v2.0.2 Release Notes
Released: 2026-05-22
Theme: Security Hardening + Docker Deployment
What's New
Password Security (#94)
Dashboard passwords now use bcrypt hashing (cost factor 12) with enforced complexity rules:
- Minimum 12 characters
- Must include uppercase, lowercase, number, and special character
- Applied on account creation and password reset
The legacy admin/admin default is removed. Passwords are set by IT at deployment time.
Docker Containerisation (#95)
The ScreenStop Dashboard is now available as a Docker image for enterprise deployments.
- Single-stage Docker image based on
python:3.11-slim-bookworm - Runs as non-root user (
screenstop) - Versioned tar export for air-gapped / offline deployment
docker-compose.ymlfor one-command startup
See Docker Deployment for the full guide.
TLS 1.2+ (#96)
All dashboard communication is now secured with TLS 1.2+.
- nginx reverse proxy handles TLS termination
- HTTP (port 80) redirects automatically to HTTPS (port 443)
- Port 8080 is internal only — not exposed outside the container
- Customer provides their own certificate (
cert.pem+key.pem)
Software Bill of Materials — SBOM (#97)
Each release now includes a CycloneDX SBOM (screenstop-<version>-sbom.json) listing all dashboard server dependencies, generated automatically at build time.
Daemon Status Pill Fix (#90)
The Daemon: Running pill on the station detail page now correctly shows Stale (red) when the station is offline or in warning state, consistent with the station header badge.
Upgrade Notes
- If upgrading an existing deployment, reset the
adminpassword via the database before logging in (the old hash format is incompatible with bcrypt). - Docker deployments require a TLS certificate. See Docker Deployment.