github Yeraze/meshmonitor v2.12.2
on GitHub

latest releases: v2.21.4, v2.21.3, v2.21.2-test...
one month ago

MeshMonitor v2.12.2

This release includes three major feature additions: Auto Welcome functionality, Auto Announce scheduled sends, and comprehensive Security Monitoring.

✨ New Features

Auto Welcome Functionality (#412)

Automatically send personalized welcome messages to new nodes joining your mesh network.

Key Features:

  • Dynamic Token System: 7 customizable tokens for personalized messages
    • {LONG_NAME}, {SHORT_NAME} - Node identification
    • {VERSION} - MeshMonitor version
    • {DURATION} - Time since node first seen
    • {FEATURES} - Enabled automation features with emojis
    • {NODECOUNT}, {DIRECTCOUNT} - Network statistics
  • Smart Welcome Logic: 24-hour cooldown to prevent spam
  • Wait for Name Feature: Skip nodes with default names until personalized
  • Routing Options: Send as DM or to specific channel
  • Database Migration: Automatic migration prevents "thundering herd" of welcome messages on first boot
  • Comprehensive Testing: 27 new tests covering integration and migration scenarios

Auto Announce Scheduled Sends (#413)

Precise time-based scheduling using cron expressions as an alternative to fixed intervals.

Key Features:

  • Cron Expression Scheduling: Schedule announcements at specific times (e.g., daily at 9 AM)
  • Live Validation: Real-time validation with visual feedback (green checkmark/red error)
  • Integrated Help: Direct link to crontab.guru for cron expression assistance
  • Smart UI: Conditional display of interval OR cron input based on selected mode
  • Immediate Apply: Schedule changes restart scheduler instantly - no container restart needed
  • Default Expression: 0 */6 * * * (every 6 hours at top of hour)
  • Dual-Mode Scheduler: Supports both interval-based and cron-based execution
  • New Dependencies: node-cron for backend scheduling, cron-validator for frontend validation

Example Cron Expressions:

  • 0 */6 * * * - Every 6 hours at minute 0 (default)
  • 0 9 * * * - Every day at 9:00 AM
  • 0 12 * * 1 - Every Monday at noon
  • 30 8,20 * * * - 8:30 AM and 8:30 PM daily
  • 0 0 1 * * - First day of every month at midnight

Security Monitoring Page (#414)

Comprehensive mesh network security monitoring for encryption key vulnerabilities.

Key Features:

  • New Security Tab: Dedicated interface for monitoring encryption key security
  • Low-Entropy Key Detection: Identifies nodes using weak encryption keys vulnerable to brute-force attacks
    • Displays key entropy scores with severity indicators (High Risk, Medium Risk, Low Risk)
    • Shows hardware model information for affected nodes
    • Direct links to detailed remediation documentation
  • Duplicate Key Detection: Identifies nodes sharing the same encryption key
    • Groups nodes by duplicate encryption keys
    • Highlights privacy violations between devices
    • Shows impacted node count per duplicate key
    • Links to comprehensive fix instructions
  • Security Permission: New granular permission for accessing security monitoring
    • Read permission for viewing security scan results
    • Write permission for initiating security scans
    • Integrated into user management UI with proper Read/Write checkboxes
  • Comprehensive Documentation: User-facing guides for fixing security issues
    • docs/security-low-entropy-keys.md (257 lines) - Complete guide to fixing weak keys
    • docs/security-duplicate-keys.md (355 lines) - Complete guide to resolving duplicate keys
    • Platform-specific instructions for iOS, Android, and CLI
    • Real-world security scenarios and attack explanations
    • Step-by-step remediation instructions
    • FAQ sections addressing common concerns

🐛 Bug Fixes

  • Permission UI: Fixed Security permission displaying incorrect text in Users panel
    • Changed from "Can initiate traceroutes" to proper Read/Write checkboxes
    • Security permission now displays consistently with other resources

🔄 Changes

  • User Management: Enhanced permission model to include security resource
    • Added 'security' to default admin permissions
    • Security resource excluded from default user permissions
  • Auto Announce Architecture: Enhanced scheduler to support both interval and cron-based execution modes

📦 Migration Notes

All features are fully backward compatible:

  • Auto Welcome: Existing nodes marked as welcomed during migration to prevent spam
  • Auto Announce: Interval-based scheduling continues to work (cron scheduling is opt-in)
  • Security: New permission excluded from default user permissions (admin-only by default)

🔗 Pull Requests Included

  • #412 - feat: Implement Auto Welcome functionality with database migration and comprehensive tests
  • #413 - feat: Add cron-based scheduled sends to Auto Announce with immediate apply
  • #414 - feat: Add Security page with hardware model display and comprehensive documentation

📝 Full Changelog

Full Changelog: v2.12.1...v2.12.2

🚀 MeshMonitor v2.12.2

📦 Installation

Docker (recommended): 

docker run -d \
  --name meshmonitor \
  -p 8080:3001 \
  -v meshmonitor-data:/data \
  ghcr.io/Yeraze/meshmonitor:v2.12.2

🧪 Testing

✅ All tests passed
✅ TypeScript checks passed
✅ Docker images built for linux/amd64, linux/arm64, linux/arm/v7

📋 Changes

See commit history for detailed changes.

Check out latest releases or
releases around Yeraze/meshmonitor v2.12.2

Don't miss a new meshmonitor release

NewReleases is sending notifications on new releases.

Get notifications