Spokes v1.5.7

Published at February 11, 2026 ·  3 min read

We’re pleased to share a new Spokes update focused on reliability, security, and long‑term maintainability. This release improves the robustness of always‑on tunnels by adding timeouts, retries, and safer connection handling, updates core libraries and build tooling to address recently disclosed CVEs

Get the Release!

The latest software packages are now available on our downloads page and container image distributions. As always, we recommend upgrading to stay current with reliability improvements and security updates.

Our containers are updated as well.

docker pull packetriot/spokes:1.5.7

# alternatively

docker pull terrapinlabs/spokes:1.5.7

Reliability Improvements

This release includes several improvements to make Spokes and the Packetriot client more reliable, especially for long‑running, always‑on tunnels.

We’ve enhanced the client connection logic by adding explicit timeouts and a structured retry mechanism for client communication with the Spokes server. Requests now retry a limited number of times before fully rebuilding the underlying network transport, allowing tunnels to recover cleanly from transient network issues and stale connections. This feature will be included in our latest client release.

In addition, Spokes now uses the latest version of our tunnel protocol library, which adds safeguards around concurrent writes. While we haven’t previously identified a specific issue caused by this, these changes improve correctness under load and reduce the risk of subtle race conditions, resulting in more robust tunnel behavior overall. This change will also improve the client’s safety.

Security Updates

We’ve updated our Go toolchain to version 1.25.7 to address recently disclosed CVEs in the Go standard library. Keeping our compiler and runtime dependencies up to date ensures that Spokes benefits from the latest security fixes and runtime improvements.

Our container images have also been updated to use Alpine Linux 3.23 as the base image. This update resolves CVEs discovered in OpenSSL and other system libraries, helping maintain a strong security posture for containerized deployments.

Overall, our Spokes container has an A-rating on Docker Scout, and we’ll continue to deliver up-to-date, secure releases of all our software applications.A rating on Docker Scout, and we’ll continue to deliver up-to-date, secure releases for

Updates on Spokes Rebranding

We have been planning to rebrand Spokes to Gateway for some time. We have been working on the changes internally and are at a point where our next release may introduce the name change. Our goal for the name change is to communicate what Spokes is: a network traffic gateway.

To make this transition as smooth as possible, we’re building migration support directly into our RPM packages and container images. We’re happy to work with customers 1-on-1 during this transition—please reach out if you’d like to schedule time to review your deployment or discuss the upcoming changes.

Thanks

As always, we want to thank our users for their valuable feedback and bug reports. Your input drives continuous improvements to Spokes. If you have ideas for features or enhancements, please don’t hesitate to reach out.

Cheers!