You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: CHANGELOG.md
+42-10Lines changed: 42 additions & 10 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -7,19 +7,50 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
7
7
8
8
## [Unreleased]
9
9
10
-
### Added
11
-
- Job uploader now surfaces translated slicer warnings and the estimated first-layer time when previewing a sliced file (f2c8933)
10
+
## [1.0.4] - 2026-05-31
12
11
13
-
### Changed
14
-
- Upgrade Electron from 35.7.5 to 39.8.10; the four-major-version jump required no source changes (type-check, build, lint, and the full Jest suite pass unchanged) (4a9d494)
15
-
- Streamline the README into a concise, table-driven overview and align the tech badges with current dependency versions (ade8cbb)
12
+
The 1.0.4 stable release consolidates the 1.0.4-alpha cycle: a major new Calibration Assistant, a complete camera-streaming rework on go2rtc, a full security hardening pass, and a modern testing and tooling foundation.
16
13
17
-
### Removed
18
-
- Stale `security-audit-2026-02-14.md` snapshot, superseded by the Dependabot remediation (a0cce37)
14
+
### Calibration Assistant
15
+
- New Calibration Assistant connects to your printer over SSH/SCP, parses Klipper configuration, and runs bed-mesh and input-shaper analysis with rendered reports — all from a dedicated desktop dialog (874f9de, 40e0c1c)
16
+
17
+
### go2rtc Camera Streaming
18
+
- Replaced the legacy RTSP/JSMpeg stack with the go2rtc streaming gateway for low-latency WebRTC/MSE/MJPEG playback on both desktop and WebUI, with managed binary lifecycle and automatic stream configuration (462f35a, b3ebb4f)
19
+
- Auto-detect OEM cameras from printer-reported stream URLs, with intelligent fallback probing of `http://<printer-ip>:8080/?action=stream` when firmware omits the URL (f4a62ed, 7d585d5, 64b17af)
20
+
- Retired CameraProxyService, RtspStreamService, PortAllocator, and JSMpeg canvas rendering (462f35a)
21
+
22
+
### Notifications
23
+
- Discord notifications can now include a camera snapshot of the print (89267c3)
24
+
- Corrected time and ETA reporting across the WebUI and Discord alerts (6135d60)
25
+
26
+
### Material Station (IFS)
27
+
- The IFS material station is now a first-class GridStack component with responsive layouts (1x4, 4x1, 2x2, compact) and dynamic spool sizing, replacing the old dialog (e14e058)
28
+
29
+
### Theme Profiles & UI
30
+
- Create, rename, and delete custom theme profiles on both Desktop and WebUI (67b6971, 24f765d)
31
+
- Resizable UI components with updated default sizes (5931146)
32
+
33
+
### Debug Logging
34
+
- New file-based debug logging system with session management, log rotation, and network-specific logs for connection troubleshooting (be53b98)
35
+
-`--debug` / `--debug-network` CLI flags for desktop and headless, a Settings toggle with a nested network option, and WebUI endpoints to list/download logs (be53b98)
36
+
37
+
### Per-Printer Legacy Mode
38
+
- Legacy API mode is now a per-printer setting instead of a global override, with full settings/UI plumbing for 5M-series fallback (7bf2db9)
39
+
40
+
### Testing & Reliability
41
+
- Browser Playwright coverage for the built WebUI — asset versioning, auth, WebSocket login, and context switching — backed by a fixture server (d967df9)
42
+
- Emulator-backed and live Electron Playwright coverage across 5M Pro, 5M, AD5X, Adventurer 3/4, plus multi-printer discovery, with dedicated Windows-friendly scripts (dc58252, c9c0348, 5a5f62d)
43
+
- Greatly expanded Jest coverage across managers, services, WebUI server/routes, static client modules, and build utilities (5d7e7e5)
44
+
- Aligned runtime discovery with the latest `@ghosttypes/ff-api` and kept printer-tab state synchronized; no-cache WebUI assets prevent stale mixes (6de2a87, 3d57598, 5d7e7e5)
19
45
20
46
### Security
21
-
- Resolve all 67 open Dependabot alerts (23 high / 35 moderate / 9 low → 0); `pnpm audit` reports 0 vulnerabilities. Bumps Electron to 39.8.10, Vite to 7.3.x, and `ws` to 8.21.x, pins `axios` to 1.16.1, and adds/refreshes `pnpm.overrides` for `tmp`, `qs`, `ip-address`, `postcss`, `@babel/plugin-transform-modules-systemjs`, `fast-xml-parser`, `@xmldom/xmldom`, and `brace-expansion` (4a9d494)
22
-
- Move the ineffective top-level `js-yaml` override into `pnpm.overrides` so the 4.1.1 pin actually applies, and drop the now-redundant `fast-xml-builder` and `follow-redirects` overrides (their parents already resolve patched versions) (9420edd, cb979aa)
47
+
- Hardened the WebUI: path-traversal protection on job filenames, timing-safe auth comparison, security headers (CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy), stored-XSS prevention, PBKDF2 password hashing (210k iterations) with automatic migration, per-installation dynamic secrets, and a secured go2rtc proxy binding (3d51c6e, 6366705, e2905d6, 235a225, d98e809, 649f704, 4c7433b, 98ea4ec)
48
+
- Resolved all 67 open Dependabot alerts (23 high / 35 moderate / 9 low → 0); `pnpm audit` reports 0 vulnerabilities (4a9d494, 9420edd, cb979aa)
49
+
50
+
### Platform & Tooling
51
+
- Upgraded Electron from 35 to 39.8.10 and migrated the project from npm to pnpm (4a9d494, 0adcdca)
52
+
- Migrated the entire app to native ESM (c4a5d3c)
53
+
- Job uploader now displays translated slicer warnings and the estimated first-layer time (f2c8933)
23
54
24
55
## [1.0.4-alpha.4] - 2026-03-21
25
56
@@ -846,6 +877,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
846
877
### Changed
847
878
- README.md - Added download link to v1.0.0 release and feature comparison table (fcd8750)
0 commit comments