Features

• webapp: update VNC and RDP clients (#1533) (a09dcf41ea)

  • VNC: Prevent a custom pixel format from being set if Tight JPEG or Tight
    PNG is enabled.
  • VNC: Fixed an issue where Zlib encoding was always advertised to the
    server, regardless of the chosen ARD quality.
  • RDP: Fixed an issue where the clipboard data was not sent to the server
    right after the connection.
  • RDP: Fixed the lastSentClipboardData being null in the
    onForceClipboardCallback.
  • RDP: Added human-readable descriptions for RDCleanPath errors.
  • VNC: Update cryptographic libraries for VNC.

• installer: download public key from DVLS (44aab79ad1)

• installer: allow CLI generation on release builds (f9665c2759)

• jetsocat: add concurrent reads support for MCP proxy (#1560) (acf770f5bc) (DGW-314)

  Refactor MCP proxy to support server-initiated messages (notifications,
  progress updates, and server -> client requests) by enabling concurrent
  reads from both client and server.

• dgw: TLS thumbprint anchoring (#1570) (b3369646bf) (DGW-318)

  Allow "unsecure" TLS if the client provides a thumbprint and the peer
  certificate matches it.

• agent: implement DVC remote exec detached mode (#1567) (1417db9df6) ([ARC-411](https://devolutions.atlassian.net/browse/[ARC-411](https://devolutions.atlassian.net/browse/ARC-411)))

  Adds fire-and-forget remote execution via the now proto DVC.

  Previously, all execution types (except Run) waited for the process exit
  code and tracked the execution session, but this behavior is not always
  what the user expects. This PR changes that and adds an option to
  specify if fire and forget mode is needed (return result right after
  process is spawned.

• agent,dgw: add Hub Service auto-updater support (#1557) (330cefef73)

• dgw: add multi-provider AI Gateway (#1588) (b11f050d36)

  Adds an experimental AI Gateway feature that provides a unified proxy
  for multiple AI provider APIs through Devolutions Gateway. This enables
  centralized API key management, consistent authentication, and
  simplified access to various AI services from a single endpoint.

  Supports seven providers with OpenAI-compatible and
  provider-specific endpoints, featuring transparent proxying, SSE
  streaming support, and flexible configuration through both JSON config
  and environment variables.

  Supported providers:

  • Mistral AI (cloud API)
  • OpenAI (cloud API)
  • Anthropic Claude (cloud API with custom message format)
  • OpenRouter (unified multi-provider API)
  • Azure OpenAI (deployment-based Azure service)
  • Ollama (local, OpenAI-compatible, optional auth)
  • LM Studio (local, OpenAI-compatible, optional auth)

  Requires enable_unstable: true in debug configuration.

• agent: migrate from productinfo.htm to productinfo.json format (#1591) (aaf515686f)

  Replaces the legacy flat key-value productinfo.htm format with a
  structured JSON format that provides better organization and
  extensibility. The new format supports multiple release channels
  (Current, Beta, Update, Stable) and includes explicit architecture and
  file type metadata.

Improvements

• jetsocat: detect broken pipe and stop MCP proxy gracefully (#1544) (d3222061e1)

  When the MCP server connection breaks (process died, pipe closed), the
  proxy now detects this and stops forwarding requests instead of
  continuing to fail on each subsequent request.

• dgw: display the full trace for forward errors (#1550) (e74e57f809)

• installer: improve debouncer robustness, legibility of port check result (a3f642407c)

• installer: update localization (eff50da336)

• dgw: [breaking] switch traffic audit IDs from INTEGER to ULID (#1597) (b443f93f44) (DGW-321)

  Replace INTEGER PRIMARY KEY with 16-byte BLOB (ULID) for traffic audit
  event IDs to avoid overflow issues with persisted, ever-increasing IDs.

  • Auto-detect old INTEGER schema via PRAGMA table_info and reset
    database
  • Store ULIDs as 16-byte BLOBs (lexicographically sortable)

• agent: improve productinfo.json parsing with lenient error handling (#1595) (75a5879b95)

Bug Fixes

• webapp: fix TS errors on invalid config (#1532) (fde1c0de12)

• installer: fix UI at high scaling factors (abbdd6ad65)

• installer: fix broken hyperlinks (dfa4608d91)

• installer: fix a (handled) NRE that was nonetheless annoying in debug (25ed8b2c00)

• installer: avoid crashes on server core (e432ad092e)

• installer: add missing file to csproj (51fd11088d)

• installer: UI glitch caused by tab stops (52979494ff)

• installer: public key action pick up downloaded file (378ffbe915)

• dgw: fix a bug preventing mstsc to work with the RDP proxy (#1576) (7a0c1f5437)

• dgw,agent: improve systemd integration (#1549) (0d5239ba1f) (DGW-317)

  Update ceviche to 0.7.0 which improves systemd integration.

  Here is the new strategy:

  • pkg-config detection: We query pkg-config --variable=systemdsystemunitdir systemd
    to get the distribution's preferred location. This works on most modern
    systems that have systemd development packages installed.

  • Fallback probing: If pkg-config is unavailable or doesn't return a
    result, we probe common directories in order:

    • /usr/lib/systemd/system
    • /lib/systemd/system

  This fixes installation issues on RHEL-based distributions where systemd
  units are located in /usr/lib/systemd/system instead of /lib/systemd/system.

Features

• dgw: support jet_reuse claim in JREC tokens (#1524) (8fbb6ef456) (DGW-309)

Improvements

• jetsocat: add coloring control for log output (#1515) (58b1d56945)

  Add --color flag with support for 'always', 'never', and 'auto' modes.
  Respects standard environment variables (NO_COLOR, FORCE_COLOR, TERM).

• jetsocat: improve optional flag handling and error reporting (#1512) (bf9069d18a)

  Improves the handling of optional command-line flags in jetsocat by
  replacing direct flag access with proper error handling: missing
  optional flags are handled gracefully while invalid flag values still
  produce clear error messages.

• dgw: cleaner log message for listener init (#1521) (7e2730cb32)

• dgw: split TlsVerifyStrict warning for absent and false (#1520) (a7f3f20f0a)

• dgw: retrial logic when binding the listeners (#1525) (aba955264f) (DGW-310)

  The listener binding will be reattempted a set amount of time when a
  transient error is hit, such as "address already in use".

Bug Fixes

• jetsocat: resolve channel open to start tight race condition (#1511) (7eb873b273) (ARC-323)

• webapp: VNC connect for "None" authentication (#1518) (d720cc4e6b)

• jetsocat: make the MCP proxy non-intrusive (#1514) (3701bd5852) (DGW-308)

  The MCP proxy was previously handling the initialize request itself and
  returning a response instead of forwarding it to the target MCP server.
  It also intercepted notifications/initialized and logging/setLevel
  without passing them through.

  Additionally, any unknown methods were being answered with an error
  response, even though the actual server might support them.

  This change forwards all requests and notifications directly to the
  server to ensure correct behavior and compatibility.

Bug Fixes

• jetsocat: missing newline after MCP proxy JSON-RPC responses (#1507) (702cf76acc)

Security

• dgw: emit syslogs and Windows events for important events (#1491) (15321b89bb) (DGW-63)

  Easier auditability of Devolutions Gateway service by emitting system-wide logs.

Features

• webapp: implement MVP for self-contained session URLs (#1433) (9f5d4d190f)

  Introduced support for launching sessions directly from specially crafted URLs.
  These URLs include all necessary information to immediately initialize and
  (optionally) auto-connect a session upon opening.

  New query parameters:

  • config: Encoded session configuration data
  • autoconnect: If set to true, the session starts automatically
  • protocol: Specifies the protocol to use (currently only rdp is supported)

• webapp: support clipboard for SSH and Telnet clients (#1437) (5a5c065d1e) (ARC-266)

• dgw: (Unstable) basic network monitoring (#1446) (d135342682) (DGW-302)

  Introduces an endpoint monitor that checks the uptime of a list of hosts
  provided through a remotely-submitted configuration file. The monitor
  results are saved to a temporary in-memory buffer and can be fetched by
  means of a REST endpoint.

  The monitor system is structured as an agent, meant to be driven by a
  third party (for example our DVLS), so the configuration is ephemeral, and
  monitor results are deleted from the buffer after being fetched.
  Gateway is not itself the source of truth for the monitor configuration,
  and it does not persist the log entries.

  Two authenticated endpoints are introduced:

  • POST /jet/net/monitor/config
  • POST /jet/net/monitor/log/drain

• webapp: add fallback screen for unsupported browsers (#1461) (61ac8a2003)

• dgw: keep records of traffic transferred via JMUX tunnels (#1466) (d23c29c9fa) (DGW-270)

• dgw: implement traffic audit claim/ack HTTP endpoints (#1468) (2328ba5fea) (DGW-271)

  Add two new endpoints for external traffic audit integration:

  • POST /jet/traffic/claim - Claim events with lease-based locking
  • POST /jet/traffic/ack - Acknowledge processed events

• agent-installer: rename the session feature and make it available by default (127dd773c6)

• agent: minimalist "About" window for tray icon (#1471) (a43bd6609e)

• jetsocat: MCP proxy (#1478) (3eadd1ddfb)

  Example usage:

  echo '{"jsonrpc":"2.0","id":1,"method":"tools/list","params":{}}' | jetsocat mcp-proxy - https://learn.microsoft.com/api/mcp

• jetsocat: add "jmux" alias for jmux-proxy command (#1486) (76c9cde1c9)

• jetsocat: expand simple pipe names (#1485) (abe9972186)

  Add automatic path expansion for np:// and np-listen:// schemes:

  • Windows: simple names expand to ./pipe/<NAME>
  • Unix: simple names expand to /tmp/<NAME>

• webapp: granular JPEG Quality option instead of explicit TightLow and TightHigh pseudo-encodings (#1488) (7cb9fd2a8d)

• webapp: add color format selector for VNC session (#1475) (9ddf10c24f)

  Allow the user to tune the session quality more deeply
  (e.g, lower image quality if the network is slow).

• agent: in RDP extension, add PowerShell server mode support (b626323386) (#1498) (ARC-383)

Improvements

• Improve container image for Azure Web App usage (ba8c4c218d)

• webapp: improved error handling in remote desktop clients (#1456) (c6dcb1666d)

• webapp: [breaking] add manual clipboard mode for RDP, VNC and ARD (#1459) (b4e231f853)

  The original auto clipboard mode, can now be enabled/disabled in the connection form.
  It's available only for browsers based on Blink engine (e.g.: Chrome).

  For others, auto clipboard mode is always disabled.

  When disabled, two new buttons are showed in the toolbar: Save Clipboard and Send Clipboard.
  These buttons allow the user to manually send the content of the client host clipboard, or receive from
  the server clipboard.

  Note that Firefox used to have a partially working autoclipboard mode, but it was
  completely removed because the cases where it failed were confusing more than helpful.
  The auto clipboard mode is the most convenient, but the manual clipboard mode
  has a predictable behavior on all platforms.

• webapp: improve clipboard interaction for outdated versions of the Firefox browser (#1464) (0c547d4596)

• webapp: disable clipboard in non-secure context (#1467) (9111ff85a1)

Bug Fixes

• webapp: incorrect user domain parsing for UPN format (#1431) (0638e665c9) (DGW-297)

  Fix username parsing logic to correctly handle UPN and down-level
  formats.
  Only splits DOMAIN\user format; preserves user@domain.com as-is.

• agent: change PowerShell exec session run params (#1474) (ef0465d1fa)

• agent: remove command echo for batch(cmd) execution (f461a6ddf1)

• agent: hide console window for exec sessions with IO redirection (bb50b6ab05)

• agent: suppress ANSI escape codes in pwsh output (fa67ff1e27)

• player: add autoplay attribute to WebM video player (#1487) (0fac6ddc81)

  Fixes issue where recordings were not auto-starting when embedded in
  iframes

  DGW-296

Build

• agent-installer: add tun2socks.exe and wintun.dll to Devolutions Agent package (#1457) (e6f335c970)

• jetsocat,dgw: optimize binary size (#1489) ([8ad7ea0](8ad7ea0e96b11fe8...

Features

• dgw: write startup failures into boot.stacktrace file (#1416) (78028a6e60) (DGW-292)

  This will make troubleshooting configuration errors much more easier.

• dgw: new TlsVerifyStrict option (#1415) (257d941dd1) (DGW-293)

  This adds a TlsVerifyStrict option for controlling the new stricter
  checks on TLS certificates.

  When enabled (true), the client performs additional checks on the
  server certificate, including:

  • Ensuring the presence of the Subject Alternative Name (SAN)
    extension.
  • Verifying that the Extended Key Usage (EKU) extension includes
    serverAuth.

  Certificates that do not meet these requirements are increasingly
  rejected by modern clients (e.g., Chrome, macOS). Therefore, we strongly
  recommend using certificates that comply with these standards.

  The default configuration for fresh installs will include the
  TlsVerifyStrict key set to true.

• dgw,agent: display config file path during initialization (#1421) (a185df7844)

  Output the full path to the configuration file when initializing the
  configuration for both Devolutions Gateway and Devolutions Agent. This
  simplifies debugging and setup verification.

• dgw: auto-detect proxy setup when performing HTTP requests (#1422) (b380feffe6)

  Look in environment variables to set HTTP, HTTPS or SOCKS proxies.

• agent: auto-detect proxy setup when fetching productinfo.htm (#1420) (9f89c4c15c) (DGW-291)

  Look in environment variables to set HTTP, HTTPS or SOCKS proxies.

Bug Fixes

• pedm: don't error on profile selection if no assignments (#1398) (abe9f7c693)

  If a user has never had a profile assigned, there will be no record of
  them in the user table.

  However, if they try to select a profile, an error is returned. It's
  better to catch this scenario upfront and just return an empty profile
  selection and list.

• webapp: fullscreen handling for ARD web client (#1406) (30b6941406)

• webapp: fix enter fullscreen button during a running session (#1408) (4295a41919)

• pedm: add additional context to virtual account code paths (#1409) (63a0d8c8c9)

  Some users are experiencing an error with the virtual account elevator.
  This adds additional context to the virtual account elevator code paths.

• dgw: set default value of TlsVerifyStrict to false (#1419) (528cada242)

  Previously, strict TLS verification was performed even when the
  TlsVerifyStrict key was absent from the configuration file.

  From now on, if this key is missing, it will default to
  "TlsVerifyStrict": false.

  This change ensures that existing users who are currently using improper
  certificates will not be affected. At the same time, newly generated
  configuration files will continue to include "TlsVerifyStrict": true by
  default, encouraging using proper certificates from the start.

  New users can still opt out of strict verification by explicitly setting
  the value to false or removing the key entirely if they are willing to
  accept potential compatibility issues with some clients, such as Chrome
  or macOS.

  A warning will be logged if the option is disabled as it may hide latent
  issues.
  Hopefully, this lead the user to enable the option, and fix the
  underlying certificate issue if necessary.

• webapp: fix an issue in the VNC client where display scaling was not correctly
  updated after a server-initiated resize.

• webapp: fix excessive scroll speed in VNC client.

• webapp: fix clipboard monitoring treats clipboard updates from the server as
  local clipboard updates.

• webapp: fix the error when navigator.clipboard.write was called when the
  browser window was not focused.

Features

• webapp: support dynamic resizing for RDP and VNC sessions (#1389) (aa03b65645)

• webapp: update RDP and VNC web clients (#1393) (79870495da)

  • Prevent undesirable scrolling when the canvas is focused.
  • Fix a typo.
  • Fix keyboard input for Firefox.
  • Hide slider in fullscreen mode.
  • Fix a bug in VNC client where ZLIB encoding was not disabled even when
    unchecked from the list.

Bug Fixes

• webapp: incorrect desktop size when a predefined resolution is selected (#1383) (4225fda033)

• dgw: [breaking] clean up /jet/net/config route (#1387) (d596e90558) (DGW-287)

  The JSON output of the /jet/net/config route is changed to be more
  convenient in the consumer code.

  Previous output example:

  [
    {
      "name": "vboxnet0",
      "addresses": [
        {
          "V4": {
            "ip": "192.168.56.1",
            "broadcast": "192.168.56.255",
            "netmask": "255.255.255.0"
          }
        },
        {
          "V6": {
            "ip": "fe80::800:27ff:fe00:0",
            "netmask": "ffff:ffff:ffff:ffff::"
          }
        }
      ],
      "mac_addr": "0a:00:27:00:00:00",
      "index": 4
    }
  ]
  

  New output example:

  {
    "vboxnet0": [
      {
        "family": "IPv4",
        "address": "192.168.56.1",
        "broadcast": "192.168.56.255",
        "netmask": "255.255.255.0",
        "mac": "0a:00:27:00:00:00"
      },
      {
        "family": "IPv6",
        "address": "fe80::800:27ff:fe00:0",
        "netmask": "ffff:ffff:ffff:ffff::",
        "mac": "0a:00:27:00:00:00"
      }
    ]
  }
  

• webapp: change toolbar activation height (#1390) (882e7571c0)

  When in fullscreen mode, the session toolbar was not appearing
  when the cursor was moved to the top of the screen.

• dgw: [breaking] fail-fast on improper certificate for TLS (#1391) (aca08f0aba) (DGW-286)

  Certificates missing the auth extended key usage, or missing a subject
  alternative name are now rejected:

  • immediately fail on startup for certificates from filesystem, and
  • fail on certificate resolution for system certificate store.

• dgw: crash when using default port HTTP internal URL (#1392) (71080c0547) (DGW-288)

  The listener task was crashing when the default port for HTTP (80) or HTTPS (443)
  was used in the internal URL of the HTTP listener.

Features

• webapp: allow dynamically adjust wheel_speed_factor for VNC and ARD sessions (#1369) (58536dba69)

  The wheel speed factor setting is moved to the toolbar.

• dgw: allow session tokens to be reused in a limited way (b3415c2bcc) (DGW-238)

  Add support a configurable reconnection window, allowing token reuse for
  reconnections after disconnection within a defined period. This feature
  will enable more robust handling of temporary disconnections, minimizing
  session disruptions.

  The token can be reused under three conditions:

  • The associated session was not killed.
  • The reconnection window since last disconnection is not exceeded.
  • The number of connections during the reconnection window does not
    exceed 10 (hardcoded value).

  For the last point, this is the maximum number of reconnections allowed
  during the reconnection window. If the reconnection window (e.g.:
  30 seconds) is over while the connection is still alive, the counter
  is reset, and it’s possible to reconnect up to 10 times again. This
  prevents brute force attacks in the situation where the token is stolen,
  although that is tricky to exploit in the first place.

• dgw: support port wildcards for JMUX sessions (#1377) (922792ea07) (DGW-243)

  When the port is set to 0, we do not add a FilteringRule::Port, and
  when the the host is also set to * (i.e.: *:0), insert
  FilteringRule::Allow to allow anything.

Bug Fixes

• dgw: fix terminal recording player CSS issue (#1374) (917bb48d44) (DGW-280)

Features

• webapp: add wheel_speed_factor setting to a VNC and ARD connection forms (#1362) (e6be3d02eb)

• dgw: emit a warning alert when TLS is not configured and credentials are pushed (5a6ecd944b)

  For instance, proxy-based credentials injection for RDP requires a TLS
  certificate and private key to be configured.

• dgw: proxy-based credential injection for RDP (033206eb90) (ARC-277)

Bug Fixes

• pedm: fix flawed expand_environment function (#1366) (476b885199)

• webapp: typo in resolution quality control (#1364) (5b7bbbeff3) (DGW-272)

• dgw: [breaking] drop the prx_usr, prx_pwd, dst_usr and dst_pwd claims (#1370) (ba1feedc9f)

  The favored approach when pushing credentials is now to use the
  preflight route.

Bug Fixes

• agent: [breaking] Major breaking change in the experimental PEDM module.

  The PEDM module is planned to be released officially in the 2025.2.0 release, but for simplicity we are releasing
  a 2025.1.6 version that will be compatible with RDM 2025.2 so it’s possible for the users to update or install the
  agent before updating the rest of the products to 2025.2.

  If you installed the experimental PEDM module prior to 2025.1.5, you must:

  • Uninstall the current version
  • Run the following PowerShell script as administrator.
  • Install 2025.1.6 or newer.

  $CurrentUser = "$Env:USERDOMAIN\$Env:USERNAME"
  $Path = "$Env:ProgramData\Devolutions\Agent\pedm"
  if (-Not (Test-Path $Path)) {
      Write-Error "Path does not exist ($Path)"
      exit 1
  }
  Write-Output "Taking ownership of $Path"
  takeown /F "$Path" /R /D Y | Out-Null
  Write-Output "Granting full control to $CurrentUser"
  $Args = "`"$Path`" /grant:r `"$CurrentUser`:F`" /T /C"
  Start-Process icacls -ArgumentList $Args -NoNewWindow -Wait
  Write-Output "Deleting $Path"
  Remove-Item -LiteralPath $Path -Recurse -Force

Features

• dgw: cross-file seeking for recording player (#1271) (fbac3d29ce) (DGW-216)

  Introduces support for seemless playback of multi-files recording playback.

• dgw: preflight API (#1279) (8d4f7376d5) (DGW-245)

  Possible operations:

  • get-version: returns the version of the service.
  • get-agent-version: returns the version of the agent, if available.
  • get-running-session-count: returns the number of active sessions.
  • get-recording-storage-health: returns information about the remaining disk space available for recordings, etc.
  • provision-token: caches the token on the proxy side for later use.
  • provision-credentials: associates a username/password with a token for proxy-side credential injection.
  • resolve-host: DNS resolution of a hostname.

  Possible results:

  • version: the version of the service.
  • agent-version: the version of the side-by-side installed agent, if applicable.
  • running-session-count: the number of running sessions.
  • recording-storage-health: various information regarding recording storage health.
  • resolved-host: the IP addresses resolved for the hostname.
  • ack: acknowledge a given operation was performed with success.
  • alert: alert message for errors and other information.

• dgw: extend net scanner capabilities (#1303) (7518a4ea20)

• dgw: stabilize /jet/net/config (#1311) (36a034ae51)

• webapp: integrate the newer RDP and VNC packages (#1329) (79b09a62f6)

  New version of the remote desktop web clients.

  New settings are exposed for VNC, ARD and RDP.

  • VNC-specific settings: Enabled Encodings (it’s possible to specify
    in a fine-grained manner which codecs are enabled or not),
    Enable/disable cursor pseudo-encoding, etc.
  • ARD-specific settings: Resolutions Quality and Quality Mode settings.
  • RDP-specific: toggle for Unicode mode.

• webapp: option for enabling/disabling display control in RDP web client (#1333) (b056ddf5d1)

• dgw: improve system store certificate selection (#1341) (d8b2fdf4fd) (DGW-262)

  The selection is now discriminating based on the extended key usage and
  the not valid before date.

  • Discriminate based on the extended key usage: certificate is ignored
    when the "Server Authentication" (1.3.6.1.5.5.7.3.1) key usage is not
    specified.
  • Discriminate based on the "not valid before" date: certificates not
    yet valid are ignored.
  • Added generous logging to observe the selection process in details.

Bug Fixes

• installer: resolve potential null reference installing PEDM shell extension (#1278) (d36978e63b)

  The top-level file extension keys may not all exist (in the case of QA,
  HKEY_CLASSES_ROOT\\.ps1 was not present). Although we check for an
  empty default value, we don't check for the presence of the top-level
  key which could cause a null-reference exception and force the installer
  to roll back.

• dgw: properly order system certificates (#1285) (1925990f10) (DGW-261)

  We used the wrong key for sorting the certificates. It should have been
  "valid_not_after" instead of "valid_not_before".

Performance

• dgw: caching of system store certificates (#1339) (4b15a9cf6a) (DGW-266)

  Basic caching is implemented for certificates fetched from the system
  store reducing considerably the number of system calls.

  The lifetime is 45 seconds, so the certificate is still refreshed on a
  regular basis.