Versioning & Release Notes

Stay up to date with the latest improvements to V-Portal. This page provides a single, easy-to-scan log of releases, highlighting what’s new and what’s been improved in each version.

You’ll find:

• New portal features and UX enhancements
• Bug fixes and stability improvements
• Performance and security updates
• Any rollout considerations, dependency changes, or configuration updates

Release Summary

0.5.2 - March 2026

The 2nd week of March 2026 delivers V-Portal 0.5.2. This release introduces a notifications system, fixes to touch related functionality on pages and a new quick actions toolbar!

What’s new?

💬 Notifications

• A new component to display messages/notifications has been added
• This has been used to display certain messages and actions on different conditions, mainly:
  • Requesting control from a popup, replacing the browser based alert
  • Error connecting to the backend, providing the ability to reload the page
  • Take Control errors, notifying the user if the request has not been successful
  • Page saving showing the users that the page has been saved

🧰 Quick Actions Toolbar

• A new component replacing the Light/Dark mode theme toggle
• This component adds 4 quick action buttons that allow the users to perform certain actions, including:
  • Go To Settings
  • View System Health
  • View Network Connectivity
  • Contact Support
  • Note: Only the settings button is implemented in this release

What’s Better?

• Touch controls on page editing have been improved to allow widgets to be added, moved and resized on touch screen devices
• Saving a page now shows a notifcation
• The profile panel now shows the user’s full name and profile photo instead of the username (if provided)
• Requests are automatically retried if the user’s token has expired
• The system automatically obtains control of the system when a user logs in if there are currently no other users in control

Bug Fixes & Other Changes

• Light/Dark Mode toggle has moved to the settings page
• Fixed issue where the unsaved changes alert is still displayed even after saving a page
• Request for control modal now appears above all other modals
• Fixed issue where saved role in the page settings visibility level would not appear

0.5.1 - March 2026

The 1st week of March 2026 delivers V-Portal 0.5.1, with minor system changes. This release introduces password strength changes, bugfixes and increased token expiry.

Key Changes

• Passwords no longer have strict restrictions on uppercase/lowercase and special symbols. Passwords are only required to be between 8-15 characters long.
• Fixed an issue where the first login of a user meant that no data fields were loaded.
• Temporarily changed the access token expiry to 8 hours to reduce authentication-related issues.

0.5.0 - February 2026

February 2026 delivers V-Portal 0.5.0, focusing on user management, authentication security, and overall platform stability.

This release introduces user management, safer password reset flows, improved admin protections, stronger session enforcement, UI polish, and a broad set of backend and frontend fixes.

Breaking Changes

There are no breaking API or behavioural changes in this release.

What’s New?

🔐 Authentication & Security

• First-time login password reset flow — A dedicated first-login experience ensures users must reset their password before accessing the system.
• Backend session validity enforcement — User sessions are now invalidated immediately across all backend APIs and WebSocket connections when a user’s role or status changes.

👤 User Management

• Create & edit user modals — Structured modals have been introduced for creating and editing users, with role-based restrictions enforced in the UI.
• User profile — Introduced a user profile section where users can update their profile details and reset their password.
• User management table (restricted access) — A role-restricted User Accounts table is now available, forming the base interface for managing user accounts.
• Force password reset via user update — Admins can require users to reset their password as part of a user update.
• Protected last-admin profile updates — The last active Admin can update personal details (name, email, profile photo) while remaining protected from role or status changes.

📦 File Handling & Modules

• Chunked file upload service — Frontend support for chunked uploads enables reliable handling of large files with progress feedback.
• Streaming API client with auth levels — Module registry pages now support backend streaming APIs with configurable authentication levels.

What’s Better?

🔧 Authentication & Session Handling

• Backend token handling refactor — JWT token handling has been refactored to improve security, consistency, and configurability.
• Password handling refactor — Password validation, hashing, and reuse prevention are now centralised in the backend.
• Logout via backend endpoint — Logging out now explicitly clears the user session on the backend, ensuring immediate access revocation.

🔄 Platform Maintenance

• Backend support for in-app V-Portal updates — Foundational backend support has been added to enable updating V-Portal directly from the interface. This includes version checks, update execution, automatic backups, migration detection, integrity validation, progress logging, and rollback handling.

Bug Fixes

🔐 Authentication & Security

• Ensured JWT tokens use millisecond precision to prevent duplication.
• Fixed authentication race conditions during login.
• Fixed unauthorised access to protected pages via direct URLs.

🧭 Navigation & UI Behaviour

• Fixed child navigation items ignoring auth levels.
• Fixed logout routing issues.
• Fixed inability to refresh module URLs.
• Restored correct icon usage where emojis appeared.
• Fixed inability for users with Integrator & Maintenance roles to create pages.

🎨 UI / UX & Visual Fixes

• Fixed spacing issues in display data-field widgets.
• Fixed editable data-field title and text sizing.
• Fixed popup text colour inconsistencies.

⚙️ Backend Stability & Performance

• Fixed backend crashes caused by rapid frontend refreshes.
• Resolved route-registry mutex blocking concurrent requests.
• Standardised streaming endpoint to /api/stream.
• Ensured dynamic socket routes respect accept-handler validation.
• Fixed module report extraction failures.
• Ensured cleanup of temporary module folders and outdated .vmod files.

Known Issues & Limitations

• Role protection is currently enforced only for Admin users. Protection of the last active user for other roles is planned but not yet available.
• Permissions are role-based only. Per-user or per-action permission overrides are not supported in this release.
• User deletion is restricted. Deactivation is the supported mechanism for removing access where audit or compliance requirements apply.

Technical Details

• Existing sessions may terminate immediately when roles or account status changes.
• Streaming integrations must target the updated /api/stream endpoint.

0.4.2 - January 2026

V-Portal 0.4.2 introduces enhancements to KPI configuration, a new installer to simplify deployments, and improvements to real-time event streaming and health checking. This release also includes multiple stability and usability fixes, particularly around Popups, Data Field handling & Numpad inputs.

New Features

1. Configurable KPI reporting windows — You can now configure KPI widget start and end datetimes via Data Fields, allowing administrators to define reporting windows without code changes.
2. V-Portal installer — A new installer is available to simplify deployment and setup of V-Portal, reducing manual configuration steps for new environments.
3. Event-streaming endpoints — Backend support has been added for hosting httplib endpoints with event streams, including a module interface that allows modules to expose event-streaming endpoints.

Improvements

• Data Field update tracking — Added a Python function to retrieve the last update time for a Data Field, improving traceability and data freshness checks.
• Consistent KPI time-period handling — Refined KPI widget time-period logic so that start and end datetimes configured via Data Fields are applied consistently across widgets.
• WebSocket liveness checks — Added a lightweight WebSocket ping endpoint that clients can use to verify backend liveness and connectivity without invoking business logic.
• REST liveness checks — Added a lightweight REST API ping endpoint that clients can use to verify backend liveness and connectivity without invoking business logic.

Bug Fixes

• Fixed an intermittent issue where popups would sometimes fail to appear when triggered.
• Enabled support for decimal number input on editable datafield widgets.
• Fixed an issue causing popup images to be resized or scaled incorrectly.
• Resolved a problem where datafields did not reliably load on initial render, which could result in missing or incomplete information.
• Prevented the popup WebSocket from sending status messages on open when the user is not authenticated.
• Stopped the WebSocket from continuing to send popup data after the corresponding popup no longer exists.
• Ensured the Python service sends an initial STATUS message when a connection is made while the user is logged out.
• Updated the behavior so that the popup WebSocket connection is correctly closed when the user logs out.
• Refactored and enhanced the popup/module code to improve maintainability, clarity, and future extensibility.
• Removed an unnecessary server error that was being raised and logged, reducing noise in monitoring and logs.
• Fixed the handling of active popups during application startup so that stale or invalid popups are correctly cancelled.

Release Schedule

V-Portal follows semantic versioning:

• Major releases: Breaking changes
• Minor releases: New features
• Patch releases: Bug fixes