Skip to content

v12.40.13

Choose a tag to compare

View all tags
@riderx riderx released this 01 Nov 03:10
· 3708 commits to main since this release
v12.40.13
0205b8d

🆕 Changelog

Added

  • Credit system v2 with usage tracking and credit balance monitoring
  • Cloudflare Workers testing infrastructure with dedicated test commands
  • New statistics API endpoints with D1 database support
  • Account deletion workflow with scheduled cleanup and email notifications
  • Organization management features (create, update, delete organizations)
  • API key system with organization and app-level restrictions
  • CAPTCHA protection for registration, login, and password reset flows
  • Deploy history tracking for bundles and channels
  • Device custom ID mode for tracking
  • Bento event tracking for user onboarding milestones
  • Chart visualizations for app metrics, bundle uploads, and version stats
  • Price calculator tool
  • MFA support for admin accounts
  • Monthly usage email reports
  • Hindi language support
  • R2 storage cleanup scripts and verification tools

Changed

  • Migrated from Supabase Edge Functions to multi-platform deployment (Cloudflare Workers primary, Netlify backup, Supabase for CRON)
  • Switched database queries to use Hyperdrive and D1 read replicas for improved performance
  • Updated authentication flow to preserve redirect URLs after login
  • Redesigned dashboard with improved mobile responsiveness and dark mode support
  • Refactored bundle management UI with table-based views and better filtering
  • Enhanced device tracking to always store device_id in lowercase
  • Improved error handling and logging across all backend services
  • Migrated to Vite 6 and updated frontend build system
  • Consolidated API endpoints and removed deprecated routes
  • Updated rate limiting to use new middleware system

Fixed

  • RLS (Row Level Security) policies to prevent unauthorized data access
  • Channel deletion when devices are still linked
  • Bundle deletion when channels reference the bundle
  • Stats calculation for MAU (Monthly Active Users) and device counts
  • File upload issues with TUS protocol and large files
  • Replication sync between PostgreSQL and D1 databases
  • Device table filtering and pagination
  • Retention settings validation (limited to 2 years maximum)
  • Two-factor authentication flow for password reset
  • Stripe webhook processing for subscription events
  • Version compatibility checks with native packages
  • Memory leaks from unclosed database connections
  • XSS vulnerabilities in user input handling

Security

  • Implemented API key validation with limited scope support
  • Added schema specification for database queries to prevent injection attacks
  • Enforced proper RLS policies for organization and user data
  • Removed hardcoded secrets from test files
  • Added mutual signature verification for bundle downloads
  • Implemented CAPTCHA protection against automated attacks
  • Secured public API endpoints with rate limiting

Removed

  • Legacy trigger system (replaced with queue-based processing)
  • Deprecated encryption key support (migrated to new encryption system)
  • Old bundle storage bucket system
  • Unused Plunk email service integration
  • Redundant database fields and tables
  • Service worker configuration
  • Deprecated API endpoints and routes

🔗 Full Changelog: v11.3.70...v12.40.13

Assets 2
Loading