v0.6.1

Release Notes

This patch release fixes a build issue that prevented binaries from being properly zipped and attached to the previous GitHub release (v0.6.0). All release assets are now correctly generated and available for download here.

What's Changed

• ci(build): build arm images natively by @ayuhito in #196
• test: add a ci build step to ensure release goes smoothly by @ayuhito in #197
• chore(deps): update all digests by @renovate[bot] in #184
• chore(deps): update dependency go to v1.25.0 by @renovate[bot] in #194
• chore(deps): update actions/checkout action to v5 by @renovate[bot] in #198
• ci(build): latest docker image build by @ayuhito in #199
• ci(build): incorrect tag references to build docker by @ayuhito in #200

Full Changelog: v0.6.0...v0.6.1

v0.6.0

Release Notes

This update introduces new spam protection features for cleaner analytics data and reduced abuse. This release also includes several bug fixes and improvements for a more stable and reliable experience.

Features

• IP Blocking: A new dedicated settings page allows you to block specific IP addresses (like your home or office) and manage preset abusive IP blocklists.

• Referrer Spam Protection: Known spammy referrers are now filtered behind the scenes using a community maintained blocklist to prevent referrer bombing.

Bug Fixes and Improvements

• IP addresses are no longer counted as valid referrers.
• Added rate limiting to reduce impacts of sudden spikes in requests.
• Improved dashboard loading performance by reducing the number of network requests and fixing some data stream bugs.
• Upgraded Go, DuckDB, and other dependencies to their latest versions for improved performance and security.
  • Dependencies are now pinned to reduce chances of supply chain attacks.

What's Changed

• chore: upgrade dependencies by @ayuhito in #161
• chore(deps): upgrade dependencies by @ayuhito in #165
• style: use golines linter by @ayuhito in #166
• fix(dashboard): enable single fetch by @ayuhito in #167
• fix(dashboard): use route config by @ayuhito in #168
• fix(core): do not include ip addresses as valid referrer by @ayuhito in #169
• fix(dashboard): use stream timeout over abort delay by @ayuhito in #170
• ci(build): fix docker build errors and update deps by @ayuhito in #171
• fix(referrer): filter out spammy referrers by @ayuhito in #172
• build: use debian image for build to sync glibc with distroless by @ayuhito in #173
• chore(deps): update duckdb version by @ayuhito in #174
• chore(deps): upgrade go by @ayuhito in #176
• feat(middlewares): add new rate limiter by @ayuhito in #177
• feat: add spam settings page by @ayuhito in #178
• fix(core): update spam default settings to true by @ayuhito in #179
• style(core): add wsl linter by @ayuhito in #180
• chore: Configure Renovate by @renovate[bot] in #181
• chore(deps): pin dependencies by @renovate[bot] in #183
• chore(deps): update actions/attest-build-provenance action to v2 by @renovate[bot] in #186
• ci(release): remove concurrency group for edge release by @ayuhito in #185
• chore(deps): update actions/download-artifact action to v5 by @renovate[bot] in #187
• chore(renovate): use preserve semver ranges by @ayuhito in #192
• fix(deps): update all non-major dependencies by @renovate[bot] in #188
• fix(deps): update dependency valibot to v1 by @renovate[bot] in #191
• fix(deps): update dependency @biomejs/biome to v2 by @renovate[bot] in #190
• fix(dashboard): react server node false import by @ayuhito in #193

New Contributors

• @renovate[bot] made their first contribution in #181

Full Changelog: v0.5.2...v0.6.0

v0.5.2

Release Notes

This update adds a new convenient auto SSL provisioning feature for self-hosters and performance improvements.

Features

• Added a new -autossl flag to automatically provision an SSL certificate to your machine. You can learn more about this feature here.

Bug Fixes and Improvements

• Enable HTTP compression on all responses (up to ~80% size improvements for some payloads).
• Upgraded DuckDB from v1.1.0 to v1.2.0.
• The data-api option on the tracker no longer needs a trailing slash.

<script ... data-api="example.com/api/" /> // Old
<script ... data-api="example.com/api" />  // New

What's Changed

• fix(tracker): add trailing slash to data-api option by @ayuhito in #147
• chore(deps): update golang by @ayuhito in #152
• chore: upgrade go dependencies by @ayuhito in #154
• feat(core): add automatic ssl provisioning by @ayuhito in #155
• fix(core): https redirect middleware uses invalid localhost by @ayuhito in #156
• perf(core): add http compression by @ayuhito in #158
• fix(core): remove https redirect on non ssl setup by @ayuhito in #157
• ci(build): fail fast on edge concurrency group by @ayuhito in #159

Full Changelog: v0.5.1...v0.5.2

v0.5.1

Release Notes

This update focuses on bringing many quality-of-life improvements and reduces memory usage of the binary.

Features

• Improved coverage for detecting browsers and operating systems.
• When redirected to the login page, successfully logging in will now return you back to your previous page.
• A quick external link button has been added to the expanded view referrer table, which was previously only available on the home page.

Bug Fixes and Improvements

• Implemented a basic spam threshold system to reduce bot traffic.
• Lowered minimum runtime memory usage by around ~10-12MB, improving performance on low-end systems.
• Upgraded DuckDB from v1.0.0 to v1.1.0, improving query speed for some pages.

• The browser client will automatically force flush its cache when it detects the server binary has been updated.
• Many minor styling adjustments and fixes for better visual consistency.
• Reduced client bundle size by around ~50kb.

• Fix cases of extremely large time spent on page values by optimistically firing the unload event when the page is first hidden.
• Smaller tracker bundle size.

What's Changed

• feat(dashboard): add login redirect from old link by @ayuhito in #134
• feat: include x-api-commit header for client cache busting by @ayuhito in #135
• ci: include version and commit in docker images by @ayuhito in #136
• perf(core): reduce allocs for ping event and use a pool by @ayuhito in #137
• fix(core): reduce spam using a threshold system by @ayuhito in #138
• fix(tracker): send unload event on page hidden instead by @ayuhito in #139
• ci(fly): use docker image instead of local dockerfile by @ayuhito in #140
• feat(core): add performance profiler by @ayuhito in #141
• perf(core): reduce heap memory usage for useragent parser by @ayuhito in #142
• fix(dashboard): minor styling and accessibility improvements by @ayuhito in #143
• fix(core): improve user agent coverage by @ayuhito in #144
• feat(dashboard): add external link icon to table by @ayuhito in #145
• chore: upgrade duckdb and go by @ayuhito in #146

Full Changelog: v0.5.0...v0.5.1

v0.5.0

Features

We’ve added support for Custom Properties, allowing users to include additional metadata on their web pages for more better data segmentation.

To start off, new trackers now support sending metadata on page load and mouse click events. This is opt-in and can be configured in the new "Tracker" settings page.

Once enabled, this functionality can be used by embedding the following HTML data attributes into your webpages:

<html>
    <body data-m:load="theme=dark;subscription=paid">
        <button data-m:load="logged_in=true" data-m:click="action=logout">Log out</button>
        <h1>Welcome to My Page</h1>
    </body>
</html>

The new data-m:load and data-m:click attributes allow you to send additional metadata from any element on your page. You can set these attributes statically or dynamically based on the user’s state or any other relevant information.

Learn more about this new feature here.

Bug Fixes and Improvements

• New automated testing for our JavaScript trackers across multiple browsers. This allowed us to catch edge cases on certain browsers where events might fail to send which have been now fixed. This also ensures future updates will be more stable with fewer regressions.
• The default tracker was optimised to be even smaller.
• Improved caching logic of tracker events, leading to less network requests for visitors due to our unique cache-based methodology.
• Various performance improvements and memory usage reductions for the API server.
• The dashboard is now lighter and faster, with ongoing migration of components which may be completed in the next few minor updates.

What's Next

For our next major update, we will focus on Data Control and Migration, including the ability to import data from sources like Google Analytics, export data in various formats, and set data retention policies.

In the meantime, upcoming minor updates will target quality-of-life and performance improvements. These will include numerous bug fixes to add to the overall polish. After that, we plan to benchmark the project’s performance at scale, optimising it to handle workloads of hundreds of millions of page events. While the current project is known to handle tens of millions of events, we want to focus on a benchmarking framework to thoroughly test its limits and make it suitable for larger workloads.

What's Changed

• feat(db): support custom properties metadata by @ayuhito in #108
• perf(core): cache ping endpoint if user is returning visitor by @ayuhito in #110
• test(tracker): add e2e playwright specs by @ayuhito in #109
• perf(tracker): use terser for minification by @ayuhito in #111
• feat: add tagged event tracking by @ayuhito in #112
• feat(core): use a new settings struct to support multiple trackers by @ayuhito in #113
• fix(core): get settings should return default values for null settings by @ayuhito in #116
• feat(dashboard): select tracker variants by @ayuhito in #117
• feat(core): dynamically update script.js based on user configuration by @ayuhito in #119
• fix(tracker): simplify tagged event click logic by @ayuhito in #123
• feat: add custom properties selection and filtering by @ayuhito in #120
• chore(core): upgrade to go 1.23 by @ayuhito in #125
• ci: pin docker language versions to mise toml by @ayuhito in #126
• perf(core): preallocate stat responses and reduce branching by @ayuhito in #127
• build(dashboard): remove postcss and only use lightningcss by @ayuhito in #128
• build(dashboard): use vite plugin to inject custom media properties by @ayuhito in #129
• feat: add percentages to custom event data by @ayuhito in #130
• fix(dashboard): data visible from selector was not being passed by @ayuhito in #131
• feat(tracker): support page view custom props by @ayuhito in #132

Full Changelog: v0.4.4...v0.5.0

v0.4.4

Features

• Added a basic date range picker for more granular analytics.

Community

Medama now has a new public roadmap to keep users informed about ongoing feature developments.

What's Changed

• docs: add contributing by @ayuhito in #102
• feat(dashboard): add date picker by @ayuhito in #103
• fix(dashboard): invalid styles from datepicker by @ayuhito in #105
• fix(dashboard): reset range state when navigating to different periods or websites by @ayuhito in #106

Full Changelog: v0.4.3...v0.4.4

v0.4.3

Features

• Added support for Docker ARM64 images.
• New website quick switcher on the dashboard.

Bug Fixes and Improvements

• Chart tooltips now clearly indicate the specific range of data they cover.
• Fixed an issue where monthly interval queries were returning zero data.
• Trackers on multi-page applications now properly send unload events.
• Optimised the tracker bundle size in brotli compression scenarios.

Community

• Join Our Discord: We now have a Discord server where we share ongoing progress and updates about this project. Feel free to join and connect with us at medama.io/discord.

What's Changed

• ci: add arm docker images by @ayuhito in #90
• ci: skip using qemu for building arm images by @ayuhito in #91
• ci(docker): remove node and reduce layers by @ayuhito in #92
• feat(dashboard): add website quick switch dropdown by @ayuhito in #93
• fix: correct monthly interval querying and chart tooltips dates by @ayuhito in #94
• fix(tracker): use event listener on window instead of document by @ayuhito in #95
• perf(tracker): smaller size through direct function passing by @ayuhito in #96

Full Changelog: v0.4.2...v0.4.3

v0.4.2

Bug Fixes and Improvements

• Corrected bounce rate calculations for accuracy, as they were previously much lower than expected.
• Improved reliability of unload event tracking by using sendBeacon API.
• Many minor dashboard enhancements related to formatting, styling, and accessibility.

What's Changed

• refactor(core): use custom duckdb query builder by @ayuhito in #83
• fix(core): use more accurate bounce rate query by @ayuhito in #84
• fix(tracker): use sendbeacon for unload event by @ayuhito in #85
• fix(core): improve bot detection via user agents by @ayuhito in #86
• fix(dashboard): many quality of life bug fixes by @ayuhito in #87

Full Changelog: v0.4.1...v0.4.2

v0.4.1

Bug Fixes and Improvements

• Resolve a regression from v0.4.0 that prevented unload data (time spent on page/bounce rate) from being processed.

What's Changed

• fix(core): send event unload data successfully by @ayuhito in #82

Full Changelog: v0.4.0...v0.4.1

v0.4.0

Features

Data Grouping

• Referrer Groups - Known referrer URLs are now conveniently grouped together for easier identification.
  • Selecting a referrer group allows you to expand and view the URLs within that specific group.

• Language Groups - Languages are also now grouped and can be expanded to display specific browser locales.

System Resources

• New Usage Dashboard - Useful for users with remote-hosted VMs, this dashboard gives insights into the application's resource usage. It also includes options to adjust database resource allocation.
  

Bug Fixes and Improvements

• Website Deletion: Users can now delete websites directly from the dashboard.
• Improved Caching: Improved caching for dashboard assets and scripts to load the dashboard quicker.
• Better Bot Detection: Upgraded user-agent parser for more accurate bot detection.
• Dashboard Interaction: Fixed several bugs related to filter interactions on the dashboard.

What's Changed

• feat: add system resources dashboard by @ayuhito in #72
• perf(core): add etag caching for assets by @ayuhito in #73
• feat(dashboard): add the ability to delete a website by @ayuhito in #74
• fix(core): improve bot user agent coverage by @ayuhito in #75
• feat: add language group locales by @ayuhito in #76
• feat: add referrer groups by @ayuhito in #80

Full Changelog: v0.3.0...v0.4.0