All posts
releasesecurityaiobservability

OmniMon v6.1.0 - Security Hardening, AI Streaming & Grouped Alerts

OmniMon 6.1.0 focuses on verifiable distribution, safer key handling, better contextual analysis, and less noisy operations across desktop, CLI, and AI workflows.

Release overview

OmniMon v6.1.0 is a reliability and security-focused release that also makes the product easier to operate day-to-day. This version hardens release integrity, removes plaintext credential fallbacks, adds AI token streaming, and reduces alert noise with grouping and debounce logic.

Security hardening

  • Real Ed25519 updater key replaces the placeholder key in the auto-updater flow
  • Native keyring only: API keys no longer fall back to plaintext storage
  • Key lifecycle protections: zeroize, HKDF-SHA256, and omnimon config rotate-key
  • Release signing with Ed25519 signatures plus SHA-256 checksums for binary verification
  • Prompt-injection defense expanded to 25 patterns across frontend and backend
  • CI hardening with pinned GitHub Actions plus cargo audit and bun audit

Operational fixes

  • MITRE alignment corrected: obsolete T1043 mapping updated to T1071
  • AI CPU context fixed so reports distinguish per-core vs total CPU correctly
  • Markdown rendering fixed in alerts and AI chat
  • AI chat polish: auto-scroll and better i18n behavior
  • Health alerts debounced after three consecutive readings to avoid transient spikes
  • Grouped alerts by process to stop duplicate stacks of the same issue

New capabilities

  • Grouped process rows such as Chrome ×15 with expandable details
  • Native application icons in the process table
  • Clickable dashboards with contextual AI queries
  • AI token streaming plus 7 presets for faster analysis
  • 5 tool-calling actions: process details, network details, security scans, process explanations, and system summaries
  • Configurable AI cache TTL from 0 to 60 minutes
  • Theme system: Dark, Light, and Cyberpunk
  • CLI parity improvements for network and rules

Performance and quality

  • Polling moved to push events in Tauri for lighter refresh behavior
  • ~500 String clones per tick removed from a watcher hot path
  • App.svelte decomposed from 1757 lines into focused layout modules
  • 857 tests across Rust and frontend with stronger coverage gates

Install

# macOS
brew tap chochy2001/omnimon && brew install --cask omnimon

# Linux
curl -fsSL https://get.omnimon.com.mx | bash

# Windows
winget install chochy2001.omnimon

Full changelog on GitHub

All posts

Previous patch

OmniMon v6.0.1

Unified buttons, IPC fixes, deferred confirmations, and layout polish.

Source release

GitHub release page

Inspect the release assets, signatures, and published notes.