"Bulletproof FIPS from install — no Activate button needed. archipelago auto-starts the FIPS daemon once the seed-derived key exists on disk.",
"fips_key written as bech32 nsec (upstream fips daemon format). Auto-migrates legacy raw-byte files from v1.5.0-alpha on first load so existing installs self-heal on this OTA update.",
"fips.yaml schema updated to match upstream jmcorgan/fips 0.3+ (`node.identity.persistent: true`, `transports.udp.bind_addr`). Old schema made the daemon crashloop with 'data did not match any variant of untagged enum TransportInstances'.",
"ISO: archipelago-fips / archipelago-wg / archipelago-wg-address services no longer masked — ConditionPathExists gates them quietly pre-onboarding. nostr-vpn stays masked (deprecated).",
"ISO: persistent journalctl (500M cap) so install, first-boot, and onboarding history survive reboots for post-mortem diagnosis.",
"ISO build: verify_backend_version() refuses to ship a binary whose embedded version doesn't match core/archipelago/Cargo.toml. Catches the stale-local-build regression that shipped v1.4.0 binaries inside v1.5.0-alpha ISOs.",
"ISO build: installer-env script passed as a bind-mounted file instead of inline `bash -c '…'` — works around a podman/overlay edge case that bricked every rebuild today at debootstrap's first tar extraction.",
"VPN status UI: shows 'Not configured' instead of 'Starting…' when no VPN peer has been added yet (wg0 legitimately isn't up; 'Starting' implied something was broken)."