release: v4.10.3

[Yeraze]

v4.10.3 — Traffic Management detection & bug fixes

Maintenance release. Version bumped to 4.10.3 across all five version files (package.json, package-lock.json, helm/meshmonitor/Chart.yaml, desktop/package.json, desktop/src-tauri/tauri.conf.json).

Highlights

• Traffic Management / Status Message correctly detected (fix(config): gate Traffic Management/StatusMessage support on firmware version #3457) — no longer shown as "Unsupported" on firmware that supports them (e.g. v2.7.24); support is now gated on firmware version (Status Message ≥ 2.7.19, Traffic Management ≥ 2.7.22).
• MQTT nodes keep their names (fix(mqtt): stop lastHeard-refresh upserts from clobbering NodeInfo #3456) — the per-packet "last heard" refresh no longer clobbers saved NodeInfo with blanks.
• Local-node module config refreshes are stored (fix(config): store local-node module config responses (handler was remote-only) #3460) — handler was previously remote-only.
• No more phantom channel swaps (fix(channel-detection): prevent phantom swaps when channels share PSK+name (#3452) #3453) — ambiguous (psk, name) channel pairs are skipped, preventing message-attribution scrambling.
• MeshCore {SNR} macro resolves, and device names keep parentheses/emoji (MeshCore companion node name strips parentheses and emoji on save #3450).
• Docs: LoRa TX power help text clarified re: 0 = default max and signed/negative values (docs(lora): clarify TX power accepts signed/negative values #3459).

Changes

• CHANGELOG.md: promoted [Unreleased] → [4.10.3] - 2026-06-14 and added the five PRs merged after the section was last written.
• docs/blog/2026-06-14-v4.10.3-traffic-management.md: new release blog post (Traffic Management + the bug-fix round).

Validation

• tsc --noEmit: clean
• Full Vitest suite: 6440 pass, 0 fail, 0 suite failures
• System tests enabled via the system-test label on this PR.

🤖 Generated with Claude Code

[github-actions]

Claude finished @Yeraze's task —— View job

---

✅ PR Review Complete

I've conducted a thorough review of this v4.10.3 release PR. Here's my comprehensive feedback:

🟢 Excellent - No Issues Found

Review Checklist:

• Analyze changed files and version consistency
• Review code quality and best practices
• Check for potential bugs or issues
• Evaluate security considerations
• Assess test coverage implications
• Review changelog and documentation updates
• Provide comprehensive feedback

Code Quality & Best Practices ✅

Version Management:

• ✅ Perfect version consistency across all 5 required files (package.json, package-lock.json, desktop/package.json, desktop/src-tauri/tauri.conf.json, helm/meshmonitor/Chart.yaml)
• ✅ Follows repository's versioning policy exactly as specified in CLAUDE.md
• ✅ Helm chart updates both version and appVersion correctly

Documentation:

• ✅ Outstanding changelog quality - comprehensive, well-structured, follows Keep a Changelog format
• ✅ Professional blog post - clear, informative, properly formatted with upgrade instructions
• ✅ All changes properly categorized (Features, Bug Fixes) with appropriate detail level
• ✅ Technical accuracy verified against recent commit history

Security Considerations ✅

Content Review:

• ✅ No hardcoded credentials, secrets, or sensitive data
• ✅ No console.log statements or debug code left behind
• ✅ No TODO/FIXME/HACK markers in documentation
• ✅ Blog post follows safe markdown practices
• ✅ Version bumps are clean administrative changes only

Release Integrity:

• ✅ Changes are purely version updates and documentation - no code modifications
• ✅ Release matches the described bug fixes from recent PRs (MeshCore companion node name strips parentheses and emoji on save #3450, fix(channel-detection): prevent phantom swaps when channels share PSK+name (#3452) #3453, fix(mqtt): stop lastHeard-refresh upserts from clobbering NodeInfo #3456, fix(config): gate Traffic Management/StatusMessage support on firmware version #3457, docs(lora): clarify TX power accepts signed/negative values #3459, fix(config): store local-node module config responses (handler was remote-only) #3460)

Performance Considerations ✅

Minimal Impact:

• ✅ Only version metadata and documentation changes - zero performance impact
• ✅ No dependency updates that could affect runtime performance
• ✅ Package-lock.json correctly regenerated maintaining dependency integrity

Test Coverage ✅

Release Validation:

• ✅ PR description confirms full Vitest suite passed (6440 pass, 0 fail)
• ✅ TypeScript compilation clean (tsc --noEmit)
• ✅ System tests enabled via system-test label
• ✅ No test changes needed for this maintenance release

Potential Issues ✅

CLAUDE.md Version Update:

• ℹ️ Minor note: CLAUDE.md still shows "Version: 4.10.0" at line 3, but this is not a blocker as it's documentation metadata, not a functional version reference

Overall Assessment:
This is a textbook perfect maintenance release. All version files are correctly updated, documentation is comprehensive and professional, and the release properly packages the recent bug fixes. No issues found that would prevent merging.

✅ Recommendation: APPROVE

This release is ready to merge. Excellent work following all repository standards and best practices.

---

[github-actions]

System Test Results

MeshMonitor System Test Results

Test Run: 2026-06-14 15:32:38 EDT

Test Summary

Test Suite	Result
Configuration Import	✅ PASSED
Quick Start Test	✅ PASSED
Security Test	✅ PASSED
V1 API Test	✅ PASSED
Reverse Proxy Test	✅ PASSED
Reverse Proxy + OIDC	✅ PASSED
Virtual Node CLI Test	✅ PASSED
Backup & Restore Test	✅ PASSED
Database Migration Test	✅ PASSED
DB Backing Consistency	✅ PASSED
API Exercise (3 DBs)	✅ PASSED

✅ Overall Result: PASSED

All deployment configurations are working correctly!

Test Details

Configuration Import:

• Tests configuration import and device reboot cycle
• Verifies channel roles, PSKs, and LoRa configuration
• Note: Channel name verification skipped due to architectural limitation

Quick Start Test:

• Zero-config deployment (no SESSION_SECRET or COOKIE_SECURE required)
• HTTP access without HSTS
• Auto-generated admin user with default credentials
• Session cookies work over HTTP
• Meshtastic node connection and message exchange verified

Security Test:

• Verifies Node IP address hidden from anonymous users in API responses
• Verifies MQTT configuration hidden from anonymous users
• Verifies Node IP address visible to authenticated users
• Verifies MQTT configuration visible to authenticated users
• Verifies protected endpoints require authentication

V1 API Test:

• Tests v1 REST API endpoints with Bearer token authentication
• Verifies Bearer token requests bypass CSRF protection
• Verifies POST/PUT/DELETE work without CSRF token when using Bearer auth
• Verifies session-based requests still require CSRF token

Reverse Proxy Test:

• Production deployment with COOKIE_SECURE=true
• HTTPS-ready configuration
• Trust proxy enabled for reverse proxy compatibility
• CORS configured for HTTPS domain
• Meshtastic node connection and message exchange verified

Reverse Proxy + OIDC Test:

• OIDC authentication integration
• Mock OIDC provider health checks
• Authorization flow and session creation
• Hybrid mode (OIDC + local auth)
• Meshtastic node connection verified

Virtual Node CLI Test:

• Virtual Node Server enabled on TCP port 4404
• Meshtastic Python client successfully connects
• Node data download and synchronization verified
• Test message sent on gauntlet channel (index 3)
• Message delivery confirmed via Web UI API
• Virtual Node Server connection logging verified

Backup & Restore Test:

• System backup created from running dev container
• New container spun up with RESTORE_FROM_BACKUP env var
• Data integrity verified (node count, message count, settings)
• Restore event logged in audit log
• Dev container unaffected by restore test

Database Migration Test:

• SQLite to PostgreSQL migration verified
• SQLite to MySQL migration verified
• Data integrity confirmed for both target databases
• Row counts match between source and target

DB Backing Consistency Test:

• SQLite, PostgreSQL, and MySQL backends tested with same device
• Node counts within ±10 across all three backends
• Favorite counts identical across all backends
• Key station verified as favorite on all backends