# Mission Control 2.0.1 Released: 2026-03-18 Mission Control 2.0.1 is the patch release that consolidates everything shipped after the `v2.0.0` launch. It includes the operational fixes that stabilized HTTP/Tailscale deployments, a zero-config first-run path, full application internationalization, broader task-routing automation, and the latest OpenClaw compatibility updates needed for current self-hosted installs. ## Highlights ### HTTP, Tailscale, and gateway stability - Login now works reliably on HTTP Docker installs and Tailscale-served deployments. - CSP handling was tightened so SSR nonces, theme bootstrapping, and inline script policy stay aligned during login and chunk loading. - Public websocket URL selection and Tailscale Serve detection were hardened for proxied gateway setups. - Gateway startup and runtime checks now better tolerate read-only configs, missing `OPENCLAW_HOME`, and container health-probe requirements. ### Better first-run setup - A first-time setup wizard now guides fresh installs through bootstrap and initial configuration. - Zero-config startup paths reduce the amount of manual environment setup needed for local and Docker-based installs. - Doctor and onboarding follow-ups are more resilient, including banner persistence and safer health-check behavior. ### Stronger task and automation flow - Task routing now preserves implementation metadata, targets the correct gateway session/agent identifiers, and can classify complexity for model-tier routing. - GNAP sync landed for git-native task persistence. - `awaiting_owner` state detection and other dispatch/runtime fixes improve workflow accuracy after the v2 cut. ### Broader self-hosted platform support - Full app localization now ships across 10 languages. - Windows setup improved with a PowerShell installer and stronger password-generation behavior. - Workspace skill-root discovery and filtering are now surfaced throughout the app for operators running mixed local/gateway environments. - The Docker/image pipeline now supports publishing the official image to Docker Hub when release secrets are configured. ## Full Changelog ### Added - First-time setup wizard and zero-config startup flow - Full i18n across the app with 10 language packs - Trusted reverse proxy/header-auth support - Gateway health history timeline - Port-based Tailscale Serve proxy detection - Task implementation-target persistence, session targeting, and complexity-based model-tier routing - GNAP sync for git-native task persistence - Hybrid gateway/local dashboard mode - Workspace skill-root discovery and per-agent display - Windows PowerShell installer - `awaiting_owner` task status detection ### Changed - Node runtime support is now `>=22` - CSP/browser-security helpers were split into dedicated modules - Release automation now supports Docker Hub publishing when configured - Repository/release metadata now consistently points at `builderz-labs/mission-control` ### Fixed - HTTP/Tailscale login and CSP nonce regressions - Fresh HTTP Docker login failures caused by secure-cookie mismatch - Gateway auth/token detection in mixed runtime setups - Task dispatch using display names instead of gateway IDs - Docker/runtime regressions around Compose, assets, probes, `OPENCLAW_HOME`, and read-only configs - SQLite `SQLITE_BUSY` contention during build/runtime crossover - Doctor banner persistence, cron panel crash handling, and null-safe model config editing - Public websocket URL preference and onboarding gateway health probe handling - Notification refresh timing, agent empty-state UX, delete handling, and duplicate task-title behavior - Memory diagnostics scoping, gateway notification delivery, session labels, and missing i18n namespaces - Windows installer password generation via CSPRNG - Reagraph CSP regression from `style-src` nonce handling - OpenClaw spawn compatibility when agents use configured default models - Regression coverage for gateway dashboard registration preserving device-auth posture ### Security - Removed `unsafe-inline` in favor of nonce-based CSP - Added stronger SSRF/path-traversal detection in the skill registry - Stopped forcing `dangerouslyDisableDeviceAuth` when registering Mission Control as a dashboard ### Tests - Utility coverage improvements to satisfy the Vitest coverage threshold - Gateway health history E2E coverage - Docker-mode integration coverage for gateway connectivity regressions - Regression tests for spawn compatibility and gateway registration behavior ## Contributors - @0xNyk - @Brixyy - @clintbaxley - @dk-blackfuel - @firefloc-nox - @HonzysClawdbot - @hectorse.88 - @jonathan-squaredlemons - @jonboirama - @joshua-mo-143 - @jrrcdev - @lucascr - @RazorFin - @topshelfmedia