1.0.9

Author: jotka

Dockerfile

@@ -49,6 +49,7 @@ RUN APKO_ARCH=$([ "$TARGETARCH" = "arm64" ] && echo "aarch64" || echo "x86_64")
     "    - tzdata" \
     "    - docker-cli" \
     "    - docker-compose" \
+    "    - docker-cli-buildx" \
     "    - sqlite" \
     "    - git" \
     "    - openssh-client" \
@@ -142,6 +143,7 @@ ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \
     PGID=1001
 
 # Create docker compose plugin symlink (we use `docker compose` syntax, Wolfi has standalone binary)
+# Note: docker-cli-buildx package already creates the buildx symlink
 RUN mkdir -p /usr/libexec/docker/cli-plugins \
     && ln -s /usr/bin/docker-compose /usr/libexec/docker/cli-plugins/docker-compose
 

package.json

@@ -1,7 +1,7 @@
 {
 	"name": "dockhand",
 	"private": true,
-	"version": "1.0.8",
+	"version": "1.0.3",
 	"type": "module",
 	"scripts": {
 		"dev": "bunx --bun vite dev",
@@ -50,10 +50,10 @@
 		"@codemirror/lang-xml": "6.1.0",
 		"@codemirror/lang-yaml": "6.1.2",
 		"@codemirror/language": "6.12.1",
-		"@codemirror/search": "6.5.11",
-		"@codemirror/state": "6.5.3",
+		"@codemirror/search": "6.6.0",
+		"@codemirror/state": "6.5.4",
 		"@codemirror/theme-one-dark": "6.1.3",
-		"@codemirror/view": "6.39.9",
+		"@codemirror/view": "6.39.11",
 		"@lezer/highlight": "1.2.3",
 		"@lucide/lab": "^0.1.2",
 		"codemirror": "6.0.2",
@@ -75,12 +75,12 @@
 		"@layerstack/tailwind": "^1.0.1",
 		"@lucide/svelte": "^0.562.0",
 		"@playwright/test": "1.57.0",
-		"@sveltejs/kit": "^2.49.3",
-		"@sveltejs/vite-plugin-svelte": "^6.2.3",
+		"@sveltejs/kit": "2.49.5",
+		"@sveltejs/vite-plugin-svelte": "6.2.4",
 		"@tailwindcss/vite": "^4.1.18",
-		"@types/bun": "^1.3.5",
+		"@types/bun": "1.3.6",
 		"@types/js-yaml": "^4.0.9",
-		"@types/nodemailer": "^7.0.4",
+		"@types/nodemailer": "7.0.5",
 		"@types/qrcode": "^1.5.6",
 		"@xterm/addon-fit": "^0.11.0",
 		"@xterm/addon-web-links": "^0.12.0",
@@ -96,7 +96,7 @@
 		"lucide-svelte": "^0.562.0",
 		"mode-watcher": "^1.1.0",
 		"postcss": "^8.5.6",
-		"svelte": "^5.46.1",
+		"svelte": "5.46.4",
 		"svelte-adapter-bun": "1.0.1",
 		"svelte-check": "^4.3.5",
 		"svelte-easy-crop": "^5.0.0",
@@ -109,9 +109,11 @@
 		"vite": "^7.3.1"
 	},
 	"overrides": {
-		"@codemirror/state": "6.5.3",
-		"@codemirror/view": "6.39.9",
+		"@codemirror/state": "6.5.4",
+		"@codemirror/view": "6.39.11",
 		"@codemirror/language": "6.12.1",
+		"@codemirror/commands": "6.10.1",
+		"@codemirror/search": "6.6.0",
 		"@lezer/common": "1.5.0",
 		"@lezer/highlight": "1.2.3"
 	}

src/hooks.server.ts

@@ -5,9 +5,34 @@ import { isAuthEnabled, validateSession } from '$lib/server/auth';
 import { setServerStartTime } from '$lib/server/uptime';
 import { checkLicenseExpiry, getHostname } from '$lib/server/license';
 import { initCryptoFallback } from '$lib/server/crypto-fallback';
+import { detectHostDataDir } from '$lib/server/host-path';
+import { listContainers, removeContainer } from '$lib/server/docker';
+import { rmSync, readdirSync, existsSync } from 'fs';
+import { join } from 'path';
 import type { HandleServerError, Handle } from '@sveltejs/kit';
 import { redirect } from '@sveltejs/kit';
 
+// Cleanup orphaned scanner version containers from previous runs
+async function cleanupOrphanedScannerContainers() {
+	try {
+		const containers = await listContainers(true);
+		const orphaned = containers.filter(c =>
+			c.name?.startsWith('dockhand-grype-version-') ||
+			c.name?.startsWith('dockhand-trivy-version-')
+		);
+		for (const c of orphaned) {
+			try {
+				await removeContainer(c.id, true);
+			} catch { /* ignore */ }
+		}
+		if (orphaned.length > 0) {
+			console.log(`[Startup] Cleaned up ${orphaned.length} orphaned scanner containers`);
+		}
+	} catch (error) {
+		// Silently ignore - Docker may not be available yet or no containers to clean
+	}
+}
+
 // License expiry check interval (24 hours)
 const LICENSE_CHECK_INTERVAL = 86400000;
 
@@ -24,10 +49,46 @@ if (!initialized) {
 		// Initialize crypto fallback first (detects old kernels and logs status)
 		initCryptoFallback();
 
+		// Cleanup orphaned TLS temp directories from previous crashes
+		const dataDir = process.env.DATA_DIR || './data';
+		const tmpDir = join(dataDir, 'tmp');
+		if (existsSync(tmpDir)) {
+			try {
+				const entries = readdirSync(tmpDir);
+				for (const entry of entries) {
+					if (entry.startsWith('tls-')) {
+						const path = join(tmpDir, entry);
+						try {
+							rmSync(path, { recursive: true, force: true });
+							console.log(`[Startup] Cleaned orphaned TLS temp dir: ${entry}`);
+						} catch { /* ignore */ }
+					}
+				}
+			} catch { /* ignore */ }
+		}
+
 		setServerStartTime(); // Track when server started
 		initDatabase();
 		// Log hostname for license validation (set by entrypoint in Docker, or os.hostname() outside)
 		console.log('Hostname for license validation:', getHostname());
+
+		// Detect host data directory for path translation
+		// This allows Dockhand to translate container paths to host paths for compose volume mounts
+		detectHostDataDir().then(hostPath => {
+			if (hostPath) {
+				console.log(`[Startup] Host data directory detected: ${hostPath}`);
+			} else {
+				console.warn('[Startup] Could not detect host data path.');
+				console.warn('[Startup] Git stacks with relative volume paths may not work correctly.');
+				console.warn('[Startup] Consider setting HOST_DATA_DIR or using matching volume paths (-v /app/data:/app/data)');
+			}
+		}).catch(err => {
+			console.error('[Startup] Failed to detect host data directory:', err);
+		});
+		// Cleanup orphaned scanner containers from previous runs (non-blocking)
+		cleanupOrphanedScannerContainers().catch(err => {
+			console.error('Failed to cleanup orphaned scanner containers:', err);
+		});
 		// Start background subprocesses for metrics and event collection (isolated processes)
 		startSubprocesses().catch(err => {
 			console.error('Failed to start background subprocesses:', err);
@@ -174,4 +235,3 @@ export const handleError: HandleServerError = ({ error, event }) => {
 		code: 'INTERNAL_ERROR'
 	};
 };
-// CI trigger 1766327149

src/lib/components/host-info.svelte

@@ -316,13 +316,10 @@
 		envAbortController = new AbortController();
 		fetchHostInfo();
 		fetchDiskUsage();
-		const hostInterval = setInterval(fetchHostInfo, 30000);
-		const diskInterval = setInterval(fetchDiskUsage, 30000);
+		// No polling - only fetch on mount and environment switch
 		document.addEventListener('click', handleClickOutside);
 		return () => {
 			abortPendingRequests(); // Abort on destroy
-			clearInterval(hostInterval);
-			clearInterval(diskInterval);
 			document.removeEventListener('click', handleClickOutside);
 		};
 	});

src/lib/data/changelog.json

@@ -1,4 +1,22 @@
 [
+  {
+    "version": "1.0.9",
+    "date": "2026-01-17",
+    "changes": [
+      { "type": "feature", "text": "Shell: detect available shells in container before connecting" },
+      { "type": "fix", "text": "Fix GHCR registry authentication with OAuth2 token flow" },
+      { "type": "fix", "text": "Add page titles for browser tab updates on navigation" },
+      { "type": "fix", "text": "Add stack name conflict warning" },
+      { "type": "feature", "text": "Add docker-buildx plugin to container image" },
+      { "type": "fix", "text": "Fix relative paths not working for adopted/imported stacks" },
+      { "type": "fix", "text": "Fix TLS certificates not passed to docker-compose for direct connections" },
+      { "type": "fix", "text": "Fix registry queries for images with docker.io prefix" },
+      { "type": "fix", "text": "Fix compose editor issues when editing near env var references" },
+      { "type": "fix", "text": "Fix branch switching causing unknown revision error in git stacks" },
+      { "type": "fix", "text": "Fix SSE connection leak" }
+    ],
+    "imageTag": "fnsys/dockhand:v1.0.9"
+  },
   {
     "version": "1.0.8",
     "date": "2026-01-13",