricore. Existing archives are backfilled during migration.

Bug Fixes

  • Added openssh-client to Docker image for ssh-keygen support