Changelog

What we shipped and why it matters. Public beta — moving fast.

v0.1.1192026-04-27

Investigation Mode — session bypass for AI clients (F4)

+Investigation Mode (ADR 0004) — open a debugging session, do one 2FA, exec for 30 min / 20 actions / 2h hard cap
+Server-scoped bypass — scoped to a single server_id, no cross-host smuggling
+New MCP tools: mttrly_acquire_investigation_bypass, mttrly_revoke_investigation_bypass, mttrly_get_investigation_bypass
+Real 2FA gate on acquire + atomic action counter (no race-condition over-spend)
+MCP approval fanout & readiness hardening (PRs #459–#464)

v0.1.1102026-04-23

Anomaly management v2 (E24)

+Anomalies dashboard at /dashboard/anomalies — review, ack, mute
+Acknowledge proactive events — mttrly_acknowledge_proactive_event MCP tool
+FP-budget auto-mute — repeated false positives auto-mute the rule
+Notification rate limiter + anomalies log
+Morning brief MCP tool — proactive findings + recent knowledge in one digest

v0.1.952026-04-18

Detector suite (E1B.3)

+D2 systemd_pm2_mismatch detector — service running under one supervisor but not the other
+D4 port_service_mismatch detector — listening port without matching service definition
+kernel_error / dmesg_check_failed incident type — auto-grouping for repeat kernel errors
+Detector fixtures for D2/D4 regression coverage
+Postmortem auto-dedupe via unique index (issue #423)

v0.1.852026-04-12

Knowledge loop & retrospectives

+Generate retrospectives from incident timeline — mttrly_generate_retrospective
+Search postmortems / recipes / notes — mttrly_search_knowledge
+Service reality model — mttrly_get_service_reality + mttrly_refresh_reality
+Server timeline (merged incidents/deploys/audit) — mttrly_get_server_timeline
+Day-3 insight digest

v0.1.752026-04-04

Install hygiene & self-recovery

+mttrly_get_install_health — install state, issues, repair plan
+mttrly_repair_install — repair_issues / ensure_install_state / reprovision_wrappers / uninstall_agent
+mttrly_bootstrap_recover — generate recovery one-liner
+mttrly_update_agent — self-update with download_url + checksum
+docker-compose service-label resolution

v0.1.652026-03-28

OAuth 2.1 for MCP — Claude Code, Cursor, Codex

+OAuth 2.1 implementation per RFC 9728, 8414, 7591
+Dashboard MCP OAuth connect section
+API key scopes: read, act, approve
+Telegram Widget popup support (COOP same-origin-allow-popups)

v0.1.502026-03-15

MCP server — read tools + execute layer

+First MCP integration — list_servers, get_server_status, get_alerts, run_diagnostic, list_playbooks
+Execute layer — run_playbook, execute_command, get_pending_actions, approve_action
+Audit log via MCP — get_audit_log
+File ops with allowlist — read_file, read_privileged_file, search_files, diff_file, write_file

v0.1.302026-02-20

Modal onboarding wizard + i18n

+Multi-step onboarding wizard (PR #364)
+i18n for onboarding flow (ru/en)
+2FA target display + formatters
+Shareable rescue flow — recovery shortcuts
+Onboarding health report with deterministic format

v0.1.152026-01-25

Deployment Bro NL + recipe library

+Natural language → playbook intent recognition
+9 diagnostic recipes — website-down, high-latency, post-deploy-issue, disk-full, server-errors, server-setup, change-audit, pre-deploy-check, post-deploy-verification
+BYOK — bring your own OpenAI/Anthropic key with AES-GCM encryption + key rotation
+AI rate limiter, intent caching, output length limits per plan

v1.0.02025-02-01

Initial Release — the one that started it all

+Core commands: /status, /logs, /restart, /deploy — manage your server without SSH
+Custom playbooks — define your own scripts, trigger them from your messenger
+Multi-server management — switch between servers in one chat
+Telegram bot — the first messenger, fully integrated
+WebSocket agent — outbound-only connections, no ports to open
+Action confirmation — dangerous commands ask before they execute