Aggregate alert webhooks: aggregate alert payloads now include aggregation_entity_type so automations can tell whether an aggregate is scoped to an agent, target, Wi‑Fi profile, or scheduled test.

AI summarization: default model updated to Gemini 2.5 Flash (Google Cloud proxy and API) for faster, consistent summaries across Agents, Alerts, Incidents, Targets, and Wi‑Fi Profiles.

DNS IPv4/IPv6 options: force IPv4 and skip IPv6 for DNS tests and templates (dashboard and API), including ad-hoc DNS and target test configuration—parity with ping where you need to force IPv4 behavior or avoid IPv6.

Raspberry Pi OS upgrade (Bullseye → Bookworm) for wired agents only: supported in-agent upgrade path with network stack migration to systemd-networkd.

Wired tests on dual-homed Wi‑Fi agents: ping, HTTP, and traceroute scheduled and ad-hoc wired tests run inside the eth0_ns namespace so traffic uses the wired path reliably (matches server-side wired scheduled tests on Wi‑Fi agents).

DNS IPv4/IPv6 options: DNS tests support force_ipv4, force_ipv6, and skip_ipv6 (parity with ping); periodic tests pause when IPv6 is skipped but not routable.

Interface management: detection and read/write paths for all four Linux network managers (systemd-networkd, NetworkManager, dhcpcd, ifupdown) so configure-agent and diagnostics work across Bullseye and Bookworm.

Integrations reliability: shorter webhook and ServiceNow push timeouts and additional API job workers to reduce backlog delays (e.g. Wi‑Fi configuration updates waiting behind slow integrations).

Agent registration: agents receive the full kernel release string (composed from kernel_release and kernel_version) for clearer support and compatibility visibility.

Security: nginx upgraded to 1.30.1 with hardened HTTP→HTTPS redirects (mitigates CVE-2026-42945); dependency updates for ruby-saml and dashboard axios.

Password reset: users with a selected security question but no stored answer can complete reset by setting an answer on the reset form; validation errors surface on the form instead of failing silently.

Ad-hoc packet capture: removed the “run on interface” selector in legacy UI—capture is wireless-only, matching agent capability.

WebSocket (WSS): large dashboard→agent commands are reassembled across libwebsockets fragments; oversized fragments are dropped safely so partial JSON is not executed.

WebSocket stability: fixed write-thread join deadlock during connection teardown.

Wi‑Fi roaming and timing: improved roam handling in WPA supplicant timing; avoid spurious connection_lost when the interface drops before a session fully attaches; skip redundant network config rewrites on routine Wi‑Fi hops when IP settings are unchanged (fewer DHCP drops on Bookworm).

Wired namespace: namespace creation is idempotent and repairs routing in place on networkd churn (less subnet churn, fewer false wired-test failures); foreign routing drop-in prevents networkd from stripping namespace policy rules; eth0_ns is repaired automatically after Bookworm networkd migration and during upgrade.

Dual-homed DNS: RoutesToDNS=no on wired DHCP so resolver host routes do not hijack wlan0 DNS; wired DHCP DNS still reported to the server via networkd lease fallback.

DHCP on cloned images: ClientIdentifier=mac on Bookworm so cloned SD cards do not collide on DHCP leases.

Bookworm upgrade robustness: auto-repair of corrupt dpkg metadata before upgrade; improved apt proxy handling during OS upgrade; RPi model detection via device tree instead of MAC OUI checks.

Stability: memory leak fixes; macOS CoreFoundation leak fix; sqlite3 included in agent packages for future/local use.

Target tests: deleting the last alert detector on an NbTest no longer leaves the test stuck in fail alert mode when no detectors remain.

Wi‑Fi interfaces: fixed stale interface state where server-side timestamp touches could keep a Wi‑Fi interface showing disconnected incorrectly.

Bookworm upgrade: wired namespace policy routing is restored after networkd migration so eth0 tests are not false-failing before reboot.

Namespace/DNS: fixed spurious namespace rebuilds caused by stale dhcpcd lease DNS on upgraded agents; gateway detection uses networkd leases when dhcpcd is absent.

TCP/WebSocket fallback: clearer logging when SSL setup or WebSocket upgrade fails.