v1.3.0

• chore: release v1.3.0
• feat(enrichment): implement fund provider routing and chained ISIN lookup (#38)

What's Changed

• feat(enrichment): implement fund provider routing and chained ISIN lookup by @itinsecurity in #38

Full Changelog: v1.2.0...v1.3.0

v1.2.0

• chore: release v1.2.0
• feat(enrichment): implement live primary enrichment (#37)
• Delete .claude/settings.local.json
• Update README with project disclaimer and learning goals
• docs: add README and flesh out CONTRIBUTING
• docs: add primary enrichment design description and technical reference
• docs: add user flow diagram
• fix(auth): redirect to / after GitHub OAuth and block authenticated /login access (#36)

What's Changed

• fix(auth): redirect to / after GitHub OAuth and block authenticated /login access by @itinsecurity in #36
• feat(enrichment): implement live primary enrichment by @itinsecurity in #37

Full Changelog: v1.1.2...v1.2.0

v1.1.2

• chore: release v1.1.2
• fix(css): remove dark mode media query and add WCAG AA form element styles (#35)
• chore(ci): gate release on CI via workflow_dispatch

What's Changed

• fix(css): remove dark mode media query and add WCAG AA form element styles by @itinsecurity in #35

Full Changelog: v1.1.1...v1.1.2

v1.1.1

• chore: release v1.1.1
• chore(deps): bump @vitejs/plugin-react v4 → v6, pin vite ^8 (#34)
• chore(deps): bump unpdf ^0.11 → ^1.4 (#33)
• chore: migrate middleware.ts to proxy.ts for Next.js 16 (#30)
• chore(deps-dev): Bump flatted from 3.4.1 to 3.4.2 in the npm_and_yarn group across 1 directory (#28)
• chore: upgrade CI to Node 24 and drop stub @types/bcryptjs (#29)
• Update settings.local.json

What's Changed

• chore: upgrade CI to Node 24 and drop stub @types/bcryptjs by @itinsecurity in #29
• chore(deps-dev): Bump flatted from 3.4.1 to 3.4.2 in the npm_and_yarn group across 1 directory by @dependabot[bot] in #28
• chore: migrate middleware.ts to proxy.ts for Next.js 16 by @itinsecurity in #30
• chore(deps): bump unpdf ^0.11 → ^1.4 by @itinsecurity in #33
• chore(deps): bump @vitejs/plugin-react v4 → v6, pin vite ^8 by @itinsecurity in #34

Full Changelog: v1.1.0...v1.1.1

v1.1.0

• chore: release v1.1.0
• feat(rendering): force dynamic rendering for all (app) routes (#27)

What's Changed

• feat(rendering): force dynamic rendering for all (app) routes by @itinsecurity in #27

Full Changelog: v1.0.0...v1.1.0

v1.0.0

• fix(charts): update recharts v3 tooltip formatter signatures (#26)
• chore: release v1.0.0
• feat(auth)!: dev credentials login provider introduces breaking auth change
• chore(deps): Bump next from 15.5.12 to 16.1.7 (#24)
• chore(deps): Bump zod from 3.25.76 to 4.3.6 (#23)
• chore(deps): Bump recharts from 2.15.4 to 3.8.0 (#22)
• chore(deps): Bump @types/bcryptjs from 2.4.6 to 3.0.0 (#21)
• chore(deps): Bump actions/checkout from 4 to 6 (#20)
• chore(deps): Bump softprops/action-gh-release from 2.5.3 to 2.6.1 (#19)
• feat(auth): add dev credentials login provider (#18)
• chore(ci): add explicit permissions to CI workflow (#17)
• Update codeql-config.yml
• Add config-file option to CodeQL workflow
• Update CodeQL config to exclude tests folder, use the security-extended query pack, and exclude experimental queries.

What's Changed

• chore(ci): add explicit permissions to CI workflow by @itinsecurity in #17
• feat(auth): add dev credentials login provider by @itinsecurity in #18
• chore(deps): Bump softprops/action-gh-release from 2.5.3 to 2.6.1 by @dependabot[bot] in #19
• chore(deps): Bump actions/checkout from 4 to 6 by @dependabot[bot] in #20
• chore(deps): Bump @types/bcryptjs from 2.4.6 to 3.0.0 by @dependabot[bot] in #21
• chore(deps): Bump recharts from 2.15.4 to 3.8.0 by @dependabot[bot] in #22
• chore(deps): Bump zod from 3.25.76 to 4.3.6 by @dependabot[bot] in #23
• chore(deps): Bump next from 15.5.12 to 16.1.7 by @dependabot[bot] in #24
• fix(charts): update recharts v3 tooltip formatter signatures by @itinsecurity in #26

Full Changelog: v0.2.1...v1.0.0

v0.2.1

• chore: release v0.2.1
• Add CodeQL configuration to disable default queries and set TypeScript as the primary language
• Add CodeQL analysis workflow configuration
• fix: add postinstall prisma generate to ensure client types in CI
• fix: exclude prisma/ from Next.js TypeScript compilation

Full Changelog: v0.2.0...v0.2.1

v0.2.0

• feat(auth): replace Credentials provider with GitHub OAuth (#16)
• fix: correct Prisma 7 config and runtime import paths (#15)
• fix: migrate to Prisma 7 driver adapter pattern (#14)
• fix: switch Prisma provider from SQLite to PostgreSQL for production (#13)
• chore(deps): Bump esbuild from 0.21.5 to 0.27.4 in the npm_and_yarn group across 1 directory (#9)
• chore(deps): Bump react-dom from 19.2.3 to 19.2.4 (#8)
• chore(deps): Bump softprops/action-gh-release from 2.5.0 to 2.5.3 (#7)
• chore(deps): Bump actions/setup-node from 4.4.0 to 6.3.0 (#6)
• chore(deps): Bump actions/upload-artifact from 4 to 7 (#5)
• chore(deps): Bump @prisma/client from 6.19.2 to 7.5.0 (#10)
• chore(deps): Bump react from 19.2.3 to 19.2.4 (#11)
• chore(deps-dev): Bump jsdom from 25.0.1 to 29.0.0 (#12)
• Update settings.local.json

What's Changed

• chore(deps-dev): Bump jsdom from 25.0.1 to 29.0.0 by @dependabot[bot] in #12
• chore(deps): Bump react from 19.2.3 to 19.2.4 by @dependabot[bot] in #11
• chore(deps): Bump @prisma/client from 6.19.2 to 7.5.0 by @dependabot[bot] in #10
• chore(deps): Bump actions/upload-artifact from 4 to 7 by @dependabot[bot] in #5
• chore(deps): Bump actions/setup-node from 4.4.0 to 6.3.0 by @dependabot[bot] in #6
• chore(deps): Bump softprops/action-gh-release from 2.5.0 to 2.5.3 by @dependabot[bot] in #7
• chore(deps): Bump react-dom from 19.2.3 to 19.2.4 by @dependabot[bot] in #8
• chore(deps): Bump esbuild from 0.21.5 to 0.27.4 in the npm_and_yarn group across 1 directory by @dependabot[bot] in #9
• fix: switch Prisma provider from SQLite to PostgreSQL for production by @itinsecurity in #13
• fix: migrate to Prisma 7 driver adapter pattern by @itinsecurity in #14
• fix: correct Prisma 7 config and runtime import paths by @itinsecurity in #15
• feat(auth): replace Credentials provider with GitHub OAuth by @itinsecurity in #16

Full Changelog: v0.1.0...v0.2.0

v0.1.0

• fix: correct Divest-infra repo name casing in release workflow
• fix: correct divest-infra repository owner in release workflow
• chore: release v0.1.0
• feat: holdings registration and portfolio profile (#4)
• docs: clarify abstraction layer requirements for AI and auth providers
• docs: populate constitution to v1.0.0
• docs: align PR title format with Conventional Commits
• Bump peter-evans/repository-dispatch from 3 to 4 (#1)
• Bump actions/checkout from 4 to 6 (#2)
• chore: pin GitHub Actions to commit SHAs
• chore: rename DEPLOY_PAT secret to DIVEST_INFRA_DISPATCH
• chore: open-source infrastructure setup
• Remove redundancies from CLAUDE.md - consolidate duplicate rules
• Create settings.local.json
• Add CLAUDE.md with consolidated development workflow and standards

What's Changed

• Bump actions/checkout from 4 to 6 by @dependabot[bot] in #2
• Bump peter-evans/repository-dispatch from 3 to 4 by @dependabot[bot] in #1
• feat: holdings registration and portfolio profile by @itinsecurity in #4

New Contributors

• @dependabot[bot] made their first contribution in #2

Full Changelog: https://github.com/itinsecurity/Divest/commits/v0.1.0