3
[ ~/proxbox-api/releases/v0.0.9 ]tty0

emerson@netdevops:~/proxbox-api$ gh release view v0.0.9 --repo emersonfelipesp/proxbox-api

back to releases / back to project

v0.0.9

[open on GitHub]
tag=v0.0.9state=stablepublished=2026-04-28synced=2026-05-07 07:04 UTC
author
emersonfelipesp
created
2026-04-28 22:21 UTC
target
main
downloads
0

emerson@netdevops:~/proxbox-api$ cat RELEASE_NOTES.md

What's Changed

New Features

Controlled field sync with overwrite_* parameters (closes #335)

Added overwrite_vm_name, overwrite_vm_status, overwrite_vm_cluster, overwrite_vm_role, overwrite_vm_vcpus, overwrite_vm_memory, overwrite_vm_disk, overwrite_vm_platform and corresponding device variants. When set to false, proxbox-api skips updating that field if a value already exists in NetBox, giving operators full control over which fields Proxmox is allowed to overwrite.

The parameters are forwarded through all VM stream endpoints (/virtualization/virtual-machines/full-update/stream, individual sync, and bulk sync paths) — closes the gap where previously only the top-level endpoint honoured them.

VM role left free when VirtualMachineType is available (closes #241)

When Proxmox provides a VM type (e.g. qemu, lxc) that maps to a NetBox VirtualMachineType, the role field on the VM is now intentionally left unset. Previously a generic fallback role was always written, which polluted NetBox with low-value data. NetBox 4.6 native VM-type support makes the role field redundant for type classification.

Python 3.14t (free-threaded) CI job

A dedicated test-free-threaded job (Python 3.14t, GIL disabled) now runs in CI alongside the standard 3.12 job. It runs continue-on-error: true so it is non-blocking today, but serves as an early-warning signal for compatibility issues as the free-threaded CPython ecosystem matures.

Bug Fixes

VM tags preserved during sync (closes #337)

Proxmox sync no longer overwrites existing NetBox VM tags. Previously, each sync cycle reset the tags list to only what Proxmox reported, silently removing any tags that operators had manually added in NetBox. Tags written by proxbox-api (e.g. Proxmox, node/cluster labels) are now merged with the existing tag set rather than replacing it.

sync_vm_network and overwrite_vm_* forwarded to all stream endpoints

The sync_vm_network flag and all overwrite_vm_* params were previously only respected at the top-level sync entry point. They are now forwarded correctly through the internal dispatch chain to the individual VM sync service, ensuring consistent behaviour across direct calls, SSE streams, and WebSocket paths.

XSS vulnerability fixed in admin UI dependency (postcss)

postcss in nextjs-ui/ bumped to 8.5.10 via npm overrides to address a high-severity XSS vulnerability in the prior version.

NetBox image pull-or-build fallback in E2E publish gates

netboxcommunity/netbox:v4.6.0-beta2 is not yet published on Docker Hub. Both e2e-pre-publish and e2e-post-publish CI jobs now fall back to building the NetBox image from source (same logic already present in ci.yml) so the publish E2E gates do not fail with docker exit code 125.

Dependency Updates

Package Old New Notes
fastapi[standard] unpinned ==0.136.1 Pinned for reproducible builds
bcrypt ~=4.x >=5.0.0,<6.0.0 Major version bump, API-compatible
sqlmodel 0.0.22 0.0.38 Latest upstream release
postcss (nextjs-ui) <8.5.10 8.5.10 Security fix via npm override

NetBox Compatibility

  • Certified compatible with NetBox 4.6.0-beta1 and 4.6.0-beta2. Full API audit confirmed no breaking changes between the two beta releases.
  • NetBox OpenAPI schema snapshots in proxbox_api/generated/netbox/ refreshed for both beta releases. These snapshots drive runtime contract validation and the Pydantic model generator.

CI/CD Improvements

  • Pre- and post-publish E2E gates added to the release workflow (publish-testpypi.yml). Before uploading to PyPI the pipeline spins up the full Docker stack (NetBox + Proxmox mock + proxbox-api) and verifies end-to-end connectivity. After publishing to Docker Hub, a second gate pulls the published images and smoke-tests them.
  • Docker Hub publish wired to release workflow. docker-hub-publish.yml is now called as a workflow_call from the release pipeline, ensuring images are always built from the exact release commit and pushed atomically with the PyPI package.
  • E2E matrix upgraded to test against NetBox 4.6.0-beta1 (and beta2 built from source when not yet on Docker Hub).
  • CI reliability fixes: ubuntu:24.04 base for NetBox image build (26.04 missing libxmlsec1-openssl), PEP 508 name prefix stripping in DEV_OVERRIDES to fix uv parse errors, fallback source-build path for NetBox images not yet published to Docker Hub.

Full Changelog

v0.0.8.post1...v0.0.9

emerson@netdevops:~/proxbox-api$ gh release download --pattern '*'

assets

no binary assets attached

source code

[zip][tar.gz]