SuprLogs Changelog

database
auth
backend

Enhanced access control: updated policies and JWT handling

  • Stronger access controls across projects, API keys, and user dataWe replaced outdated database policies with a comprehensive set of new rules so access is now enforced more consistently by ownership and organization admin roles. The update also fixed how the app reads user identity from JWTs to prevent mismatches.
Security
  • Replaced many outdated row-level policies with new, stricter policies that enforce access based on user or organization ownership.database
  • Updated how user identity is extracted from JWTs in policies to use a consistent and more secure method across the application.auth
  • Refined organization-level checks so admin roles more reliably control access to org-owned resources.auth
Improvements
  • Improved reliability and performance of permission checks by simplifying and reorganizing policy conditions.backend
Performance
  • Applied a migration that safely dropped and recreated policies across multiple tables to deploy the security improvements (large migration: 613 additions, 63 deletions).database
Permalink
frontend

Updated site metadata for improved SEO and branding

  • Improved metadata for clearer SEO and social previewsRewrote the default meta description and introduced a new default Open Graph/title so pages and social previews present clearer, more consistent messaging about SuprLogs.
Improvements
  • Revised the default meta description to better reflect SuprLogs' purpose and to fit search/social length recommendations (≤160 characters).frontend
  • Introduced a new default meta/Open Graph title — “SuprLogs — Instant Changelogs on Autopilot” — to improve visibility and branding.frontend
  • Updated the global metadata object to use the new default title and description for consistent SEO and social previews, and replaced the OG image alt text with the new title.frontend
Permalink
frontend

Updated Open Graph image and refreshed runpack icons

Improvements
  • Updated the Open Graph image (opengraph-image.png) with a new version for improved visuals.frontend
  • Deleted outdated runpack icons: agency.png, global.png, and solo.png.frontend
  • Added new runpack icons: growth.png, hobby.png, and startup.png to enhance the icon set.frontend
Permalink
database
backend
auth
devops

Introduce hand‑authored domain types and apply DB security/performance hardening

  • Hand‑authored domain types added to the database packageAdded a new domain-types.ts that contains maintained type aliases and JSONB interfaces separate from the auto‑generated types.ts. This clarifies type usage, prevents conflicts with generated types, and makes domain types available from the package root.
Code organization & types
  • Added packages/database/src/domain-types.ts to hold hand‑authored domain type aliases and JSONB interfaces (kept separate from the auto‑generated types.ts).database
  • Updated packages/database/src/index.ts to export the new domain types and adjusted existing exports for clarity and maintainability.backend
  • Refactored repository files to import domain types from domain-types.ts instead of the auto‑generated types.ts to reduce confusion and accidental overwrites.backend
  • Removed domain‑specific type definitions from the auto‑generated types.ts to avoid conflicts and keep generated output clean.database
Database security hardening
  • Added a large migration that tightens RLS policies, scopes permissive policies to the service_role, and consolidates overlapping policies to reduce accidental access.database
Database performance improvements
  • Improved RLS performance by switching bare auth.jwt() calls to (SELECT auth.jwt()) so PostgreSQL evaluates the JWT once per query instead of per row.database
Public API / exports
  • Updated package exports so domain types and Json are available from the package root; downstream consumers can import domain types directly from @suprlogs/database.backend
Permalink
frontend

Marketing header now uses Next.js Link for internal navigation

Improvements
  • Updated the MarketingHeader to use Next.js Link instead of anchor tags for internal links, improving client-side routing and navigation performance.frontend
Permalink
backend
devops

Centralized changelog JSON generation and consistent handling

Improvements
  • Centralized generation of structured changelog JSON using a new toGeneratedJson helper.backend
  • Simplified stored JSON by replacing inline object construction with a dedicated function, improving maintainability and readability.backend
  • Ensured aggregation and entry writers now use the same generated JSON for consistent handling across pipelines.devops
Permalink
frontend

Marketing refresh: added VT323 pixel font, FAQ, pricing tweaks, demo & status links

  • Added VT323 'pixel' font and site-wide typography optionVT323 was added to the Tailwind configuration and included in the site layout so marketing pages can use a retro/pixel typeface for consistent styling across hero, pipeline, and terminal visuals.
  • Refreshed marketing content with FAQ, pricing improvements, and quick access linksThe marketing homepage received a major content and layout refresh (new hero, pipeline steps, retro terminal preview, and an FAQ accordion). The Pricing page and feature categories were clarified, and navigation was improved with a Live Demo link in the header and a System Status link in the footer.
Improvements
  • Added the VT323 font to the Tailwind config and applied it via layout for consistent pixel-style typography on marketing components.frontend
  • Updated the marketing homepage with a refreshed hero, pipeline walkthrough, retro terminal visual and clearer CTAs.frontend
  • Added an FAQ accordion with multiple common questions and answers to help new users onboard faster.frontend
  • Refined the Pricing page: clarified plan labels, reorganized feature categories, improved table layout and streamlined CTAs.frontend
  • Added a prominent Live Demo link in the site header to make the hosted demo easier to access.frontend
  • Added a System Status link in the footer so users can quickly view service health and updates.frontend
  • Updated footer copy (copyright year and wording) and made small copy/layout tweaks across marketing pages for clarity and engagement.frontend
Permalink
frontend
backend
database
integrations

Regenerate period history by deleting old summaries; feeds now exclude commit entries

  • Settings changes now regenerate period summaries from scratchWhen you change aggregation schedule or LLM settings, all daily/weekly/monthly summaries are now hard-deleted and rebuilt so new entries reflect the current settings. Commit-level entries are not affected.
  • Public feeds and discovery now show only aggregated changelog entriesRSS, Atom, sitemap and the LLM list now exclude commit-level entries and only include daily/weekly/monthly summaries to avoid exposing commit noise in public feeds.
Bug Fixes
  • Hard-deleted all period (daily/weekly/monthly) changelog entries when settings changed so regenerated history always uses the latest LLM and aggregation configuration; commit entries were left untouched.backend
Improvements
  • Removed the manual Resync button and the per-repository sync status badge from the project overview to simplify the UI and avoid duplicate indicators.frontend
  • Replaced archive-and-restore backfill flow with a single delete step so period entries are always generated fresh with current settings.backend
  • Filtered public feeds (RSS, Atom, sitemap, llms.txt) to include only aggregated entry types (daily/weekly/monthly), excluding commit-level entries from public discovery surfaces.frontend
API
  • Removed the obsolete 'mode' field from the changelog/history.backfill.requested event and from the settings route payload; backfills now always delete and regenerate period entries.backend
Database
  • Added a repository operation to hard-delete period entries by project (daily/weekly/monthly) used during settings-driven regeneration.database
Permalink
frontend
backend

LLM settings only regenerate period summaries — commits are no longer reprocessed

  • Changing provider, model, or system prompt now only regenerates aggregated period entriesUpdates to LLM settings (provider, model, or system prompt) now behave like schedule changes (daily/weekly/monthly): existing period summaries are archived and regenerated with the new settings. Individual commit summaries are preserved and are not reprocessed.
Bug Fixes
  • Fixed backend behaviour so LLM setting changes always trigger period-entry regeneration only; commit-level entries are no longer deleted or reprocessed.backend
Improvements
  • Simplified the settings dialog copy to clearly describe period-entry-only regeneration so users see accurate options when changing LLM settings.frontend
  • Removed unnecessary system-prompt-only change detection in the project settings form since all LLM changes now follow the same regeneration behaviour.frontend
Backend / API
  • Updated the settings route to always emit a single backfill request (mode: prompt_regeneration) for LLM changes, matching schedule-change behaviour.backend
Permalink
backend
frontend
database

Regenerate LLM history now uses batch sync so UI and period summaries update

  • LLM history regeneration now runs the full batch sync and period aggregationRegenerating history now creates a sync run, fans out commits as batches, and triggers period aggregation automatically so the UI shows active sync status and new changelog period summaries are created when complete.
Bug Fixes
  • Fixed regenerate-llm-history so it created a sync_run and set repos to 'processing', causing the UI to immediately show an active sync state.backend
  • Fixed fan-out to emit commit/batch.received (with syncRunId) through the normal batch pipeline instead of single-commit events so batch coordination works correctly.backend
  • Fixed batch registration so the system registered batch counts with the sync_run and fired changelog/commits.batch.completed when the final batch finished.database
  • Fixed lifecycle completion so generate-period-backfill ran inline and finaliseSync set repos back to idle, ensuring period summaries were regenerated and the UI updated.backend
  • Fixed handling for projects with no linked repos by completing the sync_run and setting repos idle instead of leaving the project stuck.backend
Improvements
  • Improved reliability of full-history regeneration so changelog entries and period summaries are generated automatically without a manual resync.frontend
Permalink
frontend
backend
database

System-prompt-only changelogs now regenerate correctly; period backfill runs inline

  • Period backfill now runs inline and shows progressBackfills now create their own sync run and process period windows in parallel chunks (not fire‑and‑forget). The UI shows an "Analyzing changelog entries" status while aggregation runs, and period entries are written before the run is marked idle.
New Features
  • Added a new backfill mode for system-prompt regeneration so you can regenerate all aggregated period summaries with an updated system prompt without touching commit-level summaries.backend
  • Created aggregating-only sync runs (status 'aggregating') so period-only backfills show progress in the UI while they run.database
Bug Fixes
  • Fixed system-prompt-only regeneration so it now triggers the correct backfill event and actually runs (previously the wrong event prevented completion).backend
  • Fixed the backfill pipeline to process period windows inline (parallel chunks) so aggregation completes reliably and completion status updates correctly.backend
  • Updated the settings dialog copy to show context-aware wording for system-prompt changes vs provider/model changes so users see accurate guidance before regenerating history.frontend
Improvements
  • Improved backfill behavior: when changing frequency we restore archived entries; when regenerating prompts we archive without restoring to force fresh generation with the new prompt.backend
  • Improved period generation so empty windows are skipped and LLM calls are batched into parallel chunks for efficiency.backend
API & Events
  • Added an optional 'mode' field to the changelog/history.backfill.requested event to distinguish frequency changes from prompt-only regeneration.backend
  • Allowed creating sync runs with an initial status (defaults to 'processing') so callers can create aggregating-only runs.database
Permalink
frontend
database

Improved sync status UI, added elapsed sync timer, commit status column, and database type fixes

  • Live elapsed sync timerAdded a live elapsed-time display next to the sync status badge so you can see how long a sync run has been running. The timer derives its initial value from the run start time so it shows the correct duration even if you open the page mid-sync.
  • Per-commit processing status in commit historyAdded a 'Status' column on larger screens to show whether each commit is Processed or Queued, making it easier to see pipeline progress at a glance.
Sync labels
  • Updated sync status labels to use sentence case and clearer wording (for example, 'Analyzing commit history' and 'Analyzing changelog entries').frontend
Sync timer
  • Added a SyncTimer component that displays the elapsed time (e.g. '2m 34s') next to the status badge while a sync run is in progress; it starts at the correct offset when rendered mid-sync.frontend
Commit history
  • Added a 'Status' column to the commit history table on large screens showing 'Processed' (green) or 'Queued' (yellow) based on existing is_processed data — no backend changes required.frontend
Database types
  • Added missing TypeScript type aliases and JSONB interfaces in the database package (entitlement, sync status, changelog entry types, diff summaries, generated JSON shapes, and more) to resolve pre-existing build failures.database
Permalink
backend
database
frontend
devops

Ingest pipeline overhaul: reliable batch processing and real‑time sync status

  • Project‑scoped sync runs and batched commit processingA new project‑scoped sync run coordinates all repositories in a resync so commits are processed exactly once. Commits are now processed in batches (50) with parallel diff→LLM→write waves, preventing duplicate work and ensuring period summaries run only after every repo is finished.
  • Real‑time UI sync statusThe web UI now polls repository sync status every 5s and automatically refreshes when status changes so you no longer need to manually refresh to see progress.
Added
  • Added a project‑scoped sync_runs table and repository to track a single resync across all repos in a project.database
  • Added a new batched processing function that processes up to 50 commits per batch with parallel fetch, LLM calls, and writes to make historical syncs faster and more reliable.backend
  • Added a lightweight API endpoint and client poller (SyncStatusPoller) so the dashboard and project pages refresh automatically as sync status changes.frontend
  • Added server migration and SQL RPCs to atomically register repo batch counts and increment completed batches for robust cross‑repo coordination.devops
Changed
  • Inlined period aggregation so period entries are generated only after all commit batches are finished, keeping project status accurate while aggregation runs.backend
  • Made history estimates include the current open period and clarified dialog copy so users know partial current‑period entries are created immediately and updated automatically.frontend
  • Scoped unprocessed‑commit lookups to each repo's paginated commit set to prevent concurrent syncs from claiming the same commits.backend
  • Updated sync status labels in the UI to be more descriptive: Live, Syncing Commits, Writing Entries, Building Changelog.frontend
  • Enabled BYOK users to bypass the free‑plan monthly commit cap so projects using their own key are not blocked by the system cap.backend
Fixed
  • Fixed a JSON serialization bug where returning Infinity caused every historical commit to be skipped; the free‑plan cap now uses a bypass flag so batches process correctly.backend
  • Fixed a race where two repo syncs in the same project could both claim the full unprocessed pool and send duplicate batches; each sync now only processes its own commits.backend
  • Fixed period backfill prematurely marking projects idle; aggregation now runs inline and set‑idle only happens after all entries are persisted.backend
  • Fixed missing database type aliases that caused build failures; types and exports were restored.database
API
  • Updated project APIs to create a single sync_run per resync and pass its ID to all repo sync events so period aggregation is triggered exactly once per project.backend
Permalink
frontend

Added Changelog link to Marketing footer

Improvements
  • Added a Changelog link to the Marketing footer for easier access to release notes and updates; the link opens in a new tab and matches existing footer styling.frontend
Permalink
frontend

Updated pricing visuals for plan cards and feature checks

Improvements
  • Updated check icons in FeatureCell and PlanCard to use a purple-600 color for improved visual consistency (dark mode retains acid-green).frontend
Bug Fixes
  • Adjusted the layout of the "Most popular" label in PlanHeader to ensure proper alignment and spacing.frontend
Permalink
frontend
devops

Added APP_URL to global env and frontend performance improvements

  • Added APP_URL to global environment variablesAPP_URL was added to turbo.json so deployments and configuration can reference the app's base URL more easily.
Improvements
  • Added ESLint disable comments in changelog layout, root layout, and branding components to allow required inline scripts, images, and CSS tags.frontend
  • Updated configuration (turbo.json) to include APP_URL in global environment variables for simpler configuration and deployments.devops
Performance
  • Refactored the API keys loader to use useCallback and included it in effect dependencies to reduce unnecessary reloads and re-renders.frontend
  • Optimized useCallback dependency arrays in EntryMetaPanel and EditorEntryPreview to avoid extra hook re-creations.frontend
Permalink
frontend

Dedicated pricing page and new PricingSection

  • Standalone Pricing page and reusable pricing componentAdded a dedicated /pricing page and a reusable PricingSection component to show plan cards, a monthly/annual billing toggle, highlights, CTAs, and a link to the full feature comparison.
New Features
  • Added a new standalone Pricing page that provides a full pricing layout and feature comparison.frontend
  • Introduced a reusable PricingSection component for marketing pages to display plan cards, highlights, and billing-cycle toggle.frontend
Improvements
  • Replaced the previous static pricing block on the Marketing page with the new PricingSection.frontend
  • Updated the site header so the PRICING link now navigates to the new /pricing page.frontend
Permalink
frontend
integrations

Updated default PostHog API host to us.i.posthog.com

Bug Fixes
  • Changed the PostHog API host in the changelog layout from https://app.posthog.com to https://us.i.posthog.com so embedded analytics point to the correct US instance.frontend
Documentation
  • Updated the Integrations settings placeholder and explanatory text to show us.i.posthog.com as the default PostHog API host.integrations
Permalink
frontend
backend
database
integrations

RSS & Atom feeds, subscribe modal, and analytics for changelogs

  • Public RSS & Atom feedsAdded RSS 2.0 and Atom 1.0 feeds for public changelogs (404 for private changelogs) and automatic discovery links so readers and feed readers can find your feed.
  • Subscribe bell & modalAdded a subscribe Bell in the changelog header that opens a modal with copyable RSS feed URL and a Slack `/feed subscribe <url>` command for easy subscription.
  • Analytics integrations with plan gatingAdded Google Analytics, Google Tag Manager and PostHog integration options in Settings, conditional script injection on public changelog pages, and plan-based gating with an upgrade CTA for free users.
New Features
  • Added RSS 2.0 feed route (/changelog/[slug]/rss.xml) that returns entries with <guid>, <pubDate>, and description; returns 404 for private changelogs.backend
  • Added Atom 1.0 feed route (/changelog/[slug]/atom.xml) that returns entries with <published>, <updated>, and HTML content; returns 404 for private changelogs.backend
  • Added a Subscribe modal (RSS + Slack tabs) and a Bell button in the changelog header to copy feed URLs or Slack `/feed` commands.frontend
  • Added an Integrations settings panel to configure Google Analytics, Google Tag Manager, and PostHog (one panel open at a time, save/remove actions included).frontend
  • Added Feeds section to the changelog llms.txt output listing RSS and Atom URLs.backend
Improvements
  • Injected RSS/Atom autodiscovery <link> tags into the changelog layout so browsers and readers detect available feeds automatically.frontend
  • Injected configured Google Analytics, Google Tag Manager, and PostHog initialization scripts into the changelog page head when project settings are provided.frontend
  • Suppressed the Silktide cookie banner on /changelog/* paths to avoid duplicate consent UIs when third-party integrations are used.frontend
  • Disabled unlisted/private visibility options in the settings form for plans that do not allow them and added a Pro+ badge to indicate upgrade requirement.frontend
API
  • Extended the project settings PATCH endpoint to accept ga_measurement_id, gtm_container_id, posthog_project_id, and posthog_api_host with null-delete semantics.backend
  • Enforced allowed_changelog_visibility entitlement in the settings route and returned 403 when a plan tried to save a disallowed visibility mode.backend
  • Updated resolveInngestPriority to read an integer inngest_priority and clamp it to the range [-600, 600] for queue priority handling.backend
Database
  • Updated entitlement catalog (seed) with new keys and defaults: can_use_multiple_repos, max_org_count, max_org_members, allowed_changelog_visibility, can_use_integrations, and changed inngest_priority from bool→int.database
  • Added new entitlement handling and helpers to the entitlement repository (including asInngestPriority) and extended ResolvedEntitlements with the new keys.database
Permalink
frontend
backend
database
auth

Allow transferring project ownership to another workspace

  • Move projects between workspaces from Project SettingsYou can now move a project to another workspace you belong to (your personal workspace or an organization). Repositories and changelog history remain with the project; the target workspace will become the new owner.
API
  • Added a new POST /api/projects/[slug]/transfer endpoint to change a project's owner to another user or organization, with request validation using a Zod schema.backend
  • Added server-side checks to ensure the requester is authorized, the target organization exists, and the user is a member of the target organization before allowing a transfer.auth
Improvements
  • Updated the Project Settings page to list transfer targets (your personal workspace and organizations you belong to).frontend
  • Updated ProjectSettingsForm with a transfer UI, confirmation dialog, and client-side flow that calls the transfer API and switches active workspace after a successful move.frontend
Database
  • Added a transferOwnership method to the projects repository to update owner_type and owner_id in the database.database
  • Added tests for transferOwnership to verify owner_type and owner_id are updated correctly.database
Permalink
frontend
backend
auth

Restructured app routing and project management

  • New dedicated Projects pageA new Projects page now serves as the central place to view and create projects. The previous App dashboard was removed and now redirects to the Projects page so project workflows are easier to find.
Improvements
  • Removed the old AppPage and redirected the root app route to the new Projects page to centralize project workflows.frontend
  • Added a dedicated ProjectsPage that listed projects, provided a clear empty-state, and included a one‑click path to create or connect repositories.frontend
  • Streamlined project fetching so the app now loads projects based on the active organization or user context and batch‑fetches primary repository data for each project.backend
  • Improved the WorkspaceSwitcher to revalidate organization memberships, show a loading state while workspace info loads, and trigger project list refreshes when the active workspace changes.auth
Permalink
backend
database

Improve period aggregation and LLM history regeneration

Improvements
  • Updated period boundary calculations to use en-CA date formatting so produced dates are valid ISO strings.backend
  • Refactored commit processing and added a reusable triggerPeriodAggregationIfDone function to ensure period aggregation is triggered consistently.backend
Bug Fixes
  • Archived existing period entries before deleting commit entries during LLM history regeneration so the period backfill runs idempotently and stale summaries are not left behind.database
Permalink
backend
frontend
integrations

Support GitHub numeric installation IDs for history estimates

  • Accept and resolve GitHub's numeric installation_id during setupSuprLogs now accepts either our internal installation UUID or GitHub's numeric installation_id when estimating repository history. If a UUID lookup fails, the server will try the numeric installation ID so direct GitHub setup links work without extra steps.
API
  • Updated the repository input schema to accept a non-empty installationId string so requests can use either the internal UUID or GitHub's numeric installation_id.backend
Improvements
  • Added fallback lookup in the history-estimate route: when a UUID lookup failed, the server attempted to resolve the numeric GitHub installation_id and proceeded if found.backend
Bug Fixes
  • Logged warnings and returned a clear 404 when an installation could not be found, improving error tracking and troubleshooting.backend
Frontend
  • Resolved numeric installation_id in the Project Creation Wizard by mapping GitHub's raw ID to the internal DB UUID once installations load, so direct GitHub setup redirects work automatically.frontend
Miscellaneous
  • Refreshed the app view after project deletion and simplified a query hook to avoid an unused placeholder option.frontend
Permalink
frontend

Smoother editor navigation and safer project deletion

  • Smoother editor navigation during URL changesWrapped URL updates in a React transition so the editor keeps showing the current content instead of immediately showing a loading state when switching entries.
Improvements
  • Added a confirmation input for project deletion and enabled the Delete button only when the project slug was entered to reduce accidental deletions.frontend
  • Integrated previous-data behavior into entry fetching so the last loaded entry remained visible while new data was fetched.frontend
Bug Fixes
  • Reset the delete confirmation input when the dialog was closed so the dialog always opened with a clean state.frontend
Permalink
backend
devops

Handle malformed JSON in settings API; dedupe schedule logic; add INNGEST_EVENT_KEY

Bug Fixes
  • Handled malformed request JSON in the project settings endpoint: the PATCH request now returns 400 'Invalid JSON body' instead of triggering an internal server error.backend
Improvements
  • Removed a duplicate hasScheduleChange variable and relied on the existing hasScheduleFieldUpdate value to determine schedule-related updates.backend
  • Added INNGEST_EVENT_KEY to turbo.json globalEnv so the build cache is invalidated when the event key changes.devops
Permalink
frontend

Polish custom domain settings and project home URL

  • Cleaner custom domain UX and correct site linksPrimary CTAs and status badges were updated for consistent hover/contrast behavior, DNS setup steps are hidden once a domain is verified and replaced with a compact "Domain active" confirmation, and the project home page now links to a verified custom domain when present.
Improvements
  • Used the shared PrimaryButton for acid‑green CTAs (Verify Ownership, Upgrade to Team) to fix dark-background hover issues and improve contrast.frontend
  • Switched Verified / Unverified badges to variant="outline" to remove the UI library's baked‑in hover discoloration.frontend
  • Hid DNS setup cards after a domain was verified and replaced them with a compact green “Domain active” confirmation so verified state is unambiguous.frontend
  • Updated the project overview to use a verified custom domain (https://{custom_domain}) for the changelog link and Visit Site button instead of the default {slug}.suprlogs.app subdomain.frontend
Bug Fixes
  • Fixed poor hover contrast on verification and upgrade controls by standardizing button and badge components and styles.frontend
Documentation
  • Updated docs/changelog.md to describe the custom domain UI changes (PrimaryButton usage, outline badges, hidden DNS setup after verification, and the project home URL behavior).
Permalink
frontend
backend
database
integrations

Custom domain support with DNS TXT verification

  • Serve public changelogs on your own hostname (Team plan)Added a new Domain tab in project settings that walks Team users through adding a CNAME and a TXT verification record. Once the TXT record is verified, we register the hostname with Vercel so SSL is auto-provisioned via Let's Encrypt.
New Features
  • Added a Domain tab in project settings that provided a hostname input, step‑by‑step CNAME and TXT DNS instructions with one‑click copy, a verified/unverified badge, a Verify Ownership button, and a Team-plan upgrade CTA for non‑entitled users.frontend
API
  • Added POST /api/projects/[slug]/custom-domain to save a hostname and generate a verification token, and DELETE /api/projects/[slug]/custom-domain to remove it (deregisters from Vercel when appropriate).backend
  • Added POST /api/projects/[slug]/custom-domain/verify which performed a DNS TXT check (using dns.promises.resolveTxt) and only registered the domain with Vercel after successful verification; registration relied on VERCEL_API_TOKEN / VERCEL_PROJECT_ID and resulted in automatic SSL via Let's Encrypt.integrations
  • Added GET /api/internal/custom-domain-lookup used by middleware to resolve hostnames to verified project slugs; the route returned only public slug data and relied on Redis caching to reduce DB load.backend
  • Gated custom domains on the can_use_custom_domain entitlement so the feature was available only to Team plan customers.backend
Database
  • Added a migration that created a partial unique index enforcing one project per hostname and a composite lookup index to speed hostname → project resolution in middleware.database
Improvements
  • Added shared SETTINGS_KEYS (custom_domain, custom_domain_verified, custom_domain_verification_token) and persisted domain state and verification tokens in project settings.backend
  • Implemented Redis‑backed negative and positive caching for hostname lookups (5‑minute hit TTL, 1‑minute miss TTL) and added cache helpers plus @suprlogs/cache as a web dependency.backend
  • Updated middleware to consult the cached internal lookup for unknown hostnames and rewrite verified custom domain requests to the correct /changelog/[slug] route.backend
Documentation
  • Updated .env.local.example with Vercel API variables, refreshed backlog and changelog documentation to describe the custom domain workflow and migration.
Permalink
frontend

Fixed hydration mismatch caused by stale query cache

Bug Fixes
  • Replaced the single shared query cache with a fresh per-page instance so each full-page load starts with an empty cache. This fixed instances where the Project Switcher displayed stale data or triggered React hydration errors during page load.frontend
Permalink
backend
devops

Normalize nullable component field to undefined

Bug Fixes
  • Normalized the nullable 'component' field in changelog section items to undefined so it matches the database schema, preventing build failures on Vercel and Railway.backend
Permalink
frontend
auth

Fixed org leave/delete redirect to app home

Bug Fixes
  • Used Clerk's afterLeaveOrganizationUrl so leaving or deleting an organization now reliably redirects users to the app home (/app) instead of the public marketing site. Removed a custom client-side redirect and workspace-switching effect in favor of Clerk's built-in behavior, letting the workspace switcher handle project refreshes.frontend
Permalink
frontend
backend
database
auth

Workspace switcher and workspace-scoped project ownership

  • Workspace switcher in the sidebarAdded a new WorkspaceSwitcher dropdown at the top of the app sidebar so users can switch between Personal and all organization workspaces they belong to. Switching uses Clerk's setActive(), refreshes the project list, and stays in sync with org creates/renames/deletes.
  • Projects and ownership scoped to the active workspaceProject lists and creation are now scoped to the active Clerk workspace. Project ownership (ownerType / clerkOwnerId) is derived server-side from the active workspace (auth().orgId / auth().userId) instead of being provided by the client.
New Features
  • Added WorkspaceSwitcher UI component in the app sidebar to choose between Personal and organization workspaces.frontend
  • Added GET /api/user/orgs endpoint that returns the caller's organizations along with a canCreateProject flag for each org.backend
  • Exported OrgWithMembership type and added findOrgsWithMembershipByUserId to enumerate a user's organizations and membership roles.database
Improvements
  • Scoped the app project list to the active workspace (app/layout.tsx and GET /api/projects) instead of merging personal and org projects into one list.frontend
  • Made workspace switching reactive: project cache is invalidated when the active workspace changes (including external changes such as org deletion).frontend
  • Updated organization settings page to switch to the personal workspace and redirect to /app when an org is deleted or the user leaves it (instead of returning to the marketing site).frontend
API
  • Changed POST /api/projects to derive ownership (ownerType / clerkOwnerId) from the active workspace (auth().orgId / userId); the route no longer accepts ownership fields from the request body.backend
  • Updated GET /api/projects to return projects only for the active workspace (org projects when an org is active, personal projects otherwise).backend
Breaking Changes
  • Clients and integrations must not rely on sending ownerType or clerkOwnerId in project-creation requests; ownership is now determined by the active Clerk workspace and will be enforced server-side.backend
Documentation
  • Updated backlog and changelog notes to reflect the workspace model and removed the previous implicit org-first project behavior.
Database
  • Added OrgWithMembership type and repository support to return organizations a user belongs to with membership role information for use by workspace UI and permission checks.database
Permalink
frontend

Updated branding to SuprLogs and adjusted logo width

Documentation
  • Updated product name from “SuprLog” to “SuprLogs” across the documentation, example links, and API base URL examples.
Improvements
  • Increased the site logo width from 120px to 140px in both dark and light SVGs to accommodate the updated name.frontend
Permalink
backend
frontend
database
auth

Owner-aware API keys and route-driven OpenAPI docs

  • Owner-scoped API keys with dashboard UIAdded full API key lifecycle with owner context (Personal or Organization), project scoping (All projects or Selected projects), one-time plaintext reveal in the dashboard, Vault-backed secret storage, and usage tracking (usage_count, last_used_at).
  • Route-driven OpenAPI generation and docs quality gateGenerated a Mintlify-friendly OpenAPI 3.1 spec from @openapi JSDoc on route files, added bearer/apiKey security schemes, and added a docs quality gate (pnpm openapi:check) to catch spec drift.
New Features
  • Added owner-aware API key CRUD and dashboard UI (create, show plaintext once, list, update, revoke, soft-delete) with Personal and Organization owner contexts.frontend
  • Added project scoping for API keys (all_projects or selected_projects) and server-side enforcement so project-bound endpoints check key scope.backend
  • Added Vault-backed secret linkage for API key plaintext values and stored only the Vault secret ID with collision-proof naming.auth
  • Added API key usage tracking (usage_count and last_used_at) with an atomic increment RPC to record usage on every authenticated request.database
API
  • Generated OpenAPI 3.1 from route-level @openapi JSDoc, added bearerAuth and apiKeyAuth schemes, and included operation metadata for the public /v1 surface.backend
  • Added new /v1/api-keys endpoints for owner-scoped CRUD and scope management and updated v1 routes to accept API key auth with owner-aware authorization.backend
Documentation
  • Moved and expanded authentication docs into an Authentication & API Keys page, updated quickstart and API reference to reflect generated OpenAPI and auth guidance.
  • Added CLI/CI commands to regenerate (pnpm generate:openapi) and validate (pnpm openapi:check) the OpenAPI spec to prevent docs drift.
Bug Fixes
  • Fixed Vault secret name collisions by appending a timestamp + UUID when creating secrets to prevent duplicate-name failures.devops
  • Hardened dev/runtime ordering (turbo dev now depends on ^build) to avoid stale artifacts and missing Inngest function registrations after restarts.devops
  • Improved routing and auth handling (added 404 handler and broader header parsing) to make API responses more robust for missing or alternative auth headers.backend
Security
  • Stored raw API key secrets only in Vault and returned plaintext only once at creation; subsequent views show metadata and prefix only.auth
Permalink
frontend
backend
database
integrations

Project home & editor revamp; fixed period aggregation/backfill timing

  • New Mintlify‑style project home (two‑panel dashboard)Replaced the old flat entry list with a two‑panel Project Overview: a preview card showing the most recent published period entry and project name on the left, and project metadata, repo sync badges, and action buttons (Open Editor, Manual Sync, Visit Site) on the right. A paginated commit history table (25 per page) now surfaces individual commits directly from your linked repositories.
  • Full two‑column Editor with month‑grouped period entriesLaunched a complete Editor experience: the left column lists period entries grouped by calendar month with search, status tabs, and component‑tag filters; the right column previews and edits the selected entry with Visual/Markdown toggle, editable metadata (title, tags, team), expandable commits panel, and status‑aware actions (Publish, Unpublish, Approve, Reject, Archive). Selection is shareable via ?entry=<id> in the URL.
  • Fixed period aggregation and backfill timingResolved a bug where commits were bucketed by ingestion time, which could collapse historical entries into the current window on resync. Period aggregation now uses period_start (committed_at) and the backfill trigger was moved so period windows are generated only after all commit entries exist.
New Features
  • Introduced a Mintlify‑style Project Overview dashboard with a changelog preview card, repo metadata and sync badges, action buttons, and a paginated commit history table.frontend
  • Added the full two‑column Editor page (EditorLayout, EditorEntryList, EditorEntryPreview) to view, edit, and manage period entries.frontend
  • Added a Manual Sync confirmation flow (ResyncConfirmButton + AlertDialog) that requires explicit confirmation before re‑syncing a repository.frontend
  • Added POST /api/projects/[slug]/entries/[id]/unpublish to revert published entries back to draft and clear published_at.backend
  • Added GET /api/projects/[slug]/overview to provide the Project Overview data (project, repos, last published period entry, recent activity) in one request.backend
  • Installed and exposed a reusable AlertDialog UI component for confirmation dialogs.frontend
  • Added a non‑destructive Inngest function (generate‑period‑backfill) that emits aggregation requests only for missing period windows that actually have commits.integrations
Improvements
  • Public changelog now prefers published period entries (daily/weekly/monthly) and falls back to commit entries only if no period entries exist.frontend
  • Simplified project layout by removing the slim repo header from sub‑pages so ProjectOverview is the single place showing repo and sync metadata.frontend
  • Reordered project sidebar navigation (Home → Editor → Branding → Settings → Analytics) and removed the Editor "Soon" badge.frontend
  • Extended entries API and client types to include entry_type, period_start, and period_end, and added support for ?type=period and ?type=commit filters.backend
  • Updated the useEntries hook to accept an entry type group (period or commit) so UI lists can request the appropriate source entries.frontend
  • Returned project overview data and the last published period entry in a single server request to speed dashboard rendering.backend
Bug Fixes
  • Fixed period aggregation bucketing: entries are now located by period_start (committed_at) instead of created_at (ingestion time), preventing historical entries from collapsing during resyncs.database
  • Moved the period backfill trigger out of sync‑repo and into processCommit so period windows are generated only after the last commit is processed.integrations
  • Made generatePeriodBackfill non‑destructive: it now only creates missing period windows and never archives or restores existing entries.integrations
  • Added a new typed event changelog/commits.batch.completed (fired by processCommit) to drive reliable post‑sync period aggregation.integrations
API
  • Added POST /api/projects/[slug]/entries/[id]/unpublish to unpublish an entry (backend endpoint used by the Editor unpublish action).backend
  • Added GET /api/projects/[slug]/overview to power the new Project Overview server page.backend
  • Updated GET /api/projects/[slug]/entries to accept ?type=period and ?type=commit and to sort entries using period_start/committed_at when available.backend
Documentation
  • Updated docs/changelog.md to document the new Project Overview, Editor, manual sync confirmation, and aggregation/backfill behavior.docs
Permalink
frontend
backend
database
integrations

Simplified scheduling, non‑destructive history regeneration, and smoother project setup

  • Simplified publishing schedule with non‑destructive archive/restore regenerationPublishing was unified around frequency-based aggregation (daily/weekly/monthly). Changing schedule now archives existing period summaries and can restore or regenerate history in the background so you can switch frequencies without losing approval state or edits.
  • Faster, clearer project onboarding with multi‑repo setup and real‑time impact estimatesNew multi-repo project creation, slug availability checks and suggestions, and a history impact estimator let you see how many commits and period entries will be generated before processing repository history.
Improvements
  • Unified publishing model to always ingest commits and group them by frequency (daily/weekly/monthly) rather than relying on multiple trigger types.backend
  • Made schedule changes safer: period summaries are now soft-archived and can be restored or regenerated on demand, preserving publish/draft state.backend
  • Added monthly boundary option (first_day / last_day) and expanded schedule controls (frequency, time, timezone, week start day, month boundary).frontend
  • Improved project creation UX: select multiple repositories, choose tracked branch per repo, and persist selections when navigating the wizard.frontend
  • Added migration choices for schedule, LLM, and repo changes so you can choose to apply changes forward‑only or regenerate history from inception.frontend
  • Added unsaved-changes protection on settings tabs and per-tab dirty tracking to avoid accidental navigation loss.frontend
API & integrations
  • Added POST /v1/github/history-estimate and a /api/github/history-estimate proxy to compute commit counts and estimated period entry counts across one or more repos/branches.backend
  • Added /api/projects/slug endpoint and client-side slug validation with inline suggestions and auto-apply behavior during project creation.frontend
  • Added events for background flows: history.backfill.requested now drives archive/restore/regeneration and a new changelog/llm.regeneration.requested event triggers full LLM reprocessing of commit history.integrations
  • Project settings API now accepts migration intents so UI choices (forward_only vs regenerate_history) are honored by background jobs.backend
Database
  • Added archived_at column to changelog_entries and an index that excludes archived rows so period entries can be soft‑archived and efficiently excluded from public views.database
  • Repository code updated to archive/unarchive period entries, detect archived entries, and delete commit entries for LLM regeneration workflows.backend
Documentation & tests
  • Updated changelog and added tests for settings schemas, migration dialog copy, slug validation, and archive/unarchive repository behaviours.
Permalink
backend

Removed invalid ESLint disable and cleaned up Inngest call

Bug Fixes
  • Fixed an invalid ESLint disable that was suppressing type issues and restored proper typing when resolving Inngest priority.backend
Improvements
  • Improved code clarity by removing an any cast and calling inngest.send with the correct types.backend
Permalink
database
backend
frontend
auth

Restore custom DB types and fix downstream type issues

  • Restored hand-maintained database types and improved JSONB compatibilityReplaced the custom types that were accidentally overwritten during a generated types regen. Restored enum aliases (LLM providers, changelog entry types, entitlement types, etc.), corrected webhook event values, and updated changelog JSON interfaces so changelog content can be stored directly in JSONB columns without extra casting.
Improvements
  • Restored hand-maintained database types (enums and aliases) that were overwritten by generated types to keep DB constraints and code aligned.database
  • Made changelog JSON interfaces (diff summaries and generated JSON shapes) directly compatible with JSONB storage to avoid manual casting and runtime surprises.database
  • Added @supabase/supabase-js to the web app dependencies to support the branding upload route.frontend
  • Widened the changelogTheme variable to a plain string in the changelog layout to avoid type-related rendering issues.frontend
Bug Fixes
  • Fixed owner_type widening (was widened to string by generated types) by adding explicit casts where needed; addressed priority resolution and access checks in API routes, web pages, and background workers to prevent runtime errors.backend
  • Adjusted permission baseline lookup to cast clerk_role correctly so role-based permission checks evaluate reliably.auth
  • Removed an unused import in a background job to clean up build warnings.backend
Permalink
branding
settings
aggregation
github

Branding page, scheduled aggregation, PR‑merge support, and settings reorg

  • Branding page — customise the public changelog lookA new Branding page lets you set the changelog title and SEO description, upload favicon and light/dark logos, pick theme and primary colours for light/dark mode, and choose heading/body Google Fonts. Uploaded assets are stored in a dedicated Supabase Storage bucket and used by the public changelog.
  • Scheduled aggregation and PR‑merge publishingYou can now publish entries by schedule (daily/weekly/monthly) or by PR merge. A background aggregation pipeline generates period summaries, an hourly scheduler queues due projects, and switching to scheduled publishing automatically backfills historical period summaries.
Added
  • Branding page: a full settings form to set changelog title, SEO description, favicon/logo uploads, theme, light/dark primary colours, and heading/body Google Fonts.
  • Branding uploads API and storage: server-side upload route that validates images (≤5 MiB) and stores them in a new public Supabase Storage bucket (project-assets).
  • Aggregation pipeline: new modules and durable functions to generate daily/weekly/monthly period summaries, including an hourly scheduler, LLM prompt builder/writer, and a backfill job to regenerate history.
  • On-demand generation API: UI can trigger generation/backfill for a specific period; existing entries are returned immediately or generation is queued.
  • PR merge support: merged GitHub pull requests now produce a single, unified changelog entry summarising all commits in the PR.
  • Tooling: a production seeding helper (scripts/seed-prod.mjs) and pnpm db:seed:prod were added; .env.local.example now documents PROD_DB_URL for running seeds against production.
  • New prompts seeded for period summaries (daily, weekly, monthly) and a curated set of section/component types to shape aggregated entries.
Changed
  • Project settings reorganised: tabs are now General, Repositories, LLM, Publishing, and Danger — the GitHub tab is renamed to Repositories and the Changelog tab is now LLM.
  • Publishing model simplified: a single trigger_type controls publishing (on_commit | on_pr_merge | scheduled). When scheduled is selected you can choose frequency, time, timezone and week start.
  • Branding applied at runtime: public changelog pages now inject scoped CSS and (optionally) Google Fonts so chosen fonts and primary colours are reflected immediately on the public page.
  • Public changelog visuals: accent borders and the thin top bar now use the configured primary colour variable instead of a hardcoded colour.
Fixed / Improved
  • Display date accuracy: changelog entries now show the real activity date (commit/merge) by preferring period_start over published_at/created_at, so public dates reflect when changes actually happened.
  • Entry write behaviour: entries written by the pipeline now store the commit/merge timestamp so aggregated and PR entries display correct dates.
Tooling & Ops
  • Seed and production DB support: added scripts/seed-prod.mjs, pnpm db:seed:prod, and a documented PROD_DB_URL example to help run database seeds safely against production.
  • Supabase storage config: project-assets bucket added to config with size/mimetype limits and RLS policies for public read + service-role uploads.
Backlog & Next steps
  • Planned entitlement gating for aggregation views (day/week/month) to tie period summaries to plan tiers.
  • Third‑party analytics integrations (PostHog, GA, GTM) for the public changelog page are proposed but not yet wired into the UI.
  • GitLab support and workspace-level VCS installation management are included in the backlog; the Repositories tab prepares the UI for multi‑VCS support.
Permalink
frontend
backend
database
integrations

Consolidated repo management and used commit dates for entries

  • Repository management moved into the GitHub tabProject repositories are no longer duplicated across settings tabs. The Repositories UI was moved into the GitHub tab of Project Settings and now accepts initial repo data so it appears only where expected.
  • Entries now reflect real commit order and show repo/short SHAEntries were enriched with commit metadata (commit timestamp, short SHA, and repo source when available) and are now sorted by actual commit time (falling back to created time). Entry cards use the commit date as the primary display date and show repository and short SHA when present.
Improvements
  • Updated the project header to be multi-repo aware: it shows owner/name when a single repo is linked, displays “N repositories” for multi-repo projects, and derives an overall sync status across all repos.frontend
  • Moved the repositories management UI into the GitHub tab inside Project Settings so the repos section no longer appeared duplicated across tabs.frontend
  • Entry cards now prefer the commit timestamp for the displayed date (then published_at, then created_at) and show the repository and short commit SHA when available.frontend
API
  • Joined entries with commit data to enrich each entry with committed_at, commit_sha_short, and repo fields when available.backend
  • Changed entries listing to sort by committed_at descending (falling back to created_at) so the list reflects actual commit order across all linked repositories.backend
  • Added new fields to the entry type (committed_at, commit_sha_short, commit_shas, repo_owner, repo_name) so clients can show commit metadata.backend
Bug Fixes
  • Fixed duplicate ProjectReposSection display in settings by importing and rendering it inside the ProjectSettingsForm GitHub tab.frontend
  • Increased default and maximum entry fetch limits to improve listing reliability for larger projects.backend
Database
  • Queried commits to retrieve committed_at and sha for entries and mapped commits back to project repos when possible.database
Permalink
database
backend
frontend
integrations

Add multi-repo changelog support (link multiple GitHub repos per project)

  • Link multiple GitHub repositories to a single project changelogProjects can now track one or more GitHub repositories. Users can add and remove repos from project settings, see per-repo sync status and last-synced times, and the background pipeline and webhooks now identify work by the specific project→repo link so a single repository can feed multiple projects.
New Features
  • Added a persistent project_repos join table to map one or more GitHub repositories to a single project changelog.database
  • Added a ProjectRepoRepository to manage repo links (create, list, update sync status, update branches, delete).backend
  • Added a Project Repositories settings UI so teams can add/remove repos, choose a tracked branch, and view per-repo sync status.frontend
  • Added API endpoints to list, add, and remove repo links for a project (GET/POST /v1/projects/:projectId/repos and DELETE /v1/projects/:projectId/repos/:repoId).backend
API
  • Validated installation ownership when linking a repo, emitted a repo/sync.requested event after adding a repo, and recorded repo.connected and repo.disconnected audit entries.backend
  • Prevented removing the last linked repo for a project (DELETE returns 422 if it would leave zero linked repos) and preserved all commits and changelog history when a repo link was removed.backend
  • Updated project creation to create a seed project_repos row in the same transaction and to include projectRepoId in the repo/sync.requested event.backend
  • Changed webhook handling to fan out one event per matching project_repo so a single push can trigger work for multiple projects that track the same repository.integrations
Improvements
  • Carried projectRepoId through Inngest events (github/push.received, repo/sync.requested, commit/received) so pipeline stages identify the exact project→repo link that triggered work.backend
  • Moved repo-related methods off the ProjectRepository and into the new ProjectRepoRepository, and removed repo fields from the projects row and types.database
  • Updated web components (ProjectCard, ProjectGrid, ProjectSwitcher, project header and dashboard) to use ProjectRepoRow data and to gracefully handle projects with no linked repos.frontend
  • Added web proxy API routes and TanStack Query hooks (useProjectRepos, useAddProjectRepo, useRemoveProjectRepo) to support the new UI flows.frontend
  • Updated sync and push-processing workers to write sync status to project_repos and to use the trackedBranch stored on the project_repo row for branch filtering.backend
  • Adjusted github-sync-all-commits and resync flows to fan out sync requests per linked repo instead of per project.backend
  • Removed repo_owner/repo_name and repo-specific fields from project API responses and client-side project types.backend
  • Added a migration that back-filled a project_repos row for each existing project before dropping the old single-repo columns.database
  • Added comprehensive tests across database, API, and Inngest packages to cover the new repository linking behavior and worker changes.backend
Bug Fixes
  • Fixed a projectRepo variable scope bug in project creation so the repo create result is now assigned and projectRepoId can be included in events.backend
Documentation
  • Documented the multi-repo changelog release and the new project_repos schema migration in the project changelog.
Permalink
database
backend
frontend
auth

Allow a project changelog to track multiple GitHub repositories

  • Multi-repository changelogs via a new project_repos tableA project is now a repo-agnostic changelog that can aggregate commits from many GitHub repositories. A new project_repos join table stores per-repo settings (installation, branch, sync status) and a migration back-filled existing projects before removing single-repo columns.
Breaking schema change
  • Removed per-repo columns from projects (github_installation_id, repo_owner, repo_name, tracked_branch, available_branches, sync_status, last_synced_at, last_sync_error); these now live on the new project_repos table and were back-filled by migration 011_project_repos.sql.database
API changes
  • Added endpoints to manage linked repositories: GET/POST /v1/projects/:id/repos and DELETE /v1/projects/:id/repos/:repoId.backend
  • Project creation now creates a project_repos row for the initial repo and sync events include projectRepoId so each linked repo is synced individually.backend
  • Resync now queues one repo/sync.requested event per linked repository instead of a single project-level sync.backend
Web app
  • Added a Repositories section to Project Settings to list, add, and remove linked repos; added client routes and hooks to call the new API.frontend
  • Updated project list, cards, switcher, and project layout to show the primary linked repo (ProjectRepoRow) and its sync/branch state.frontend
  • Prevented removing the last repo for a project in the UI; repo removal unlinks the repo but preserves commits and changelog history.frontend
Sync & processing
  • Updated GitHub webhook handling to look up project_repos and fan out one github/push.received event per linked repo (events now include projectRepoId and trackedBranch).backend
  • Moved sync status and branch filtering to project_repos: Inngest functions (sync-repo, github-process-push, github-sync-all-commits) now read/write per-repo state and use projectRepoId in events.backend
Database & migrations
  • Created the project_repos join table (project → many repos) with proper indexes, constraints, and row-level policies; migration back-filled existing project repo data before dropping old columns.database
Tests & reliability
  • Added unit tests for ProjectRepoRepository and sync-repo, and updated API and webhook tests to assert fan-out and projectRepoId propagation.backend
Permalink
frontend

Changelog: newest-first sorting and clearer entry display

  • Entries are now shown newest-first and read betterChangelog entries are now sorted by publication date (newest first) and each entry uses a clearer, structured layout with collapsible sections so you can scan recent changes and expand details as needed.
Improvements
  • Sorted changelog entries by publication date in descending order so the most recent updates appear first.frontend
  • Updated entry layout to display dates and metadata more clearly and to use collapsible section accordions for structured content.frontend
  • Added an option to hide the inline date in entry metadata to support more compact displays.frontend
  • Updated markdown rendering to conditionally omit structured sections when appropriate, improving content presentation.frontend
Performance
  • Removed unnecessary client-side state management in the changelog feed for a simpler, more predictable experience.frontend
Permalink
auth
backend
frontend
integrations

Normalize Clerk org admin role to admin; improve project creation fallback

Improvements
  • Added a role-mapping function that normalised Clerk membership roles (for example, 'org:admin' or namespaced 'owner' roles) to the internal 'admin' or 'member' values so membership permissions are interpreted consistently.auth
  • Updated organization membership creation and update handlers to use the new role mapping so users with namespaced admin roles are treated as admins in SuprLogs.backend
  • Added an automated test to verify membership.created events correctly map namespaced Clerk admin roles to the internal 'admin' role.backend
  • Updated the web project creation flow to fall back to creating the project under the user's personal account if creating under the selected organization is forbidden, reducing hard failures during project creation.frontend
Documentation
  • Added backlog items outlining planned UX and platform improvements (explicit owner selection during project creation, multi-organization membership model, and billing context separation).
Permalink
frontend

Add repository search and improved selection UI to repo picker

  • Search repositories from the SelectRepoStepAdded a search field to the repository selection step so users can filter GitHub repositories by name or description and see matching results as they type.
Improvements
  • Added a live search input that filtered repositories by name or description.frontend
  • Updated the repository list UI to display filtered results dynamically, highlight the selected repository, and show a clear empty-state message when no matches are found.frontend
Permalink
frontend

Project creation wizard: use full-height container

Bug Fixes
  • Updated the Project creation wizard layout to use a full-height container (min-h-full) instead of min-h-screen so the form displays more consistently across different screen sizes.frontend
Permalink
frontend
backend
database
integrations

Improve GitHub installation handling and add UI error boundary

  • Added an ErrorBoundary to the project creation wizardA new ErrorBoundary component now wraps the Project Creation Wizard to catch rendering errors and show a readable error card with a retry option, preventing blank screens during project setup.
  • Claimed orphaned GitHub installations during onboardingWhen a user had no linked installations, the system now claims previously unowned GitHub installations (created without a browser session) and associates them with the first authenticated user who visits the project creation flow.
New Features
  • Added an ErrorBoundary component and used it on the New Project page to catch rendering errors in the Project Creation Wizard and display a clear error card with a retry option.frontend
Improvements
  • Updated the GitHub installations GET handler to claim orphaned installations when no installations were found for a user, improving reliability of the onboarding flow.backend
  • Added a claimUnclaimed database method to assign previously unowned GitHub installations to the visiting user, addressing installs created without a browser session.database
  • Added error logging to the onboarding API to make failures easier to diagnose.backend
Permalink
backend
devops

Adopt structured logger with fallback; removed pino dependency

  • More reliable, consistent logging with automatic fallbackLogging was refactored to use a new StructuredLogger interface and now falls back to a built-in console logger when the previous pino dependency is not available. This ensures logs remain available and consistent across environments.
Improvements
  • Introduced a StructuredLogger interface to standardize log format and context handling.backend
  • Implemented a fallback console-based logger so applications continue to produce logs even when pino is not installed.backend
  • Updated logger creation to use the new interface and the fallback mechanism for more predictable behavior across environments.backend
  • Removed pino from dependencies to reduce install footprint and allow deployments without pino to run normally.devops
API
  • Switched to a pluggable StructuredLogger API; if you relied on pino-specific features, update any integrations to the new interface.backend
Permalink
frontend

Added pino logging library to web app dependencies

Improvements
  • Added the pino logging library to the web app dependencies (package.json updated to pino ^9.5.0) and updated the pnpm lockfile to include pino v9.14.0 to improve logging and observability.frontend
Permalink
frontend
auth

Redesigned sign-in and sign-up with split-screen layout

  • Split-screen auth pages with benefits panel and unified navSign-in and sign-up pages were redesigned into a split-screen layout that places the authentication form alongside a short benefits panel. A new AuthPageNav component was added to the top of both pages, providing a persistent brand link, theme toggle, and the opposite action (Sign in / Sign up).
New Features
  • Added a shared AuthPageNav to auth pages with BrandLogo, theme toggle, and a clear opposite-action link.auth
Improvements
  • Updated sign-in and sign-up to a two-column layout showing the auth form alongside concise product benefits (connect a GitHub repo, instant changelog generation, editorial workflow, hosted changelog).frontend
  • Refined Clerk form appearance and layout for improved readability, clearer CTAs, and consistent styling across auth pages.frontend
  • Added friendly, action-oriented copy and links on both pages to make it easier to switch between signing in and signing up.frontend
Permalink
frontend

Fix continue button color and improve input placeholder contrast in dark mode

Bug Fixes
  • Updated the primary (Continue) button color to a brighter acid-green so the action is clearly visible against dark backgrounds.frontend
  • Improved form input field and placeholder colors in dark mode so placeholder text is readable.frontend
Permalink
frontend
auth

Force social sign-in buttons to white background in dark mode

Bug Fixes
  • Updated the sign-in and sign-up pages so social authentication buttons use a white background and darker text in dark mode, improving visibility and contrast.frontend
Permalink
auth
frontend

Removed conflicting force-static from sign-in and sign-up layouts

Bug Fixes
  • Removed the `force-static` export from the sign-in and sign-up layout files to prevent conflicts with the root `force-dynamic` setting; auth pages now follow the app's dynamic rendering behavior.auth
Permalink
backend
devops

Fix TypeScript errors that blocked builds

Bug Fixes
  • Fixed TypeScript typing in the changelog routes by casting request params to strings (apps/api/src/routes/v1/changelog) — resolved build errors that were preventing deployments.backend
  • Added an explicit router type annotation in the user routes (apps/api/src/routes/v1/user) to address a TypeScript inference issue and avoid type-related build failures.backend
  • Removed an unused express import from the user LLM config file (apps/api/src/routes/v1/user/llm-config) to clear a compiler warning.backend
Permalink
frontend
backend
auth

Legal pages, SEO routes, brand refresh, and custom 404s

  • Full Terms, Privacy, and Cookie Policy pagesAdded complete legal pages (Terms, Privacy, Cookie Policy) using a shared LegalLayout. Pages include canonical/OpenGraph/Twitter metadata, contact details, and replace previous placeholders.
  • New BrandLogo and refreshed marketing homepageIntroduced a shared BrandLogo (acid‑green "S" + gradient "Logs") and replaced duplicate logo markup across header, footer, and sidebar. Updated the marketing homepage with a marquee, two‑column hero, stats strip, three‑step pipeline, and social‑proof section.
  • Global and per‑project SEO routes plus branded 404sAdded robots.txt, sitemap.xml, and llms.txt at the site root and for individual changelog subdomains (visibility‑aware). Added custom branded 404 pages for the site and for changelog scopes; excluded auth/app routes from indexing.
New Features
  • Added full Terms, Privacy, and Cookie Policy pages with detailed legal text and shared LegalLayout.frontend
  • Added BrandLogo component (supports size, href, onClick) and swapped it into header, footer, and sidebar.frontend
  • Added global SEO routes: /robots.txt, /sitemap.xml, and /llms.txt (plain‑text LLM summary).backend
  • Added per‑project SEO routes for changelog subdomains (robots.txt, sitemap.xml, llms.txt) that respect project visibility.backend
  • Added custom branded 404 pages: a global site 404 and a changelog‑scoped not‑found page.frontend
Improvements
  • Refreshed the marketing homepage with a marquee strip, gradient headline, example feed mock, and audience/social‑proof cards.frontend
  • Applied noindex metadata to authenticated and auth routes (/app, /sign-in, /sign-up) to keep internal pages out of search engines.auth
  • Made middleware public‑route matcher changes to exempt /cookie-policy and /llms.txt so auth is not required for those pages.auth
  • Updated footer to include a Cookies link and unified wordmark gradient across components via BrandLogo.frontend
  • Removed an inline duplicate canonical link from changelog entry page in favor of metadata-only canonical handling.backend
Documentation
  • Updated the changelog/docs to document the new legal pages, SEO routes, brand component, and marketing updates.
Permalink
frontend

Fix quote rendering in changelog and project settings dialogs

Bug Fixes
  • Updated quote characters to HTML entities (&quot;) in ChangelogFeed and ProjectSettingsForm so dialog titles and messages render consistently and don’t show raw or mis-rendered quotes.frontend
Permalink
frontend

Engaging intro video added to marketing page

  • New HomeIntroVideo component provides an engaging video introductionAdded a full-screen intro video with smooth fade-out, tap-to-play for devices that block autoplay sound, and a replay trigger — giving visitors a more engaging first impression of SuprLogs.
New Features
  • Added a HomeIntroVideo component that plays the new home-hero.mp4 with fade effects, volume fade-out, and gesture support for tap-to-play on devices that require user interaction.frontend
  • Integrated the HomeIntroVideo into the MarketingPage and wired the site logo to replay the intro when clicked on the homepage.frontend
Improvements
  • Updated routing middleware to allow common video file types (mp4, webm, ogg) so the intro video asset can be served correctly.frontend
  • Added the home-hero.mp4 video asset used by the new intro component.frontend
Permalink
frontend
backend
devops
auth

Fix workspace settings crashes and restore project visibility across orgs and users

  • Dashboard and project switcher now show both organization and personal projectsThe dashboard and project switcher now include projects owned by your organization and projects owned by your user account together. Duplicate projects are avoided so each project appears only once.
Bug Fixes
  • Fixed a server-side crash in workspace settings by preventing certain packages (used for logging/worker threads) from being bundled; the server now resolves those packages at runtime so worker files are found and settings updates no longer crash.backend
  • Fixed project visibility in the dashboard and project switcher by merging organization and personal project lists server-side, ensuring users see all projects they belong to (without duplicates).frontend
Improvements
  • Updated the server build configuration to force Node.js to treat specific packages as externals. This addressed issues with pnpms nested package layout and reduced server bundling errors during deploys.devops
Security
  • Ensured workspace visibility passwords continued to be hashed correctly by importing the bcrypt library at runtime instead of bundling it, avoiding build-time issues while preserving password protection.auth
Permalink
frontend
backend
database
auth

Onboarding, workspace defaults, project settings, and RBAC + auth hardening

  • Workspace LLM defaults and onboarding LLM stepAdded a Workspace LLM & Defaults page and an LLM defaults step in the onboarding flow so teams can pick a provider, model, and optional API key that projects can inherit.
  • Project settings: inherit or override workspace defaultsProjects can now either inherit workspace LLM and other defaults or store their own overrides; new UI and API flags make switching between inheritance and per-project settings explicit.
  • RBAC & org teardown handlingIntroduced a permissions catalog and grants table, a repository API for permissions, and safe org-teardown that revokes entitlements, clears settings, and deletes projects when an organization is removed.
New Features
  • Added a Workspace LLM & Defaults page allowing workspace-level publish mode, theme, visibility and LLM provider/model selection.frontend
  • Added an onboarding LLM defaults step so new users can save workspace defaults during setup and mark onboarding complete.frontend
  • Added a user-visible option to create projects that inherit workspace defaults, and snapshot workspace values at project creation.frontend
Improvements
  • Updated project settings UI to show a clear ‘Use workspace defaults’ toggle and display the effective provider/model when inheritance is enabled.frontend
  • Stored project-level visibility passwords as hashed values and ensured project creation respects reserved slugs and returns useful errors.backend
  • Made the onboarding flow and sidebar behavior smoother by hiding the main sidebar during onboarding and setting an onboarding-complete cookie for faster subsequent access.frontend
  • Improved the project creation UX to post-process slugs and redirect reliably after creation.frontend
  • Added a workspace settings page that shows masked workspace API keys and supports replacing them, plus a provider/model matrix for projects to inherit.frontend
Security
  • Hardened API endpoints to require and validate caller identity (x-clerk-user-id) and checked installation and owner ownership before returning GitHub data.auth
  • Enforced project ownership checks on sensitive endpoints (resync, settings updates, project modifications) so only authorized users or org members can act.auth
  • Hashed visibility passwords with bcrypt before persisting to never store plain-text secrets.auth
Backend
  • Added a server-side resolver for actor and project/org access to centralize authorization checks used across endpoints.backend
  • Implemented enforcement of a free-plan monthly commit cap by counting commit entries in a UTC month window and skipping processing when the cap is reached.backend
  • Queued and audited repo-connected events and ensured project settings are snapshotted during project creation for predictable behavior.backend
Database & Migrations
  • Added a permission catalog and permission_grants table (RBAC scaffolding) and a PermissionRepository to manage grants programmatically.database
  • Added support in the project-settings repository to delete all settings for a subject and wired cleanup into organization deletion flows.database
  • Added a changelog entry count query used to enforce free-plan monthly limits and adjusted database exports to expose the new repositories.database
Integrations
  • Blocked GitHub repo/branch listings when the installation is not owned by the calling user to prevent cross-account access to repo metadata.integrations
  • Updated client-side GitHub proxy routes to forward caller identity so server-side ownership checks can run consistently.integrations
Tests & Docs
  • Updated prompt-builder and settings-resolver tests and messages to reflect project-level system prompt naming and inheritance behavior.
  • Added unit tests around onboarding guard logic and changelog entry counting.
Permalink
frontend
integrations

Add GitHub configuration link to project creation flow

Improvements
  • Added a GitHub configuration URL to the Project Creation wizard so users can open the installation settings and manage which repositories the app can access.frontend
  • Updated the repository selection step to display an “Update your sharing settings” link when only one repo is visible, letting users quickly open GitHub to add or share more repositories.integrations
Permalink
backend

Prioritized project owner instructions in prompt builder

Improvements
  • Updated the prompt builder so custom instructions provided by the project owner are prepended to the system prompt, ensuring those instructions are followed first.backend
Tests
  • Renamed and updated unit tests to reflect the new instruction order and to clarify expectations.backend
Permalink
backend
frontend
auth
integrations

Per‑user LLM keys and project LLM settings

  • Add per-user LLM API key management and project LLM optionsUsers can now add their own OpenAI or Anthropic API keys and choose provider and model per project. Keys are stored securely and only masked values are shown in the UI, enabling per-project customization of changelog generation.
New Features
  • Added GET and POST endpoints to manage user LLM configurations so users can save and retrieve their OpenAI or Anthropic API keys.backend
Improvements
  • Updated Project settings UI to let users pick LLM provider and model, and to submit an optional per-project API key.frontend
  • Made project settings PATCH support llm_provider and llm_model and forward BYOK API keys to the user key endpoint when provided.backend
  • Added model lists and sensible defaults for OpenAI and Anthropic to simplify model selection.frontend
API
  • Added a web proxy route that forwards authenticated requests to the new /v1/user/llm-config endpoints using the user's Clerk ID.auth
Security
  • Stored user API keys in Vault and never returned raw keys to the web app; the UI shows only masked key values.integrations
Permalink
auth
backend
frontend

Allow API/_next requests to bypass middleware; fix settings save; standardize public URL

Improvements
  • Allowed requests to paths starting with /api/ and /_next/ to pass through middleware unchanged so relative fetch() calls from subdomain pages reach the intended Next.js route handlers.auth
  • Updated project creation and settings forms to use buildChangelogUrl for the public URL display, ensuring consistent URLs across the app.frontend
Bug Fixes
  • Resolved the project settings PATCH handler to look up the internal user ID before saving so settings are recorded with the correct internal user.backend
Permalink
backend
integrations

Removed temporary 3-commit sync cap

Improvements
  • Removed a temporary limit that capped repository syncs to only three commits. Syncs now process all unprocessed commits so changelogs and integrations receive every commit without manual intervention.backend
Permalink
backend

Fix publish mode resolution so project publish settings are applied

Bug Fixes
  • Fixed a bug where project publish settings were ignored. The settings resolver now reads the project's publish_mode string ('auto' or 'approval_required') and correctly derives auto-publish and require-approval behavior, preventing entries from always falling back to draft.backend
Permalink
frontend

Use semantic theme tokens for public changelog to fix dark mode contrast

Improvements
  • Replaced hardcoded colors (e.g. bg-white, border-black, border-black/10) with semantic Tailwind tokens (bg-background, border-border, border-foreground) across the public changelog UI so the site respects the ThemeProvider and system/dark/light preferences.frontend
  • Updated visual elements including headers, footers, entry dividers, badges, tag buttons, and the empty-state panel to use the new semantic tokens for consistent theming.frontend
Bug Fixes
  • Fixed illegible or invisible elements in dark mode (backgrounds, borders, input borders, and divider lines) on public changelog pages so content is readable in all themes.frontend
  • Adjusted PasswordGate and error styling to use semantic colors (including destructive text and shadow color) for correct contrast in dark and light themes.frontend
Permalink
frontend
devops

Enable changelog subdomain routing on localhost for local testing

  • Local changelogs now work at [slug].localhost:PORTYou can now open changelogs in development using a subdomain-style URL (for example, http://my-project.localhost:4715). Next.js middleware rewrites those requests to the changelog route for local testing, matching production behavior. Modern browsers resolve *.localhost to 127.0.0.1 natively, so no /etc/hosts changes are required.
Improvements
  • Updated middleware and URL builder so development uses the same subdomain pattern as production; local changelog URLs now use http://[slug].localhost:PORT instead of the old /changelog/[slug] path.frontend
Documentation
  • Updated .env.development comment to document subdomain routing on localhost and note that modern browsers resolve *.localhost to 127.0.0.1 so no hosts-file edits are needed.devops
Permalink
integrations
backend

Fix LLM schema error and temporarily limit repo sync to 3 commits

  • Stopped 400 InvalidSchema errors on LLM callsUpdated the changelog JSON schema so the `body` field is required in headline items. This prevents OpenAI strict schema validation from rejecting requests; when unused, the model will receive an empty string instead of causing a 400 error.
Bug Fixes
  • Made the headline item `body` field required in the changelog JSON schema to avoid InvalidSchema errors from strict OpenAI validation.integrations
Improvements
  • Added a temporary cap to repo syncs to process at most 3 commits per run while end-to-end LLM pipeline validation completes; this reduces fan-out during testing and will be removed once generation is stable.backend
Permalink
frontend
backend
database
integrations

Manual Re-sync All Commits added to Project Danger Zone

  • Re-sync All Commits — permanently delete and re-generate changelog entriesAdded a one-click, manual re-sync in Project Settings that permanently deletes all existing changelog entries, resets all commits to unprocessed, and queues a full repository sync so the pipeline regenerates entries from the complete commit history. This destructive action is surfaced in the Danger Zone with orange styling and a confirmation dialog.
New Features
  • Added a Re-sync All Commits action to the Danger Zone in Project Settings with orange warning styling and a confirmation dialog so you can intentionally trigger a full re-generation of changelog entries.frontend
API
  • Added POST /v1/projects/:projectId/resync which deletes all changelog entries, resets commits to unprocessed, and queues a repo sync event to rebuild entries from the full commit history.backend
Improvements
  • Implemented database helpers to hard-delete changelog entries and reset commit processed flags so the pipeline can regenerate entries from scratch during a manual re-sync.database
Permalink
integrations
backend

Removed unsupported temperature parameter for OpenAI gpt-5-mini calls

Bug Fixes
  • Removed an unsupported temperature setting from OpenAI gpt-5-mini calls to prevent 400 BadRequest errors; structured JSON output remains unchanged.integrations
Permalink
backend
frontend
database
auth

Fixed missing projects by resolving Clerk IDs to internal UUIDs

Bug Fixes
  • Resolved an issue where project lists returned empty results when Clerk org/user IDs were passed directly; the server now resolves the internal owner UUID before querying projects.backend
  • Updated the app layout and dashboard to use the resolved internal IDs so users and organizations see their projects correctly.frontend
  • Ensured project queries matched the stored owner_id (internal UUID) instead of external Clerk IDs to prevent mismatches between created projects and query results.database
  • Added lookups from Clerk IDs to internal org/user records (findOrgByClerkId / findByClerkId) before project queries to correctly map external IDs to internal accounts.auth
Permalink
frontend
backend
database
auth

Local dev: GitHub App flow, project creation, org management, and UI polish

  • Branch picker: branches API + tracked-branch dropdownAdded a new backend endpoint to list GitHub branches and a frontend hook that populates the tracked-branch dropdown in the project creation flow so you can pick a branch (with loading and empty states) instead of typing it manually.
  • New PrimaryButton and UI polish across onboarding and dashboardIntroduced a reusable neobrutalist PrimaryButton (acid-green, box-shadow hover effect, supports asChild) and applied it across onboarding, the project wizard, and dashboard CTAs. Also added a live slug URL preview and clearer visibility descriptions.
New Features
  • Added GET /v1/github/repos/:installationId/branches to fetch repository branches for a GitHub App installation.backend
  • Added useGithubBranches TanStack Query hook and GithubBranch type to list branches in the UI.frontend
  • Added PrimaryButton component (neobrutalist acid-green style) and used it across onboarding, project creation, and dashboard CTAs.frontend
  • Auto-selected the repo in the Select Repo step when only one repository is accessible, so users can continue faster.frontend
  • Added tsc --watch dev script to internal packages so Turborepo hot-reloads package changes during local development.devops
API
  • Updated POST /v1/projects to accept clerkOwnerId (Clerk ID) and resolve the internal UUID server-side before creating a project.backend
  • Changed GET /v1/github/callback to redirect to /app/projects/new and to populate installed_by from the x-clerk-user-id header if provided.backend
  • Made GET /api/github/installations resolve Clerk userId to internal UUID and return an empty list (not a 500) when the user is not yet present in the DB.backend
Improvements
  • Replaced the tracked-branch text input with a Select dropdown populated from the GitHub branches API and added loading and empty states.frontend
  • Added a live URL preview and helper text to the project slug field so users see their public changelog URL while typing.frontend
  • Added per-option descriptions to Visibility options (Public, Unlisted, Private) to make sharing choices clearer.frontend
  • Mapped camelCase API response fields to the snake_case shape expected by the UI so repository lists populate correctly.frontend
  • Replaced bespoke CTA styling with the PrimaryButton component across the app for consistent primary actions.frontend
  • Tightened Sidebar active-link detection to strict equality so navigation highlights behave correctly.frontend
Bug Fixes
  • Made .env.local load with override: true so local secrets take precedence over placeholder values.backend
  • Fixed the GitHub callback page flow to move the redirect outside the try/catch so successful installs no longer show an error card.frontend
  • Fixed ConnectGitHubStep to pass the internal installation UUID (id) instead of the GitHub integer installation_id so downstream calls resolve correctly.frontend
  • Changed Clerk webhook org handling to immediately upsert the org creator as an admin member to avoid race conditions with membership events.auth
  • Changed handleOrgDeleted to hard-delete the organization row (and cascade members) via the DB so deletions are processed correctly.database
  • Made OrganizationRepository.addMember an upsert on (org_id, user_id) so duplicate membership events are idempotent.database
  • Removed invalid JavaScript null-coalescing operators from Inngest priority expressions so Inngest functions register correctly.backend
  • Removed DEMO_CLERK_USER_ID from env files and corrected Supabase JWT key formats in development envs.
Permalink
frontend
backend
auth
devops

Public changelog pages: subdomain routing, Linear theme, and password protection

  • Public-facing changelog surface — subdomain routing, Linear feed, and visibility gateUsers can now view project changelogs at [slug].suprlogs.app (or the local path fallback in development). The release included a server-rendered changelog list and SEO-friendly entry pages, a Linear-inspired feed with inline expansion and tag filtering, and an optional password gate for private changelogs.
New Features
  • Added server-rendered public changelog pages: a project list page and individual SEO entry pages with full OG/Twitter metadata and canonical links.frontend
  • Added an interactive Linear-style changelog feed with tag filtering and inline entry expansion that updates the address bar without reloading.frontend
  • Added a password-protected visibility option for private changelogs with an unlock flow that sets an HttpOnly session cookie on success.auth
API
  • Added public REST endpoints GET /v1/changelog/:slug and GET /v1/changelog/:slug/entries/:id that return published entries with no authentication required.backend
  • Added POST /api/changelog/[slug]/unlock to verify passwords and set a 24-hour HttpOnly cookie for private changelog access.backend
  • Updated PATCH /api/projects/[slug]/settings to accept a plain-text visibility_password which is hashed server-side before saving.backend
Improvements
  • Extended Next.js middleware to detect *.suprlogs.app hosts and transparently rewrite requests to the matching /changelog/[slug] routes so one deployment serves both admin and public sites.frontend
  • Added utilities: buildChangelogUrl() for correct canonical subdomain vs. local URLs and groupEntriesByMonth() for date grouping in feeds.frontend
  • Rendered structured LLM-generated sections where available and used react-markdown as a fallback for manually edited entries to improve display consistency.frontend
  • Updated project settings UI to optionally set a visibility password when choosing private visibility and linked the public URL to the subdomain preview.frontend
Security
  • Hashed visibility passwords with bcrypt before storage and verified passwords with bcrypt during unlock to avoid storing plain-text secrets.auth
Documentation
  • Added NEXT_PUBLIC_CHANGELOG_DOMAIN to environment files, README and turbo.json and documented the production wildcard domain and local fallback behavior.devops
Testing
  • Added 14 tests covering date-grouping and middleware subdomain/routing logic; all web tests passed.backend
Permalink
frontend
backend
database
auth

CMS workflow: entry editor, status actions, and settings save

  • Full CMS workflow — entry editor, status actions, and settings saveAdded a full entry editing experience: a dedicated entry page with an editable title, split-pane markdown editor (live preview), status-aware action bar (Approve / Reject / Publish / Archive), metadata sidebar (version, tags, team, commit info, generated JSON), inline approve actions on list cards, status filter tabs, and project settings save + delete flows.
New Features
  • Added a full entry editor page at /app/projects/[slug]/entries/[id] with an editable title, split-pane Markdown editor, status action bar, and metadata sidebar.frontend
  • Added a split-pane MarkdownEditor with live preview (react-markdown + remark-gfm) and 1.5s debounced auto-save.frontend
  • Added EntryActionBar with status-aware actions: draft/rejected → Publish; pending_approval → Approve + Reject; published → Archive.frontend
  • Added RejectDialog to capture an optional rejection reason when rejecting entries.frontend
  • Made entry cards link to the entry detail page and added an inline Approve quick-action for pending approval entries.frontend
  • Added status filter tabs in the entry list (All / Draft / Pending / Published / Archived / Rejected).frontend
  • Wired Project Settings UI to save General and Changelog settings and added a Danger Zone delete flow with slug confirmation.frontend
API
  • Added entry API routes to fetch, patch, and transition entry status (GET/PATCH /entries/[id], POST approve/reject/publish/archive).backend
  • Added project API routes: PATCH /api/projects/[slug] to update project name, PATCH /api/projects/[slug]/settings to upsert settings, and DELETE /api/projects/[slug] to hard-delete a project.backend
Improvements
  • Updated client hooks: useEntries now accepts a status filter, and new useEntry and useEntryMutations handle fetching and all entry write actions.frontend
  • Extended ChangelogEntryRepository.updateMetadata to accept title so inline title edits could be persisted.database
  • Added ProjectRepository.update to allow updating mutable project fields (name) without changing slug.database
  • Installed react-markdown and remark-gfm to power the in-app markdown preview.frontend
  • Added tests for entry action logic and settings validation; new tests were included and all web and database test suites passed.frontend
Permalink
frontend

Exclude reserved 'new' project segment to prevent phantom sidebar nav

Bug Fixes
  • Fixed phantom project sidebar for URLs like /app/projects/new and /app/projects/new/settings by treating 'new' as a reserved segment and excluding it from slug extraction.frontend
Permalink
frontend
auth
backend

Fix Clerk profile routing and handle users without organizations

  • Resolved Clerk routing conflicts for profile pagesAdded hash-based routing for Clerk profile components so Clerk's internal navigation no longer conflicts with Next.js path routing. This avoids requiring catch-all routes and prevents navigation errors for users.
Bug Fixes
  • Added routing="hash" to OrganizationProfile and UserProfile so Clerk uses hash-based navigation and does not conflict with Next.js path routing.frontend
  • Updated the organization settings page to guard against missing organizations: when no org is active the page displayed a CreateOrganization prompt instead of failing to render.auth
  • Removed the mandatory redirect to /app/onboarding when a user had no organization; users now land on the dashboard and projects are shown for their user account.frontend
  • Scoped project queries to the user when no organization is active (owner_type = 'user'), preventing errors and ensuring users see their own projects.backend
Permalink
frontend
database
devops

Guarded database access in server components and kept DB libs external

Bug Fixes
  • Guarded getDb() calls in server components so pages now handle database unavailability gracefully (rendering empty project lists or returning Not Found) instead of crashing.frontend
Improvements
  • Added @suprlogs/database and @supabase/supabase-js to Next.js serverExternalPackages so Node-only modules remain external and avoid bundling errors for server components.devops
Permalink
frontend
backend
integrations
auth

App shell, onboarding, GitHub connect, and project UI (Phase 3)

  • Redesigned authenticated app with onboarding and GitHub connectWe shipped a new authenticated app shell with a persistent left sidebar, a guided onboarding wizard, and a GitHub Connect flow that leads into a 3‑step project creation experience. The dashboard, project pages, and project settings are now available with placeholder stubs for analytics, editor, and branding.
New Features
  • Redesigned the authenticated app shell to use a persistent left sidebar with a ProjectSwitcher, project-scoped nav (Home/Settings/Analytics/Editor/Branding) and workspace nav.frontend
  • Added a 4‑step onboarding wizard (Welcome → Create workspace → Connect GitHub → Done) that embeds Clerk's CreateOrganization and advances automatically after org creation or GitHub installation.frontend
  • Added a 3‑step project creation wizard (Connect GitHub — auto‑skip when installed → Select repository → Configure project) that creates projects via the API and redirects to the project page on success.integrations
  • Added GitHub post‑install handler page (/github/callback) that calls the API callback and redirects users into the new project flow or shows an error card on failure.integrations
  • Updated the dashboard to show a ProjectGrid with ProjectCard, an empty state CTA when no projects exist, and an entry list page per project with skeleton loading and EntryCard display.frontend
  • Added project settings (General, GitHub, Changelog, Danger Zone), organization & account settings using Clerk components, and a billing placeholder page.auth
API
  • Added Next.js route handlers for server-backed reads: GET /api/projects, GET /api/projects/[slug], GET /api/projects/[slug]/entries, and GET /api/github/installations.backend
  • Added client hooks for data fetching: useProjects, useEntries, useGithubInstallations, and useGithubRepos (the latter calls the Express API).frontend
  • Updated middleware to exempt /api/* routes from Clerk redirects so API handlers can return 401/403 directly.auth
Improvements
  • Installed a set of Shadcn UI primitives and components to standardise UI building blocks across the app.frontend
  • Added @suprlogs/database to the web app and introduced a server-side getDb() singleton for safe DB access from server components and route handlers.database
  • Added NEXT_PUBLIC_API_URL and NEXT_PUBLIC_GITHUB_APP_SLUG environment variables (dev and production notes added) and surfaced them in the README and turbo globalEnv.devops
  • Bumped several web dependencies (hooks, radix, Zod, React Hook Form) and added Vitest + test utilities for the web package.frontend
  • Added 38 tests covering middleware routing predicates, extractActiveSlug utility, and the ConfigureProject Zod schema.backend
Documentation
  • Updated README with the web app GitHub App callback URL (/github/callback) and instructions to set NEXT_PUBLIC_API_URL / API_URL and NEXT_PUBLIC_GITHUB_APP_SLUG.
  • Documented the new web tests in the README test section.
Permalink
database
backend

Added RPC functions to create, read, and update vault secrets

  • Public RPC endpoints for vault secretsAdded three database RPC functions (vault_create_secret, vault_read_secret, vault_update_secret) to make it easier for applications to create, retrieve, and update secrets stored in the vault schema.
New Features
  • Added vault_create_secret, vault_read_secret, and vault_update_secret RPC functions to the public schema to manage secrets in the vault.database
API
  • Exposed the new vault RPC functions as public database endpoints so applications can call them directly to handle secret lifecycle operations.backend
Permalink
backend
integrations
frontend
devops

GitHub App integration and LLM-powered changelog pipeline

  • Automated LLM changelog generationCommits are now analyzed by an LLM (OpenAI or Anthropic) and turned into publishable changelog entries. Entries are validated, stored as rendered Markdown and JSON, and can be auto-published or held for approval per project settings.
New Features
  • You can install the GitHub App and connect repositories from the UI; the app records installation details and provides a repo picker.integrations
  • When you create a project the system performs a full historical commit sync and queues per-commit changelog generation.backend
API
  • Added versioned endpoints under /v1 — GitHub callback, repo listing for an installation, and project creation (POST /v1/projects).backend
Improvements
  • Diffs are filtered to remove noisy files (lockfiles, build output, vendored deps, generated code, large binaries) before analysis so changelogs focus on meaningful changes.backend
  • LLM calls use structured output and Zod validation so generated entries are consistent and safe to publish.backend
  • Processing priority can be elevated via entitlement so important accounts get faster syncs and LLM analysis.devops
  • User BYOK (Vault) support added for LLM API keys; Vault RPC helpers and a Vault client are included.devops
Documentation
  • Updated README and product docs with GitHub App setup, required env vars, API versioning, diff-filter behaviour, and test commands.
Permalink
backend
integrations
devops
auth

Updated README: clearer setup, ports, and webhook configuration

Documentation
  • Updated the project description to mention LLM analysis and corrected the hosted domain to suprlogs.com.
  • Clarified the repo layout and noted that the API server handles Clerk and GitHub App webhooks.backend
  • Added a detailed ports table and troubleshooting notes to help avoid conflicts when running local services.devops
  • Added comprehensive webhook setup instructions for Clerk and GitHub: signature verification details, ngrok local-development steps, required environment variables, and verification/testing guidance.integrations
  • Documented production deployment steps for the API on Railway and listed the environment variables required for a production rollout.devops
  • Expanded environment and startup guidance: where to copy .env files, which secrets to store in the root .env.local, env loading order, and updated pnpm service/start commands.auth
  • Added quick references for local database commands and test scripts to simplify developer workflows.database
Improvements
  • Improved clarity and structure of the README so developers can get services running and configure webhooks faster.frontend
Permalink
backend
integrations
database
auth

Add Clerk & GitHub webhook handlers and Inngest pipeline stubs

  • Receive and verify Clerk and GitHub webhooks, sync to DB, and queue background workThe API now accepts signed Clerk and GitHub webhook events, verifies signatures, synchronizes user/org/membership data to the database, and enqueues typed Inngest events for background processing. GitHub webhook payloads are persisted for audit/replay and database errors are handled so senders won't be retried unnecessarily. Two Inngest pipeline functions were added as safe stubs so end-to-end wiring can be validated before full implementation.
New Features
  • Added secure webhook endpoints for Clerk and GitHub under /webhooks that verify signatures before processing.integrations
  • Added production-ready signature verification utilities (Svix for Clerk and HMAC-SHA256 timing-safe check for GitHub) in a new webhooks package.auth
  • Added typed Inngest events and two stub pipeline functions to register background workflows for installation sync and push commit processing.backend
  • Persisted raw GitHub webhook events to an audit table (best-effort) and queued push events for background processing.database
API
  • Mounted webhook routes and updated startup to validate required environment variables (Clerk and GitHub webhook secrets) so misconfiguration fails fast.backend
Improvements
  • Added Project lookup by GitHub repo to the database layer to map incoming pushes to internal projects.database
  • Added end-to-end and unit tests (Vitest + Supertest) covering signature verification, bad signatures, handler behavior, and resilience to DB errors.backend
  • Updated dev tooling and scripts (test commands, Vitest, ngrok port, and global env) to support webhook development and local testing.devops
Permalink
backend
database
devops

Added typed repository layer and DatabaseService to @suprlogs/database

  • Repository layer with DatabaseService, 16 repositories, and 136 testsRestructured the database package to provide a single DatabaseService + lazy db singleton that exposes fully-typed repository classes for all tables. This improves reliability and makes backend code easier to use and test (136 Vitest unit tests added and all passed).
Repository layer
  • Added a DatabaseService facade and a lazy `db` singleton to @suprlogs/database to provide a single, easy-to-use entry point for database access.database
Repository APIs
  • Added 16 fully-typed repository classes (e.g. UserRepository, ProjectRepository, ChangelogEntryRepository, EntitlementRepository) with explicit input/output interfaces covering every table in the schema.backend
Types & client
  • Added createDatabaseClient() (service-role Supabase client) and a hand-written Database type describing all 19 tables so repository methods are type-safe.database
Tests & quality
  • Added 136 Vitest unit tests for repository logic; all tests passed and TypeScript compiled with zero errors, improving stability and confidence for backend changes.devops
Packaging & exports
  • Updated packages/database exports to expose repositories, types, and createDatabaseClient; added vitest devDependencies and `test`/`test:watch` scripts to package.json.devops
Documentation
  • Updated changelog and package docs to describe the new repository layer and where to find the database types and repository interfaces.
Permalink
database
docs
integrations
backend

Add full Supabase schema, seed data, docs, and env template

  • Complete database schema + starter data and docsA full Supabase schema and seed data were added alongside a developer-friendly database reference and PRD so teams can set up local dev, inspect the data model, and understand how the product is built.
Database & security
  • Added a complete Supabase schema covering identity, entitlements, Vault-based secret storage, GitHub installations, projects, commits, changelog entries, CMS tables, prompts, and audit logs.database
  • Applied row-level security patterns and triggers to keep data consistent and ensure secrets are stored safely (Vault references rather than plaintext).security
Seed data & LLM prompts
  • Seeded initial entitlement catalog, system changelog section types, and production prompt templates (commit analysis, weekly/monthly summaries, entry titles, classification) to make local and dev instances usable immediately.backend
Docs & product plan
  • Published a full Product Requirements Document (PRD), a human‑readable database reference (column-by-column), and a product backlog so product and support teams can review scope and design decisions.
Setup & integrations
  • Updated the .env.local.example with placeholders for GitHub App keys, Svix (outbound webhooks), and SuprSend (subscriber notifications) to simplify installation and integration setup.integrations
Developer experience
  • Added TypeScript types and a lazy Supabase client in the database package to make development and local testing faster and more predictable.backend
Permalink
devops
backend
auth
frontend

Add environment config files and VS Code editor associations

Environment configuration
  • Added shared and environment-specific environment files (.env, .env.development, .env.production) with non-secret defaults and local development values for Supabase, Postgres, Redis, Inngest, and Clerk.devops
Secrets and deployment guidance
  • Added notes and placeholders clarifying that secret keys (for example CLERK_SECRET_KEY and CLERK_WEBHOOK_SECRET) must be stored in .env.local and that production values should be set via the deployment environment.auth
Editor setup
  • Added VS Code editor associations so .parquet, .csv, and .tsv files open with the DuckDB data viewer for easier inspection of data files.frontend
Permalink
frontend

Added cookie consent manager, favicons, and improved site metadata

  • Built a privacy-first cookie consent experienceAdded a customizable cookie consent banner and preferences modal (Silktide) that lets visitors Accept all, Reject non-essential, or pick per-category preferences. Choices are saved in local storage, required cookies are enforced, and accessibility features (focus management and keyboard support) were included.
  • Improved site metadata, icons and social previewAdded a site manifest and favicon files, registered site icons (SVG/ICO/apple-touch) and an Open Graph image so links to SuprLogs show a proper preview. Metadata was expanded with keywords, robots settings and publisher information to improve sharing and discoverability.
New Features
  • Added a client-side ConsentManager that loads a Silktide-based cookie banner and modal (CSS and JS included) so users can manage cookie preferences on the site.frontend
Improvements
  • Added favicon files and a site.webmanifest so the site has a proper app icon and better install/display behavior on devices and browsers.frontend
  • Updated global site metadata (keywords, robots, publisher, icons and manifest) and added an Open Graph image to improve link previews and SEO.frontend
  • Included the consent manager stylesheet and ConsentManager component in the app layout so the banner is initialized via configuration without auto-initializing on load.frontend
Documentation
  • Added page metadata (title and description) for the Privacy Policy and Terms pages.frontend
Permalink
frontend
backend
auth
devops

Rename project to SuprLogs; fix Clerk env loading; align local ports

  • Project renamed to SuprLogsAll product and package names were updated from **SuprLog** → **SuprLogs**. This includes package names (@suprlog/* → @suprlogs/*), UI and marketing copy, repository name, Docker container name, documentation, OpenAPI metadata, and support/contact domains and emails (now suprlogs.com).
Improvements
  • Renamed internal packages and imports from @suprlog/* to @suprlogs/* across the monorepo (packages, apps and build scripts).backend
  • Updated public-facing copy and UI strings to use 'SuprLogs' (web pages, headers, footers, README and docs).frontend
  • Updated Docker and npm scripts to use the new names (for example: suprlogs-redis, suprlogs-mono).devops
Bug Fixes
  • Fixed environment loading in the web app so root .env.local values (for example Clerk CLERK_SECRET_KEY) override other env files and are used during development; added optional loading of .env.development.local.auth
  • Aligned local development ports and Supabase config to match the monorepo conventions (Supabase 4700, DB 4702, Redis 4703, Inngest 4707, web 4715).database
API
  • Updated API/OpenAPI and Inngest configuration to reference suprlogs.com and renamed the example service to 'suprlogs-api'.integrations
Documentation
  • Added a project changelog and clarified the README onboarding/env instructions, noting that env files are loaded from the monorepo root (.env → .env.development/.env.production → .env.local) and that Clerk secrets belong in the root .env.local.
Permalink
frontend
backend
docs
database

Initial commit: SuprLog monorepo (API, Web, Docs, packages)

  • Monorepo scaffolded with core apps and packagesAdded the initial SuprLog monorepo containing a Next.js marketing/dashboard site, an Express API server (with Inngest mount and health endpoint), a Mintlify docs site with a minimal OpenAPI spec, and the core package layout to build out the product.
New Features
  • Added the Next.js marketing site and dashboard UI to present product information and the future project dashboard.frontend
  • Added an Express API server with a /health endpoint and an Inngest mount for background jobs.backend
  • Published a Mintlify docs site with an API reference, quickstart, and a minimal OpenAPI spec.docs
Platform & Packages
  • Added core workspace packages (shared utilities, database, cache, auth, providers, webhooks, changelog-pipeline, inngest) as foundations for development.backend
  • Added Supabase configuration, a database package stub and initial repository/client helpers for future data work.database
  • Added a Redis cache package and docker-compose entry to run Redis locally for development.devops
Developer tooling
  • Configured monorepo tooling and scripts (pnpm workspaces, Turbo, dev/build/test scripts, TypeScript, ESLint, Prettier) to streamline local development.devops
  • Provided environment templates (.env.example, .env.local.example) and a README with a quickstart to help contributors get started.devops
Documentation & Onboarding
  • Added comprehensive developer-facing docs and onboarding content (.cursor/commands and .cursor/rules) covering auth, web app, API integration, database, Inngest patterns, LLM usage, error handling, logging, testing, and commit guidelines.docs
  • Added API docs pages (health check, API keys) and a quickstart to document current capabilities and next steps for users.docs
Permalink