v0.44.0
umh-core
Action Required Before Upgrade
This version runs as a non-root user (UID 1000) instead of root for better security. Your existing data directory was created by root, so you must change its ownership before starting the new container:
sudo chown -R 1000:1000 /path/to/umh-core-data
If you skip this step, the container will fail to start and show an error message with the exact command to fix it.
For new installations, we recommend using Docker named volumes, which handle permissions automatically:
docker volume create umh-core-data
docker run -v umh-core-data:/data ...
New Features
- umh-core now runs all processes as a regular user instead of root. This limits potential damage if a vulnerability is ever exploited—even if an attacker gets into the container, they can't gain root-level access
- New documentation at docs/production/security/ explains our security approach including threat model, shared responsibility, and compliance mapping for OWASP, NIST, and IEC 62443 standards
Breaking Changes
- Container now runs as non-root user (UID 1000). Existing data directories require ownership change before upgrade