This release includes breaking changes for platform teams planning a safe upgrade.
✓ No known CVEs patched in this version
Topics
Summary
AI summaryBroad release touches Testing & CI, Issues Resolved, Bug Fixes, and π MeshMonitor v4.6.1.
Changes in this release
| Type | Severity | Summary | CVE |
|---|---|---|---|
| Feature | Low |
Render telemetry graphs in DM contact-detail pane (meshcore) Render telemetry graphs in DM contact-detail pane (meshcore) Source: granite4.1:8b-q6_K@2026-05-19 Confidence: high |
β |
| Feature | Low |
Detect broker ACL restrictions and surface to user (mqtt) Detect broker ACL restrictions and surface to user (mqtt) Source: granite4.1:8b-q6_K@2026-05-19 Confidence: high |
β |
| Feature | Low |
Add Prune Outside ROI action for mqtt_bridge sources Add Prune Outside ROI action for mqtt_bridge sources Source: granite4.1:8b-q6_K@2026-05-19 Confidence: high |
β |
| Dependency | Low |
Bump production-dependencies group with 13 updates Bump production-dependencies group with 13 updates Source: granite4.1:8b-q6_K@2026-05-19 Confidence: high |
β |
| Dependency | Low |
Bump development-dependencies group with 3 updates Bump development-dependencies group with 3 updates Source: granite4.1:8b-q6_K@2026-05-19 Confidence: high |
β |
| Dependency | Low |
Upgrade tsx from 4.21.0 to 4.22.1 Upgrade tsx from 4.21.0 to 4.22.1 Source: granite4.1:8b-q6_K@2026-05-19 Confidence: high |
β |
| Dependency | Low |
Bump development-dependencies across 1 directory with 2 updates Bump development-dependencies across 1 directory with 2 updates Source: granite4.1:8b-q6_K@2026-05-19 Confidence: high |
β |
| Dependency | Low |
Bump development-dependencies across one directory with 2 updates Bump development-dependencies across one directory with 2 updates Source: granite4.1:30b@2026-05-19-audit Confidence: high |
β |
| Performance | Low |
Stabilize hardware test suite and make it manually-triggered Stabilize hardware test suite and make it manually-triggered Source: granite4.1:8b-q6_K@2026-05-19 Confidence: high |
β |
| Bugfix | Low |
Preserve saved password on edit when field is blank (mqtt-source) Preserve saved password on edit when field is blank (mqtt-source) Source: granite4.1:8b-q6_K@2026-05-19 Confidence: high |
β |
| Bugfix | Low |
Make MeshCorePage fill the dashboard shell height Make MeshCorePage fill the dashboard shell height Source: granite4.1:8b-q6_K@2026-05-19 Confidence: high |
β |
| Bugfix | Low |
Split NUL-separated DeviceInfo remainder for Info panel (meshcore) Split NUL-separated DeviceInfo remainder for Info panel (meshcore) Source: granite4.1:8b-q6_K@2026-05-19 Confidence: high |
β |
| Bugfix | Low |
Preserve saved password when field is blank in MQTT source editor Preserve saved password when field is blank in MQTT source editor Source: granite4.1:30b@2026-05-19-audit Confidence: high |
β |
| Bugfix | Low |
Correctly split NULβseparated DeviceInfo remainder for Info panel (meshcore) Correctly split NULβseparated DeviceInfo remainder for Info panel (meshcore) Source: granite4.1:30b@2026-05-19-audit Confidence: high |
β |
Full changelog
MeshMonitor v4.6.1
Patch release focused on Meshcore protocol stability, MQTT source resilience, and test infrastructure. The Meshcore integration gained telemetry graphs in the DM contact-detail pane, correct DeviceInfo decoding for nodes that pack a NUL-separated remainder, and a layout fix so MeshCorePage fills the dashboard shell. On the MQTT side, the source editor now preserves saved passwords when the field is left blank, broker ACL restrictions are detected and surfaced to the user, and mqtt_bridge sources gained a Prune Outside ROI maintenance action. The hardware system-test suite was stabilized and moved to a manually-triggered (system-test label or workflow_dispatch) workflow after the Test 14 HTTP 500 flake was root-caused to TCP-1-client firmware session takeover, not a code regression. Dependency groups were bumped in lockstep.
Features
- #3077 feat(meshcore): render telemetry graphs in DM contact-detail pane
- #3078 feat(mqtt): detect broker ACL restrictions and surface to user
- #3079 feat(sources): add Prune Outside ROI action for mqtt_bridge sources
Bug Fixes
- #3076 fix(mqtt-source): preserve saved password on edit when field is blank
- #3080 fix(meshcore): make MeshCorePage fill the dashboard shell height
- #3081 fix(meshcore): split NUL-separated DeviceInfo remainder for Info panel
Testing & CI
- #3082 test(system): stabilize hardware test suite and make it manually-triggered
Dependencies
- #3068 chore(deps): bump the production-dependencies group with 13 updates
- #3067 chore(deps-dev): bump the development-dependencies group with 3 updates
- #3073 chore(deps-dev): bump tsx from 4.21.0 to 4.22.1
- #3075 chore(deps-dev): bump the development-dependencies group across 1 directory with 2 updates
Release
- #3083 chore(release): bump version to 4.6.1
Issues Resolved
- #3046 [SUPPORT] meshmonitor.org: creating an Embed Profile not consistent with the latest version
- #3003 Feature: Built-in MQTT broker/proxy with topic and geographic filtering
- #2804 [BUG] 4.0.0-beta1 β node seen on traceroute but not in list
- #2582 [FEAT] Support for multiple MQTT Upstream Brokers
Upgrade Notes
No breaking changes. Standard patch upgrade β pull the new image / chart and restart.
Full Changelog: https://github.com/Yeraze/meshmonitor/compare/v4.6.0...v4.6.1
π MeshMonitor v4.6.1
π¦ Installation
Docker (recommended):
docker run -d \
--name meshmonitor \
-p 8080:3001 \
-v meshmonitor-data:/data \
ghcr.io/Yeraze/meshmonitor:4.6.1
π§ͺ Testing
β
All tests passed
β
TypeScript checks passed
β
Docker images built for linux/amd64, linux/arm64, linux/arm/v7
π Changes
See commit history for detailed changes.
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About Yeraze/meshmonitor
All releases βRelated context
Related tools
Earlier breaking changes
- v4.7.2 Route `destination` field now rejects nonβ8βhex nodeId or 64βhex publicKey, returning HTTPβ―400.
Beta — feedback welcome: [email protected]