Changelog
A running record of API, dashboard, SDK, infrastructure, and security changes — written for developers.
Stay in the loop
One email per release. No noise.
Every page now works flawlessly on mobile. Dashboard sidebar slides in as a fixed overlay, site header gets a proper hamburger drawer, all content grids adapt from 1-col to 4-col. Stat cards, chart grids, billing plans, and settings forms all use responsive Tailwind breakpoints.
Sign-in and sign-up pages now include Google and GitHub OAuth buttons with brand-accurate icons, spring-scale hover states, and per-button loading spinners. The 'or continue with email' divider sits cleanly between social auth and the email form.
Removed all box shadows, transition-all animations, and hover shadow patterns across every dashboard component. Cards, stat tiles, chart containers, and nav links now follow a strict flat border-only design system. No more animate-in, no transition-all.
New inbox page with grouped notifications (Today / Yesterday / Earlier), filter pills by type (Jobs, Billing, System), unread count badge, and per-notification mark-as-read. Replaces the placeholder notification popover in the dashboard shell.
Dashboard help page with live search across popular articles, category grid (Quick Start, API Reference, Webhooks, Troubleshooting, Billing, SDK), an FAQ accordion, and a contact support card. Search filters articles in real-time without a server round-trip.
Default vision model updated from claude-3-opus to anthropic/claude-opus-4-5 via OpenRouter. Selector confidence threshold lowered from 0.75 to 0.60 to reduce unnecessary full-page fallbacks. Multi-model support: claude-sonnet-4-6, gpt-4o, and gemini-2.0-flash-001 now configurable via AI_MODEL env.
Next.js 15 App Router client with Bricolage Grotesque + DM Sans type system, full design token set, marketing pages (home, pricing, features, changelog, docs, legal), auth flows (sign-in, sign-up, forgot/reset password), dashboard shell with 7 pages, and docs API layout.
Complete OpenAPI 3.1 specification covering all v2 endpoints — workspaces, monitors, webhooks, AI targeting, batch jobs, and the Flutterwave billing flow. Scalar API reference UI replaces Swagger UI, serving the spec at /docs.
Full workspace isolation — every resource (jobs, API keys, webhooks, billing) now belongs to a workspace. Team members join via invite link or email, with Owner / Admin / Member roles. API keys are workspace-scoped, not user-scoped.
New endpoint POST /screenshots/android captures real in-app screens via Playwright Android + ADB bridge. Connect any physical Android device or emulator; the worker navigates the app and returns screenshots. Exclusive to Enterprise plan.
POST /monitors creates a recurring capture schedule (cron expression). Each run produces a new job and fires a diff webhook if the screenshot changed beyond the configured threshold. Track app UI drift or spot unannounced store listing updates.
All plan upgrades and downgrades now route through Flutterwave payment links. Webhooks from Flutterwave update quota, plan tier, and billing records in real time. Invoices are generated server-side and stored as PDFs in the uploads bucket.
Access tokens now expire in 15 minutes; refresh tokens expire in 7 days. POST /auth/refresh rotates both tokens atomically. Added account lockout after 5 consecutive failed logins (configurable via MAX_LOGIN_ATTEMPTS + LOCKOUT_DURATION_MS).
URL validation now blocks cloud metadata endpoints (169.254.169.254, 100.100.100.200), all RFC-1918 ranges, IPv6 loopback/link-local, and .internal TLD. DNS rebinding protection: the resolved IP is validated after DNS lookup, not just the hostname.
New POST /screenshots/video records a scrolling MP4 of any webpage. Configure scroll speed, duration, and viewport. Videos are processed by the worker and stored in the same bucket as screenshots. Available on Growth plan and above.
Worker now pre-warms MIN_BROWSERS instances at startup to eliminate first-request latency. Idle browsers are evicted after 5 minutes via a health check loop. Crash recovery automatically re-launches dead instances without worker restart.
First production release. Express 5 API server, BullMQ worker with Playwright browser pool, PostgreSQL + Prisma, Redis, AWS S3 storage, OpenRouter AI vision, bcrypt API keys, Zod validation, rate limiting, SSRF protection, and full test suite (116 tests, >80% coverage).