Skip to content

v2.10.0

Choose a tag to compare

@trezy trezy released this 30 Jun 17:27
1db7192

2.10.0 (2026-06-30)

Bug Fixes

  • add better reporting and proper resume on backfills (bdd9bc9)
  • add better retry logic for backfills (d4ae6a7)
  • add permissions to the internal API (87a19e9)
  • add permissions to the internal API (a119510)
  • add reauth button for service identity (a2907d9)
  • add reauth button for service identity (c72c398)
  • add reauth button for service identity (6b3e797)
  • add success and dead-letter logging to label scripts (c6d7bca)
  • address copilot feedback (bc135cd)
  • allow docker containers to execute HappyView binaries (d1da97b)
  • allow log verbosity toggle to override env var (fe191ce)
  • allow sheets to be much larger (2b379cc)
  • allow sheets to be much larger (efd6140)
  • better handling for PDS errors (0ac3e2c)
  • better icons for stages (c633f09)
  • better pool size accounting when using sqlite (e023d39)
  • build SDKs even if base client has no changes (b3f2dad)
  • bulk insert in discovery, seed records on resume, dedupe retry helper, add cancel tests (4e74bcd)
  • chunk bulk inserts for sqlite, use rows_affected for counts, faster cancel checks, users page a11y (2947a90)
  • clamp backfill concurrency values (de42a7f)
  • cleanup broken sessions (7c4ad56)
  • cleanup derelict items after successful auth (6c76088)
  • dead-letters: admin endpoints span both legacy + new tables (e720b2b)
  • delegate to backend for network lexicon resolution (606c752), closes #49
  • display sync warning after refresh (17a5f03)
  • display sync warning after refresh (e599a1f)
  • display sync warning after refresh (2833ab3)
  • dont block space creds on client key check (6108edd)
  • dont refresh tokens on 4xx status codes (ca5b6a5)
  • dont use use timestamptz in migrations (Ill remember that... one day) (24320ba)
  • dynamic cookie security handling and harden tests for service proxies (9732a21)
  • dynamic cookie security handling and harden tests for service proxies (d609358)
  • dynamic cookie security handling and harden tests for service proxies (584eeeb)
  • expose approved oauth scopes to clients (0a5b826)
  • expose oauth scopes via the SDKs (ae69736)
  • filter nesting was allowed to 6 levels instead of 5 (59b9d5b)
  • fix base path not being respected by trailing slash redirects (2d1d60d)
  • generate missing IDs for dead letters (671a753), closes #20
  • get max connections from Postgres instead of current connections (79e794c)
  • handle reauthenticating to service entry accounts (2c83781)
  • handle reauthenticating to service entry accounts (3234b9c)
  • handle reauthenticating to service entry accounts (feac3d0)
  • handle the scope format returned from Bluesky PDS (2066c7f)
  • harden backfill cancel idempotency, SQL injection guard, DID retry cap, and row a11y (92c8a98)
  • harden the setup wizard (a210849)
  • harden the setup wizard (ed663f6)
  • harden the setup wizard (13c855b)
  • issues with backfill stage/status separation and progress tracking (6da4ac8)
  • make backfill progress headings more accessible (4e80754)
  • make the service entry dashboard more user friendly (c5111c7)
  • make the service entry dashboard more user friendly (78d097f)
  • make the service entry dashboard more user friendly (6e0d59e)
  • move record info into sheets (d129d26)
  • move user permission management into sheets (e79b9f1), closes #23
  • move user permission management into sheets (1d8b400), closes #23
  • only count successful PDS resolutions, cap retry-after, update backfill docs (f53e545)
  • port service entry design optimisations to other pages (1485f4b)
  • port service entry design optimisations to other pages (bba3a20)
  • port service entry design optimisations to other pages (8d8b92e)
  • post-conflict resolution cleanup (b4676f1)
  • prevent backfill jobs from locking locking out pause/cancellation (92e0a21)
  • prevent base path collision (4ae8c29)
  • prevent concurrency settings from being set to invalid values (c5b4b87)
  • prevent creation of API clients that would break HappyView core client (cd10300)
  • prevent dead letters from being created without an ID (50a3786), closes #20
  • prevent errors with IPv6 addresses when building loopback clients (23e858b)
  • prevent false match rewrites when a base path is in use (2a9bc80)
  • prevent opening "discovering trepos stage" from locking the ui thread (13e2e63)
  • prevent reprocessing of sse (c56bc77)
  • prevent unauthenticated users from being redirected to setup (fe3529b)
  • prevent unauthenticated users from being redirected to setup (66413a7)
  • prevent unauthenticated users from being redirected to setup (98af6e4)
  • prevent unauthorized privilege escalation (4f97576)
  • rate-limit unauthenticated procedure requests before rejecting (79ea8ef)
  • reduce backfill db contention and sse event flooding for pds discovery and record fetching during backfill (9a3b93d)
  • reject JWT at exact expiry second (aadf092)
  • remove broken timestamping (908efca)
  • remove broken timestamping (b9ba42d)
  • remove broken timestamping (3cbe22e)
  • remove cleanup delay caused by tick eater (aa5e842)
  • remove clippy suppression (4db01f0)
  • remove counts from records dropdowns (6be8848)
  • remove duplicate exports in api.ts from merge (a4f990f)
  • remove forced HappyView redirect URI from API client creation (849f097)
  • remove oauth redirect hop, and add explicit redirect for the root url (59cbd39)
  • remove prefix typo from db.query filter generation (230b4d4)
  • remove public record aggregation from permissioned spaces (55cf1b6)
  • remove public record aggregation from permissioned spaces (34c630c)
  • remove public record aggregation from permissioned spaces (55afaaf)
  • remove route dupes (12241ab)
  • remove superfluous early exit on invalid session token (pds concern, not happyview concern) (c274314)
  • replace the base path sentinel in next.js text files (5e128a4)
  • require client key for rate limiting on all XRPC routes (8c578de)
  • reset backfill ui when flushing details (a83a4fa)
  • restore granted_at default in migrations (b4759e9)
  • restore missing log events for verbose logging (d52b31b)
  • restore plc concurrency (ffdd110)
  • restore SDK scopes types after bad conflict resolution (44986ab)
  • restrict Bearer space credentials to space XRPC routes (2598b58)
  • return 404 when dismissing a nonexistent dead letter (909f6f5)
  • scopes types in oauth-client sdk after bad conflict resolution (d49033e)
  • sdk: support the kid param from @atproto/jwk-webcrypto (8a09489)
  • separate backfill db connection pool from main app pool (dfa0d38)
  • update column type in backfill migration (3618d9f)
  • update scopes type (635bcd6)
  • update the base path rewrite to skip Nexts basePath config (8470d66)
  • use correct permission IDs in dashboard (cf4a984), closes #24
  • use correct permission IDs in dashboard (a37a254), closes #24
  • use cursors for pagination in spaces endpoints (7bb7eb6)
  • use dpop thumbprints to enable multi-device auth (28f7fa6)
  • use NULL instead of empty string for local-only record CID (55e65f7)
  • use stateRef pattern in ScriptForm to avoid exhaustive-deps suppression (c8e5d5c)
  • use the correct connection pool for record upserts (81a63c8)
  • use the correct cursors when paginating spaces (8b65ff6)
  • virtualize backfill details and move event stream into a worker (c741e75)

Features

  • add filter to db.query (8b1ae86)
  • add backfill concurrency settings (67d3e35)
  • add blob upload and download utilities (44ad24c)
  • add collection column to dead_letter_scripts so we can ditch second-level filtering (64b1031)
  • add control for experiments to the dashboard (6adb5ee)
  • add control for experiments to the dashboard (de7a94e)
  • add control for experiments to the dashboard (3d3d7c7)
  • add more detailed information to backfill UI (5d891b9)
  • add new TID functions (523e19f), closes #16
  • add oauth-client-node SDK (488a6df)
  • add suffix filter to GET /admin/scripts and use it in lexicon detail (5eda38c)
  • add support for nexted syntax in field selectors (4f2e027)
  • add support for service proxying (d5fa751)
  • add support for service proxying (86d915c)
  • add support for service proxying (d16ca01)
  • add support for session hooks (e1a6b00)
  • allow backfill jobs to be paused and resumed (25084fb)
  • allow backfills to be cancelled (953c786)
  • allow the base path to be configured (ee8e541)
  • dashboard: scripts grouped by trigger family + lexicon targeting panel (678da37)
  • increase backfill record batch inserts (9238884)
  • make backfill collection discovery concurrent (231a734)
  • make verbose event logs configurable (2d7f51e)
  • migrate legacy script/index_hook data to scripts table and drop columns (1a37d14)
  • parallelize PDS resolution and record retrieval during backfills (a480799)
  • permissioned spaces implementation (693d678)
  • permissioned spaces implementation (6b3d542)
  • publish node sdk (705c575)
  • recommend restart when backfill concurrency settings dont match existing connection pool size (30b97ef)
  • refactor permissioned spaces to better align with Dan's implementation (7eb4a03)
  • refactor permissioned spaces to better align with Dan's implementation (16c3c60)
  • scripts: promote log() to write into event_logs (fb9dfaa)
  • scripts: trigger-keyed scripts subsystem (fe4f84f)
  • update JS SDKs to more closely match their @atproto cousins (77c2083)
  • update JS SDKs to more closely match their @atproto cousins (357a5d3)
  • update JS SDKs to more closely match their @atproto cousins (df717e9)
  • update to latest permissioned data spec (f3875b2)
  • xrpc-proxy: add settings to control the XRPC proxy (63f22d6)
  • xrpc-proxy: add settings to control the XRPC proxy (a89d00f)