Skip to content

v2.0.2 Release Notes

Released: 2026-05-22
Theme: Security Hardening + Docker Deployment


What's New

Password Security (#94)

Dashboard passwords now use bcrypt hashing (cost factor 12) with enforced complexity rules:

  • Minimum 12 characters
  • Must include uppercase, lowercase, number, and special character
  • Applied on account creation and password reset

The legacy admin/admin default is removed. Passwords are set by IT at deployment time.


Docker Containerisation (#95)

The ScreenStop Dashboard is now available as a Docker image for enterprise deployments.

  • Single-stage Docker image based on python:3.11-slim-bookworm
  • Runs as non-root user (screenstop)
  • Versioned tar export for air-gapped / offline deployment
  • docker-compose.yml for one-command startup

See Docker Deployment for the full guide.


TLS 1.2+ (#96)

All dashboard communication is now secured with TLS 1.2+.

  • nginx reverse proxy handles TLS termination
  • HTTP (port 80) redirects automatically to HTTPS (port 443)
  • Port 8080 is internal only — not exposed outside the container
  • Customer provides their own certificate (cert.pem + key.pem)

Software Bill of Materials — SBOM (#97)

Each release now includes a CycloneDX SBOM (screenstop-<version>-sbom.json) listing all dashboard server dependencies, generated automatically at build time.


Daemon Status Pill Fix (#90)

The Daemon: Running pill on the station detail page now correctly shows Stale (red) when the station is offline or in warning state, consistent with the station header badge.


Upgrade Notes

  • If upgrading an existing deployment, reset the admin password via the database before logging in (the old hash format is incompatible with bcrypt).
  • Docker deployments require a TLS certificate. See Docker Deployment.