Web App Passive Firmware Check Backlog
Web App Passive Firmware Check Backlog
We explored showing a passive firmware status line in the Leaf web app, such as Up to date or Update Available, by reusing the existing OTA version metadata check. The desired behavior was:
- Only check when the web app is served over an existing outside WiFi network.
- Do not check when the web app is served from Leaf AP mode.
- Check only once per web-app session, then cache the result.
- Show hardware before firmware in the status block, with the update result below firmware in Leaf hero green.
The existing firmware-update menu uses getLatestTagVersion() from src/vario/comms/ota.cpp, which fetches:
https://github.com/DangerMonkeys/leaf/releases/latest/download/latest_versions.jsonThat path works as part of the dedicated Update FW flow, but that flow explicitly unloads BLE first because OTA checking/updating is memory-expensive. The passive web-app experiment tried to perform only the metadata check while the web app, WiFi server, BLE, and normal runtime services were still active.
Tested approaches:
- Added a separate
/api/firmware/update-statusroute so/api/user/statusstayed lightweight. - Cached the result for the active web-app session so the browser would not repeatedly hit GitHub.
- Added heap/max-allocation instrumentation around
getLatestTagVersion(). - Improved OTA error reporting using
HTTPClient::errorToString(). - Tried the default
HTTPClient::begin(url)path. - Tried an explicit TLS client:
WiFiClientSecure client;client.setInsecure();HTTPClient http;http.begin(client, LeafVersionInfo::otaVersionsUrl());Both HTTP client approaches failed from the web app path with:
HTTP GET failed -1 (connection refused)Representative diagnostic values:
free heap before: 40552-40732 bytesfree heap after: 40032-40200 bytesmax alloc before: 29684-31732 bytesmax alloc after: 29684-31732 bytesInterpretation:
- The passive check likely fails because GitHub HTTPS/TLS needs more contiguous runtime headroom than is available while the full web-app stack and other services are active.
- The failure does not leave a large net heap loss, but the available contiguous allocation around 30 KB appears too small for this request path.
- Explicit
WiFiClientSecuredid not solve the failure.
Future work options:
- Keep update availability checks in the dedicated
Update FWmenu only, where unloading BLE and rebooting are already expected. - If web-app status remains desired, add a deliberate “Check for Updates” action that warns the user it may temporarily unload BLE or pause services.
- Explore a web-app path that mirrors the firmware-update menu lifecycle: unload BLE, stop/pause nonessential services, perform the metadata check, then require reboot or controlled service reinitialization.
- Consider a lighter update metadata source in the future if one can be served without GitHub HTTPS/TLS overhead.
- If revisiting implementation, start from a clean branch and re-add only the status route, one-shot cache, heap instrumentation, and UI line after confirming the service-lifecycle strategy.