v0.8.11

Added

• Custom theme system -- Admins can now create, edit, and activate fully custom themes from the settings page. Each theme is a typed bundle of OKLCH-validated CSS variables, persisted as a custom_theme row, and addressable via a theme:// URN scheme that decouples references from numeric IDs. Status pages can opt into a custom theme through status_page.theme_ref, gated by the new feature.custom_themes flag and exposed over a dedicated /api/themes/* HTTP surface
• OKLCH-aware theme variable validator -- A new server-side validator parses every theme variable, enforces OKLCH lightness/chroma/hue ranges, and rejects malformed payloads before they reach storage so invalid themes can never be activated or referenced from a status page
• Frontend theme runtime rewrite -- ThemeProvider now resolves a payload from the API, applies it directly to CSS variables, and caches the result in localStorage so theme switches feel instant and survive refreshes. OKLCH ⇄ hex conversion is provided through culori, and a shared preset variable map keeps every built-in preset in lockstep with the runtime via a CSS sync invariant test

Changed

• Status page theming -- Public status pages now read their theme from theme_ref and fall back to the previous default behavior when the feature flag is off, so existing deployments see no visual change until they explicitly opt in

Testing

• Added backend integration coverage for the /api/themes/* HTTP routing, custom theme service invariants, theme-ref URN parsing edges, theme variable validation edges, and reference integrity between status pages and custom themes
• Added frontend coverage for the theme-ref URN parser, the preset variable map ↔ CSS sync invariant, and updated capabilities-dialog mocks to match the new theme surface

v0.8.10

Added

• Server tags management -- Admins can now assign validated tags to servers via the edit dialog, with a dedicated /api/servers/{id}/tags API on the backend. Tags are normalized, deduplicated, and pushed back into the live servers cache so the UI updates immediately after save
• Tags in the servers list -- The servers table now renders server tags inline with the name cell, and the backend includes tags in the shared server status payload so the list stays in sync without extra page reloads

Changed

• Servers list density redesign -- The /servers table now uses dedicated CPU, memory, disk, network, uptime, and name cells with denser metric presentation. Disk I/O, live network speeds, traffic quota usage, status dots, and core/load context now live directly in the row instead of forcing users to bounce between pages
• Compact latency hero on server cards -- The dashboard server card now shows a tighter latency summary with a unified severity bar sparkline and inline packet-loss indicator, making network health readable at a glance without the old bulky header treatment
• Table controls and dialogs polish -- Shared data-table controls gained better i18n coverage, and the server edit, recovery merge, and capabilities dialogs were tightened up to fit the denser admin workflow more cleanly

Fixed

• Per-card latency severity rendering -- Each server card now uses a unique SVG pattern ID for failed latency bars, preventing one card's striped failure state from leaking into another card's chart
• Server edit dialog stability -- Edit-dialog translation keys and date-picker layout were corrected so the form no longer shows stale copy or awkward layout shifts while editing billing fields

Testing

• Expanded frontend coverage for the redesigned servers list, tag chips, status dots, scroll area behavior, and server edit dialog tag flow
• Added backend integration coverage for server tag CRUD, RBAC enforcement, and tag propagation through the shared server status payload

v0.8.9

Added

• Resend email notifications -- Email alerts are now delivered through Resend's HTTP API. Configure once per deployment via SERVERBEE_RESEND__API_KEY; each channel defines from and a to array so a single channel can fan out to multiple recipients in one call. The rendered email uses an inline-styled HTML body with event-coded header colours (triggered / resolved / neutral) plus a plain-text fallback. Existing SMTP rows are migrated automatically on startup — convertable ones are rewritten to the new {from, to:[...]} shape, unconvertable ones are disabled and suffixed with (needs reconfiguration) for in-UI repair
• Edit flow for notification channels and groups -- The settings page now supports editing existing notification channels (all 5 types) and notification groups. Opening Edit prefills the form, locks the channel type to prevent accidental conversion, and exposes an Enabled switch so rows flagged by the migration can be re-enabled after reconfiguration
• Email address format validation -- Recipient inputs now reject values missing @ or a domain dot on both the backend parse_config and the frontend tag-input, surfacing the error as a toast before the row is saved
• Agent recovery merge workflow -- Servers flagged as a recovered identity can now be merged into their original record from the UI. The merge is atomic, preserves server identity, folds traffic and disk-I/O history together, and gates concurrent writes with a recovery lock so partially-merged state is never observable. Traffic-cache updates continue during the freeze window

Changed

• Email channel schema -- ChannelConfig::Email shrinks from the 6-field SMTP layout (smtp_host, smtp_port, username, password, from, to) to {from, to: string[]}. Storage is migrated automatically; the settings form collapses to a from field plus a tag-style recipients input
• Auto-upgrade reclassified as default capability -- New servers now receive the full default capability set including CAP_UPGRADE, via the shared CAP_DEFAULT constant — no more manual toggling during registration
• Storage-sizing guide -- Added a dedicated storage-sizing reference page (EN + CN) with a capacity planning calculator and retention guidance

Removed

• lettre SMTP dependency -- The lettre crate is dropped from the server binary. Outbound email is now exclusively via Resend's REST API

Fixed

• Notification config re-validated on update -- PUT /api/notifications/{id} now re-parses the effective (notify_type, config_json) pair, so partial updates that would produce an invalid shape (e.g. changing notify_type without supplying a matching config_json, or clearing to on an email row) are rejected with a 422

v0.8.7

release: v0.8.7 — agent self-upgrade feature complete

v0.8.8

Added

• Diceui data-table on /servers -- Replaced the hand-rolled servers-list table with the @diceui/data-table registry. Adds URL-synced status and group filters, client-side pagination (pageSize 20), and stabilizes column layout (table-fixed, explicit widths, tabular-nums) so WebSocket metric updates no longer cause horizontal jitter. The upgrade badge is inlined next to the server name, dropping the blank upgrade column

Changed

• Auto-upgrade reclassified as low risk -- CAP_UPGRADE is now treated as a low-risk capability and included in CAP_DEFAULT. The capabilities UI regroups and relabels the badge accordingly, with docs and QA notes updated to match
• Agent version card in server header -- The agent version card now lives in the server detail header beside metadata and actions, spanning its own full-width row. Header ordering is asserted in the server detail route test

Fixed

• Realtime chart stops updating -- useRealtimeMetrics no longer mutates the sparkline buffer in place, so React detects buffer changes and realtime charts refresh continuously without requiring a tab switch to reveal accumulated points
• Realtime chart axis labels -- X-axis ticks now show hh:mm with consecutive duplicates hidden, the first data point is always labelled, and tooltips display full hh:mm:ss. MetricsChart exposes an xAxisInterval prop so the realtime path forces a tick per data point

v0.8.6

Added

• Traffic quota ring on server cards -- Server cards now render a fourth ring chart showing monthly traffic-quota utilization, wired to /api/traffic/overview. Rings fall back to cumulative agent counters when no quota is configured, and a days remaining hint appears when a billing cycle is active
• Disk I/O and load trend in server cards -- Cards display current disk read/write throughput and a compact load5 · load15 trend alongside network speed, replacing the old single "net total" cell
• Aggregate disk I/O in ServerStatus -- The server-to-browser ServerStatus WebSocket payload now includes disk_read_bytes_per_sec / disk_write_bytes_per_sec, summed across devices, so server cards can render realtime disk throughput without fetching historical data
• Configurable anomaly threshold design -- New spec 2026-04-13-configurable-anomaly-thresholds-design.md defines how network-probe warning/critical thresholds for latency and packet loss will become user-configurable (spec only; implementation lands in a later release)

Changed

• Server card layout -- Reworked into a 4-column ring grid (CPU, Memory, Disk, Traffic) with inline bytes/percent values, plus a condensed footer row summarising uptime, swap, processes, and TCP/UDP counts. Visual density increases without crowding the network sparklines below
• WHOIS targets are normalized -- Both the Rust service and the frontend form now normalize WHOIS inputs such as https://example.com/path or example.com:8443 down to the bare hostname before looking up registry data, preventing spurious lookup errors caused by schemes, ports, or trailing dots
• Localized preset network-probe metadata -- Preset probe target names, providers, and locations are translated into Chinese when the UI language is zh-* (e.g. "China Telecom" → "电信", "Shanghai" → "上海"). English users continue to see the canonical names from the catalog
• Service monitor form prefill -- The Service Monitors create/edit dialog now resets from a useEffect whenever it opens, so editing an existing monitor reliably prefills name, type, target, interval, enabled flag, and parsed config instead of retaining stale values from the last open

Fixed

• Unsupported WHOIS TLD error -- .app, .dev, and .page domains (Google Registry) now return a clear, actionable error ("Use an SSL monitor for demo.example.app instead.") from both the backend checker and the frontend form hint, instead of failing with an opaque lookup error
• Service monitor detail JSON parsing -- Monitor detail rendering now goes through a shared parseMonitorDetail helper that rejects non-object payloads and swallows malformed JSON, avoiding runtime errors when detail_json is null, an array, or invalid JSON
• Capabilities settings navigation freeze -- Stabilized the _authed/settings/capabilities route so navigating away no longer wedges the router in a loading state
• Network probe i18n stability -- Column headers for the network-probes settings table are now produced by lazy header functions, fixing stale-translation bugs after switching UI language. New language-switch tests guard the regression
• Network probe target actions -- Target-row actions in the settings table now render with clearer affordances and correct spacing on narrow widths
• Capability headers and risk ordering -- Restored the original capability column order on the settings page so high-risk toggles are grouped and labelled consistently with the backend catalog
• Traffic overview empty state -- The /traffic page now shows a clearer empty-state message when no servers have traffic quotas configured, instead of rendering an empty chart
• Network detail and server detail spacing -- Added bottom padding to /servers/:id and restored vertical spacing on /network/:serverId so the last card no longer sits flush against the viewport edge
• CI typed route tests -- Route components ServiceMonitorDetailPage and related detail routes are now exported so typed tests in CI can import them directly

Testing

• 5 new frontend test files: servers/$id.test.tsx, service-monitors/$id.test.tsx, settings/capabilities.test.tsx, settings/service-monitors.test.tsx, traffic/index.test.tsx — covering ring layouts, WHOIS form validation, capability toggling, and traffic overview rendering
• Extended server-card, network/$server-id, and settings/network-probes test suites with coverage for disk I/O metrics, traffic ring fallbacks, preset-name localization, and language-switch rerenders
• New Rust coverage in crates/server/src/service/checker/whois.rs for target normalization (URL, host:port) and the unsupported-TLD error path

v0.8.5

Merge pull request #93 from ZingerLittleBee/cap

feat: agent local capability locks and high-risk audit

v0.8.4

Merge pull request #90 from ZingerLittleBee/stuttgart

fix(server): use RFC3339 time format in raw SQL queries against sea-orm tables

v0.8.3

Merge pull request #89 from ZingerLittleBee/baton-rouge-v2

feat: seed server card sparklines from overview history

v0.8.2

Added

• Production Proxy Dev Workflow -- New make web-dev-prod and bun run dev:prod workflows let the Vite dev server proxy API requests and live /api/ws/servers updates to the production backend for frontend debugging against real traffic
• Prod Proxy Warning Banner -- The web app now shows a persistent banner in prod-proxy mode so you do not forget the UI is pointed at production, and whether writes are still blocked

Changed

• Prod Proxy Safety Model -- The production dev proxy now uses a dedicated read-only member API key, blocks non-read HTTP methods by default, strips browser auth headers and cookies, and only allows GET /api/auth/me from the auth routes
• Configuration Docs -- .env.example, ENV.md, and the bilingual configuration docs now document the split production keys and the ALLOW_WRITES=1 escape hatch

Fixed

• Production WebSocket Allow-List -- The frontend dev proxy now forwards only /api/ws/servers, preventing terminal and other control-plane WebSocket routes from piggybacking through localhost into production

Testing

• Added frontend Vitest coverage for prod-proxy request filtering, auth-path blocking, WebSocket allow-listing, and the persistent warning banner