Full markdown coverage — Setext headings, images, autolinks, reference links, task lists, tables, footnotes, hard breaks, escape sequences.
Security: URL schemes allowlisted to http/https/mailto (file://, javascript:, and custom app schemes no longer fire on click). Dropped HTML paste path — NSAttributedString(html:) carries WebKit's attack surface. Sparkle dependency pinned via committed Package.resolved.
Internals: styler refactored to a declarative Rule list. ADRs added under Docs/adr/. Security review at Docs/security.md.
Existing 1.0.0 users will see this as an available update automatically.