v1.0.0 — Initial release

First public release of DocuRidge — a self-hosted, production-grade e-signature platform with a cryptographic audit ridge.

Highlights

Auth & identity

• Email + password (Argon2id), email verification, password reset, account lockout
• Server-side sessions, CSRF protection, rate limiting on auth endpoints
• Org-scoped multi-tenancy with ADMIN / SENDER / VIEWER roles
• Centralized can(user, action, resource) permission function — auth strategy designed as a swap so SSO (SAML / OIDC / CAS / Shibboleth) is plug-in work

Documents & signing

• PDF upload (size + MIME validated), in-browser preview, multi-page navigation
• Drag-and-drop field placement: signature, initials, date, text, number, checkbox, radio, dropdown, name, email, job title, phone, address, company, formula, attachment, approve/decline, note, line, stamp, drawing
• Per-field properties (read-only, char limit, pattern, options, formula, conditional logic)
• Multi-recipient sequential or parallel routing, conditional routing (skip recipient unless an earlier field has a chosen value)
• New roles: APPROVER, WITNESS, IN_PERSON_SIGNER
• Reassign-by-recipient, finish-later drafts, comments thread
• Single-use, time-bounded, JWS-signed signing tokens
• UETA/ESIGN-aware consent + final-confirm signing ceremony
• Multi-font typed signatures (Caveat, Dancing Script, Great Vibes, Sacramento)
• Org-wide default field font (sans / serif / mono)

Cryptographic audit chain

• Every state-changing event hashed and Ed25519-signed, chained via `prev_hash`
• Verifiable with `docker compose -p docuridge exec app npm run verify <sealed.pdf>`
• Sealed PDF: stamped fields, appended audit page, signed JSON manifest embedded as a PDF attachment

Templates & bulk

• Reusable envelope templates with role-mapped instantiation
• Bulk send via CSV → one envelope per row from a chosen template
• PowerForms (public links that mint envelopes per submission)

Operator features

• Mail abstraction with two backends (`mailhog` for dev, `smtp_relay` for production)
• Code-level recipient allowlist with its own unit tests, configurable via `MAIL_ALLOWLIST`
• Brand color customization, email-logo upload, custom email footers
• Folders, bulk dashboard actions, webhooks, forward-completed
• "Clear all" notifications via per-user cursor (audit chain stays untouched)

Stack
Next.js 15 App Router · TypeScript strict · Postgres 16 · Prisma · Tailwind · pdf-lib · pdfjs · Argon2id · jose · @noble/ed25519 · nodemailer · Pino · Zod · Vitest · Playwright

Quickstart

```bash
cp .env.example .env
docker compose -p docuridge up --build -d
grep '^BOOTSTRAP_TOKEN=' .env

visit /DocuRidge/setup with the token, set an admin password

```

See `README.md`, `SECURITY.md`, and `DEPLOYMENT.md` (coming) for the full operator guide.

Out of scope for v1

SSO/SAML/OIDC integration (auth layer is designed as a strategy swap), KBA / ID verification, Notary / RON, qualified electronic signatures (eIDAS QES), native mobile apps (responsive web tested at 390px), payments, multi-org switching, cloud KMS / HSM (local Ed25519 key with documented upgrade path), white-label theming.