Show loading overlay when adding/removing CNAME records as it requires a FTL restart#3742
Merged
Conversation
…s a FTL restart Signed-off-by: yubiuser <github@yubiuser.dev>
PromoFaux
approved these changes
Mar 18, 2026
Merged
github-actions Bot
pushed a commit
to bigbeartechworld/big-bear-universal-apps
that referenced
this pull request
Apr 5, 2026
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [jacklul/pihole](https://redirect.github.com/pi-hole/docker-pi-hole) | minor | `2026.02.0` → `2026.04.0` | --- ### Release Notes <details> <summary>pi-hole/docker-pi-hole (jacklul/pihole)</summary> ### [`v2026.04.0`](https://redirect.github.com/pi-hole/docker-pi-hole/releases/tag/2026.04.0) [Compare Source](https://redirect.github.com/pi-hole/docker-pi-hole/compare/2026.02.0...2026.04.0) <!-- Release notes generated using configuration in .github/release.yml at master --> #### What's Changed (Docker Specific - all related to CI/build) - Group dependabot PRs to reduce PR spam by [@​yubiuser](https://redirect.github.com/yubiuser) in [#​2004](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2004) - ci: switch image publishing to docker/github-builder by [@​crazy-max](https://redirect.github.com/crazy-max) in [#​2008](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2008) - Readme Rework by [@​PromoFaux](https://redirect.github.com/PromoFaux) in [#​1958](https://redirect.github.com/pi-hole/docker-pi-hole/pull/1958) - Replace Python test suite with BATS and consolidate workflows by [@​PromoFaux](https://redirect.github.com/PromoFaux) in [#​2009](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2009) - Add timeout to curl command in branch validation by [@​RynoCODE](https://redirect.github.com/RynoCODE) in [#​2011](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2011) - Use bats-assert library functions in BATS test suite by [@​Copilot](https://redirect.github.com/Copilot) in [#​2018](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2018) - ci: run build job on pull request event by [@​crazy-max](https://redirect.github.com/crazy-max) in [#​2021](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2021) - Update github-builder to v1.5.0 and enable fail-fast by [@​yubiuser](https://redirect.github.com/yubiuser) in [#​2022](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2022) #### New Contributors - [@​crazy-max](https://redirect.github.com/crazy-max) made their first contribution in [#​2008](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2008) - [@​RynoCODE](https://redirect.github.com/RynoCODE) made their first contribution in [#​2011](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2011) - [@​Copilot](https://redirect.github.com/Copilot) made their first contribution in [#​2018](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2018) **Full Changelog**: <pi-hole/docker-pi-hole@2026.02.0...2026.04.0> #### Component Release Notes <!-- Release notes generated using configuration in .github/release.yml at development --> #### What's Changed (FTL v6.6) - Fix possible resolver issue on armv5tel by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2781](https://redirect.github.com/pi-hole/FTL/pull/2781) - Introduce CMake options for optional dependencies by [@​aeolio](https://redirect.github.com/aeolio) in [pi-hole/FTL#2795](https://redirect.github.com/pi-hole/FTL/pull/2795) - Fix build without mbedtls \[v2] by [@​aeolio](https://redirect.github.com/aeolio) in [pi-hole/FTL#2796](https://redirect.github.com/pi-hole/FTL/pull/2796) - Fix overTime data when database.DBimport = false by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2788](https://redirect.github.com/pi-hole/FTL/pull/2788) - Fix cross-compilation issues w/ custom toolchain by [@​aeolio](https://redirect.github.com/aeolio) in [pi-hole/FTL#2797](https://redirect.github.com/pi-hole/FTL/pull/2797) - Add new option for controling name resolution via MAC address by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2790](https://redirect.github.com/pi-hole/FTL/pull/2790) - Fix obtaining client groups by name by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2791](https://redirect.github.com/pi-hole/FTL/pull/2791) - Ensure API sessions are restored before starting the HTTP server by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2803](https://redirect.github.com/pi-hole/FTL/pull/2803) - Add form-action 'self' to Content-Security-Policy by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/FTL#2804](https://redirect.github.com/pi-hole/FTL/pull/2804) - Add query\_frequency to /padd endpoint by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/FTL#2806](https://redirect.github.com/pi-hole/FTL/pull/2806) - Guard query-count counters against unsigned underflow by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2815](https://redirect.github.com/pi-hole/FTL/pull/2815) - Add universal crash backtrace via \_Unwind\_Backtrace by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2811](https://redirect.github.com/pi-hole/FTL/pull/2811) - config: show totp\_secret presence in CLI output by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2813](https://redirect.github.com/pi-hole/FTL/pull/2813) - Fix client count inflation for rate-limited queries by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2814](https://redirect.github.com/pi-hole/FTL/pull/2814) - Fix stack buffer overflow in get\_process\_name() by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2821](https://redirect.github.com/pi-hole/FTL/pull/2821) - Do not restart FTL while `pihole -g` is still ongoing by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2419](https://redirect.github.com/pi-hole/FTL/pull/2419) #### Security Advisories - [GHSA-r7g8-3fj7-m5qq - Authorization bypass: CLI API sessions can import Teleporter archives and modify configuration](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-r7g8-3fj7-m5qq) reported by [@​mzalzahrani](https://redirect.github.com/mzalzahrani) - Remote Code Execution (RCE) via Newline Injection in Multiple Configuration Parameters reported by [@​T0X1Cx](https://redirect.github.com/T0X1Cx) - [pi-hole/FTL/security/advisories/GHSA-vfmq-jrx3-wv3c](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-vfmq-jrx3-wv3c) - [pi-hole/FTL/security/advisories/GHSA-wxhv-w77q-6qwp](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-wxhv-w77q-6qwp) - [pi-hole/FTL/security/advisories/GHSA-28g5-gg88-wh5m](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-28g5-gg88-wh5m) - [pi-hole/FTL/security/advisories/GHSA-fqv2-qhfh-ghcj](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-fqv2-qhfh-ghcj) - [pi-hole/FTL/security/advisories/GHSA-23w8-7333-p9fj](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-23w8-7333-p9fj) #### New Contributors - [@​aeolio](https://redirect.github.com/aeolio) made their first contribution in [pi-hole/FTL#2795](https://redirect.github.com/pi-hole/FTL/pull/2795) **Full Changelog**: <pi-hole/FTL@v6.5...v6.6> <!-- Release notes generated using configuration in .github/release.yml at development --> #### What's Changed (Web v6.5) - Amend teleporter help text that the long-term data is not included by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3721](https://redirect.github.com/pi-hole/web/pull/3721) - Do not use 3 columns when boxed layout is used by [@​rdwebdesign](https://redirect.github.com/rdwebdesign) in [pi-hole/web#3722](https://redirect.github.com/pi-hole/web/pull/3722) - Use <kbd>ENTER</kbd> instead of <kbd>⏎</kbd> by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3727](https://redirect.github.com/pi-hole/web/pull/3727) - Don't link to github releases if docker tag is nightly by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3718](https://redirect.github.com/pi-hole/web/pull/3718) - Do not try to compare component version when remote version info is not available by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3729](https://redirect.github.com/pi-hole/web/pull/3729) - Show loading overlay when adding/removing CNAME records as it requires a FTL restart by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3742](https://redirect.github.com/pi-hole/web/pull/3742) - fix: check on responseJSON when wrong password by [@​guybrush2105](https://redirect.github.com/guybrush2105) in [pi-hole/web#3693](https://redirect.github.com/pi-hole/web/pull/3693) - Remove the loggingButton from Settings > System > Actions by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3747](https://redirect.github.com/pi-hole/web/pull/3747) #### Security Advisories - Multiple Stored HTML Injections and XSS in different web interface pages reported by [@​andrejtomci](https://redirect.github.com/andrejtomci) - [GHSA-jx8x-mj2r-62vq - Stored HTML Injection in queries.js](https://redirect.github.com/pi-hole/web/security/advisories/GHSA-jx8x-mj2r-62vq) - [GHSA-9rfm-c5g6-538p - Stored HTML attribute injection](https://redirect.github.com/pi-hole/web/security/advisories/GHSA-9rfm-c5g6-538p) - [GHSA-px6w-85wp-ww9v - Stored XSS / HTML injection in the Network page/Dashboard](https://redirect.github.com/pi-hole/web/security/advisories/GHSA-px6w-85wp-ww9v) - [GHSA-7xqw-r9pr-qv59 - Reflected XSS / HTML injection in taillog.js](https://redirect.github.com/pi-hole/web/security/advisories/GHSA-7xqw-r9pr-qv59) (Also reported by [@​n1rwhex](https://redirect.github.com/n1rwhex) and [@​mzalzahrani](https://redirect.github.com/mzalzahrani)) #### New Contributors - [@​guybrush2105](https://redirect.github.com/guybrush2105) made their first contribution in [pi-hole/web#3693](https://redirect.github.com/pi-hole/web/pull/3693) **Full Changelog**: <pi-hole/web@v6.4.1...v6.5> <!-- Release notes generated using configuration in .github/release.yml at development --> #### What's Changed (Core v6.4.1) - Remove additional ':' from debug log system time output by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/pi-hole#6551](https://redirect.github.com/pi-hole/pi-hole/pull/6551) - Remove `readonly` from piholeNetworkFlush.sh to avoid error message by [@​rdwebdesign](https://redirect.github.com/rdwebdesign) in [pi-hole/pi-hole#6554](https://redirect.github.com/pi-hole/pi-hole/pull/6554) - Add antigravity index by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/pi-hole#6573](https://redirect.github.com/pi-hole/pi-hole/pull/6573) - Fix return status capture of FTL check\_download exists by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/pi-hole#6572](https://redirect.github.com/pi-hole/pi-hole/pull/6572) - Remove misleading TODO comment for SetWebPassword by [@​10adnan75](https://redirect.github.com/10adnan75) in [pi-hole/pi-hole#6531](https://redirect.github.com/pi-hole/pi-hole/pull/6531) #### Security Advisories - [GHSA-c935-8g63-qp74 – Local Privilege Escalation](https://redirect.github.com/pi-hole/pi-hole/security/advisories/GHSA-c935-8g63-qp74) reported by [@​smittix](https://redirect.github.com/smittix) #### New Contributors - [@​10adnan75](https://redirect.github.com/10adnan75) made their first contribution in [pi-hole/pi-hole#6531](https://redirect.github.com/pi-hole/pi-hole/pull/6531) - [@​Copilot](https://redirect.github.com/Copilot) made their first contribution in [pi-hole/pi-hole#6580](https://redirect.github.com/pi-hole/pi-hole/pull/6580) **Full Changelog**: <pi-hole/pi-hole@v6.4...v6.4.1> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/bigbeartechworld/big-bear-universal-apps). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMDIuMTEiLCJ1cGRhdGVkSW5WZXIiOiI0My4xMDIuMTEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyIsInJlbm92YXRlIl19-->
github-actions Bot
pushed a commit
to bigbeartechworld/big-bear-universal-apps
that referenced
this pull request
Apr 5, 2026
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [pihole/pihole](https://redirect.github.com/pi-hole/docker-pi-hole) | minor | `2026.02.0` → `2026.04.0` | --- ### Release Notes <details> <summary>pi-hole/docker-pi-hole (pihole/pihole)</summary> ### [`v2026.04.0`](https://redirect.github.com/pi-hole/docker-pi-hole/releases/tag/2026.04.0) [Compare Source](https://redirect.github.com/pi-hole/docker-pi-hole/compare/2026.02.0...2026.04.0) <!-- Release notes generated using configuration in .github/release.yml at master --> #### What's Changed (Docker Specific - all related to CI/build) - Group dependabot PRs to reduce PR spam by [@​yubiuser](https://redirect.github.com/yubiuser) in [#​2004](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2004) - ci: switch image publishing to docker/github-builder by [@​crazy-max](https://redirect.github.com/crazy-max) in [#​2008](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2008) - Readme Rework by [@​PromoFaux](https://redirect.github.com/PromoFaux) in [#​1958](https://redirect.github.com/pi-hole/docker-pi-hole/pull/1958) - Replace Python test suite with BATS and consolidate workflows by [@​PromoFaux](https://redirect.github.com/PromoFaux) in [#​2009](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2009) - Add timeout to curl command in branch validation by [@​RynoCODE](https://redirect.github.com/RynoCODE) in [#​2011](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2011) - Use bats-assert library functions in BATS test suite by [@​Copilot](https://redirect.github.com/Copilot) in [#​2018](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2018) - ci: run build job on pull request event by [@​crazy-max](https://redirect.github.com/crazy-max) in [#​2021](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2021) - Update github-builder to v1.5.0 and enable fail-fast by [@​yubiuser](https://redirect.github.com/yubiuser) in [#​2022](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2022) #### New Contributors - [@​crazy-max](https://redirect.github.com/crazy-max) made their first contribution in [#​2008](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2008) - [@​RynoCODE](https://redirect.github.com/RynoCODE) made their first contribution in [#​2011](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2011) - [@​Copilot](https://redirect.github.com/Copilot) made their first contribution in [#​2018](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2018) **Full Changelog**: <pi-hole/docker-pi-hole@2026.02.0...2026.04.0> #### Component Release Notes <!-- Release notes generated using configuration in .github/release.yml at development --> #### What's Changed (FTL v6.6) - Fix possible resolver issue on armv5tel by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2781](https://redirect.github.com/pi-hole/FTL/pull/2781) - Introduce CMake options for optional dependencies by [@​aeolio](https://redirect.github.com/aeolio) in [pi-hole/FTL#2795](https://redirect.github.com/pi-hole/FTL/pull/2795) - Fix build without mbedtls \[v2] by [@​aeolio](https://redirect.github.com/aeolio) in [pi-hole/FTL#2796](https://redirect.github.com/pi-hole/FTL/pull/2796) - Fix overTime data when database.DBimport = false by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2788](https://redirect.github.com/pi-hole/FTL/pull/2788) - Fix cross-compilation issues w/ custom toolchain by [@​aeolio](https://redirect.github.com/aeolio) in [pi-hole/FTL#2797](https://redirect.github.com/pi-hole/FTL/pull/2797) - Add new option for controling name resolution via MAC address by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2790](https://redirect.github.com/pi-hole/FTL/pull/2790) - Fix obtaining client groups by name by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2791](https://redirect.github.com/pi-hole/FTL/pull/2791) - Ensure API sessions are restored before starting the HTTP server by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2803](https://redirect.github.com/pi-hole/FTL/pull/2803) - Add form-action 'self' to Content-Security-Policy by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/FTL#2804](https://redirect.github.com/pi-hole/FTL/pull/2804) - Add query\_frequency to /padd endpoint by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/FTL#2806](https://redirect.github.com/pi-hole/FTL/pull/2806) - Guard query-count counters against unsigned underflow by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2815](https://redirect.github.com/pi-hole/FTL/pull/2815) - Add universal crash backtrace via \_Unwind\_Backtrace by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2811](https://redirect.github.com/pi-hole/FTL/pull/2811) - config: show totp\_secret presence in CLI output by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2813](https://redirect.github.com/pi-hole/FTL/pull/2813) - Fix client count inflation for rate-limited queries by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2814](https://redirect.github.com/pi-hole/FTL/pull/2814) - Fix stack buffer overflow in get\_process\_name() by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2821](https://redirect.github.com/pi-hole/FTL/pull/2821) - Do not restart FTL while `pihole -g` is still ongoing by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2419](https://redirect.github.com/pi-hole/FTL/pull/2419) #### Security Advisories - [GHSA-r7g8-3fj7-m5qq - Authorization bypass: CLI API sessions can import Teleporter archives and modify configuration](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-r7g8-3fj7-m5qq) reported by [@​mzalzahrani](https://redirect.github.com/mzalzahrani) - Remote Code Execution (RCE) via Newline Injection in Multiple Configuration Parameters reported by [@​T0X1Cx](https://redirect.github.com/T0X1Cx) - [pi-hole/FTL/security/advisories/GHSA-vfmq-jrx3-wv3c](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-vfmq-jrx3-wv3c) - [pi-hole/FTL/security/advisories/GHSA-wxhv-w77q-6qwp](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-wxhv-w77q-6qwp) - [pi-hole/FTL/security/advisories/GHSA-28g5-gg88-wh5m](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-28g5-gg88-wh5m) - [pi-hole/FTL/security/advisories/GHSA-fqv2-qhfh-ghcj](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-fqv2-qhfh-ghcj) - [pi-hole/FTL/security/advisories/GHSA-23w8-7333-p9fj](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-23w8-7333-p9fj) #### New Contributors - [@​aeolio](https://redirect.github.com/aeolio) made their first contribution in [pi-hole/FTL#2795](https://redirect.github.com/pi-hole/FTL/pull/2795) **Full Changelog**: <pi-hole/FTL@v6.5...v6.6> <!-- Release notes generated using configuration in .github/release.yml at development --> #### What's Changed (Web v6.5) - Amend teleporter help text that the long-term data is not included by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3721](https://redirect.github.com/pi-hole/web/pull/3721) - Do not use 3 columns when boxed layout is used by [@​rdwebdesign](https://redirect.github.com/rdwebdesign) in [pi-hole/web#3722](https://redirect.github.com/pi-hole/web/pull/3722) - Use <kbd>ENTER</kbd> instead of <kbd>⏎</kbd> by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3727](https://redirect.github.com/pi-hole/web/pull/3727) - Don't link to github releases if docker tag is nightly by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3718](https://redirect.github.com/pi-hole/web/pull/3718) - Do not try to compare component version when remote version info is not available by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3729](https://redirect.github.com/pi-hole/web/pull/3729) - Show loading overlay when adding/removing CNAME records as it requires a FTL restart by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3742](https://redirect.github.com/pi-hole/web/pull/3742) - fix: check on responseJSON when wrong password by [@​guybrush2105](https://redirect.github.com/guybrush2105) in [pi-hole/web#3693](https://redirect.github.com/pi-hole/web/pull/3693) - Remove the loggingButton from Settings > System > Actions by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3747](https://redirect.github.com/pi-hole/web/pull/3747) #### Security Advisories - Multiple Stored HTML Injections and XSS in different web interface pages reported by [@​andrejtomci](https://redirect.github.com/andrejtomci) - [GHSA-jx8x-mj2r-62vq - Stored HTML Injection in queries.js](https://redirect.github.com/pi-hole/web/security/advisories/GHSA-jx8x-mj2r-62vq) - [GHSA-9rfm-c5g6-538p - Stored HTML attribute injection](https://redirect.github.com/pi-hole/web/security/advisories/GHSA-9rfm-c5g6-538p) - [GHSA-px6w-85wp-ww9v - Stored XSS / HTML injection in the Network page/Dashboard](https://redirect.github.com/pi-hole/web/security/advisories/GHSA-px6w-85wp-ww9v) - [GHSA-7xqw-r9pr-qv59 - Reflected XSS / HTML injection in taillog.js](https://redirect.github.com/pi-hole/web/security/advisories/GHSA-7xqw-r9pr-qv59) (Also reported by [@​n1rwhex](https://redirect.github.com/n1rwhex) and [@​mzalzahrani](https://redirect.github.com/mzalzahrani)) #### New Contributors - [@​guybrush2105](https://redirect.github.com/guybrush2105) made their first contribution in [pi-hole/web#3693](https://redirect.github.com/pi-hole/web/pull/3693) **Full Changelog**: <pi-hole/web@v6.4.1...v6.5> <!-- Release notes generated using configuration in .github/release.yml at development --> #### What's Changed (Core v6.4.1) - Remove additional ':' from debug log system time output by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/pi-hole#6551](https://redirect.github.com/pi-hole/pi-hole/pull/6551) - Remove `readonly` from piholeNetworkFlush.sh to avoid error message by [@​rdwebdesign](https://redirect.github.com/rdwebdesign) in [pi-hole/pi-hole#6554](https://redirect.github.com/pi-hole/pi-hole/pull/6554) - Add antigravity index by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/pi-hole#6573](https://redirect.github.com/pi-hole/pi-hole/pull/6573) - Fix return status capture of FTL check\_download exists by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/pi-hole#6572](https://redirect.github.com/pi-hole/pi-hole/pull/6572) - Remove misleading TODO comment for SetWebPassword by [@​10adnan75](https://redirect.github.com/10adnan75) in [pi-hole/pi-hole#6531](https://redirect.github.com/pi-hole/pi-hole/pull/6531) #### Security Advisories - [GHSA-c935-8g63-qp74 – Local Privilege Escalation](https://redirect.github.com/pi-hole/pi-hole/security/advisories/GHSA-c935-8g63-qp74) reported by [@​smittix](https://redirect.github.com/smittix) #### New Contributors - [@​10adnan75](https://redirect.github.com/10adnan75) made their first contribution in [pi-hole/pi-hole#6531](https://redirect.github.com/pi-hole/pi-hole/pull/6531) - [@​Copilot](https://redirect.github.com/Copilot) made their first contribution in [pi-hole/pi-hole#6580](https://redirect.github.com/pi-hole/pi-hole/pull/6580) **Full Changelog**: <pi-hole/pi-hole@v6.4...v6.4.1> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/bigbeartechworld/big-bear-universal-apps). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMDIuMTEiLCJ1cGRhdGVkSW5WZXIiOiI0My4xMDIuMTEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyIsInJlbm92YXRlIl19-->
github-actions Bot
pushed a commit
to bigbeartechworld/big-bear-universal-apps
that referenced
this pull request
Apr 7, 2026
…ag to v2026.04.0 This PR contains the following updates: | Package | Update | Change | |---|---|---| | [bigbeartechworld/big-bear-pihole-unbound](https://redirect.github.com/pi-hole/docker-pi-hole) | minor | `2026.02.0` → `2026.04.0` | --- ### Release Notes <details> <summary>pi-hole/docker-pi-hole (bigbeartechworld/big-bear-pihole-unbound)</summary> ### [`v2026.04.0`](https://redirect.github.com/pi-hole/docker-pi-hole/releases/tag/2026.04.0) [Compare Source](https://redirect.github.com/pi-hole/docker-pi-hole/compare/2026.02.0...2026.04.0) <!-- Release notes generated using configuration in .github/release.yml at master --> #### What's Changed (Docker Specific - all related to CI/build) - Group dependabot PRs to reduce PR spam by [@​yubiuser](https://redirect.github.com/yubiuser) in [#​2004](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2004) - ci: switch image publishing to docker/github-builder by [@​crazy-max](https://redirect.github.com/crazy-max) in [#​2008](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2008) - Readme Rework by [@​PromoFaux](https://redirect.github.com/PromoFaux) in [#​1958](https://redirect.github.com/pi-hole/docker-pi-hole/pull/1958) - Replace Python test suite with BATS and consolidate workflows by [@​PromoFaux](https://redirect.github.com/PromoFaux) in [#​2009](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2009) - Add timeout to curl command in branch validation by [@​RynoCODE](https://redirect.github.com/RynoCODE) in [#​2011](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2011) - Use bats-assert library functions in BATS test suite by [@​Copilot](https://redirect.github.com/Copilot) in [#​2018](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2018) - ci: run build job on pull request event by [@​crazy-max](https://redirect.github.com/crazy-max) in [#​2021](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2021) - Update github-builder to v1.5.0 and enable fail-fast by [@​yubiuser](https://redirect.github.com/yubiuser) in [#​2022](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2022) #### New Contributors - [@​crazy-max](https://redirect.github.com/crazy-max) made their first contribution in [#​2008](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2008) - [@​RynoCODE](https://redirect.github.com/RynoCODE) made their first contribution in [#​2011](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2011) - [@​Copilot](https://redirect.github.com/Copilot) made their first contribution in [#​2018](https://redirect.github.com/pi-hole/docker-pi-hole/pull/2018) **Full Changelog**: <pi-hole/docker-pi-hole@2026.02.0...2026.04.0> #### Component Release Notes <!-- Release notes generated using configuration in .github/release.yml at development --> #### What's Changed (FTL v6.6) - Fix possible resolver issue on armv5tel by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2781](https://redirect.github.com/pi-hole/FTL/pull/2781) - Introduce CMake options for optional dependencies by [@​aeolio](https://redirect.github.com/aeolio) in [pi-hole/FTL#2795](https://redirect.github.com/pi-hole/FTL/pull/2795) - Fix build without mbedtls \[v2] by [@​aeolio](https://redirect.github.com/aeolio) in [pi-hole/FTL#2796](https://redirect.github.com/pi-hole/FTL/pull/2796) - Fix overTime data when database.DBimport = false by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2788](https://redirect.github.com/pi-hole/FTL/pull/2788) - Fix cross-compilation issues w/ custom toolchain by [@​aeolio](https://redirect.github.com/aeolio) in [pi-hole/FTL#2797](https://redirect.github.com/pi-hole/FTL/pull/2797) - Add new option for controling name resolution via MAC address by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2790](https://redirect.github.com/pi-hole/FTL/pull/2790) - Fix obtaining client groups by name by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2791](https://redirect.github.com/pi-hole/FTL/pull/2791) - Ensure API sessions are restored before starting the HTTP server by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2803](https://redirect.github.com/pi-hole/FTL/pull/2803) - Add form-action 'self' to Content-Security-Policy by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/FTL#2804](https://redirect.github.com/pi-hole/FTL/pull/2804) - Add query\_frequency to /padd endpoint by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/FTL#2806](https://redirect.github.com/pi-hole/FTL/pull/2806) - Guard query-count counters against unsigned underflow by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2815](https://redirect.github.com/pi-hole/FTL/pull/2815) - Add universal crash backtrace via \_Unwind\_Backtrace by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2811](https://redirect.github.com/pi-hole/FTL/pull/2811) - config: show totp\_secret presence in CLI output by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2813](https://redirect.github.com/pi-hole/FTL/pull/2813) - Fix client count inflation for rate-limited queries by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2814](https://redirect.github.com/pi-hole/FTL/pull/2814) - Fix stack buffer overflow in get\_process\_name() by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2821](https://redirect.github.com/pi-hole/FTL/pull/2821) - Do not restart FTL while `pihole -g` is still ongoing by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/FTL#2419](https://redirect.github.com/pi-hole/FTL/pull/2419) #### Security Advisories - [GHSA-r7g8-3fj7-m5qq - Authorization bypass: CLI API sessions can import Teleporter archives and modify configuration](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-r7g8-3fj7-m5qq) reported by [@​mzalzahrani](https://redirect.github.com/mzalzahrani) - Remote Code Execution (RCE) via Newline Injection in Multiple Configuration Parameters reported by [@​T0X1Cx](https://redirect.github.com/T0X1Cx) - [pi-hole/FTL/security/advisories/GHSA-vfmq-jrx3-wv3c](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-vfmq-jrx3-wv3c) - [pi-hole/FTL/security/advisories/GHSA-wxhv-w77q-6qwp](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-wxhv-w77q-6qwp) - [pi-hole/FTL/security/advisories/GHSA-28g5-gg88-wh5m](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-28g5-gg88-wh5m) - [pi-hole/FTL/security/advisories/GHSA-fqv2-qhfh-ghcj](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-fqv2-qhfh-ghcj) - [pi-hole/FTL/security/advisories/GHSA-23w8-7333-p9fj](https://redirect.github.com/pi-hole/FTL/security/advisories/GHSA-23w8-7333-p9fj) #### New Contributors - [@​aeolio](https://redirect.github.com/aeolio) made their first contribution in [pi-hole/FTL#2795](https://redirect.github.com/pi-hole/FTL/pull/2795) **Full Changelog**: <pi-hole/FTL@v6.5...v6.6> <!-- Release notes generated using configuration in .github/release.yml at development --> #### What's Changed (Web v6.5) - Amend teleporter help text that the long-term data is not included by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3721](https://redirect.github.com/pi-hole/web/pull/3721) - Do not use 3 columns when boxed layout is used by [@​rdwebdesign](https://redirect.github.com/rdwebdesign) in [pi-hole/web#3722](https://redirect.github.com/pi-hole/web/pull/3722) - Use <kbd>ENTER</kbd> instead of <kbd>⏎</kbd> by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3727](https://redirect.github.com/pi-hole/web/pull/3727) - Don't link to github releases if docker tag is nightly by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3718](https://redirect.github.com/pi-hole/web/pull/3718) - Do not try to compare component version when remote version info is not available by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3729](https://redirect.github.com/pi-hole/web/pull/3729) - Show loading overlay when adding/removing CNAME records as it requires a FTL restart by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3742](https://redirect.github.com/pi-hole/web/pull/3742) - fix: check on responseJSON when wrong password by [@​guybrush2105](https://redirect.github.com/guybrush2105) in [pi-hole/web#3693](https://redirect.github.com/pi-hole/web/pull/3693) - Remove the loggingButton from Settings > System > Actions by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/web#3747](https://redirect.github.com/pi-hole/web/pull/3747) #### Security Advisories - Multiple Stored HTML Injections and XSS in different web interface pages reported by [@​andrejtomci](https://redirect.github.com/andrejtomci) - [GHSA-jx8x-mj2r-62vq - Stored HTML Injection in queries.js](https://redirect.github.com/pi-hole/web/security/advisories/GHSA-jx8x-mj2r-62vq) - [GHSA-9rfm-c5g6-538p - Stored HTML attribute injection](https://redirect.github.com/pi-hole/web/security/advisories/GHSA-9rfm-c5g6-538p) - [GHSA-px6w-85wp-ww9v - Stored XSS / HTML injection in the Network page/Dashboard](https://redirect.github.com/pi-hole/web/security/advisories/GHSA-px6w-85wp-ww9v) - [GHSA-7xqw-r9pr-qv59 - Reflected XSS / HTML injection in taillog.js](https://redirect.github.com/pi-hole/web/security/advisories/GHSA-7xqw-r9pr-qv59) (Also reported by [@​n1rwhex](https://redirect.github.com/n1rwhex) and [@​mzalzahrani](https://redirect.github.com/mzalzahrani)) #### New Contributors - [@​guybrush2105](https://redirect.github.com/guybrush2105) made their first contribution in [pi-hole/web#3693](https://redirect.github.com/pi-hole/web/pull/3693) **Full Changelog**: <pi-hole/web@v6.4.1...v6.5> <!-- Release notes generated using configuration in .github/release.yml at development --> #### What's Changed (Core v6.4.1) - Remove additional ':' from debug log system time output by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/pi-hole#6551](https://redirect.github.com/pi-hole/pi-hole/pull/6551) - Remove `readonly` from piholeNetworkFlush.sh to avoid error message by [@​rdwebdesign](https://redirect.github.com/rdwebdesign) in [pi-hole/pi-hole#6554](https://redirect.github.com/pi-hole/pi-hole/pull/6554) - Add antigravity index by [@​DL6ER](https://redirect.github.com/DL6ER) in [pi-hole/pi-hole#6573](https://redirect.github.com/pi-hole/pi-hole/pull/6573) - Fix return status capture of FTL check\_download exists by [@​yubiuser](https://redirect.github.com/yubiuser) in [pi-hole/pi-hole#6572](https://redirect.github.com/pi-hole/pi-hole/pull/6572) - Remove misleading TODO comment for SetWebPassword by [@​10adnan75](https://redirect.github.com/10adnan75) in [pi-hole/pi-hole#6531](https://redirect.github.com/pi-hole/pi-hole/pull/6531) #### Security Advisories - [GHSA-c935-8g63-qp74 – Local Privilege Escalation](https://redirect.github.com/pi-hole/pi-hole/security/advisories/GHSA-c935-8g63-qp74) reported by [@​smittix](https://redirect.github.com/smittix) #### New Contributors - [@​10adnan75](https://redirect.github.com/10adnan75) made their first contribution in [pi-hole/pi-hole#6531](https://redirect.github.com/pi-hole/pi-hole/pull/6531) - [@​Copilot](https://redirect.github.com/Copilot) made their first contribution in [pi-hole/pi-hole#6580](https://redirect.github.com/pi-hole/pi-hole/pull/6580) **Full Changelog**: <pi-hole/pi-hole@v6.4...v6.4.1> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/bigbeartechworld/big-bear-universal-apps). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMDIuMTEiLCJ1cGRhdGVkSW5WZXIiOiI0My4xMDIuMTEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyIsInJlbm92YXRlIl19-->
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What does this PR aim to accomplish?:
When users use the 'Save & Apply' button on the settings page, an loading overlay is shown which stays until FTL is available again in case a restart is required.
Currently, no overlay was shown when a CNAME was added/removed, but this required a FTL restart as well. This should be signaled to the users.
How does this PR accomplish the above?:
Re-use the
utils.loadingOverlayfunctionBy submitting this pull request, I confirm the following:
git rebase)