emoncms

Monitoring & Metrics

An open‑source web application for processing, logging, and visualising energy, temperature, and other environmental data.

PHP Latest 11.13.0 · 22d ago Security brief →

Features

View all 12 releases →

Config change

11.13.0 Security relevant 22d

Auth RBAC

Service runner hardening

Open

No immediate action

11.12.4 Bug fix 22d

GitHub Actions fix

Open

No immediate action

11.12.3 Bugfix 22d

MySQL view path fix

Open

11.12.1 Breaking risk 23d

⚠ Upgrade required

Option to disable rate limiting for local testing introduced.
Deprecation warning: POST body HTTP method override option removed; use standard methods.

Breaking changes

Security fixes

Fixed X-Forwarded-* header injection by trusting only local/LAN proxies (CVE not specified).

Notable features

Full changelog

Merge pull request #1987 from emoncms/fix/trusted-proxy-host-header-injection
fix log escapeshell issue
remove escapeshell from logfile
fix redis error
update version (modular admin)
minor fixes
include local changes tag
fix core info
fix access to directories
use components directly for core as well
clean up camel case
consistent model names
re-organise
log model, clean up
fix routes
clean up
seperate services class
extended sysinfo to match original
second system info class test
latest sys info
refactor system info method
refinements
fix translations
refactored admin info view
json systeminfo end point
remove serial monitor, serial cofig ui is sufficient
move view calls to relevant sections
modularise serial
modularise update and components
component model
remove post body http method over-ride option and add comment cors preflight for reference
avoid filepath variable override in view()
harden db_check with prepared statement
fix: only trust X-Forwarded-* headers from local/LAN proxies
remember me module tests
update version
readme for tests
remove old tests, replace with php user model tests as a POC
option to disable rate limiting for local testing
require_once on remember me