PATH:
var
/
softaculous
/
firefly
### v6.5.8 - 2026-03-22 <!-- summary: This release fixes a regression bug in user registration. --> ### Fixed - [Issue 11995](https://github.com/firefly-iii/firefly-iii/issues/11995) (User registration breaks on password validation) reported by @mikaelhm ## v6.5.7 - 2026-03-21 <!-- summary: There is a new security policy for AI-generated security advisories and of course, some interesting but annoying bugs fixed. --> ### Fixed - [Issue 11964](https://github.com/firefly-iii/firefly-iii/issues/11964) ("Left to spend" is not taking into account non-main currency withdrawals (when displaying in primary currency)) reported by @absdjfh - [Issue 11966](https://github.com/firefly-iii/firefly-iii/issues/11966) (Error when trying to export data in CSV (Export data via front end)) reported by @jgmm81 - [Issue 11969](https://github.com/firefly-iii/firefly-iii/issues/11969) (Problem found when editing a multi-currency record, as well as details in the "Audit log entries") reported by @jgmm81 - [PR 11974](https://github.com/firefly-iii/firefly-iii/pull/11974) (Fix typo in SMTP server comment in .env.example) reported by @NorskNoobing - [Discussion 11977](https://github.com/orgs/firefly-iii/discussions/11977) (CSP header `form-action 'self'` prevents form submission because it's a redirect) started by @superrio0187 - [Issue 11978](https://github.com/firefly-iii/firefly-iii/issues/11978) (Tags not associated with any record display incorrect information) reported by @jgmm81 - [Issue 11982](https://github.com/firefly-iii/firefly-iii/issues/11982) (Foreign currency account value in primary currency does not update after changing exchange rates) reported by @gattacus - Remove old `zoomLevel` / `zoom_level` database references for tags, since they are no longer queries anyway. ### API - [Issue 11976](https://github.com/firefly-iii/firefly-iii/issues/11976) (New lines are removed from rule description when created using API POST) reported by @AlexRNL ## v6.5.6 - 2026-03-16 <!-- summary: This release takes note of some security issues, and fixes interesting bugs. --> ### Added - Add the ability for Fosstodon posts to read a summary of the changelog. ### Changed - Lots of code cleanup and small quality issues fixed. ### Fixed - [Issue 11803](https://github.com/firefly-iii/firefly-iii/issues/11803) (Monthly Left budget not correct) reported by @fabienfitoussi - [Issue 11641](https://github.com/firefly-iii/firefly-iii/issues/11641) (Annual budget “Remaining” resets in subsequent months) reported by @maxwell5555 - [Discussion 11879](https://github.com/orgs/firefly-iii/discussions/11879) (Searching for accounts should include inactive accounts?) started by @b-ryan - [Issue 11916](https://github.com/firefly-iii/firefly-iii/issues/11916) (Balance is not recalculated when multiple transactions are selected and then deleted) reported by @elp3dr0 - [Discussion 11936](https://github.com/orgs/firefly-iii/discussions/11936) (Links in emails don't link to correct domain) started by @SamLMB - [Issue 11944](https://github.com/firefly-iii/firefly-iii/issues/11944) (Stale available_budgets rows prevent disabling a currency after switching default) reported by @k-leveller - [Issue 11953](https://github.com/firefly-iii/firefly-iii/issues/11953) ("Actions" buttons no longer appears after selecting multiple transactions) reported by @crtxcr - [Issue 11954](https://github.com/firefly-iii/firefly-iii/issues/11954) (Search results are not shown after loading) reported by @fabienfitoussi ### Security - Credits go to Igor for finding some interesting issues in Firefly III. They have been fixed. > [!NOTE] > As AI-code scanning tools like Claude and Co-Pilot get more advanced, many (new) issues are being reported through (semi-)automated means. I have updated [the security policy](https://github.com/firefly-iii/firefly-iii/security/policy) to reflect my stance on this. The following security related issues no longer need reporting: - It is possible to point webhooks to private or internal IPs. - You can see all transaction link types. - `unsafe-inline` is allowed for CSS, which means you can overrule the layout if you manage to get CSS on the page. ## v6.5.5 - 2026-03-15 <!-- summary: This release takes note of some security issues, and fixes interesting bugs. --> ### Added - Add the ability for Fosstodon posts to read a summary of the changelog. ### Changed - Lots of code cleanup and small quality issues fixed. ### Fixed - [Issue 11803](https://github.com/firefly-iii/firefly-iii/issues/11803) (Monthly Left budget not correct) reported by @fabienfitoussi - [Issue 11641](https://github.com/firefly-iii/firefly-iii/issues/11641) (Annual budget “Remaining” resets in subsequent months) reported by @maxwell5555 - [Discussion 11879](https://github.com/orgs/firefly-iii/discussions/11879) (Searching for accounts should include inactive accounts?) started by @b-ryan - [Issue 11916](https://github.com/firefly-iii/firefly-iii/issues/11916) (Balance is not recalculated when multiple transactions are selected and then deleted) reported by @elp3dr0 - [Discussion 11936](https://github.com/orgs/firefly-iii/discussions/11936) (Links in emails don't link to correct domain) started by @SamLMB - [Issue 11944](https://github.com/firefly-iii/firefly-iii/issues/11944) (Stale available_budgets rows prevent disabling a currency after switching default) reported by @k-leveller ### Security - Credits go to Igor for finding some interesting issues in Firefly III. They have been fixed. > [!NOTE] > As AI-code scanning tools like Claude and Co-Pilot get more advanced, many (new) issues are being reported through (semi-)automated means. I have updated [the security policy](https://github.com/firefly-iii/firefly-iii/security/policy) to reflect my stance on this. The following security related issues no longer need reporting: - It is possible to point webhooks to private or internal IPs. - You can see all transaction link types. - `unsafe-inline` is allowed for CSS, which means you can overrule the layout if you manage to get CSS on the page. ## v6.5.4 - 2026-03-06 ### Added - Add some debug info to find problems with available budget calculations. ### Fixed - [Issue 11873](https://github.com/firefly-iii/firefly-iii/issues/11873) (Piggy bank +/- sometimes sends 0.00 and fails with “Cannot add 0 because canAddAmount returned false”) reported by @ralle06 - Transaction count would search for the wrong meta field. ### Security - Published security advisory https://github.com/firefly-iii/firefly-iii/security/advisories/GHSA-5q8v-j673-m5v4 found and reported by @lighthousekeeper1212 - It's possible to submit webhook URLs that point to internal IP addresses. This will still be the case in the future, though some reserved ranges are now blocked. Let me know if this impacts you. ## v6.5.3 - 2026-03-05 This release fixes some sloppy coding on my part, but good news everyone! A new linter is in place that should prevent that from happening. Turns out I had disabled it in the past :(. ### Added - Note about the EU origins of Firefly III. ### Changed - [PR 11862](https://github.com/firefly-iii/firefly-iii/pull/11862) (Return currency info for tag journals) reported by @dakennguyen - Expand code linting and checks. ### Fixed - [Issue 11866](https://github.com/firefly-iii/firefly-iii/issues/11866) (ReflectionException on Transaction\ListRequest) reported by @brot
[+]
php56
[+]
php81
[+]
php53
[-] upgrade.php
[edit]
[-] update_pass.php
[edit]
[-] update_keys.php
[edit]
[+]
..
[-] edit.xml
[edit]
[-] import.php
[edit]
[-] notes.txt
[edit]
[-] extend.php
[edit]
[-] md5
[edit]
[-] .env
[edit]
[-] clone.php
[edit]
[-] changelog.txt
[edit]
[-] install.js
[edit]
[+]
php71
[-] install.php
[edit]
[-] fileindex.php
[edit]
[-] upgrade.xml
[edit]
[-] edit.php
[edit]
[-] .htaccess
[edit]
[-] info.xml
[edit]
[-] install.xml
[edit]
[+]
images
[-] oauth-private.key
[edit]
[-] oauth-public.key
[edit]
[+]
php82