johan
/
mission-control
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

chore: release v2.0.1

This commit is contained in:
Nyk 2026-03-18 20:48:26 +07:00
parent 8517d5e896
commit 4ddb4d0268
4 changed files with 161 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

73
CHANGELOG.md
View File

@ -6,16 +6,73 @@ All notable changes to Mission Control are documented in this file.
## [Unreleased] ## [Unreleased]
### Fixed
- SQLite `SQLITE_BUSY` contention — added `busy_timeout` pragma and guarded build-phase eager DB initialisation (#337)
- Skill registry path traversal and SSRF — extended `SECURITY_RULES` with directory traversal patterns and private-IP/metadata URL detection (#338, #336)
### Tests
- Vitest coverage threshold enforcement — added coverage for pure utility modules to satisfy the 60% global threshold; threshold now passes in CI (#339)
--- ---
## [2.0.1] - 2026-03-13 ## [2.0.1] - 2026-03-18
Mission Control 2.0.1 is the first patch release after the v2 launch. It rolls up the full set of fixes and follow-on features that landed after `v2.0.0`, including HTTP/Tailscale login hardening, zero-config onboarding, internationalization, gateway/runtime stability fixes, deeper task-routing automation, and the latest OpenClaw compatibility updates.
### Added
- First-time setup wizard and zero-config startup flow for fresh installs
- Full i18n coverage across the application with 10 language packs and panel-level translations
- Trusted reverse proxy and header-auth support for more flexible self-hosted deployments
- Gateway health history logging and timeline visibility
- Port-based Tailscale Serve proxy detection and stronger public websocket URL handling
- Task implementation-target persistence, session targeting, and complexity-based model-tier routing
- GNAP sync for git-native task persistence
- Hybrid dashboard mode for simultaneous gateway and local session visibility
- Workspace skill root discovery, filtering, and per-agent skill-root display
- Windows PowerShell installer support
- `awaiting_owner` task status detection
### Changed
- Node runtime policy now accepts all versions `>=22` instead of a narrow allowlist
- CSP and browser-security helpers were factored into dedicated modules for clearer hardening boundaries
- Docker/image release automation now supports the official Docker Hub image when repository secrets are configured
- Release metadata and docs now point to the Builderz Labs repository as the canonical source
### Fixed
- HTTP and Tailscale login regressions caused by unconditional HTTPS redirects and CSP nonce propagation gaps
- Fresh HTTP Docker installs failing login because secure-cookie behavior did not follow the actual request protocol
- Gateway auth and credential detection for mixed token/password setups
- Task dispatch using display names instead of gateway agent IDs
- Docker and gateway-optional regressions across Compose startup, health probes, public assets, `OPENCLAW_HOME`, and read-only config handling
- SQLite `SQLITE_BUSY` contention by adding `busy_timeout` and guarding build-phase eager initialization
- Doctor banner dismissal persistence, cron panel crash handling, and null-safe model config editing
- Gateway connectivity and onboarding probe issues, including POST-based wizard health checks and explicit public websocket URL preference
- Notification refresh timing, agent empty-state UX, duplicate task-title/delete handling, and several panel/runtime regressions
- Memory diagnostics scoping, gateway notification delivery, session labels, and multiple i18n namespace gaps
- Password generation now uses a CSPRNG in the Windows installer
- Reagraph CSP rendering regression caused by nonce handling in `style-src`
- `/api/spawn` now supports OpenClaw agents that rely on configured default models instead of requiring a runtime `model`
- Gateway dashboard registration now has explicit regression coverage preserving device-auth posture
### Security
- Removed `unsafe-inline` in favor of nonce-based CSP handling
- Strengthened skill-registry SSRF and path-traversal detection rules
- Stopped forcing `dangerouslyDisableDeviceAuth` during Mission Control gateway registration
### Tests
- Coverage for pure utility modules to keep the Vitest threshold passing in CI
- Gateway health history E2E and supporting utility tests
- Docker-mode integration coverage for gateway connectivity regressions
- Regression coverage for spawn-schema compatibility and gateway dashboard registration behavior
### Contributors
- @0xNyk
- @Brixyy
- @clintbaxley
- @dk-blackfuel
- @firefloc-nox
- @HonzysClawdbot
- @hectorse.88
- @jonathan-squaredlemons
- @jonboirama
- @joshua-mo-143
- @jrrcdev
- @lucascr
- @RazorFin
- @topshelfmedia
### Fixed ### Fixed
- HTTP and Tailscale login broken by unconditional HTTPS redirect — replaced with opt-in `NEXT_PUBLIC_FORCE_HTTPS=1` (#309) - HTTP and Tailscale login broken by unconditional HTTPS redirect — replaced with opt-in `NEXT_PUBLIC_FORCE_HTTPS=1` (#309)

2
README.md
View File

@ -690,7 +690,7 @@ Trend alerts in the `trends.alerts` response are derived from current-vs-previou
## Roadmap ## Roadmap
See [open issues](https://github.com/builderz-labs/mission-control/issues) for planned work and the [v2.0.0 release notes](docs/releases/2.0.0.md) for the latest major release summary. See [open issues](https://github.com/builderz-labs/mission-control/issues) for planned work and the [v2.0.1 release notes](docs/releases/2.0.1.md) for the latest release summary.
**Completed:** **Completed:**

94
docs/releases/2.0.1.md Normal file
View File

@ -0,0 +1,94 @@
# Mission Control 2.0.1
Released: 2026-03-18
Mission Control 2.0.1 is the patch release that consolidates everything shipped after the `v2.0.0` launch. It includes the operational fixes that stabilized HTTP/Tailscale deployments, a zero-config first-run path, full application internationalization, broader task-routing automation, and the latest OpenClaw compatibility updates needed for current self-hosted installs.
## Highlights
### HTTP, Tailscale, and gateway stability
- Login now works reliably on HTTP Docker installs and Tailscale-served deployments.
- CSP handling was tightened so SSR nonces, theme bootstrapping, and inline script policy stay aligned during login and chunk loading.
- Public websocket URL selection and Tailscale Serve detection were hardened for proxied gateway setups.
- Gateway startup and runtime checks now better tolerate read-only configs, missing `OPENCLAW_HOME`, and container health-probe requirements.
### Better first-run setup
- A first-time setup wizard now guides fresh installs through bootstrap and initial configuration.
- Zero-config startup paths reduce the amount of manual environment setup needed for local and Docker-based installs.
- Doctor and onboarding follow-ups are more resilient, including banner persistence and safer health-check behavior.
### Stronger task and automation flow
- Task routing now preserves implementation metadata, targets the correct gateway session/agent identifiers, and can classify complexity for model-tier routing.
- GNAP sync landed for git-native task persistence.
- `awaiting_owner` state detection and other dispatch/runtime fixes improve workflow accuracy after the v2 cut.
### Broader self-hosted platform support
- Full app localization now ships across 10 languages.
- Windows setup improved with a PowerShell installer and stronger password-generation behavior.
- Workspace skill-root discovery and filtering are now surfaced throughout the app for operators running mixed local/gateway environments.
- The Docker/image pipeline now supports publishing the official image to Docker Hub when release secrets are configured.
## Full Changelog
### Added
- First-time setup wizard and zero-config startup flow
- Full i18n across the app with 10 language packs
- Trusted reverse proxy/header-auth support
- Gateway health history timeline
- Port-based Tailscale Serve proxy detection
- Task implementation-target persistence, session targeting, and complexity-based model-tier routing
- GNAP sync for git-native task persistence
- Hybrid gateway/local dashboard mode
- Workspace skill-root discovery and per-agent display
- Windows PowerShell installer
- `awaiting_owner` task status detection
### Changed
- Node runtime support is now `>=22`
- CSP/browser-security helpers were split into dedicated modules
- Release automation now supports Docker Hub publishing when configured
- Repository/release metadata now consistently points at `builderz-labs/mission-control`
### Fixed
- HTTP/Tailscale login and CSP nonce regressions
- Fresh HTTP Docker login failures caused by secure-cookie mismatch
- Gateway auth/token detection in mixed runtime setups
- Task dispatch using display names instead of gateway IDs
- Docker/runtime regressions around Compose, assets, probes, `OPENCLAW_HOME`, and read-only configs
- SQLite `SQLITE_BUSY` contention during build/runtime crossover
- Doctor banner persistence, cron panel crash handling, and null-safe model config editing
- Public websocket URL preference and onboarding gateway health probe handling
- Notification refresh timing, agent empty-state UX, delete handling, and duplicate task-title behavior
- Memory diagnostics scoping, gateway notification delivery, session labels, and missing i18n namespaces
- Windows installer password generation via CSPRNG
- Reagraph CSP regression from `style-src` nonce handling
- OpenClaw spawn compatibility when agents use configured default models
- Regression coverage for gateway dashboard registration preserving device-auth posture
### Security
- Removed `unsafe-inline` in favor of nonce-based CSP
- Added stronger SSRF/path-traversal detection in the skill registry
- Stopped forcing `dangerouslyDisableDeviceAuth` when registering Mission Control as a dashboard
### Tests
- Utility coverage improvements to satisfy the Vitest coverage threshold
- Gateway health history E2E coverage
- Docker-mode integration coverage for gateway connectivity regressions
- Regression tests for spawn compatibility and gateway registration behavior
## Contributors
- @0xNyk
- @Brixyy
- @clintbaxley
- @dk-blackfuel
- @firefloc-nox
- @HonzysClawdbot
- @hectorse.88
- @jonathan-squaredlemons
- @jonboirama
- @joshua-mo-143
- @jrrcdev
- @lucascr
- @RazorFin
- @topshelfmedia

2
package.json
View File

@ -1,6 +1,6 @@
{ {
"name": "mission-control", "name": "mission-control",
"version": "2.0.0", "version": "2.0.1",
"description": "OpenClaw Mission Control — open-source agent orchestration dashboard", "description": "OpenClaw Mission Control — open-source agent orchestration dashboard",
"scripts": { "scripts": {
"verify:node": "node scripts/check-node-version.mjs", "verify:node": "node scripts/check-node-version.mjs",