We're excited to announce the release of Hoppscotch v2026.6.0! This update improves desktop auth workflows with cookie persistence and reapplication, strengthens self-hosted reliability, and ships important backend and supply-chain security hardening.

Desktop Cookie Persistence and Reapplication

The desktop app now reliably persists cookies and reapplies them across sessions. This makes authenticated flows smoother when testing APIs that depend on cookie-based sessions.

We also fixed desktop self-hosted instance version syncing from the manifest, reducing mismatch issues and improving the consistency of self-hosted desktop environments.

Get the latest version →

Self-Hosted Version Sync Reliability

Desktop now correctly syncs self-hosted instance version details from manifest data, improving reliability and reducing confusion in managed and self-hosted environments.

Mock Server and Collection Reliability

This release includes several improvements to request and mock workflows:

• Domain-based mock server URLs now append /backend when subpath access is enabled.
• Mock server creation now persists the isPublic field correctly, with a private default.
• OpenAPI re-import now preserves collection tree structure.
• Inherited collection headers now correctly resolve environment variables.
• JSON bodies are now preserved in cURL parser conversions.

Security and Platform Hardening

Security is a major focus of v2026.6.0. This release includes:

• Ownership enforcement for user history and private user fields in backend APIs.
• Stricter SMTP URL validation rejecting path, query, and fragment segments (GHSA-v7q6-r45w-2c6r).
• Dependency chain security patches for v2026.6.0 and release-age policy enforcement for supply-chain hardening.
• @hoppscotch/ui bumped to v0.2.6 across packages.

Self-Hosted and Developer Experience

Self-hosted admin now surfaces which configuration fields block saving, helping operators debug invalid states quickly. We also fixed class validation for updateRESTUserRequest and refreshed js-sandbox development instructions.

What do you want us to build next? Write to us at hello@hoppscotch.io, join the conversation on our Discord server, or head over to our GitHub repository.