CHANGELOG

What's new in SyncTide.

Release notes, required migrations and deployment steps for every version.

v1.8.2 2026-04-20 Latest

Ship-readiness: auto-upgrade, hi-res logo, tests

Schema version 19 · No migrations required since v1.8.0

Installer auto-upgrade

Stable AppId so Inno Setup detects existing installs — run SyncTideSetup-1.8.2.exe on a v1.8.0 machine and it upgrades in place.
PostgreSQL, pgAdmin, LibreOffice, admin account and licence wizard pages are skipped on upgrade — customer credentials never stomped.
Services are stopped before file copy; integrity manifest + DB preserved.
VM-verified end-to-end (fresh install + upgrade both green).

Hi-res logo + wizard graphics

New transparent hi-res logo across the app, installer ICO, and public website.
New helper tools/build_wizard_bmps.py regenerates Inno Setup wizard BMPs (164×314 + 55×58) from the PNG with one command.

Virtual tags — test coverage

40 unit tests — parser, validator (asteval sandbox-escape attempts), cycle detector, evaluate_series across all trigger modes, transitive dependency collector.
4 integration tests against live backend (/measurements/query + /measurements/trend virtual-tag expansion). Skip cleanly when SYNCTIDE_TEST_API_URL env vars are unset.
pd.concat(sort=False) fix silences pandas 4.x deprecation warning.

Messaging module rename

License module sms → messaging — one name covering SMS, WhatsApp, Telegram, email.
Legacy sms string still accepted (_MODULE_ALIASES) — existing .lic files work unchanged.
Messaging Center no longer shows a spurious lock icon on licences that include the module.

Licence management UI

Sidebar every page: version caption now says Perpetual licence, Licensed until YYYY-MM-DD, Subscription expired or No licence.
Banner: silent when healthy, amber ≤14 days, blue ≤30 days, red when ingestion is blocked by an expired subscription.
Configurations → License Management: now shows License type; subscription licences additionally show subscription expiry + days remaining.

H-5 ACL lockdown — verified

New tools/verify_h5_acl.ps1 — run as admin on a VM after install. Checks icacls state, non-admin read-denial, backend health. Exits 0 on pass.
Previously code-complete; now runtime-verified on a clean VM.

Build tooling

build_release.py caches vendor installers (Postgres, pgAdmin, LibreOffice, Python) in installer/_cache/ — ~760 MB saved per build.
Website hero typography fix — gradient-clipped headline stopped rendering once GSAP split words into nested spans; CSS inheritance chain restored.

Pending

Virtual tags manual UI smoke checklist.
Rollback-snapshot path for installer upgrade (currently relies on Inno's own restore).

Raw changelog (.md)

v1.6.0 2026-04-17

Multi-channel messaging + Ack escalation

Schema version 11 · Migrations 010 + 011 required

Multi-channel messaging

Twilio WhatsApp — send alarm notifications via WhatsApp through the Twilio API.
Telegram Bot — send messages to individual chats or groups.
Email (SMTP) — any SMTP server (Gmail, Outlook, on-prem).
Channel type is now optional on alarm rules — if not set, the system uses the default gateway.

Ack-driven escalation

Require acknowledgment checkbox on each alarm rule.
When enabled, messages carry a unique ack token (ACK-abc123). If no reply in ack_timeout_seconds (default 300s), auto-escalates.
Ack via reply on any channel or API: POST /messaging/acknowledge/{token}.
On acknowledgment, all pending messages for the same alarm are cancelled.

Maps

CARTO tiles (light + dark) by default — no API key needed.
Optional Mapbox satellite via SYNCTIDE_MAPBOX_API_KEY.

Migrations

010: widened CHECK constraints, added recipient_address, ack_token, ack_timeout_seconds; channel_type + recipient_phone made nullable.
011: require_ack BOOLEAN DEFAULT FALSE on messaging_alarm_rules.

Files changed

File	Change	Recompile
`migrations/010_multi_channel_ack.sql`	New migration	No
`messaging_engine.py`	3 new channel classes	Yes
`main.py`	Ack escalation, multi-channel routing	Yes
`app_core.py`	Map style fix	Yes
`pages/3_SMS_Center.py`	Multi-channel UI	No

Raw changelog (.md)

v1.5.0 2026-04-15

Ship-fix round 1 · Reliability + hardening

Security

Default-password detection with forced change on first login.
Webhook authentication via per-gateway webhook_secret.
Rate limiting on /auth/login, /users/me/password, /messaging/webhook/incoming.
Per-user device scoping on all data endpoints and report downloads.
Split Ed25519 signing keys for licenses and update packages.
Interactive API docs disabled in production.
Installer ACL lockdown on .env, license.lic, integrity_manifest.json.

Reliability

DB connection pool: pool_pre_ping, recycle, proper shutdown.
Messaging retry: exponential backoff (30s → 2h, 5 attempts), per-message commit isolation.
Log rotation for supervisor, ingestion, backend and messaging logs.
PDF engine: Windows Path.replace() fix, temp-dir cleanup fix.

v1.4.0 2026-04

Phase 6 · Alarms, categories, user admin

Hierarchical alarm categories with per-user visibility scoping.
Home-page category tree with alarm roll-ups and per-device drill-down.
User administration page — create / edit / delete with scoped access lists.
Report history with per-user scoping and scheduled generation.

v1.0 – v1.3 2025 / early 2026

Foundation · Phases 1–5

CSV ingestion worker with watchdog and idempotent re-ingest.
FastAPI backend + Streamlit UI, packaged as Windows services.
Cython .pyd compilation with integrity manifest.
License manager with Ed25519-signed license.lic files.
PostgreSQL schema + migrations framework.
Report template engine (LibreOffice-backed).