v0.9.0
What's Changed
Multi-tenant organizations
Organizations now get their own URL slugs and isolated workspaces, laying the groundwork for team-based access control and billing.
- feat: multi-tenant organizations with slug-based routing by @tomasz-tomczyk in #212
Self-hosted SSO proxy support
Self-hosted deployments behind an authentication proxy (e.g., Authelia, Authentik, OAuth2 Proxy) can now pass trusted headers to crit-web, so sharing and other authenticated actions work without a second login.
- feat: proxy_auth support for SSO-proxied self-hosted deployments by @tomasz-tomczyk in #211 - Thank you @jbrooksbartlett for reporting!
Features
- feat: add Permissions-Policy, opt-in HSTS, and secure cookies by @tomasz-tomczyk in #213
- feat: marketing opt-in consent capture by @tomasz-tomczyk in #210
- feat: add Pi, Grok, and Cline logo integrations by @tomasz-tomczyk in #220
Fixes
- fix: filter 410 from LiveSocket transport error reporting by @tomasz-tomczyk in #219
Internal refactors
- refactor: pre-release audit cleanup by @tomasz-tomczyk in #221
Dependencies
- chore(deps): bump swoosh from 1.25.1 to 1.25.2 by @dependabot in #214
- chore(deps): bump mermaid from 11.14.0 to 11.15.0 in /assets by @dependabot in #215
- chore(deps): bump bandit from 1.11.0 to 1.11.1 by @dependabot in #216
- chore(deps): bump @sentry/browser from 10.52.0 to 10.53.1 in /assets by @dependabot in #217
- chore(deps): bump postgrex from 0.22.1 to 0.22.2 by @dependabot in #218
Full Changelog: v0.8.0...v0.9.0
Contributors
tomasz-tomczyk, dependabot, and jbrooksbartlett