Today, we're excited to give you a closer look at the 2023 Ford Bronco Badlands, one of the vehicles that you'll be able to get behind the wheel of in our upcoming Road Trip module with the Ford Car Park DLC for American Truck Simulator.

Few vehicles have captured the spirit of American adventure quite like the Ford Bronco. Its legendary status comes from decades of exploring the wild, built on a foundation of rugged capability, a good mix of abilities, and open-air freedom.

It became an easily recognizable vehicle by people all over the world in the past decades, featured in some popular movies, too. The 2023 Bronco Badlands, which you will be able to drive with the Ford Car Pack, is a part of its sixth generation.

First introduced in the mid-1960s as a revolutionary 4x4, the Bronco quickly achieved cult success, with more than 1.1 million cars manufactured across multiple generations over 31 years of production. With a long-awaited return in 2021 after a 25-year hiatus, it has reclaimed its reputation as a vehicle that can handle almost anything, from technical rock crawling in the desert to scenic coastal cruises and everything in between.

Over the years, the Bronco has grown and evolved alongside its drivers. What started as a simple, utilitarian off-roader has transformed into a lineup featuring advanced EcoBoost powertrains, cutting-edge G.O.A.T. (Goes Over Any type of Terrain) modes, and performance-focused suspension, all while staying true to its iconic boxy roots. 

This ability to master any surface is a big reason why the Bronco remains a symbol of outdoor exploration, equally at home as a daily driver or a hardcore companion for those who love to venture far off the beaten path.

Players can also look forward to a selection of factory-inspired exterior colours from the 2023 lineup, including striking options such as Azure Gray, Cactus Gray, Eruption Green, Pepper Red, Velocity Blue, or Yellowstone paint.

We would like to thank Ford for their support in bringing this car to our game. If you are excited to hit the road in the beautiful Bronco Badlands, don't forget to add the Ford Car Pack for American Truck Simulator to your Steam Wishlist!

Also, remember to stay up to date with the latest Road Trip news by subscribing to our newsletter or following us on X/Twitter, Facebook, BlueSky, and Instagram. Until next time, drive safe!

Below are development builds for testing purposes.

Latest development build: 2.7.1.21 (May 6th 2026)

Latest stable release build: 2.7.1
https://github.com/clsid2/mpc-hc/releases/tag/2.7.1

1.6.0 (2026-05-01)

Features

• Deployment: Subpath deployment support via NEXT_PUBLIC_BASE_PATH environment variable
• Mail: Image attachment thumbnails and preview chips
• Mobile: Reworked mobile mail viewer toolbar
• Mobile: Mobile-friendly settings panel
• Mobile: Mobile-friendly admin panel
• Mail: Redesigned expanded details panel
• Mailbox: Show full path in mailbox context menu header with intelligent path shortening

Fixes

• Viewer: Respect per-email dark mode toggle when "always show in light mode" is on
• Navigation: Scroll apps list in navigation rail to prevent overflow
• Context menu: Clamp submenu inside viewport
• Context menu: Prevent context menu from clipping below viewport
• Context menu: Prevent jump and animation on open
• Mail: Stop silently destroying emails when trash mailbox isn't found (#195)
• Mail: Preserve list scroll position when tagging an email
• Mail: Render below-header overflow popup outside clipped row
• Mail: Collapse below-header attachments to single row with overflow pill
• Push: Fix push preview JMAP query
• Tour: Navigate tour to mailbox when starting from another page
• i18n: Add useTranslations for "selected emails" and "cancel" on email list batch operations

i18n

• Translate SPF/DKIM/DMARC tooltips
• Add missing keys across 14 locales

The Asterisk Development Team would like to announce
the release of Certified asterisk-18.9-cert18.

The release artifacts are available for immediate download at
https://github.com/asterisk/asterisk/releases/tag/certified-18.9-cert18
and
https://downloads.asterisk.org/pub/telephony/certified-asterisk

Repository: https://github.com/asterisk/asterisk
Tag: certified-18.9-cert18

This release resolves issues reported by the community
and would have not been possible without your participation.

Thank You!

Change Log for Release asterisk-certified-18.9-cert18

Links:

• Full ChangeLog
• GitHub Diff
• Tarball
• Downloads

Summary:

• Commits: 1
• Commit Authors: 1
• Issues Resolved: 1
• Security Advisories Resolved: 0

User Notes:

Upgrade Notes:

Developer Notes:

Commit Authors:

• Naveen Albert: (1)

Issue and Commit Detail:

Closed Issues:

• ASTERISK-30265: res_pjsip_session: Fix missing PLAR support on INVITEs

Commits By Author:

• Naveen Albert (1):

  • res_pjsip_session.c: Map empty extensions in INVITEs to s.

Commit List:

• res_pjsip_session.c: Map empty extensions in INVITEs to s.

Commit Details:

res_pjsip_session.c: Map empty extensions in INVITEs to s.

Author: Naveen Albert
Date: 2022-10-17

Some SIP devices use an empty extension for PLAR functionality.

Rather than rejecting these empty extensions, we now use the s
extension for such calls to mirror the existing PLAR functionality
in Asterisk (e.g. chan_dahdi).

ASTERISK-30265 #close

1.5.4 (2026-05-01)

Features

• PWA: Web push notifications for new inbox mail (#233), with click-through to open the message
• Composer: Insert and edit tables in rich-text emails (#236)
• Mail: Configurable sub-addressing delimiter character (#239)
• i18n: Turkish localization
• i18n: Missing keys filled in across 15 locales

Fixes

• Mail: Set In-Reply-To and References headers on replies (#234)
• Mail: Persist htmlBody in drafts to preserve rich formatting (#236)
• Auth: Pin JMAP auth verification to the configured server URL (#237)
• Auth: Evict unrecoverable basic-auth accounts on reload
• Notifications: Scope new-mail notifications to genuine inbox deliveries
• Notifications: Extend PushVerification timeout and clean up leftover subscriptions
• Viewer: Smooth out body load to prevent flicker on first render
• Viewer: Prevent iframe flash when loading images or trusting the sender
• Viewer: Pad bare HTML emails like plain-text mails for consistent layout
• Viewer: Light-mode override now only affects body content
• Viewer: Detect <style> tag when applying padding
• Viewer: Drop iframe border-radius
• Calendar: Localize event start date in detail popover and event modal
• Dev: Include http protocol in connect-src for development mode CSP

• [p]Map-wide clipping fixes and geometry polish.[/p][/*]
• [p]Fixed some spots where bomb would be unreachable when dropped.[/p][/*]
• [p]Fixed dynamic shadows breaking in some spots.[/p][/*]
• [p]Fixed some surface sound types.[/p][/*]

• [p]Fixed hand popping when counter-strafing with a grenade equipped.[/p][/*]

• [p]Limit aim punch to 90 degrees.[/p][/*]
• [p]Added secondary intersection trace for partially-occluded thirdperson weapons.[/p][/*]
• [p]Adjusted ground smoothing at locations where sloped ground surfaces join with step-height transitions.[/p][/*]
• [p]Fixed issue that caused defuse-cables from completely occluded players to also be occluded.[/p][/*]
• [p]Fixed 'FATAL ERROR: Failed to on-demand compile shader' affecting some older GPUs.[/p][/*]

[0.16.3] - 2026-04-30

If you are upgrading from v0.16.x, replace the binary (or run docker pull). If you are upgrading from v0.15.x and below, please read the upgrading documentation for more information on how to upgrade from previous versions.

Added

Changed

• Replaced STALWART_HTTPS_PORT with STALWART_PUBLIC_URL.
• App Passwords now begin with app_ instead of app to avoid issues with some clients that do not support spaces in passwords.

Fixed

• Directory:
  • Invalidate caches when group memberships change on an external directory.
  • OIDC: errors instead of "failed to decode token".
  • OIDC: Recovery admin access.
  • User impersonation.
• Tasks:
  • Delete locked tasks.
  • Queue pagination by anchor.
• Log viewer: All events show as INFO.
• Registry: Allow changing object variants.
• Node id renewal.
• DNS Updater: Fix Route53 serialization format.

Check binary attestation here

✨ New Features & Improvements

• @directus/app
  • Updated the token field on the user detail page to require confirmation before regenerating or removing a token, and saved those changes immediately without requiring a page-level save. (#27108 by @LZylstra)
• @directus/api
  • Added opt-in must-revalidate and ETag headers for assets via ASSETS_CACHE_REVALIDATE env var (#27027 by @gaetansenn)
  • Added a force option to schema apply to bypass hash check (#27136 by @Nitwel)
• @directus/env
  • Added opt-in must-revalidate and ETag headers for assets via ASSETS_CACHE_REVALIDATE env var (#27027 by @gaetansenn)
• @directus/sdk
  • Added a force option to schema apply to bypass hash check (#27136 by @Nitwel)

🐛 Bug Fixes & Optimizations

• @directus/app
  • Fixed UI freeze when navigating items with WYSIWYG translations for non-admin users (#27154 by @gaetansenn)
  • Fixed selection not being cleared after running a manual flow from the collection list view sidebar (#27330 by @kropsi)
  • Fixed "Save as copy" in the file library throwing a 403 Forbidden error (#27181 by @sanskar-soni-9)
  • Fixed user token not being displayed after generation when collaboration is enabled (#27319 by @LZylstra)
  • Prevented filter popup being closed when reordering filters (#27324 by @HZooly)
  • Fixed icon flash in navigation sidebar for bookmarks without an icon (#27329 by @HZooly)
  • Migrated @directus/visual-editing into the monorepo (#27157 by @formfcw)
• @directus/api
  • Removed duplicate @directus/schema-builder dependency (#27166 by @ComfortablyCoding)
  • Bumped basic-ftp, liquidjs, xmldom, protobufjs, vite dependencies (#27335 by @br41nslug)
  • Fixed flows not awaiting reload (#27137 by @Nitwel)
  • Fixed VERSION_SAVE activity/revisions not respecting collection tracking settings (#27096 by @yogeshwaran-c)
  • Denied creating collections with / in name (#27114 by @costajohnt)
• @directus/types
  • Added a force option to schema apply to bypass hash check (#27136 by @Nitwel)
• @directus/visual-editing
  • Migrated @directus/visual-editing into the monorepo (#27157 by @formfcw)
  • Fixed the edit handler firing twice when clicking an overlay button directly (#27157 by @formfcw)
• @directus/utils
  • Migrated @directus/visual-editing into the monorepo (#27157 by @formfcw)
• @directus/sdk
  • Fixed SDK types linking to directus_access junction collection (#27152 by @yogeshwaran-c)
• @directus/composables
  • Fixed useShortcut attempting to access document before available (#27155 by @ComfortablyCoding)

📦 Published Versions

• @directus/app@15.10.0
• @directus/api@35.2.0
• @directus/composables@11.4.1
• create-directus-extension@11.0.36
• @directus/env@5.8.0
• @directus/extensions@3.0.25
• @directus/extensions-registry@3.0.26
• @directus/extensions-sdk@17.1.4
• @directus/memory@3.1.8
• @directus/pressure@3.0.22
• @directus/schema-builder@0.0.20
• @directus/storage-driver-azure@12.0.22
• @directus/storage-driver-cloudinary@12.0.22
• @directus/storage-driver-gcs@12.0.22
• @directus/storage-driver-s3@12.1.8
• @directus/storage-driver-supabase@3.0.22
• @directus/themes@1.3.3
• @directus/types@15.0.3
• @directus/utils@13.4.1
• @directus/validation@2.0.23
• @directus/visual-editing@2.0.1
• @directus/sdk@21.3.0
• @directus/sandbox@0.0.0

Fixes and improvements

General

• prevent code injection in case of MTX_QUERY in hooks (#5707) When MTX_QUERY is used explicitly in hooks, for instance "curl http://something/?$MTX_QUERY", it can be used to inject arbitrary commands. MTX_QUERY is now url-encoded to prevent any abuse regardless of the configuration.
• use temporary redirects instead of permanent redirects (#5710) this prevents unwanted caching.

HLS

• prevent open redirect attacks (#5708)
• support reading and writing KLV (#5604)
• add hlsCDNSecret (#5716) this allows to serve HLS streams behind a CDN in a simplified way, compatible with the new HLS session system.
• add public attribute to cache-control header (bluenviron/gohlslib#349)
• allow caching non-low-latency playlists (bluenviron/gohlslib#350)

WebRTC

• prevent open redirect attacks (#5708)

RPI Camera

• Merge request->controls instead of overwriting (bluenviron/mediamtx-rpicamera#97) libcamera 0.7.0 is more strict about changing controls; assignment is no longer allowed since raspberrypi/libcamera@310cd8b Instead, we use the merge call with overwrite.

Security

Binaries are compiled from source code by the Release workflow, which is a fully-visible process that prevents any change or external interference in produced artifacts.

Checksums of binaries are also published in a public blockchain by using GitHub Attestations, and they can be verified by running:

ls mediamtx_* | xargs -L1 gh attestation verify --repo bluenviron/mediamtx

You can verify checksums of binaries by downloading checksums.sha256 and running:

cat checksums.sha256 | grep "$(ls mediamtx_*)" | sha256sum --check

New major features

HLS

• track sessions (#962) (#5683) sessions are now tracked through cookies or query parameters. This provides the ability to inspect sessions through logs, metrics and API, allows more precise tracking of outbound bytes, decreases load on external HTTP authentication URLs since they are now called once per session and not once per request.
• support serving streams with a CDN (#5696)

Fixes and improvements

General

• improve listener labels (#5635) add a label after every "listener opened on :XXX" message that mentions protocols of every listener.
• dump unencrypted TLS sessions (#5624) when dumpPackets is true, embed TLS master keys into the dump, in a format which is natively compatible with Wireshark.
• use "token" as query parameter key to pass tokens (#5647) the legacy "jwt" query parameter key is still supported.
• deprecate authJWTInHTTPQuery and disable JWTs in query parameters (#5648) This fixes a long standing security flaw. Even though it's a breaking change, few users should be impacted since this feature has been discouraged for some time.
• expose token passed as query parameter to HTTP authentication too (#5649) this allows to parse tokens coming from RTSP and RTMP without additional effort.
• playback: return errors as JSON (#5656) this is aligned with all other HTTP-based services.
• prevent out-of-memory errors (#5674) impose a maximum size on body of incoming HTTP requests and responses.
• metrics: improve performance (#5663) use string.Builder instead of string concatenation
• metrics: add labels to the output (#5687) group metrics under visible, distinct labels.
• metrics: fix filtering by type=rtmp_conns and type=rtmps_conns (#5689)
• metrics: add readerType attribute to the path_readers metric (#5690) this allows to filter path readers by type.
• metrics: use an enum for parsing metrics type (#5692)
• metrics: fix race condition when reloading configuration (#5693)
• docs: add scaling page (#5695)

API

• sort path readers (#5691)

RTSP

• client: fix RTSP-over-HTTP tunnel request target (bluenviron/gortsplib#1041)
• client: support Axis SRTP variant (bluenviron/gortsplib#1033)
• improve SDP parser compatibility with malformed connection information (bluenviron/gortsplib#1025)
• support parsing responses with no status message (bluenviron/gortsplib#1043) (bluenviron/gortsplib#1050)
• client: don't block RTSP-over-HTTP tunnel startup on POST response (bluenviron/gortsplib#1047)

HLS

• return JSON with error message in case path conf is not available (#5655) this behavior is aligned with WebRTC one.
• improve muxer performance (#5660) use a mutex instead of a channel to get current instance.
• fix running linter when there are unstaged git changes (bluenviron/gohlslib#336)
• client: use redirected URL when reloading playlist (bluenviron/gohlslib#340) this allows to store and use tokens and signed URLs.
• client: support reading KLV (bluenviron/gohlslib#337)
• prevent out-of-memory errors (bluenviron/gohlslib#343)
• muxer: generate init segment once (bluenviron/gohlslib#344) Previously, the init segment was regenerated in case of codec parameter changes, but changing the init segment has been proved to cause video and audio discontinuities on iOS. Now the init file contains starting parameters only and never changes during the stream lifetime.
• client: increase size limit of segments and parts (bluenviron/gohlslib#345)
• return a custom error when body size limit is exceeded (bluenviron/gohlslib#346)
• muxer: store non-low-latency playlists and init files on disk (bluenviron/gohlslib#348)

Dependencies

• code.cloudfoundry.org/bytefmt updated from v0.67.0 to v0.69.0
• github.com/alecthomas/kong updated from v1.14.0 to v1.15.0
• github.com/bluenviron/gohlslib/v2 updated from v2.2.9 to v2.3.0
• github.com/bluenviron/gortsplib/v5 updated from v5.5.1 to v5.5.2
• github.com/go-git/go-git/v5 updated from v5.17.2 to v5.18.0
• github.com/matthewhartstonge/argon2 updated from v1.4.6 to v1.5.2
• github.com/pion/ice/v4 updated from v4.2.2 to v4.2.5
• golang.org/x/crypto updated from v0.49.0 to v0.50.0
• golang.org/x/sys updated from v0.42.0 to v0.43.0
• golang.org/x/term updated from v0.41.0 to v0.42.0
• github.com/pion/stun/v3 updated from v3.1.1 to v3.1.2
• github.com/pion/turn/v4 removed
• golang.org/x/net updated from v0.52.0 to v0.53.0
• golang.org/x/text updated from v0.35.0 to v0.36.0
• golang.org/x/time updated from v0.12.0 to v0.14.0
• github.com/pion/turn/v5 v5.0.3 added
• hls.js updated from v1.6.15 to v1.6.16

Security

Binaries are compiled from source code by the Release workflow, which is a fully-visible process that prevents any change or external interference in produced artifacts.

Checksums of binaries are also published in a public blockchain by using GitHub Attestations, and they can be verified by running:

ls mediamtx_* | xargs -L1 gh attestation verify --repo bluenviron/mediamtx

You can verify checksums of binaries by downloading checksums.sha256 and running:

cat checksums.sha256 | grep "$(ls mediamtx_*)" | sha256sum --check

Fixes and improvements

General

• prevent directory traversal attacks (#5602) Path names are used as part of paths in several components: in the recorder, in the playback server and in every HTTP-based component (WebRTC, HLS, API). Special characters that allow to escape from the intended directory are now forbidden in order to prevent directory traversal attacks.

RTSP

• client: fill server name indication (SNI) of TLS connections (bluenviron/gortsplib#1038)

RTMP

• implement AbortMessage (#4673) (bluenviron/gortmplib#59)
• client: fill server name indication (SNI) of TLS connections (bluenviron/gortmplib#63)

WebRTC

• fix random absolute timestamps with Opus, G711 and LPCM (#5597) When rewriting audio RTP timestamps in WebRTC egress, NTP was derived using regenerated packet timestamps minus the incoming RTP base timestamp. That mixed timestamp domains and could shift absolute time by an arbitrary offset while still exposing mapping as available. Fix by using a consistent outgoing RTP domain in rewritten audio paths
• strip TWCC extension of incoming RTP packets (#5146) (#5605) The TWCC extension is used as part of the WebRTC congestion control algorithm placed between the publisher and the server. If this extension is routed untouched from the server to readers, it messes with the congestion control algorithm present between the server and each reader. Remove it.

RPI Camera

• restore Docker compatibility with armv6 devices (#5590) (#5595)
• restore compatibility with armv6 devices (#5590) (bluenviron/mediamtx-rpicamera#95)

Dependencies

• github.com/bluenviron/gortmplib updated from v0.3.0 to v0.3.1
• github.com/bluenviron/gortsplib/v5 updated from v5.5.0 to v5.5.1
• github.com/gin-contrib/pprof updated from v1.5.3 to v1.5.4
• github.com/go-git/go-git/v5 updated from v5.17.0 to v5.17.2
• github.com/pion/ice/v4 updated from v4.2.1 to v4.2.2
• github.com/pion/webrtc/v4 updated from v4.2.9 to v4.2.11
• github.com/pion/sctp updated from v1.9.2 to v1.9.4
• github.com/bluenviron/mediamtx-rpicamera updated from v2.5.4 to v2.5.5

Security

Binaries are compiled from source code by the Release workflow, which is a fully-visible process that prevents any change or external interference in produced artifacts.

Checksums of binaries are also published in a public blockchain by using GitHub Attestations, and they can be verified by running:

ls mediamtx_* | xargs -L1 gh attestation verify --repo bluenviron/mediamtx

You can verify checksums of binaries by downloading checksums.sha256 and running:

cat checksums.sha256 | grep "$(ls mediamtx_*)" | sha256sum --check

New major features

WebRTC

• support publishing multiple video/audio renditions (#5573) this allows to receive multiple video tracks from OBS Studio with the new WebRTC Simulcast feature introduced in v32.1.0.

API

• provide track details (#5307) (#5333) (#1726) (#5585)
• add user field to RTSP, RTMP, SRT, WebRTC conns and sessions (https://github.com/bluenviron/mediamtx/issues/5104) (#5565)
• add RTSP reported lost packets (#5198) (#5579) The new outboundRtpPacketsReportedLost property allows to track RTP packets that have been reported lost by readers. Furthermore, stats now have a "inbound" or "outbound" prefix to improve readability.
• rename WebRTC stats to match RTSP ones (#5581)
• add new stats (#5582) - RTSPSession.outboundRTPPacketsDiscarded - Path.inboundFramesInError - SRTConn.outboundFramesDiscarded - WebRTCSession.outboundFramesDiscarded - RTMPConn.outboundFramesDiscarded - HLSMuxer.outboundFramesDiscarded

Fixes and improvements

General

• avoid buffering HTTP response body in loggerWriter (#5552) loggerWriter was shadow-copying every response byte into a bytes.Buffer to report the body size, causing the entire response to be accumulated in memory for the lifetime of each request. Replace the buffer with a plain int counter since dump() only ever reported the byte count anyway.
• optionally validate JWT iss and aud claims (#5569)
• metrics: add two missing SRT stats (#5580)

API

• add deprecated fields to the OpenAPI definition (#5575)
• add missing enums and move all enums in dedicated components (#5576)

RTSP

• fix rtsps scheme not being used in requests (#5236) (#5544)
• support unwrapping MPEG-TS tracks (#5476) this allows to use MPEG-TS tracks with other protocols and with the recording system
• client: fix support for hostnames in source and dest headers (bluenviron/gortsplib#1009) (#5304) (bluenviron/gortsplib#1014)
• allocate a rtp sender for each server session (bluenviron/gortsplib#1021) this produces more realistic statistics and in the future will allow to implement per-session statistics and packet retransmission.
• store reported lost RTP packets in stats (#5198) (bluenviron/gortsplib#1023)

HLS

• muxer: support muxing KLS with MPEG-TS (bluenviron/gohlslib#327)
• client: fix deadlock when processing fMP4s (bluenviron/gohlslib#333) (bluenviron/gohlslib#334)

WebRTC

• fix panic with WHIP POST authentication failures (#5566)

Dependencies

• code.cloudfoundry.org/bytefmt updated from v0.64.0 to v0.67.0
• github.com/abema/go-mp4 updated from v1.4.1 to v1.5.0
• github.com/bluenviron/gohlslib/v2 updated from v2.2.8 to v2.2.9
• github.com/bluenviron/gortsplib/v5 updated from v5.4.0 to v5.5.0
• github.com/bluenviron/mediacommon/v2 updated from v2.8.2 to v2.8.3
• golang.org/x/crypto updated from v0.48.0 to v0.49.0
• golang.org/x/sys updated from v0.41.0 to v0.42.0
• golang.org/x/term updated from v0.40.0 to v0.41.0
• golang.org/x/net updated from v0.51.0 to v0.52.0
• golang.org/x/text updated from v0.34.0 to v0.35.0

Security

Binaries are compiled from source code by the Release workflow, which is a fully-visible process that prevents any change or external interference in produced artifacts.

Checksums of binaries are also published in a public blockchain by using GitHub Attestations, and they can be verified by running:

ls mediamtx_* | xargs -L1 gh attestation verify --repo bluenviron/mediamtx

You can verify checksums of binaries by downloading checksums.sha256 and running:

cat checksums.sha256 | grep "$(ls mediamtx_*)" | sha256sum --check

Fixes and improvements

General

• fill product version of Windows executable (#5167) (#5511)
• improve JSON decoder performance (#5526) avoid decoding JSON twice.
• fix panic when setting writeQueueSize to zero (#5360) (#5527)
• prevent using alwaysAvailableFile and alwaysAvailableTracks together (#5529)
• improve playback precision of alwaysAvailable offline segment (#5530)
• fix MPEG-4 audio configuration not matching error (#5468) (#5533) This happened when using alwaysAvailableFile and a MPEG-4 audio track.
• fix corrupted video with alwaysAvailableFile (#5534) when alwaysAvailableFile points to a file with a H265 or H264 track, server is started, an online stream is published and then closed, video was getting corrupted since the online video was overriding the parameters of the offline video.
• fix audio from alwaysAvailableFile not being streamed (#5535)
• fix alwaysAvailableFile restarting when a publisher fails (#5536) when a publisher try to start an online stream and there's an error, alwaysAvailableFile restarted without any reason.
• revert to Go 1.25 (#5521) (#5538) It seems like Go 1.26 is causing segmentation faults, related to channels, on Windows.
• inherit MPEG-4 audio type from alwaysAvailableFile (#5539)
• mpegts: properly compute PTS of async KLV frames (bluenviron/mediacommon#291) (bluenviron/mediacommon#311) Store last valid PTS as soon as possible, by parsing PES headers in advance, then use this PTS as timestamp of KLV frames without PTS.

HLS

• client: fix initial packet loss after astits upgrade (bluenviron/gohlslib#331)

Dependencies

• Go updated from 1.26 to 1.25
• github.com/asticode/go-astits updated from v1.14.0 to v1.15.0
• github.com/bluenviron/gohlslib/v2 updated from v2.2.6 to v2.2.8
• github.com/bluenviron/gortsplib/v5 updated from v5.3.2 to v5.4.0
• github.com/bluenviron/mediacommon/v2 updated from v2.8.0 to v2.8.2
• github.com/gin-gonic/gin updated from v1.11.0 to v1.12.0
• github.com/go-git/go-billy/v5 updated from v5.7.0 to v5.8.0
• github.com/go-git/go-git/v5 updated from v5.16.5 to v5.17.0
• github.com/bytedance/sonic updated from v1.14.0 to v1.15.0
• github.com/bytedance/sonic/loader updated from v0.3.0 to v0.5.0
• github.com/cloudflare/circl updated from v1.6.1 to v1.6.3
• github.com/gabriel-vasile/mimetype updated from v1.4.8 to v1.4.12
• github.com/go-playground/validator/v10 updated from v10.27.0 to v10.30.1
• github.com/quic-go/quic-go updated from v0.57.0 to v0.59.0
• github.com/ugorji/go/codec updated from v1.3.0 to v1.3.1
• golang.org/x/arch updated from v0.20.0 to v0.22.0
• golang.org/x/net updated from v0.50.0 to v0.51.0
• google.golang.org/protobuf updated from v1.36.9 to v1.36.10
• github.com/bytedance/gopkg v0.1.3 added
• go.mongodb.org/mongo-driver/v2 v2.5.0 added

Security

Binaries are compiled from source code by the Release workflow without human intervention.

You can verify that binaries have been produced by the workflow by using GitHub Attestations:

ls mediamtx_* | xargs -L1 gh attestation verify --repo bluenviron/mediamtx

You can verify checksums of binaries by downloading checksums.sha256 and running:

cat checksums.sha256 | grep "$(ls mediamtx_*)" | sha256sum --check

Fixes and improvements

General

• support X-Forwarded-Proto in playback server (#4970) (#5445) allow reverse proxies to change the schema of URLs returned by the server through the X-Forwarded-Proto header.
• make config file YAML 1.2 compliant (#5345) (#5456)
• replace YAML parser (#5461) switch from the unmaintained gopkg.in/yaml to goccy/go-yaml
• deprecate unix+rtp (#5318) (#4999) (#5351) (#5470) Unix socket are stream-based connections, while RTP requires packet-based connections. While packet-based Unix sockets exist (unixgram), no client supports them. Consequently we are forced to deprecate unix+rtp.
• fix codec parameters not being loaded from alwaysAvailableFile (#5484)
• warn when alwaysAvailableFile is not MP4 (#5483)
• suggest using JWTs in query parameters for RTSP and RTMP (#5267) (#5493) In case of RTSP and RTMP, JWTs cannot be used as passwords since there's a size limit. Therefore, documentation is updated to suggest passing JWT through query parameters, and authJWTInHTTPQuery is updated to act on HTTP requests only.
• fix error 400 with parallel describe and publish requests (#5095) (#5502) When a path is dynamic, and the path receives multiple describe and publish requests in parallel, describe requests might cause the path to be deleted, and this might cause pending publish requests to fail, since the path has been deleted. This patch improves the situation by checking for pending requests before deleting a path.
• add integrated packet dumper (#5488) this allows to dump any incoming and outgoing packet, to disk, in pcapng format.
• log packet sizes if UDPMaxPayloadSize is exceeded (#4668)
• improve video/audio sync of alwaysAvailable (#5443) (#5508) store elapsed time once for the entire stream and start PTS of sub streams from there.
• improve pmp4 and fmp4 parser robustness (bluenviron/mediacommon#299)
• mp4: fix H265 + iOS compatibility (bluenviron/mediacommon#290) On iOS, H265 requires the hvc1 box instead of the hev1 box.
• h264: prevent Annex-B from decoding more NALUs than MaxNALUsPerAccessUnit (bluenviron/mediacommon#303)
• improve H264 and MPEG-4 video performance (#4971) (bluenviron/mediacommon#304)
• mp4: fill reserved fields properly (bluenviron/mediacommon#307)
• mpegts: parse Opus channel configuration (#5002) (bluenviron/mediacommon#309)

API

• add conns to RTSP Sessions (#5454) this allows to find connections associated with a RTSP session.

RTMP

• prevent legacy clients from reading multiple video/audio tracks (#5478)
• fix marshaling H264 VideoExCodedFrames (#4996) (bluenviron/gortmplib#46) These messages were marshaled wrongly, causing errors when trying to read H264 tracks with an ID >= 1.
• support reading H265 with video codec id 12 (#5105) (bluenviron/gortmplib#48)

HLS

• client: support storing and sending cookies (#5444)

WebRTC

• allow tuning WHEP timeouts (#5027) (#5479) add whepHandshakeTimeout, whepTrackGatherTimeout, whepSTUNGatherTimeout
• add whepBearerTokenParameter (#3796) (#5486) this allows to pass Authorization: Bearer to servers that require it.

SRT

• set timeout of idle peers to readTimeout (#5489)

RPI Camera

• fix cross-compilation (bluenviron/mediamtx-rpicamera#89)
• fix kernel warning when closing camera (#4988) (bluenviron/mediamtx-rpicamera#88) close camera and encoder handlers properly.

Dependencies

• Go updated from 1.25 to 1.26
• code.cloudfoundry.org/bytefmt updated from v0.63.0 to v0.64.0
• github.com/MicahParks/keyfunc/v3 updated from v3.7.0 to v3.8.0
• github.com/bluenviron/gohlslib/v2 updated from v2.2.5 to v2.2.6
• github.com/bluenviron/gortmplib updated from v0.2.1 to v0.3.0
• github.com/bluenviron/gortsplib/v5 updated from v5.3.1 to v5.3.2
• github.com/bluenviron/mediacommon/v2 updated from v2.7.1 to v2.8.0
• github.com/datarhei/gosrt updated from v0.9.0 to v0.10.0
• github.com/go-git/go-git/v5 updated from v5.16.4 to v5.16.5
• github.com/matthewhartstonge/argon2 updated from v1.4.5 to v1.4.6
• github.com/pion/ice/v4 updated from v4.2.0 to v4.2.1
• github.com/pion/sdp/v3 updated from v3.0.17 to v3.0.18
• github.com/pion/webrtc/v4 updated from v4.2.3 to v4.2.9
• golang.org/x/crypto updated from v0.47.0 to v0.48.0
• golang.org/x/sys updated from v0.40.0 to v0.41.0
• golang.org/x/term updated from v0.39.0 to v0.40.0
• gopkg.in/yaml.v2 removed
• github.com/goccy/go-yaml updated from v1.18.0 to v1.19.2
• github.com/pion/dtls/v3 updated from v3.0.10 to v3.1.2
• golang.org/x/net updated from v0.49.0 to v0.50.0
• golang.org/x/text updated from v0.33.0 to v0.34.0
• github.com/google/gopacket v1.1.19 added
• github.com/bluenviron/mediamtx-rpicamera updated from v2.5.3 to v2.5.4

Security

Binaries are compiled from source code by the Release workflow without human intervention.

You can verify that binaries have been produced by the workflow by using GitHub Attestations:

ls mediamtx_* | xargs -L1 gh attestation verify --repo bluenviron/mediamtx

You can verify checksums of binaries by downloading checksums.sha256 and running:

cat checksums.sha256 | grep "$(ls mediamtx_*)" | sha256sum --check

Fixes and improvements

General

• fix typo in error message ('alwaysAvailableVideo' -> 'alwaysAvailableFile') (#5417)
• emit structured logs with nanosecond precision (#4924) (#5404)
• set default udpMaxPayloadSize to an IPv6 compatible value (#4882) (#5402) When using IPv6, there are 20 bytes less available for UDP payload, which has been adjusted accordingly.
• add authHTTPFingerprint (#5413) (#5422)
• add additional checks on always-available streams (#5408) make sure that published streams match MPEG-4 audio, G711 and LPCM parameters declared in configuration or used by the offline file.
• improve JSON error message (#5412) (#5433)
• pmp4: improve compatibility (#5423) (bluenviron/mediacommon#298)

RTSP

• rtpreceiver: fix panic (bluenviron/gortsplib#994)
• support Amatek AR-N3222F NVR (bluenviron/gortsplib#989)
• rtpreceiver: fix TotalReceived computation (bluenviron/gortsplib#995) one packet was missing.

RPI Camera

• fix unsetting rpiCameraAWBGains (#4935) (bluenviron/mediamtx-rpicamera#85)

Dependencies

• code.cloudfoundry.org/bytefmt updated from v0.62.0 to v0.63.0
• github.com/alecthomas/kong updated from v1.13.0 to v1.14.0
• github.com/bluenviron/gortsplib/v5 updated from v5.3.0 to v5.3.1
• github.com/bluenviron/mediacommon/v2 updated from v2.7.0 to v2.7.1
• github.com/pion/interceptor updated from v0.1.43 to v0.1.44
• github.com/pion/rtp updated from v1.10.0 to v1.10.1
• github.com/bluenviron/mediamtx-rpicamera updated from v2.5.2 to v2.5.3

Security

Binaries are compiled from source code by the Release workflow without human intervention.

You can verify that binaries have been produced by the workflow by using GitHub Attestations:

ls mediamtx_* | xargs -L1 gh attestation verify --repo bluenviron/mediamtx

You can verify checksums of binaries by downloading checksums.sha256 and running:

cat checksums.sha256 | grep "$(ls mediamtx_*)" | sha256sum --check

New major features

General

• add always available streams (#5335) When the publisher or source of a stream is offline, the server can be configured to fill gaps in the stream with a video that is played on repeat until a publisher comes back online. This allows readers to stay connected regardless of the state of the stream. The offline video and any future online stream are concatenated without decoding or re-encoding packets, using the original codec.

API

• add available, availableTime, online, onlineTime properties (#5391) these replace ready and readyTime and allow to monitor the new "always-available" feature.

WebRTC

• support reading KLV tracks (#4722)

Fixes and improvements

General

• move away from balenalib Docker images (#5313)
• print OS and Arch in first log line (#5315)
• print last decode error (#5319) decode errors are still grouped together, but the last one is now printed.
• print last processing error (#5323)
• use the same filtering process for every codec (#5324) this allows to apply features that were previously implemented for single codecs (like RTP packet resizing), to any codec, and simplifies future development.
• prevent several configuration errors (#5368)
• fix typos in documentation (#5370)
• fix overriding default user with environment variables (#5371) MTX_AUTHINTERNALUSERS_0_USER and MTX_AUTHINTERNALUSERS_0_PASS are now working even when the configuration file is present.
• prevent setting empty usernames with environment variables (#5373)
• fix panic with environment variables (#5374) this happened when loading deprecated slices of structs with environment variables.
• prevent setting slices to null (#5375) In Golang, slices can be set to nil, while in most other languages they cannot. This causes compatibility issues, especially because the OpenAPI definition of the API does not allow slices to be nil. This prevents slices from being set to nil through JSON/YAML, and also sets default slices to an empty list instead of nil.
• Update hlsEncryption documentation on Low-Latency HLS requirements (#5379)
• fix race condition when closing HTTP servers (#5390) when a HTTP server is closed, open connections are now immediately closed and open routines are waited before the server is considered closed.
• deprecate fallback (#5388) The fallback feature worked with RTSP only and did not allow readers to resume the original stream. It has been replaced by alwaysAvailable.
• mpegts: add E-AC-3 (Dolby Digital Plus) codec support (bluenviron/mediacommon#272)
• mpeg4audio: support channel_config=0 (bluenviron/mediacommon#273)
• mpeg4audio: in ASC, prefer marshaling legacy ChannelConfig when available (bluenviron/mediacommon#280)
• pmp4: increase compatibility (bluenviron/mediacommon#293)
• pmp4: support MP4s with data before track definitions (bluenviron/mediacommon#294)

API

• improve OpenAPI definition (#5380) add uint64, uint, uuid, move WebRTCICEServer into dedicated schema

RTSP

• fix log labels of RTSPS listeners (#5367) use "TCP/RTSPS", "UDP/SRTP", "UDP/SRTCP" to refer to secure listeners
• add rtspUDPSourcePortRange param (#5363) (#5397)

HLS

• fix playback starting point for VOD streams without EXT-X-PLAYLIST-TYPE (bluenviron/gohlslib#308)
• client: return every unit before an error (bluenviron/gohlslib#314) In case of an error, downloaded unit that were not processed yet were discarded. Now they are returned before the client exits.

WebRTC

• print incoming data channel messages (#5357)

RPI Camera

• move away from balenalib Docker images (bluenviron/mediamtx-rpicamera#82)

Dependencies

• code.cloudfoundry.org/bytefmt updated from v0.59.0 to v0.62.0
• github.com/bluenviron/gohlslib/v2 updated from v2.2.4 to v2.2.5
• github.com/bluenviron/gortmplib updated from v0.2.0 to v0.2.1
• github.com/bluenviron/gortsplib/v5 updated from v5.2.2 to v5.3.0
• github.com/bluenviron/mediacommon/v2 updated from v2.6.0 to v2.7.0
• github.com/golang-jwt/jwt/v5 updated from v5.3.0 to v5.3.1
• github.com/matthewhartstonge/argon2 updated from v1.4.4 to v1.4.5
• github.com/pion/ice/v4 updated from v4.1.0 to v4.2.0
• github.com/pion/interceptor updated from v0.1.42 to v0.1.43
• github.com/pion/rtp updated from v1.9.0 to v1.10.0
• github.com/pion/transport/v3 removed
• github.com/pion/webrtc/v4 updated from v4.2.1 to v4.2.3
• golang.org/x/crypto updated from v0.46.0 to v0.47.0
• golang.org/x/sys updated from v0.39.0 to v0.40.0
• golang.org/x/term updated from v0.38.0 to v0.39.0
• github.com/pion/datachannel updated from v1.5.10 to v1.6.0
• github.com/pion/dtls/v3 updated from v3.0.9 to v3.0.10
• github.com/pion/sctp updated from v1.9.0 to v1.9.2
• github.com/pion/srtp/v3 updated from v3.0.9 to v3.0.10
• github.com/pion/stun/v3 updated from v3.0.2 to v3.1.1
• github.com/pion/turn/v4 updated from v4.1.3 to v4.1.4
• golang.org/x/net updated from v0.48.0 to v0.49.0
• golang.org/x/text updated from v0.32.0 to v0.33.0
• github.com/pion/transport/v4 v4.0.1 added
• github.com/bluenviron/mediamtx-rpicamera updated from v2.5.1 to v2.5.2

Security

Binaries are compiled from source through the Release workflow without human intervention, preventing any external interference.

You can verify that binaries have been produced by the workflow by using GitHub Attestations:

ls mediamtx_* | xargs -L1 gh attestation verify --repo bluenviron/mediamtx

You can verify checksums of binaries by downloading checksums.sha256 and running:

cat checksums.sha256 | grep "$(ls mediamtx_*)" | sha256sum --check

Fixes and improvements

General

• add structured logging (#5219)
• fix 1-minute offset when recording a H264 WebRTC track (#5275) (#5278)
• disable syslog logging on macOS (#5005) (#5295)
• set syslog priority and do not write level and date to syslog (#4923) (#5296) When writing log entries to syslog, pass the level (WARN, INFO, etc) directly to syslog. Avoid writing level and date. This provides a better integration and allows to use syslog search tools.

RTSP

• avoid setupping back channels (#5074) (#5289)
• Support URI format sent by HappyTime ONVIF and RTSP clients during (bluenviron/gortsplib#964)
• fix medias wrongly marked as back channels (#5074) (bluenviron/gortsplib#970) Some cameras mark medias as back channels even though they are not. Try to detect this by checking whether in full the SDP there are both back channels and standard channels, unmarking back channels otherwise.
• when there are back channels, add recvonly attribute to standard channels (bluenviron/gortsplib#971)

SRT

• fix broken connections in case of high latency (#3756) (#5282) When listening and accepting an incoming connection request, the response might be received by the peer with some delay due to latency. This causes the peer to send a second connection request, that is not detected as duplicate because the first connection request has already been removed from the map that is used to check for duplicates (connReqs), so it is treated as a brand new connection request, breaking the first connection. This patch fixes the issue by introducing another map (connByPeer) that is used to check whether a connection request is associated to an already-accepted connection.

Dependencies

• code.cloudfoundry.org/bytefmt updated from v0.58.0 to v0.59.0
• github.com/bluenviron/gortmplib updated from v0.1.2 to v0.2.0
• github.com/bluenviron/gortsplib/v5 updated from v5.2.1 to v5.2.2
• github.com/bluenviron/mediacommon/v2 updated from v2.5.3 to v2.6.0
• github.com/matthewhartstonge/argon2 updated from v1.4.3 to v1.4.4
• github.com/pion/ice/v4 updated from v4.0.13 to v4.1.0
• github.com/pion/rtp updated from v1.8.26 to v1.9.0
• github.com/pion/sdp/v3 updated from v3.0.16 to v3.0.17
• github.com/pion/webrtc/v4 updated from v4.1.7 to v4.2.1
• golang.org/x/crypto updated from v0.45.0 to v0.46.0
• golang.org/x/sys updated from v0.38.0 to v0.39.0
• golang.org/x/term updated from v0.37.0 to v0.38.0
• github.com/pion/dtls/v3 updated from v3.0.8 to v3.0.9
• github.com/pion/sctp updated from v1.8.41 to v1.9.0
• github.com/pion/stun/v3 updated from v3.0.1 to v3.0.2
• github.com/quic-go/qpack updated from v0.5.1 to v0.6.0
• github.com/quic-go/quic-go updated from v0.54.1 to v0.57.0
• go.uber.org/mock removed
• golang.org/x/mod removed
• golang.org/x/net updated from v0.47.0 to v0.48.0
• golang.org/x/sync removed
• golang.org/x/text updated from v0.31.0 to v0.32.0
• golang.org/x/time updated from v0.9.0 to v0.12.0
• golang.org/x/tools removed

Security

Binaries are compiled from source through the Release workflow without human intervention, preventing any external interference.

You can verify that binaries have been produced by the workflow by using GitHub Attestations:

ls mediamtx_* | xargs -L1 gh attestation verify --repo bluenviron/mediamtx

You can verify checksums of binaries by downloading checksums.sha256 and running:

cat checksums.sha256 | grep "$(ls mediamtx_*)" | sha256sum --check

Fixes and improvements

General

• apidocs: fix compatibility with OpenAPI 3.0 (#5210) double-precision numbers are now represented as double.
• playback: support concatenating segments with long gaps (#5172) Thanks to the new mtxi MP4 box, it's possible to check whether two segments are consecutive without involving dates or timestamps. When the new mtxi box is present in both segments, do not check if the end of the first segment corresponds to the start of the second segment.
• recorder: reset when absolute time drifts from stream time (#4778) (#5239) the server now detects when system time changes too much and restarts recordings when that happens.
• playback: fix crash (#5240) (#5250) when requesting a recording with the mp4 format, if there are two tracks and the second track has no samples, the server crashed. This fixes the issue.
• fix panic when changing log file to a nonexisting directory (#5132) (#5249)
• h264: fix regression in DTS extractor (#5207) (bluenviron/mediacommon#263)
• h264: increase MaxNALUsPerAccessUnit (bluenviron/mediacommon#262) Some parrot drones use slice-encoding with 45 independent slices, resulting in frames consisting of 48 NALUs.
• pmp4: fix crash when unmarshaling and there are no samples (#5240) (bluenviron/mediacommon#267)
• fmp4: Correctly parse trun v0 sample composition time offset (bluenviron/mediacommon#268)
• h265: fix DTS extraction with multiple slices (#5071) (bluenviron/mediacommon#269)

API

• always reply with JSON in case of success or failure (#5252) Reply with "status": "ok" in case of success, and with "status": "error" in case of error. This makes the API more accessible and user friendly.

RTSP

• fix crash when setupping tracks between stream changes (#5253) (#5257)
• Allow 1 byte of extra padding at mikey message (bluenviron/gortsplib#953)

RTMP

• prevent dropping initial video and audio frames (bluenviron/gortmplib#26)

Dependencies

• github.com/bluenviron/gortmplib updated from v0.1.1 to v0.1.2
• github.com/bluenviron/gortsplib/v5 updated from v5.2.0 to v5.2.1
• github.com/bluenviron/mediacommon/v2 updated from v2.5.1 to v2.5.3
• github.com/go-git/go-billy/v5 updated from v5.6.2 to v5.7.0
• github.com/go-git/go-git/v5 updated from v5.16.3 to v5.16.4
• github.com/pion/ice/v4 updated from v4.0.10 to v4.0.13
• github.com/pion/rtp updated from v1.8.25 to v1.8.26
• github.com/pion/webrtc/v4 updated from v4.1.6 to v4.1.7
• github.com/pion/dtls/v3 updated from v3.0.7 to v3.0.8
• github.com/pion/mdns/v2 updated from v2.0.7 to v2.1.0
• github.com/pion/sctp updated from v1.8.40 to v1.8.41
• github.com/pion/srtp/v3 updated from v3.0.8 to v3.0.9
• github.com/pion/stun/v3 updated from v3.0.0 to v3.0.1
• github.com/pion/turn/v4 updated from v4.1.1 to v4.1.3

Security

Binaries are compiled from source through the Release workflow without human intervention, preventing any external interference.

You can verify that binaries have been produced by the workflow by using GitHub Attestations:

ls mediamtx_* | xargs -L1 gh attestation verify --repo bluenviron/mediamtx

You can verify checksums of binaries by downloading checksums.sha256 and running:

cat checksums.sha256 | grep "$(ls mediamtx_*)" | sha256sum --check

Security Release

• Update Instructions
• Update details on blog

This is a security release to improve attachment related permission checks, and URL validation for webhooks.

Upgrade is advised if you allow untrusted users to delete attachments, or if untrusted users have permission to create webhooks on instances which make use of the ALLOWED_SSR_HOSTS BookStack env file option.

Thanks to 404_pkj (GitHub) and naruhodoowl (GitHub) for responsibly reporting these issues.

Full List of Changes

• Updated PHP package versions.
• Updated attachment actions to align page access check.
• Updated URL validation in webhooks to help prevent escaping workarounds.
• Fixed issue where exact search term negation would lead to no results. (#6121)

njs-0.9.8 bugfix version has been released.

• [p]Bomb explosion radius increased.[/p][/*]
• [p]Lighting Adjustments around Vent.[/p][/*]
• [p]Disabled player collision on sign and removed lamp by squeaky.[/p][/*]
• [p]Reworked e-box on A-site for better visibility.[/p][/*]
• [p]Lowered Checkers entrance frame height at B Main.[/p][/*]
• [p]Removed AC unit above Sandbags and moved pipes.[/p][/*]
• [p]Fixed lack of footstep sounds on top of crates at A-site.[/p][/*]
• [p]Fixed hole in world on door in Sun Room.[/p][/*]
• [p]Fixed wall bangs on A Main wall.[/p][/*]
• [p]Fixed some z-fighting around Garage.[/p][/*]
• [p]Adjusted grenade clipping throughout map.[/p][/*]
• [p]Adjusted player clipping throughout map.[/p][/*]

• [p]Blocked visibility through corner of Mid Box (Xbox).[/p][/*]

• [p]Speculative fix for a case where all audio drops out.[/p][/*]

• [p]Fixed cases where crouch-jumping in confined spaces could cause the player camera to intersect the ceiling.[/p][/*]
• [p]Adjusted particle effect sprite opacity for fully occluded flashbangs.[/p][/*]
• [p]Improved smoke lighting consistency.[/p][/*]
• [p]Minor adjustments to dropped pistol magazine velocity.[/p][/*]
• [p]Ambient Occlusion adjustment settings in Environment Blend shader restored.[/p][/*]
• [p]Fixed a case where money was subtracted from the wrong player during bot takeover.[/p][/*]

The Stable channel has been updated to 148.0.7778.96/.97 for Windows and Mac as part of our early stable release to a small percentage of users. A full list of changes in this build is available in the log.

Truckers, start your engines and get ready to roll through The Prairie State! From the towering skyline of Chicago to the highways that carry freight across the Midwest and beyond, we’re excited to announce that the..

Illinois DLC for American Truck Simulator 
will be released on May 14th 2026

We’re just as excited as you are! To keep the wheels turning, we’ve released the official Illinois DLC trailer on our YouTube channel. Put together by our talented video team, it offers a glimpse into the diverse landscapes, iconic landmarks, industries and cities waiting for you on the road. Be sure to check it out, and if you enjoy it, drop a like and let us know what you think!

5.44.0 (2026-04-29)

🚀 New feature

• deploy to cloud homepage widget (#25774)

🔥 Bug fix

• add responseType to getFetchClient for non-JSON responses (#25974)
• prevent browser defaults for Ctrl+I and other modifier shortcuts in Firefox (#26050)
• contain absolute descendants in OverflowingItem (#26133)
• content-manager: prevent duplicate React key in homepage recent-documents widget (#26084)
• content-manager: optimize document layout hooks (#26005)
• database: make 5.0.0-02-created-document-id migration idempotent (#26045)
• document-service: support delete selection params (#25097)
• document-service: preserve self-referential relations during publish and discard (#25890)
• document-service: discard-draft 500 on self-referential manyToMany relations (#26152)
• i18n: preserve non-localized media when creating a locale (#26031)
• openapi: documentation plugin generates OpenAPI with incorrect ID parameter (#26067)
• review-workflows: pass locale params to useDocument in StageSelect and AssigneeSelect (#26104)
• types: align Service.Generic index signature with Controller.Generic (#25475)

📚 Documentation Changes

• add AGENTS.md universal agent guide (#26018)

⚙️ Chore

• release v5.43.0 update develop (#26100)
• upgrade contributor docs dependencies (#26073)
• deps: bump multiple dependencies (#26103)
• deps: bump @xmldom/xmldom from 0.8.12 to 0.8.13 (#26098)
• deps: bump and dedupe pinned subdeps (#26139)
• examples: migration performance benchmark harness + mariadb/sqlite + anti-pattern schemas (#26036)
• scripts/release: fix experimental peer dependencies install (#26083)

💅 Enhancement

• add ESM syntax support for Vite .mts config file (#25238)
• i18n: improve Russian translations of tours section in admin package (#25221)
• translations: update czech translations (#25824)

❤️ Thank You

• Adrien L @Adzouz
• akash-dabhi-qed @akash-dabhi-qed
• Ayoub Hidri @ayhid
• Bassel Kanso @Bassel17
• Ben Irvin
• DMehaffy
• Filip Ónodi @fonodi
• Jamie Howard @jhoward1994
• Kellen Bolger
• Laurens Kling @laurenskling
• Leonid Vinogradov
• Nico André
• otociulis @otociulis
• Simon Norris @cache-your-dreams
• Ziyi @butcherZ