Changelog

All notable changes to NEXULEAN are documented in this file.

[v2.0.0] — 2026-03-11

Full Next.js 14 App Router — Rebuilt from the ground up using the Next.js 14 App Router with TypeScript 5 for type-safe server and client components.
Firebase Authentication — Secure login, sign-up, and password-reset flows powered by Firebase Auth (email & password).
Authenticated Dashboard — Protected client portal accessible only to logged-in users.
Cybersecurity Services Page — Detailed breakdown of ethical hacking, penetration testing, AI-powered security, and digital forensics.
Projects Showcase — Portfolio of security tools, exploits, and AI models.
Smooth Animations — Page and component transitions powered by Framer Motion.
shadcn/ui Component Library — Full Radix UI-based component library integration.
Netlify Deployment — Static export with hardened security headers.

CRITICAL: Fixed API Key Exposure (CVE-2026-32138) — Resolved a critical vulnerability where Firebase config and Web3Forms access keys were hardcoded in source control.
- Remediation: Migrated all sensitive credentials to .env.local.
- Rotation: Revoked and rotated all compromised Firebase API keys and Web3Forms tokens.
- Access Control: Updated Firestore Security Rules to prevent unauthenticated document listing and data leakage.
Security Headers — Configured X-Frame-Options, X-Content-Type-Options, and Referrer-Policy in netlify.toml.
Validation — Integrated Zod schema validation for all user input forms.

Layer	Technology
Framework	Next.js 14 (App Router, static export)
Language	TypeScript 5
Styling	Tailwind CSS 3 + tailwindcss-animate
UI Components	Radix UI + shadcn/ui
Animations	Framer Motion
Authentication	Firebase Auth (Environment-based)
Forms	React Hook Form + Zod
Deployment	Netlify

For full project details, see README.md. Technical details on CVE-2026-32138 can be found in the GitHub Security Advisory.