* MQTT support
* feat(mqtt): redesign MQTT settings UI with improved UX
Restructure the MQTT settings page for clarity and usability:
UI Structure:
- Organize settings into logical sections (Auth, Home Assistant, Advanced)
- Use progressive disclosure for port (Auto/Custom) and base topic (Default/Custom)
- Move connection status badge into page header
- Conditionally show HDD debounce only when ATX extension is active
- Add inline validation for required broker field
Connection & Error Handling:
- Add test-then-save flow: Save & Reconnect validates connectivity before persisting
- Add standalone Test Connection button for dry-run validation
- Add testMqttConnection RPC with 5s timeout (no retry, no side effects)
- Surface friendly i18n-ready error messages for common failures (auth, timeout, TLS, DNS)
- Track last connection error on MQTTManager for status reporting
Copy:
- Rewrite all descriptions for clarity and brevity
- Use benefit-oriented, active-voice microcopy throughout
---------
Co-authored-by: Adam Shiervani <adam.shiervani@gmail.com>
* Implement GPG signature verification for OTA updates
- Added GPG signature verification to the OTA update process, ensuring that updates requiring signatures cannot be applied without them.
- Introduced a new GPGVerifier struct to handle fetching and verifying signatures.
- Updated the updateApp and updateSystem methods to check for signature URLs and download signatures as needed.
- Enhanced error handling for missing signatures and verification failures.
- Removed the old release.sh script as its functionality has been integrated into the Makefile for better release management.
* Add tests for GPG signature verification in OTA updates
* Refactor error message for missing GPG signature URL in OTA updates
* Refactor OTA update process to improve signature handling
- Introduced a new method for downloading component signatures, ensuring that updates requiring signatures cannot proceed without them.
- Updated the Makefile to allow E2E tests to optionally include OTA tests based on the SKIP_OTA_E2E variable.
- Enhanced the test_local_update.sh script to support signature file verification and inclusion during tests.
- Improved error handling for missing signature URLs and added context cancellation checks in GPG key fetching.
* Refactor GPG key caching to validate keyring before storing
* Update Makefile to enhance E2E test process with optional OTA signature verification
* Comment out non-working keyservers and update root key fingerprint
* Add Ubunutu keyserver
* Update root key fingerprint for GPG signature verification in OTA updates
* Add signed OTA E2E test and full E2E test suite to Makefile
- Introduced `test_e2e_signed` target for testing signed OTA updates with GPG signature verification.
- Added `test_e2e_full` target to run both regular and signed OTA tests, requiring a signing key fingerprint.
- Enhanced error handling for missing parameters in both test targets.
* Update IP address extraction in test_local_update.sh to exclude all localhost addresses
* Add GPG public key fetching tests with caching and error handling
* Enhance build and testing scripts for signed OTA updates
* Add fingerprint extraction and validation for GPG keys
* Simplify bypass mechanism of OTA signature checks
* Refactor E2E testing and release workflows
* Enhance OTA testing framework and scripts
* Improve local network IP detection in OTA helpers by implementing route-based detection as a primary method, falling back to interface scanning if necessary.
* Add support for unsigned OTA version testing
- Introduced a new script to test unsigned OTA updates with specific version checks.
- Updated Makefile to include the new test script for unsigned OTA.
- Enhanced existing E2E tests to validate version differences and ensure proper OTA behavior.
- Improved error handling for required environment variables in the testing framework.
* Update Makefile to include core E2E tests and enhance dev release validation
- Added `test_core_e2e.sh` script execution to both production and development release workflows.
- Improved user confirmation prompt before proceeding with the dev release.
- Added completion messages to indicate successful test execution and readiness for release.
* Enhance Makefile and testing scripts for improved OTA validation
- Added a new script execution for testing unsigned OTA updates in the Makefile.
- Updated E2E test configurations to exclude specific OTA tests and improve retry logic for video stream dimension retrieval.
- Refactored mouse round-trip tests to remove unnecessary settle time parameters.
* Final release confirmation of prod releases
* Cleanup OTA code: eliminate redundant parsing, TOCTOU, and duplication
- Remove double parseAndValidateKeyring call by threading validated
keyring through fetchFromSingleKeyserver → fetchFromKeyservers →
updateMemoryCache
- Extract getKeyring() helper to deduplicate VerifySignature and
VerifySignatureFromFile preamble
- Replace os.Stat+os.Remove TOCTOU pattern with direct os.Remove
ignoring os.ErrNotExist in downloadFile
- Remove unnecessary fs.existsSync in mock server handler; check
signaturePath variable directly
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* E2E: fix flaky tests, add unsigned OTA to dev test lane
- Fix mouse roundtrip flakiness by increasing MOUSE_SETTLE_MS (50→150ms)
- Export sshExec from helpers for ota-helpers.ts
- Reduce overly conservative delays (polling, animations, reconnects)
- Add waitForVideoDimensions helper with proper polling
- Improve ensureLocalAuthMode to try known passwords before SSH reset
- Add unsigned specific-version OTA test to `make test_e2e` target
- Build baseline + dev binary with pinned VERSION_DEV to avoid timestamp drift
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* Remove stale dev_release checklist item from PR templates
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* feat: release keyPress automatically
* send keepalive when pressing the key
* remove logging
* clean up logging
* chore: use unreliable channel to send keepalive events
* chore: use ordered unreliable channel for pointer events
* chore: adjust auto release key interval
* chore: update logging for kbdAutoReleaseLock
* chore: update comment for KEEPALIVE_INTERVAL
* fix: should cancelAutorelease when pressed is true
* fix: handshake won't happen if webrtc reconnects
* chore: add trace log for writeWithTimeout
* chore: add timeout for KeypressReport
* chore: use the proper key to send release command
* refactor: simplify HID RPC keyboard input handling and improve key state management
- Updated `handleHidRPCKeyboardInput` to return errors directly instead of keys down state.
- Refactored `rpcKeyboardReport` and `rpcKeypressReport` to return errors instead of states.
- Introduced a queue for managing key down state updates in the `Session` struct to prevent input handling stalls.
- Adjusted the `UpdateKeysDown` method to handle state changes more efficiently.
- Removed unnecessary logging and commented-out code for clarity.
* refactor: enhance keyboard auto-release functionality and key state management
* fix: correct Windows default auto-repeat delay comment from 1ms to 1s
* refactor: send keypress as early as possible
* refactor: replace console.warn with console.info for HID RPC channel events
* refactor: remove unused NewKeypressKeepAliveMessage function from HID RPC
* fix: handle error in key release process and log warnings
* fix: log warning on keypress report failure
* fix: update auto-release keyboard interval to 225
* refactor: enhance keep-alive handling and jitter compensation in HID RPC
- Implemented staleness guard to ignore outdated keep-alive packets.
- Added jitter compensation logic to adjust timer extensions based on packet arrival times.
- Introduced new methods for managing keep-alive state and reset functionality in the Session struct.
- Updated auto-release delay mechanism to use dynamic durations based on keep-alive timing.
- Adjusted keep-alive interval in the UI to improve responsiveness.
* gofmt
* clean up code
* chore: use dynamic duration for scheduleAutoRelease
* Use harcoded timer reset value for now
* fix: prevent nil pointer dereference when stopping timers in Close method
* refactor: remove nil check for kbdAutoReleaseTimers in DelayAutoReleaseWithDuration
* refactor: optimize dependencies in useHidRpc hooks
* refactor: streamline keep-alive timer management in useKeyboard hook
* refactor: clarify comments in useKeyboard hook for resetKeyboardState function
* refactor: reduce keysDownStateQueueSize
* refactor: close and reset keysDownStateQueue in newSession function
* chore: resolve conflicts
* resolve conflicts
---------
Co-authored-by: Adam Shiervani <adam.shiervani@gmail.com>
In prep to add golangci-lint, fix various linting issues.
* Make the `kvm` package a fully-qualified public package.
Signed-off-by: SuperQ <superq@gmail.com>
* feat(ntp): use ntp server from dhcp info
* feat(ntp): use ntp server from dhcp info
* feat(ntp): add delay between time sync attempts
* chore(ntp): more logging
Patrick Hofmann
Adam Shiervani
Aveline
dependabot[bot]
jackislanding
Marc Brooks
Siyuan Miao
SuperQ
Cameron Fleming