4.0 KiB
4.0 KiB
Changelog
All notable changes to GuruConnect are documented here. Format follows Keep a Changelog; the project uses semantic versioning.
Per-version entries below are generated from conventional commits (feat:, fix:, perf:)
by the release workflow; per-component changelogs are also written to
changelogs/<component>/v<version>.md and served at /api/changelog/....
[0.3.0] - 2026-06-01
Added
- Operator removal UI for stale machines/sessions (SPEC-004 Task 5) (
96f9c0ab) - Operator removal of stale sessions/machines (SPEC-004 Task 5, server) (
5ee66753) - Reap stale persistent sessions + same-machine supersede (SPEC-004 Task 4) (
4e80573c) - Dedup machines on machine_uid (SPEC-004 Task 2) (
ffca7f0c) - Derive + report deterministic machine_uid (SPEC-004 Task 1) (
b3e8f327) - Per-agent H.264 test override (h264-test tag) [Task 8 prep] (
df51d400) - GuruConnect v2 Users admin view (
96b4fd77) - GuruConnect v2 Support Codes view (
664f33d5) - Serve dashboard SPA with deep-link fallback; remove v1 portal (
67f3722b) - GuruConnect v2 Sessions view (pass 2) (
6ecb937e) - GuruConnect v2 operator console (pass 1) (
43a9432b) - V2 secure-session-core Task 7 - HW H.264 + negotiated raw fallback (
f9bdecbf) - V2 secure-session-core Task 6 - full key fidelity (
bb73ba66) - V2 secure-session-core Task 5 - attended consent (
9082e114) - V2 secure-session-core Task 4 - rate limit + single-use codes (
bfcdbb53) - Viewer-token view-only/control split - closes CRITICAL #1 (
a453e798) - V2 secure-session-core Task 3 - secure relay WS (
0f258788) - V2 secure-session-core Task 2 - auth rebuild (
41691bfb) - V2 secure-session-core Task 1 - schema + per-agent keys (
fef8111f)
Fixed
- Make native H.264 viewer render live frames (
97780304) - Revoke viewer tokens on logout + stop logging chat content (
c98692e4) - Close auto-update TLS bypass (MITM -> RCE) [HIGH] (
8119292b) - Apply Tasks 3-5 review fixes (non-blocking) (
442eecef) - Tolerate NULL connect_machines columns (tags decode bug) (
abc55abb) - Trusted-proxy client-IP extraction for rate-limit/audit keying (
5d5cd265) - Clippy fixes for Task 4 (CI green) (
21189423)
Security
- Security pass re-audit (2026-05-30) — 3 CRITICALs verified CLOSED (
9f448072)
Spec
- Add SPEC-015 Configurable Notification Overlay (
afbf0d81) - Add SPEC-014 Branding and White-Label Configuration (
b45c683a) - Add SPEC-013 Windows Session Selection and Backstage Mode (
5637e4c1) - Add v2-stable-identity implementation plan (SPEC-004 breakdown) (
92bc522c) - Update SPEC-012 to include both Serial Console + PTY Shell modes (
761bae5d) - Add SPEC-012 Headless Linux Mode (Direct TTY Access) (
a062a825) - Add SPEC-011 Mobile Agent Support (iOS and Android) (
b1862800) - Add SPEC-010 Cross-Platform Agent Support (macOS and Linux) (
5e232550) - Add SPEC-009 feature-rich documented API (
7ab87384) - Add SPEC-008 valuable error messages (
65eff5cf) - Add SPEC-007 managed-agent installer builder (
008d2bf3) - Add SPEC-006 universal machine search (
0eb38520) - Add SPEC-005 machines list view (dual indicators + rich rows) (
cdc182f0) - SPEC-004 add stable machine-derived identity as the primary fix (
f8bd4d1d) - Add SPEC-004 session lifecycle reaping + operator removal (
ee900c63) - Add SPEC-003 full machine inventory in connection DB (
abf499cb) - Add v2-secure-session-core shape spec (
81e4b99a)
[0.2.2] - 2026-05-29
Added
- Operational tooling — signing, versioning, changelog, roadmap (SPEC-001) (
60519be2)
Fix
- Use Self:: for static method calls (
cc35d111)
Fixed
- Drop broken jsign --info verify step in release (
5727ccf3) - Use jsign 7.1 for Azure Trusted Signing (
e7f38ce2)
Security
- Require authentication for all WebSocket and API endpoints (
4614df04)
[0.1.0] - 2026-01-18
Added
- Initial GuruConnect: Rust agent (DXGI/GDI capture, input injection, native viewer,
guruconnect://handler), Axum relay server, protobuf-over-WSS transport. - Phase-1 security hardening (JWT, Argon2id, rate limiting, security headers, SEC-1..5), systemd units, automated backups.