release: v4.11.1

[Yeraze]

Summary

Version bump to 4.11.1.

Bumps the version across all five tracked files and rolls the CHANGELOG.md [Unreleased] section into [4.11.1]:

• package.json
• package-lock.json (regenerated)
• desktop/package.json
• desktop/src-tauri/tauri.conf.json
• helm/meshmonitor/Chart.yaml (version + appVersion)

Changes since 4.11.0 (now under [4.11.1])

• Device notifications surfaced as toasts + firmware 2.8 favorite/ignore cap handling ([2.8 tracking] NodeDB warm tier — node count changes, snr_q4 protobuf field, blocked node persistence #3548, feat(notifications): surface device ClientNotifications + firmware 2.8 favorite/ignore cap (#3548) #3578)
• Auto-Acknowledge 2×2 matrix — message type × hop distance (Auto Acknowledge mixing direct messages and 0 hops #3564, feat(auto-ack): message-type × hop-distance 2×2 matrix (#3564) #3580)
• MeshCore node-type icons & filter on the source map ([FEAT] MeshCore node type visualization and filtering on map #3546, feat(meshcore-map): node-type icons, filter & legend on the source map #3576)

Notes

• System tests enabled on this PR via the system-test label.

🤖 Generated with Claude Code

https://claude.ai/code/session_011JEaCGwY9Wz8jeV4e22GW4

[github-actions]

Claude finished @Yeraze's task —— View job

---

PR Review: release/v4.11.1

Tasks:

• Gather context and understand the PR
• Review changed files for version consistency
• Check CHANGELOG.md completeness
• Provide final review feedback

---

Review Summary

This is a clean, well-scoped release PR. No issues found.

Version Consistency ✅

All 5 required files (per CLAUDE.md) correctly reflect 4.11.1:

File	Version
package.json	4.11.1
package-lock.json	4.11.1
desktop/package.json	4.11.1
desktop/src-tauri/tauri.conf.json	4.11.1
helm/meshmonitor/Chart.yaml	version: 4.11.1, appVersion: "4.11.1"

CHANGELOG.md ✅

• [Unreleased] section is left empty (ready for future changes)
• [4.11.1] - 2026-06-20 entry is present with the correct date
• All three bundled features are documented with adequate detail and issue references
• Keeps Keep a Changelog format with proper ### Features header

No issues found:

• No version mismatches
• No missing files
• No changelog formatting problems
• The PR scope is exactly what a patch release should be: version bumps + changelog rollup only

This PR is ready to merge. ✓

[github-actions]

System Test Results

MeshMonitor System Test Results

Test Run: 2026-06-20 15:59:09 EDT

Test Summary

Test Suite	Result
Configuration Import	✅ PASSED
Quick Start Test	✅ PASSED
Security Test	✅ PASSED
V1 API Test	✅ PASSED
Reverse Proxy Test	✅ PASSED
Reverse Proxy + OIDC	✅ PASSED
Virtual Node CLI Test	✅ PASSED
Backup & Restore Test	✅ PASSED
Database Migration Test	✅ PASSED
DB Backing Consistency	✅ PASSED
API Exercise (3 DBs)	✅ PASSED

✅ Overall Result: PASSED

All deployment configurations are working correctly!

Test Details

Configuration Import:

• Tests configuration import and device reboot cycle
• Verifies channel roles, PSKs, and LoRa configuration
• Note: Channel name verification skipped due to architectural limitation

Quick Start Test:

• Zero-config deployment (no SESSION_SECRET or COOKIE_SECURE required)
• HTTP access without HSTS
• Auto-generated admin user with default credentials
• Session cookies work over HTTP
• Meshtastic node connection and message exchange verified

Security Test:

• Verifies Node IP address hidden from anonymous users in API responses
• Verifies MQTT configuration hidden from anonymous users
• Verifies Node IP address visible to authenticated users
• Verifies MQTT configuration visible to authenticated users
• Verifies protected endpoints require authentication

V1 API Test:

• Tests v1 REST API endpoints with Bearer token authentication
• Verifies Bearer token requests bypass CSRF protection
• Verifies POST/PUT/DELETE work without CSRF token when using Bearer auth
• Verifies session-based requests still require CSRF token

Reverse Proxy Test:

• Production deployment with COOKIE_SECURE=true
• HTTPS-ready configuration
• Trust proxy enabled for reverse proxy compatibility
• CORS configured for HTTPS domain
• Meshtastic node connection and message exchange verified

Reverse Proxy + OIDC Test:

• OIDC authentication integration
• Mock OIDC provider health checks
• Authorization flow and session creation
• Hybrid mode (OIDC + local auth)
• Meshtastic node connection verified

Virtual Node CLI Test:

• Virtual Node Server enabled on TCP port 4404
• Meshtastic Python client successfully connects
• Node data download and synchronization verified
• Test message sent on gauntlet channel (index 3)
• Message delivery confirmed via Web UI API
• Virtual Node Server connection logging verified

Backup & Restore Test:

• System backup created from running dev container
• New container spun up with RESTORE_FROM_BACKUP env var
• Data integrity verified (node count, message count, settings)
• Restore event logged in audit log
• Dev container unaffected by restore test

Database Migration Test:

• SQLite to PostgreSQL migration verified
• SQLite to MySQL migration verified
• Data integrity confirmed for both target databases
• Row counts match between source and target

DB Backing Consistency Test:

• SQLite, PostgreSQL, and MySQL backends tested with same device
• Node counts within ±10 across all three backends
• Favorite counts identical across all backends
• Key station verified as favorite on all backends