2025.1
Last modified: 08 April 2025IDE Provisioner:
Improved the logic of plugin channels in case multiple profiles are assigned to the same user.
AI Enterprise:
Added an option to test connections to AI providers.
Web UI:
Redesigned the home page for regular users.
Known issues
Assessed the CVE-2025-22228 vulnerability. The problem affects IDE Services automation tokens and will be fixed in the next release.
We're aware that the issue introduces a potential weakness in the way automation tokens are handled. However, successful exploitation would require an attacker to correctly guess the first 72 bytes of a valid token — a scenario we consider highly improbable in practice due to the entropy and randomness involved.
We recognize that any theoretical bypass, regardless of practical difficulty, warrants attention. We're treating this with appropriate caution and are actively working on a more robust solution that'll be included in the upcoming release.