Skip to content

Releases: zR-JB/graphite-meter

v0.2.0

Choose a tag to compare

@github-actions github-actions released this 14 Jul 18:51
Immutable release. Only release title and notes can be modified.
38546f5

What's Changed

  • Contain mobile drawer gestures by @zR-JB in #52
  • feat: add selectable HTTP/1.1, HTTP/2, and HTTP/3 targets by @zR-JB in #53

Full Changelog: v0.1.5...v0.2.0

v0.1.5

Choose a tag to compare

@github-actions github-actions released this 13 Jul 12:16
Immutable release. Only release title and notes can be modified.
efea43a

What's Changed

  • Improve mobile drawer and settings UX by @zR-JB in #51

Full Changelog: v0.1.4...v0.1.5

v0.1.4

Choose a tag to compare

@github-actions github-actions released this 13 Jul 09:38
Immutable release. Only release title and notes can be modified.
8b9d2bb

What's Changed

  • build(deps-dev): bump the client-deps group in /client with 5 updates by @dependabot[bot] in #43
  • Unify effective throughput measurement across server and clients by @zR-JB in #45
  • Fix wire-rate compensation model and automatic transport detection by @zR-JB in #46
  • Detect trusted proxy client IP family for wire-rate compensation by @zR-JB in #48
  • Fix throughput chart leakage across stage warmups by @zR-JB in #50

Full Changelog: v0.1.3...v0.1.4

v0.1.3

Choose a tag to compare

@github-actions github-actions released this 09 Jul 15:04
Immutable release. Only release title and notes can be modified.
1645d76

What's Changed

  • fix tui bidirectional result drain by @zR-JB in #37
  • Fix mobile touch ergonomics in the Svelte client by @zR-JB in #38
  • Fix stage track and gauge state across throughput transitions by @zR-JB in #39
  • Cleanup/svelte client lean pass by @zR-JB in #40
  • Resolve CodeQL HTML comment stripping warning by @zR-JB in #41
  • Align Svelte client pipeline with Bun and CI gates by @zR-JB in #42

Full Changelog: v0.1.2...v0.1.3

v0.1.2

Choose a tag to compare

@github-actions github-actions released this 05 Jul 20:03
Immutable release. Only release title and notes can be modified.
929acb9

What's Changed

  • fix(preflight): advertise a real wss origin behind a TLS-terminating proxy by @zR-JB in #29
  • Add unit tests across Go server/TUI/Svelte client, clean up narrative comments, harden CI by @zR-JB in #31
  • Replace xorshift with crypto rand by @zR-JB in #32
  • Fix upload/download measurement asymmetry in the native client + TUI polish by @zR-JB in #33

Full Changelog: v0.1.1...v0.1.2

v0.1.1

Choose a tag to compare

@github-actions github-actions released this 04 Jul 10:36
Immutable release. Only release title and notes can be modified.
cdb919c

What's Changed

  • ci: SHA-pin all actions, keep client symbols, fix reproducible-build … by @zR-JB in #26

Full Changelog: v0.1.0...v0.1.1

⚠️ Windows Defender warnings & verifying this release

Windows may flag the native go TUI client: graphite-meter-client.exe (e.g. Trojan:Win32/Wacatac.C!ml or a SmartScreen prompt). This is most likely a false positive — Defender's ML heuristics routinely flag unsigned Go binaries with no download history, and this project has no code-signing certificate. Don't take that on trust: this release is bit-for-bit reproducible, so you can verify it yourself.

1. Verify your download

Checks the archive wasn't corrupted or swapped in transit (checksums.txt covers the archives):

# Linux / macOS
sha256sum -c checksums.txt --ignore-missing
# Windows — compare against the matching line in checksums.txt
Get-FileHash .\graphite-meter-client_0.1.1_windows_amd64.zip -Algorithm SHA256

2. Rebuild from source and compare

Proves the binary contains exactly the tagged source. Works from any OS (Go cross-compiles deterministically); needs only Git and Go. GOTOOLCHAIN pins the exact release compiler — a different Go version legitimately changes the bytes. core.autocrlf=false and the clean-tree check matter: any modification flips the embedded vcs.modified flag and the hash.

# Linux / macOS
git clone -c core.autocrlf=false https://github.com/zR-JB/graphite-meter
cd graphite-meter && git checkout v0.1.1 && cd go
git status --porcelain   # must print nothing
GOTOOLCHAIN=go1.26.4 CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -trimpath \
  -ldflags "-X github.com/zR-JB/graphite-meter/go/internal/goclient.Version=0.1.1" \
  -o graphite-meter-client.exe ./cmd/graphite-meter-client
sha256sum graphite-meter-client.exe
# Windows
git clone -c core.autocrlf=false https://github.com/zR-JB/graphite-meter
cd graphite-meter; git checkout v0.1.1; cd go
git status --porcelain   # must print nothing
$env:GOTOOLCHAIN="go1.26.4"; $env:CGO_ENABLED="0"; $env:GOOS="windows"; $env:GOARCH="amd64"
go build -trimpath -ldflags "-X github.com/zR-JB/graphite-meter/go/internal/goclient.Version=0.1.1" -o graphite-meter-client.exe ./cmd/graphite-meter-client
Get-FileHash .\graphite-meter-client.exe -Algorithm SHA256

Compare against the binary extracted from the release archive (hash the binary, not the zip/tar.gz — archives embed timestamps and never reproduce). Expected hashes for v0.1.1:

7ec6abba846dcb02e58c602097779c765f4d707364f117b900c06e6ec379e018  windows/amd64  graphite-meter-client.exe
302637289ee7bb84773e6f64a9e300a9afb8278856ee7d49272161272e0fb060  linux/amd64    graphite-meter-client
d1756f9c91a6c5c432634e1ffc08ac50d003113b83f9d5afea71c4cf7891fcd2  linux/arm64    graphite-meter-client
347709f591330543e1ab0eb5da83eb88f1aad246679f08d56881443a08442cd0  darwin/amd64   graphite-meter-client
386c2ace0c26beb7d14184050c10c9435b3bf464187cc1f747c272e92a7708c2  darwin/arm64   graphite-meter-client

For other platforms, change GOOS/GOARCH and drop the .exe. If a hash differs, go version -m <binary> prints every build input (compiler, vcs.revision, vcs.modified, all dependency checksums) — the differing line is your explanation.

3. Audit the code and dependencies

The client is small: go/cmd/graphite-meter-client + go/internal/goclient — no os/exec, no telemetry, no network destination beyond the server URL you pass it. Four direct dependencies (Charm Bubble Tea TUI stack, coder/websocket, santhosh-tekuri/jsonschema), all hash-pinned in go/go.sum and verified against Go's public checksum transparency log on every build. cd go && GOOS=windows go mod why -m <module> explains why any dependency is present. The pipeline (release.yml) uses SHA-pinned actions and only publishes tags merged to main.

v0.1.0

Choose a tag to compare

@github-actions github-actions released this 04 Jul 09:27
Immutable release. Only release title and notes can be modified.
bef6a6a

What's Changed

  • Ci/GitHub actions by @zR-JB in #17
  • ci: add branch guard, merge conflict markers, large files guard, gitleaks secret pre runs by @zR-JB in #19
  • rename xhr-stream transport identifier to fetch-stream by @zR-JB in #20
  • build(deps-dev): bump the client-deps group in /client with 8 updates by @dependabot[bot] in #18
  • fix(build): unify client/server version stamping, guard release tags by @zR-JB in #21
  • feat(bidirectional): implement real concurrent down+up transfer by @zR-JB in #22
  • Prepare for release by @zR-JB in #23
  • ci: release.yml now supports staged pre-releases. by @zR-JB in #24
  • feat(cli): version-stamp the native TUI client, publish it on releases by @zR-JB in #25

New Contributors

Full Changelog: https://github.com/zR-JB/graphite-meter/commits/v0.1.0