No OTA updates
It seems it will be impossible to implement over the air (OTA) firmware updating because the code is too big. To update the SPI flash memory over the air the internal memory is split in two: one partition runs the current code, the other partition gets the updated code and upon reboot the code in the other partition is executed. During the next OTA update the first partition is rewritten, etc.
This essentially means that the available memory is divided by two and currently the code already uses about 70+% of the SPI flash memory.
Google Spreadsheets SHA1 fingerprint changes
Google seems to change its SHA1 certificate depending on the server you land on, this means the hardcoded SHA1 fingerprint in the code will fail from time to time. It doesn't affect the code submission as the IPM can just ignore the mismatch and still send the data, I removed the SHA1 verification so that the requests would still go through, a bit unfortunate though.
Token for Google script
I added a token check for the Google script, this way even if the Google script URL is disclosed the token will prevent somebody else messing with the entries.
I was interested in seeing how the IPM was doing over a long period of time. I made a logger function that saves some events such as Wi-Fi reconnections, data uploading tries and the total daily power usage to log.txt file in the root of the SD card. This file can be viewed by logging in the IPM and opening it in the file browser.