- Fix release channel not saving when changed in UI
- Add system settings persistence for update-related config
- Expand .env file support to include all non-sensitive settings:
- UPDATE_CHANNEL, AUTO_UPDATE_ENABLED, AUTO_UPDATE_CHECK_INTERVAL, AUTO_UPDATE_TIME
- POLLING_INTERVAL, CONNECTION_TIMEOUT, ALLOWED_ORIGINS, LOG_LEVEL
- Update documentation with all available .env settings
- Settings now properly persist across restarts
- Environment variables override saved settings at startup
- Fix bug where RC channel always returned first release without proper comparison
- Ensure RC channel returns the latest release (newest by creation date)
- Stable channel correctly returns first non-prerelease
- Add manual update instructions for users stuck on rc.1
- Update Go from 1.19 to 1.23.4 for latest security patches
- Update golang.org/x/crypto from v0.23.0 to v0.41.0 (critical security fixes)
- Update golang.org/x/net from v0.21.0 to v0.43.0 (security updates)
- Update golang.org/x/sys from v0.20.0 to v0.35.0
- Update golang.org/x/term from v0.20.0 to v0.34.0
- Update golang.org/x/text from v0.15.0 to v0.28.0
- Update other dependencies to latest versions
This addresses the critical and high severity vulnerabilities reported by GitHub Dependabot
- Fix Export/Import API token authentication (wasn't sending X-API-Token header)
- Add client-side passphrase validation (12+ chars with visual feedback)
- Fix settings persistence for AllowedOrigins field
- Fix hardcoded port display in diagnostics (now shows actual port)
- Add .env file support for non-sensitive configuration (ports, logging, etc)
- Keep sensitive data (API tokens, passwords) using secure methods (systemd env vars)
- Update documentation with configuration guide and latest features
- Document auto-discovery, cluster detection, and export/import features
Frontend:
- Enhanced cluster vs standalone node visual distinction in Settings
- Added glassmorphic style to all toast notifications for consistency
- Fixed test connection in edit modal to use stored encrypted credentials
- Added batch credential modal for bulk node operations
- Added network discovery modal with auto-subnet detection
- Improved notification system with dual toast/notification support
- Added event bus for component communication
Backend:
- Fixed duplicate toast notifications during auto-registration
- Fixed PBS auto-registration token extraction from JSON output
- Added network discovery service with background scanning
- Improved cluster detection with actual cluster name from API
- Added helper function to reduce code duplication in cluster detection
- Fixed host URL normalization in auto-registration
- Enhanced PBS client token authentication parsing
Bug Fixes:
- Fixed stacking toast notifications creating visual bugs
- Fixed PBS authentication failures after auto-registration
- Fixed network discovery not finding Proxmox servers
- Fixed test connection for existing nodes with encrypted tokens
- Removed duplicate WebSocket broadcasts for auto-registration events
- Frontend now passes currently selected channel when checking for updates
- Backend accepts channel parameter to check specific channel without saving
- Fixed applyUpdateFiles to handle flat tarball structure (not nested in pulse-* directory)
- Fixed extraction logic to properly copy pulse binary, frontend, and VERSION file
- Users no longer need to toggle channels and save to see update button
ConfigPersistence was initialized with empty string instead of cfg.DataPath,
causing webhooks to save to /etc/pulse instead of PULSE_DATA_DIR.
This affected Docker deployments where /data is the persistent volume.
Fixes#249
- Parse user@realm from token name if provided in full format
- Better handle various token input formats
- Require user info for token auth (either in token name or user field)
- Fix realm defaulting logic for different auth types
- Replace all 'any' types with proper TypeScript types throughout the codebase
- Fix Record<string, any> to use specific types (AlertThresholds, unknown)
- Update logger methods to use 'unknown' instead of 'any' for parameters
- Fix type assertions to use proper types instead of 'as any'
- Update generic type defaults from 'any' to 'unknown'
- Fix WebSocket message types to use 'unknown' for optional data
- Move global Toast declaration to top level to fix TypeScript errors
- Comment out legacy PBS backup code that referenced non-existent fields
- Ensure all code follows TypeScript standards as documented in CLAUDE.md
All TypeScript compilation errors have been resolved and the codebase now
adheres to strict typing standards with no 'any' types remaining.
- Fixed alert clearing logic to work even when alerts are acknowledged
- Added immediate WebSocket state broadcast after alert resolution
- Fixed frontend activeAlerts store updates to maintain SolidJS reactivity
- Added logging for alert resolution events
The alert system now properly:
- Creates alerts when thresholds are exceeded
- Clears alerts automatically when values drop below clear threshold
- Updates frontend in real-time without requiring page refresh
- Go backend with Proxmox/PBS integration
- Modern TypeScript/SolidJS frontend
- WebSocket real-time updates
- Clean project structure with no legacy code
