Backend changes:
- Updated go.mod module path from github.com/container-census to
github.com/selfhosters-cc to match correct GitHub organization
- Updated all import paths across codebase to use new module name
- This fixes ldflags injection of BuildTime during compilation
- BuildTime now correctly shows in /api/health response
Frontend changes:
- Added build time badge next to version in header
- Shows date and time in compact format (e.g., "🔨 12/11/2025 8:06 PM")
- Hover shows full timestamp
- Only displays if build_time is not "unknown"
The build script already sets BuildTime via ldflags, but it was being
ignored because the module path in go.mod didn't match the ldflags path.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Always show "Manage Plugins" link in sidebar even when all plugins disabled
- Restore NPM plugin static page to avoid bundle.js 404 errors
- Remove npm from dynamic route generateStaticParams (uses static route)
- NPM plugin now properly uses its dedicated React component
- Graph and security plugins continue to use dynamic [pluginId] route
This fixes the issue where disabling all plugins made it impossible to
re-enable them, and resolves bundle.js loading errors for NPM plugin.
Fixed:
- Image update detection now uses registry digest (RepoDigests) instead of
local image ID, eliminating false positive updates for containers already
running the latest image
- Multi-arch image timestamps now correctly fetched by resolving platform-
specific manifest (linux/amd64) from manifest lists
- Logout button hidden when authentication is disabled
- JS files served with no-cache headers to ensure updates are seen without
hard refresh
Added:
- Agent version display on Hosts page with version fetched on each scan
- Onboarding tour now re-shows on major/minor version upgrades to display
"What's new" information to returning users
Changed:
- Update progress UI shows "Pulling image..." immediately when update starts
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
This commit replaces the browser's native Basic Auth prompt with a
custom login page to improve user experience and avoid browser
credential caching issues.
Authentication Changes:
- Add gorilla/sessions for cookie-based session management
- Create login page with instructions for finding credentials
- Add logout button (🚪 icon) to navbar
- Root path (/) now redirects to /login.html when unauthenticated
- Maintain backward compatibility with Basic Auth for API clients
- Add SESSION_SECRET environment variable for session encryption
Implementation:
- internal/auth/session.go: Session middleware and management
- internal/api/auth_handlers.go: Login/logout HTTP endpoints
- internal/api/handlers.go: Updated routing with selective auth
- cmd/server/main.go: Session store initialization
- web/login.html: Login page with credential finding instructions
- web/login.js: Login form handling
- web/app.js: 401 redirect handling and logout function
- web/index.html: Logout button in navbar
Documentation:
- README.md: Added SESSION_SECRET to docker-compose example
- README.md: Added "Authentication Issues" troubleshooting section
- scripts/run-local.sh: Added auth prompt with qwerty credentials
Onboarding Tour:
- Restored "Join the Selfhosting Community" telemetry opt-in step
- Added updateTelemetrySettings() method
- Tour now has 5 steps including community contribution option
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
