OmniMon v5.3.0

A performance-focused release that pushes OmniMon’s efficiency to the extreme. 34 files changed, +1,395 lines across 4 feature commits targeting allocator performance, rendering optimization, AI hardening, and accessibility.

mimalloc Global Allocator

OmniMon now uses mimalloc (Microsoft’s high-performance allocator) as the #[global_allocator] in both the CLI and Desktop binaries:

~7% faster for small allocations compared to the system allocator
~50KB binary overhead (vs ~250KB for jemalloc)
Reduced fragmentation via thread-local free lists with page-level decommit
Native macOS support without Zone allocator conflicts

Zero-Allocation Hot Paths

The new WatcherBuffers struct pre-allocates Vec<CachedProcessInfo>, HashMap<u32, (u64, u64)>, and Vec<ProcessRuntime> with initial capacity 512/128. These are reused across 2-second watcher ticks via clear() (which retains heap capacity).

After ~3 ticks of warm-up, the hot path achieves zero heap allocations for container types - eliminating ~43,200 alloc/dealloc cycles per day. Old state capacity is recovered via std::mem::take() for the next tick.

Virtualized Process Table

The process table now uses windowed rendering - only rows visible in the viewport are rendered:

scrollTop + containerHeight + ROW_HEIGHT determine the visible window
Advanced sort memoization - sortedPids only recomputes when sort key/direction changes or actual values differ, not on every 2-second metric tick
Filter memoization - tracks (query, pid, name, group) metadata, skipping recomputation when only numeric metrics change
Rank change animations - 600ms micro-animation when a process jumps 2+ positions

AI Response Caching & Prompt Injection Defense

Response cache: Global in-memory cache using OnceLock<RwLock<HashMap<u64, String>>>. Cache key is a hash of (provider, model, query_context). Identical queries return instantly without an API call.

Prompt injection defense: check_prompt_injection() blocks 8 heuristic phrases in both English and Spanish before reaching the LLM: “ignore previous instructions”, “delete rules”, “forget your purpose”, “act as”, plus Spanish equivalents.

Graceful timeouts: 45-second timeout with isError, canRetry, and retryText fields for clean error display.

Fuzz Testing Infrastructure

Three cargo-fuzz targets using libFuzzer:

fuzz_rules_payload - feeds arbitrary bytes to upsert_rules_from_ai_json() to ensure the AI rules parser never panics
fuzz_geoip_payload - tests GeoIP CIDR validation against invalid notation, oversized prefixes, malformed IPv4
fuzz_rules_evaluate - full pipeline: loads rules from fuzz input, constructs synthetic ProcessConnectionEvent objects, runs through evaluate_events() (limited to 64 events per input)

Lazy Loading & Demand-Based Polling

9 components moved to dynamic import():

ChromeTabManager, AIChat, NetworkMap, ProcessDetailsModal, SecurityReportView, HelpCenterModal, SystemMetricModal, Automations, CloudSync

Demand-based polling via setPollingTarget(): browser tab polling (5s) and network telemetry only start when their respective views are opened. If you never open the network map, network polling never runs.

WCAG AA Accessibility

Focus trap utility - proper Tab/Shift+Tab cycling, focus save/restore for all modals
Sort headers use real <button> elements instead of clickable <th>
Network map tabs use roving tabindex with aria-controls and aria-selected
Resize dividers converted from <div> to keyboard-accessible <button> elements
WCAG AA contrast: dark theme --fg-dim elevated to #a1a1aa, cyberpunk to #c4b5fd

Install

# macOS
brew tap chochy2001/omnimon && brew install --cask omnimon

# Linux
curl -fsSL https://get.omnimon.com.mx | bash

# Windows
winget install chochy2001.omnimon

Full changelog on GitHub