CHANGELOG.md

Changelog

3.1.0 (2026-04-19)

Features

• admin: RBAC admin role replaces ADMIN_TOKEN (fd00909)
• admin: replace ADMIN_TOKEN with session-based RBAC (cc5616c)
• auth: add forgot-password + reset-password UI and CR fixes (4271fa7)
• branding: reproducible glassmorph OG image (3cd0741)
• changelog: walk recent GitHub releases to find one with content (2da285d)
• email: weekly TPI digest every Sunday (63527e7)
• email: weekly TPI digest every Sunday (2d6159b)
• email: wire Postmark + React Email for auth flows (5d7301b)
• email: wire Postmark + React Email for auth flows (8840486)
• landing: redesign with glassmorphism (04bb6f9)
• legal: apply glassmorphism theme to privacy and terms pages (3084417)
• ui: bump orbs to /10 and add glass-card utility (e1ac980)
• ui: light glassmorph polish on authenticated pages (d586a2f)
• ui: light glassmorph polish on authenticated pages (d69d138)
• ui: orbs /15 and glass-effect on all main card containers (5a84423)
• web: redesign landing page (b1e6eaf)
• web: redesign landing page (ffdd380)

Bug Fixes

• admin: harden RBAC role from CodeRabbit review (fa88955)
• auth: enforce email verification + harmonise email templates (094c8c6)
• auth: enforce email verification + harmonise email templates (b6d74f2)
• auth: stash pending email in sessionStorage + robust error extract (6dd4aef)
• auth: tighten login error check + link consistency (86383c6)
• changelog: defensive date fallback + unique keys, skip queryKey removal (f094df2)
• changelog: fetch up to 20 releases + document queryKey pattern (04448e1)
• changelog: mark canonical version instead of displayed fallback (15a2200)
• changelog: only mark version seen after content is loaded (b524654)
• changelog: show breaking/perf + fall back when latest is empty (b6983c1)
• changelog: show breaking/perf + fall back when latest is empty (316a47f)
• changelog: timeout on GitHub fetch + stable React keys (0d28fdd)
• ci: drop remote-* config from CLA Assistant workflow (a6a858c)
• ci: drop remote-* config from CLA Assistant workflow (658d5c0)
• ci: move CLA signatures to unprotected branch (8e1ee96)
• ci: move CLA signatures to unprotected branch (4e27b64)
• digest: address CodeRabbit review findings (371920f)
• digest: apply CodeRabbit review round 2 (8b94676)
• digest: release claim on send failure + exclude done from upcoming (08fd2c8)
• digest: tz-aware week window, atomic claim, secret hardening (4efa09d)
• email: pin logo + footer link to the public origin (7b9da9a)
• email: pin logo/footer URL to public origin (26919b9)
• email: reject non-http(s) schemes for EMAIL_PUBLIC_URL (7537ac1)
• email: validate EMAIL_PUBLIC_URL to block broken asset URLs (4c28d64)
• landing: add focus trap to mobile menu dialog (e7d10a9)
• landing: apply CodeRabbit a11y and correctness nits (db662e6)
• landing: keep "Se connecter" button text readable on hover (1c50a0e)
• legal: restore dark mode readability on CGU and privacy pages (65a1594)
• lint: satisfy eslint-plugin-react-hooks 7.1 new rules (1254163)
• lint: satisfy eslint-plugin-react-hooks 7.1 new rules (e408674)
• reset-password: clear redirect timer on unmount (44ead96)
• reset-password: move redirect timer into an effect (7574a1c)
• reset-password: strip token from URL and associate labels (eb9c0cb)
• security: adresser les findings CodeRabbit de la review (167462b)
• security: adresser les findings d'audit Snyk/Semgrep/CodeRabbit (55c1dcc)
• security: adresser les findings de l'audit sécurité 2026-04-19 (1e556c1)
• security: élargir les fixes suite à la review CodeRabbit (67b5bdf)
• shutdown: avoid double-close on graceful shutdown (770288d)
• shutdown: avoid double-close on graceful shutdown (4ce971c)
• shutdown: tear each resource down independently (8eb0a45)
• web: gradient-heading fallback for print and forced-colors (e496299)
• weekly-digest: heartbeat TTL + await in-flight run au shutdown (b5aa6b7)
• weekly-digest: interrompre la run si le heartbeat perd le lock (095797a)

3.0.0 (2026-04-17)

⚠ BREAKING CHANGES

• license: project license changed from GNU GPL-3.0 to Elastic License 2.0. Source remains publicly available on GitHub and personal, academic and internal use stays free. Providing TPI Flow (or a modified version) to third parties as a hosted or managed service now requires a separate commercial license. Versions already tagged under GPL-3.0 keep their GPL-3.0 terms.
• license: project license changed from GNU GPL-3.0 to Elastic License 2.0. Source remains publicly available on GitHub and personal, academic and internal use stays free. Providing TPI Flow (or a modified version) to third parties as a hosted or managed service now requires a separate commercial license. Versions already tagged under GPL-3.0 keep their GPL-3.0 terms.

Miscellaneous Chores

• license: switch from GPL-3.0 to Elastic License 2.0 (93f76d6)
• license: switch from GPL-3.0 to Elastic License 2.0 (#219) (206daef)

2.12.4 (2026-04-16)

Bug Fixes

• admin-changelog: parse release-please scope format and more sections (#217) (53e02a4)

2.12.3 (2026-04-16)

Bug Fixes

• ci: use object-form signCommand with absolute signtool path (#215) (666f135)

2.12.2 (2026-04-16)

Bug Fixes

• ci: call signtool directly instead of wrapping it in PowerShell (#213) (5f25b5e)

2.12.1 (2026-04-16)

Bug Fixes

• ci: use powershell.exe for signCommand instead of pwsh (#211) (db7ff3a)

2.12.0 (2026-04-16)

Features

• migrate SSE to Socket.io WebSocket with Redis adapter (7b4c8da)
• migrate SSE to Socket.io WebSocket with Redis adapter (6ebadb9)
• overtime: extend day range visually instead of rolling task over (b1002db)
• tasks: detect apprentice overtime and reflect it in the XLSX export (71a6e78)

Bug Fixes

• admin-users: send FORCE_LOGOUT after user delete succeeds (a846ae7)
• apply CodeRabbit review recommendations (1801753)
• clean up partial Redis connections and fail fast in prod (570a72a)
• csp: align CORS_ORIGIN default with index.ts and app.ts (c89c52b)
• csp: restrict connect-src ws origins to CORS_ORIGIN (bad0f39)
• desktop: disable DMA-BUF renderer to prevent white screen on Linux (#200) (9b3d754)
• desktop: remove AppImage from release and re-enable GPU rendering (#207) (db3e664)
• gantt: clamp startTime to working day bounds in bar geometry (948a341)
• hide Redis password from healthcheck, guard attachSocketIO (25787b5)
• kanban: auto-set progress to 100% when moving task to done (#206) (f54730b), closes #205
• log auth errors in WS middleware, add maintenance cache fallback (c4aee06)
• overtime: align capacity messaging, export defaults, and break math (a1eaed3)
• prod guard checks raw REDIS_URL, void async signal handlers (526bdf9)
• read maintenance state from DB on each connection (07858b7)
• reduce PG work_mem to 4MB, bind Redis to localhost only (6bb476a)
• regenerate lockfile after deps move (e46b938)
• require payload on CLEAR_MAINTENANCE and FORCE_LOGOUT schemas (cd283dd)
• ws: reconnect socket when page restored from bfcache (57e97bc)
• ws: reconnect socket when page restored from bfcache (2faab8f)

Performance Improvements

• db: optimize PostgreSQL for 100 concurrent users (8a965aa)
• db: optimize PostgreSQL for 100 concurrent users (#202) (6fda30b)

2.11.0 (2026-04-15)

Features

• admin: expand dashboard with users, messaging, and changelog editor (6893746)
• admin: expand dashboard with users, messaging, and changelog editor (12a8275)
• gantt: mark days as sick to shift planning by one working day (3dc54d1)

Bug Fixes

• admin: a11y focus management for user-tab modals (77c4469)
• admin: address review findings (8556e78)
• admin: mask reset-password input, clamp page after delete, ignore stale fetches (899d7f9)
• admin: stop modal focus thrash on parent re-render (2182433)
• gantt: properly cascade tasks around a sick day (65df442)
• recurring task occurrence no longer resets startTime to day start (bc21e51)
• sick-days: harden concurrency, validation, a11y and export duration (95981e0)
• sick-days: lock projectSettings/tasks rows on PG to prevent lost updates (ceb6910)
• web: disable view transitions in Tauri to prevent WebKitGTK crash (251d463)
• web: disable view transitions in Tauri to prevent WebKitGTK crash (2afd525)

2.10.0 (2026-04-14)

Features

• api: persist maintenance state across API restarts (5e38a60)
• api: persist maintenance state to survive API restarts (efaa3d9)
• auth: enable better-auth cookieCache and re-enable rate limit on /get-session (fe41c46)
• feedback: add in-app bug report and feature request flow (877c473)
• feedback: in-app bug report and feature request (0b9e9e5)
• real-time SSE notifications + admin broadcast dashboard (08b72c5)
• real-time SSE notifications with admin broadcast dashboard (85ae1f0), closes #177
• web: add FAQ page covering common user questions (2811b3a)
• web: add FAQ page covering common user questions (5a98a65)
• web: add work-in-progress banner on FAQ page (8b8b534)

Bug Fixes

• address CodeRabbit SSE PR feedback (5b89adc)
• api: add CSP hash for theme bootstrap script (48c60cc)
• api: add CSP hash for theme bootstrap script (73561ed)
• api: only count failed auth attempts toward admin rate limit (27cb4e1)
• api: scope clearPersistedMaintenance delete to the singleton row (fa72469)
• api: validate persisted maintenance payload on hydration (94c853d)
• auth: give /get-session a dedicated rate limit budget (db268b6)
• desktop: blank window on Linux + updater ACL denial (c4b51c0)
• desktop: blank window on Linux + updater ACL denial (#186) (45cd6d4)
• desktop: drop unused localhost scope from updater capability (ac6844b)
• feedback: address PR review (round 2) (807c413)
• feedback: address review feedback (4274def)
• feedback: copy issue body to clipboard instead of URL params (968eb7a)
• feedback: remove hidden Select that broke radio toggling (553b92c)
• feedback: trim pageUrl and userAgent before submission (1d4ec21)
• onboarding: correct HERMES/IPERKA explanations and add Clôture phase (5c8a20c)
• web: don't leak admin token length requirement in login form (9bcb071)
• web: harden adminFetch headers and drop env-var leak on 503 (366fc84)
• web: keep admin token in memory only (42d9586)

Performance Improvements

• web: minimize render-blocking theme script and fix dark variant selector (7d24014)
• web: minimize render-blocking theme script and fix dark variant selector (55bfd3f)

2.9.0 (2026-04-13)

Features

• web: add global dark mode (7741e7b)
• web: drag-n-drop reorder for sections (ffb9e98)
• web: drag-n-drop reorder for sections in section manager (9d2b368)

Bug Fixes

• web: add aria-label to risk-table save/cancel/edit/delete buttons (9e59418)
• web: add dark variants to remaining colored surfaces (91f3adf)
• web: constrain theme switcher layout (e8d5b9f)
• web: give icon-only controls accessible names (f32ddf1)
• web: honor IPERKA methodology in dashboard and kanban phase filters (68587de)
• web: honor IPERKA methodology in phase filters (926bc13)
• web: only mark tasks overdue when endDate is before today (42023f7)
• web: restore vivid tints in dark mode (84f33a4)
• web: serialize section reorder PUTs and sync optimistic cache (93346b0)
• web: tâches du jour plus marquées "en retard" dès minuit (f15c815)

Performance Improvements

• web: use View Transitions API for theme switch (05cf371)

2.8.0 (2026-04-12)

Features

• journal: show start/end time on history entry cards (d4b1497)
• journal: show start/end time on history entry cards (8fd37a0)

Bug Fixes

• journal: clamp end time so history range is never inverted (9265c1b)

2.7.0 (2026-04-08)

Features

• add XLSX export dialog with phase color picker and day separators (d2a7659)
• add XLSX export dialog with phase color picker and day separators (539c788)
• desktop-db: add SQLite migration system for desktop app (0f85630), closes #137
• desktop: add auto-updater with AppImage signing and UI (de76f21), closes #136
• gantt: show deleted tasks in baseline comparison (7d90a46)
• gantt: show deleted tasks in baseline comparison (7f88b40), closes #155
• make day separators optional in XLSX export dialog (b82731b)
• onboarding: add methodology explanation page with phase & milestone overview (33a0862)
• show sections grouped by phase in XLSX export dialog (dff69c1)

Bug Fixes

• add missing token field to desktop session stub (aad7240)
• address CodeRabbit review findings (51f45b9)
• address CodeRabbit review findings (ced276f)
• address CodeRabbit review findings (round 2) (d11234e)
• address CodeRabbit review findings (round 3) (a40d30d)
• address CodeRabbit review on auto-updater PR (83bfa45)
• address review findings for baseline deleted tasks (9143af1)
• codegen: regenerate with orval 8.5.3 to match lockfile version (943f6a1)
• desktop: bundle CHANGELOG.md via Vite virtual module plugin (#147) (67ca160)
• desktop: resolve AppImage blank page and build exit code (3051c1d)
• desktop: resolve AppImage blank page and build exit code 1 (478580f)
• lint: attach cause to re-thrown migration error (5f45ec3)
• normalize baseline task title trimming for consistency (22b3631)
• prevent close during export and reset state on dialog open (ae92a2a)
• resolve eslint errors in export dialog and gantt page (9a6b740)
• sync colors with sections via overrides pattern (2527756)
• use existing nextFrame helper instead of ad-hoc requestAnimationFrame (71c1673)

2.6.1 (2026-04-07)

Bug Fixes

• frontend: strip bold markdown syntax in changelog entries (3e815fe), closes #143

2.6.0 (2026-04-07)

Features

• add Gantt JSON import alongside CSV import (155de52)
• add Gantt JSON import alongside existing CSV import (9ed2e4e)
• add recurrence exception support for recurring tasks (a310ac8)
• frontend: add changelog page with CI-driven DB sync (2d8e01c)
• frontend: add desktop download section on landing page (b5fee3d)
• frontend: add desktop download section on landing page (d54a6bf), closes #134
• frontend: changelog page with CI-driven DB sync (c4d716f)
• frontend: tooltip one-shot pour les occurrences récurrentes (b841ec8)
• frontend: tooltip one-shot pour les occurrences récurrentes (0e3dfc4), closes #130
• recurrence exceptions + remove attachments + CI optimization (c90fd85)
• remove attachments feature + fix CodeRabbit review findings (bdb2230)

Bug Fixes

• add minimum/format constraints to CreateTaskRecurrenceExceptionRequest (5d683d5)
• address CodeRabbit review feedback on Gantt JSON import (8582bc9)
• address CodeRabbit review feedback on merge mode and validation (2c980fc)
• address CodeRabbit review feedback on recurrence exceptions (01aba0f)
• address CodeRabbit review findings (484e466)
• address CodeRabbit round 2 review feedback (cd41a2f)
• address CodeRabbit round 3 review feedback (38598d2)
• address CodeRabbit round 4 review feedback (c58900b)
• address CodeRabbit round 5 review feedback (0a174eb)
• align validation across all recurrence exception flows (de60cdb)
• clamp context menu position to stay within viewport (a2d142b)
• conditional menu items + keyboard a11y for occurrence actions (4942a09)
• eliminate N+1 attachment queries that cascade rate limiter (99e4aa1)
• filter out skipped occurrences from XLSX export (945404c)
• final review polish before merge (09844fa)
• final review polish before merge (d937146)
• frontend: ajouter commentaire dans le catch vide (no-empty) (2a9fc25)
• frontend: corriger le timing et la sync du hint récurrence (bd59183)
• frontend: exclude mobile UA from OS detection and fix nested a>button (347ab4d)
• frontend: guard recurrence hint localStorage read and restrict to virtual instances (a6965ca)
• frontend: marquer le hint récurrence au survol, pas au montage (6a2df01)
• frontend: popover Monter/Descendre décalé sur la sidebar Gantt (f74d695)
• frontend: render Gantt sidebar context menu via portal (fe4a70c), closes #131
• harden milestone dedup and startTime validation (78b1c18)
• include recurrence exceptions in all export/import flows (2064650)
• move ref update into useEffect to satisfy react-hooks/refs (50cb546)
• move VALID_STATUSES to module scope + allow zero estimatedMinutes (d867d3a)
• remove format:date from OpenAPI to prevent zod.date() codegen (1cfc28a)
• remove redundant bounds check + mark all GanttImportResponse fields required (03b1876)
• security: harden changelog against injection and open redirect (9f29dc6)
• use --force flag for drizzle-kit push in entrypoint (5505aa2)

Performance Improvements

• ci: cache APT packages for desktop smoke test (ff69b1d)
• ci: cache APT packages for desktop smoke test on Linux (c133ec5)

2.5.5 (2026-04-06)

Bug Fixes

• desktop: work around linuxdeploy sidecar corruption for AppImage builds (bc92678)
• desktop: work around linuxdeploy sidecar corruption for AppImage builds (#122) (6765a44)
• journal: smooth scroll to composer on edit (d27e651)
• journal: smooth scroll to composer when editing an entry (fada20a)
• scripts: address CodeRabbit review on build-appimage.sh (68c2b3d)
• web: remove unused downloadTextFile import (518fcbc)
• web: remove unused downloadTextFile import (25e83ea)

2.5.4 (2026-04-06)

Bug Fixes

• ci: make updater manifest optional in release workflow (b484f25)
• ci: make updater manifest optional in release workflow (#120) (2ff4410)

2.5.3 (2026-04-06)

Bug Fixes

• ci: bump Tauri version via release-please (429a1b7)
• ci: bump Tauri version via release-please for updater manifest (7de1bdf)

2.5.2 (2026-04-06)

Bug Fixes

• ci: skip updater manifest for Linux (deb/rpm don't support it) (8f98f45)
• ci: skip updater manifest for Linux (deb/rpm don't support it) (#116) (2a29c11)

2.5.1 (2026-04-06)

Bug Fixes

• ci: drop AppImage and Windows code signing from release (2a0e031)
• ci: drop AppImage and Windows code signing from release (#114) (8681cf9)
• ci: use ubuntu-latest now that AppImage is removed (8d0715e)
• docs: correct desktop installer filenames in README (a07a4d6)

2.5.0 (2026-04-06)

Features

• ci: add SLSA build provenance attestation to release workflow (e1bf12d)
• desktop-api: bun sidecar wrapper for offline desktop mode (ac54bcc)
• desktop-db: sqlite schema mirror package (f086948)
• desktop: add tauri auto-updater with ed25519 signing (5edfafc)
• desktop: authenticode code signing with self-signed pfx (36df18d)
• desktop: tauri v2 shell with sidecar spawn + port capture (dde2299)
• tauri desktop app with offline sqlite backend (50f2c30)
• update dependencies in desktop app (37e4531)

Bug Fixes

• api: replace blocking fs.existsSync with async access in download handler (1715489)
• ci: bump attest-build-provenance to v4.1.0 (c6f600b)
• ci: drop appimage from Linux smoke test bundles (5bd7bd6)
• ci: fix desktop smoke test on Linux and Windows (1770104)
• ci: fix desktop smoke tests on Linux and Windows (95ae81f)
• ci: read signing key as single-line to avoid GITHUB_ENV heredoc issue (e2d495d)
• ci: use --no-sign flag instead of signCommand:null override (e4a5e8b)
• ci: use APPIMAGE_EXTRACT_AND_RUN for Linux and null signCommand for Windows (aea30e8)
• ci: use random delimiter for GITHUB_ENV multiline key (17679f7)
• ci: use ubuntu-22.04 and libfuse2 for release AppImage bundling (70ea8ab)
• ci: use ubuntu-22.04 for Linux desktop smoke test (b01e9c7)
• desktop: add beforeDevCommand so tauri dev pre-builds the sidecar (79e23da)
• desktop: address coderabbit rev2 findings (4757f7e)
• desktop: address coderabbit rev3 findings (e524042)
• desktop: address coderabbit review findings (9a9c335)
• desktop: auto-detect host platform in build:desktop script (f48ce83)
• desktop: bump rust-version to 1.77.2 (tauri-plugin-updater MSRV) (3538105)
• desktop: enhance release asset preparation for Linux and Windows (1cfcf7e)
• desktop: kill sidecar on normal app exit via RunEvent::Exit (2507715)
• desktop: rename build script to avoid global filter match (8453271)
• docker: include new workspaces in deps stage + ignore scripts (f748861)
• harden desktop release and CI workflows (7d0bc8b)
• implement 10 verified CodeRabbit findings (b7fd85f)
• improve desktop export feedback and timestamped pdf signing (fcf677f)
• pin upload-artifact SHA, update CTE comment, fix MD031 fences (17274b4)
• stabilize desktop dev build and risk exports (555ecf3)
• web: correct spelling Tache → Tâche in Gantt sidebar (376746b)

Performance Improvements

• ci: use --no-bundle for desktop smoke test (c2eafa8)
• ci: use --no-bundle for desktop smoke test (e42e293)
• ci: use debug profile for desktop smoke test (4871c76)

2.4.2 (2026-04-05)

Bug Fixes

• csp: correct JSON-LD hash to match exact inline content (a817552)
• csp: remove cross-workspace import that breaks Railway deploy (e61abfd)
• csp: remove cross-workspace import that breaks Railway deploy (0ae74d3)

2.4.1 (2026-04-05)

Bug Fixes

• csp: correct relative import path for shared structured-data (323f768)
• csp: externalize JSON-LD structured data to comply with script-src 'self' (7b7e9f9)
• csp: inject JSON-LD at build-time for SEO + CSP compliance (767982b)
• csp: inject JSON-LD at build-time via Vite plugin for SEO + CSP compliance (e9c1906)

2.4.0 (2026-04-05)

Features

• implement complete interactive onboarding tour (f12416e)
• tour: add backup/export step in settings page (0acb6b0)
• tour: add Gantt export/options menu step (12b25a2)
• tour: complete multi-page onboarding tour with feature highlights (#103) (5f470f5)
• tour: rewrite guided tour with multi-page navigation and feature highlights (60365a9)

Bug Fixes

• tour: address CodeRabbit review findings (2e4e410)

2.3.0 (2026-04-04)

Features

• security: encrypt user name at rest (714201a)
• security: encrypt user name at rest via better-auth databaseHooks (6969224)

Bug Fixes

• security: add error handling for decryption of malformed payloads (5166539)
• security: clone response before JSON parse to avoid consumed body fallback (d5db707)
• security: recursive user name decryption and simplify toNodeHandler call (2b6feaa)

2.2.0 (2026-04-04)

Features

• add Excel (.xlsx) export for journal entries (f061359)
• add Excel (.xlsx) export for journal entries (082ce49)

Bug Fixes

• apply review recommendations for journal Excel export (f322f05)
• lint: remove useless escape in sanitize function (4799cc5)
• security: sanitize user text against Excel formula injection (2ff45d6)

2.1.0 (2026-04-04)

Features

• add Excel (.xlsx) export for Gantt chart with split cells (0ce51fd)
• Excel export matching reference planning layout (#97) (6ca1575)

Bug Fixes

• apply CodeRabbit review recommendations (4832a07)
• match Excel export to reference planning layout (7b396fd)

2.0.6 (2026-04-04)

Bug Fixes

• ci: reduce GHA cache bloat from Docker BuildX (3ac5c52)
• ci: reduce GHA cache bloat from Docker BuildX (24e8db8)

2.0.5 (2026-04-04)

Bug Fixes

• security: add ownership check on attachment upload to prevent IDOR (50e347f)
• security: prevent IDOR on attachment upload (#93) (951c58a)

2.0.4 (2026-04-04)

Performance Improvements

• optimize landing page (LCP and Contrast fixes) (#90) (6e51527)
• resolve Contrast and LCP issues on landing page (06b6118)

2.0.3 (2026-04-04)

Bug Fixes

• web: use replaceState for anchor navigation (78437db)
• web: use replaceState instead of pushState for anchor navigation (ad51b1a)

2.0.2 (2026-04-04)

Bug Fixes

• resolve overlapping date/time inputs on iPad Safari (912ec60)
• resolve overlapping date/time inputs on iPad Safari (9560784)

2.0.1 (2026-04-03)

Bug Fixes

• gantt: prevent day width over-expansion for short tasks (bb24a26)
• gantt: prevent day width over-expansion for short tasks (#84) (26bb5a1)

2.0.0 (2026-04-03)

⚠ BREAKING CHANGES

• gantt: le drag des barres se fait maintenant par click direct (plus besoin de Ctrl+Click). La toolbar est réorganisée en groupes avec menu overflow. Les constantes BAR_H et TRACK_H ont changé.

Features

• gantt: refonte UX inspirée Jira/Asana (b526ab4)

Bug Fixes

• api: add data: and blob: to CSP img-src for Gantt PNG/SVG export (7c6bacb)
• api: remove data: from CSP img-src, use blob: pipeline for export (e771179)
• api: restore data: in CSP img-src, fix tainted canvas on PNG export (4ec5740)
• gantt: add BAR_VERTICAL_OFFSET constant and onPointerCancel handler (5686f54)
• gantt: address CodeRabbit review round 2 (2a2ca25)
• gantt: corrections issues review CodeRabbit (5878ae6)
• gantt: repair drag — set dragState immediately, defer only pointer capture (191f351)

1.15.1 (2026-04-03)

Bug Fixes

• api-spec: update QuoVadis reference to SwissSign in OpenAPI doc (1fcc123)
• api: replace dead QuoVadis TSA with SwissSign for PDF timestamping (5c42a8f)
• docs: correct HTTP to HTTPS in TSA_URL comment (f5362c9)

1.15.0 (2026-04-03)

Features

• ci: add Windows x64 binary to release workflow (802b896)
• ci: add Windows x64 binary to release workflow (#77) (f5cb227)

Bug Fixes

• ci: address review feedback on binary release workflow (6a2c0c8)

1.14.2 (2026-04-03)

Bug Fixes

• api: resolve distPath for compiled Bun binary (ba5f78a)
• ci: merge release jobs into release-please workflow to fix Docker image builds (18c15de)
• ci: merge release jobs into release-please workflow to fix Docker/binary builds (4b7d994)

1.14.1 (2026-04-03)

Performance Improvements

• seo: preload latin fonts to eliminate CSS-to-font chain (828f4f7)
• seo: preload latin fonts to eliminate CSS-to-font chain (30178a4)

1.14.0 (2026-04-03)

Features

• seo: improve meta tags, structured data, and dynamic page titles (b6bb644)
• seo: improve meta tags, structured data, and dynamic page titles (#69) (19e3b84)

Bug Fixes

• accessibility: fix heading hierarchy and color contrast on landing page (de87921)
• seo: add maskable icon purpose and normalize canonical URLs (8d34339)
• seo: add OG/Twitter images, PWA icons, and /setup route meta (df46d96)

Performance Improvements

• lazy-load authenticated shell to reduce initial JS on public pages (7e7de9e)
• self-host fonts to eliminate critical request chain (66a262d)

1.13.0 (2026-04-03)

Features

• seo: add sitemap.xml and update robots.txt (fedc50e)
• seo: add sitemap.xml and update robots.txt (6b5da72)

1.12.0 (2026-04-03)

Features

• ci: add versioned Docker tags and Linux binary builds on release (d6a853e)
• ci: versioned Docker tags and Linux binary builds on release (947c82e)

1.11.0 (2026-04-03)

Features

• risks: add custom risk categories management (9ba5b38), closes #50
• risks: allow custom risk categories in risk analysis (#61) (28a40d3)

Bug Fixes

• risks: address CodeRabbit review findings (9134444)

1.10.2 (2026-04-02)

Bug Fixes

• security: rate limiting, safePath consistency, disable x-powered-by (4dc02f5)

1.10.1 (2026-04-02)

Bug Fixes

• api: prevent duplicate graceful shutdown on repeated SIGINT (2a58215)

1.10.0 (2026-04-02)

Features

• web: redesign landing page (616215b)
• web: redesign landing page with product mockup and social proof (e21c1fe)

Bug Fixes

• web: improve landing page accessibility and deep-link support (bf45f57)
• web: polish landing page hero and fix UX mismatches (80bc9fa)
• web: remove gradient overlay and add hover lift effect on hero mockup (e4cebfd)

1.9.3 (2026-04-02)

Bug Fixes

• remove unused PHASE_LABELS imports (16ec9b8)
• remove unused PHASE_LABELS imports (8006e83)

1.9.2 (2026-04-02)

Bug Fixes

• security: address path traversal, ReDoS, and TLS verification issues (a3186fe), closes #45 #46 #47
• security: path traversal, ReDoS, and TLS verification (#51) (345035d)

1.9.1 (2026-04-02)

Bug Fixes

• add missing French accents and decrypt project settings in PDF exports (b4bd1f9)
• add try-catch around decryptProjectSettings in PDF exports (42b1df0)
• French accents and decrypt project settings in PDF exports (7adf472)

1.9.0 (2026-04-02)

Features

• onboarding: add methodology selection (HERMES/IPERKA) (693c812)
• onboarding: add methodology selection step (HERMES/IPERKA) (210be32)

Bug Fixes

• address CodeRabbit review feedback (145b37d)
• apply CodeRabbit auto-fixes (1e1a0fc)
• revert unnecessary CodeRabbit autofix changes (173f839)

1.8.5 (2026-04-02)

Bug Fixes

• avoid duplicate findings and cover db.execute() in SQL rule (ce13005)

1.8.4 (2026-04-02)

Bug Fixes

• api: increase JSON body limit and upgrade PostgreSQL to 18 (f063477)
• api: increase JSON body limit to 50mb for base64 attachments (a0b0384)
• api: increase JSON body parser limit to 1mb (770b3e6)

1.8.3 (2026-03-30)

Bug Fixes

• backup: install PostgreSQL 18 client to match server version (f7cf7aa)

1.8.2 (2026-03-30)

Bug Fixes

• docker: resolve drizzle schema path in entrypoint (cf653a4)
• docker: run drizzle-kit push from packages/db directory (22e250a)

1.8.1 (2026-03-30)

Bug Fixes

• docker: guard db:push behind RUN_SCHEMA_PUSH env var (16d4412)
• docker: remove --force flag and increase healthcheck start period (156cfbe)
• docker: run db:push on container startup (8c7d147)
• docker: run db:push on container startup (6947210)

1.8.0 (2026-03-30)

Features

• add account deletion in settings (9f3ed99)
• add account deletion in settings (55ecbd2)

Bug Fixes

• address CodeRabbit review on account deletion (f244076)
• keep delete dialog open during async deletion (2c22986)
• redirect to login on 401 during account deletion (b1b31d5)
• use location.replace for post-deletion redirect (019717e)

1.7.1 (2026-03-29)

Bug Fixes

• responsive onboarding layout and auth cookie over HTTP (d087c1b)

1.7.0 (2026-03-29)

Features

• web: require terms acceptance for Google login on login page (5cbee88)

1.6.0 (2026-03-29)

Features

• web: add terms acceptance checkbox on registration page (92acffd)

1.5.0 (2026-03-29)

Features

• security: add DB SSL, AES-256-GCM field encryption and startup validation (59df3f2)
• security: SSL DB + chiffrement AES-256-GCM des données sensibles (50dea06)
• web: inline legal pages in JSX and update security section (d72e12d)

1.4.2 (2026-03-29)

Bug Fixes

• docker: also re-include docs/legal/ contents in build context (dd874b5)
• docker: include docs/legal in build context (cc48b9a)
• docker: include docs/legal in build context for legal pages (8141f1b)

1.4.1 (2026-03-29)

Bug Fixes

• web: remove global overflow-hidden blocking landing page scroll (df7cc67)
• web: remove global overflow-hidden blocking landing page scroll (e997edc)

1.4.0 (2026-03-29)

Features

• legal: add privacy policy and terms of use pages (5a218d6)
• legal: add privacy policy and terms of use pages (c049b2d)

Bug Fixes

• legal: move runtime deps, fix accents, add aria-label (7e7fb4a)

1.3.1 (2026-03-29)

Bug Fixes

• security: force Buffer.from() to satisfy CodeQL type confusion (8b03505)
• security: resolve all 6 CodeQL alerts (83698b0)
• security: resolve all CodeQL alerts (89416da)

1.3.0 (2026-03-29)

Features

• ci: add automatic PR labeling (717963f)
• ci: add automatic PR labeling workflow (5cdd3ca)

1.2.1 (2026-03-29)

Bug Fixes

• docker: create uploads dir with bun user permissions (3c4af6c)

Reverts

• remove unrelated coderabbit change from this PR (e465e42)

1.2.0 (2026-03-29)

Features

• ci: add daily PostgreSQL backup to MEGA S4 (7f06b82)
• infra: add CD pipeline and PostgreSQL optimizations (0330257)
• infra: CD pipeline and PostgreSQL optimizations (bd86d70)

Bug Fixes

• address CodeRabbit review findings (45fb71a)
• ci: add curl timeout and use s3api for robust backup cleanup (e85ffd5)
• ci: make Railway webhook step optional (d3a1479)
• ci: stop swallowing s3api errors in backup cleanup (0b34128)
• docker: remove redundant workspace node_modules copies and wget install (790b333)

1.1.0 (2026-03-29)

Features

• Add a live "now" indicator to the Gantt chart that updates every 30 seconds. (70a1a80)
• add API root endpoint with documentation (9d54287)
• add ESLint, .env.example, typecheck and build/start scripts (3e36de1)
• add TPI journal and dashboard tracking (d1dcd81)
• implement 3.2 - File attachments for tasks and journal entries (661daf3)
• Implement Rollup manual chunking for build optimization, adjust notifications component positioning, and add a new image asset. (046b5d7)
• implement Sprint 1 - Priority 1 TPI improvements (6071607)
• implement Sprint 2 - Priority 2 TPI improvements (6ff3598)
• implement Sprint 3 - Task dependencies, deliverables page, and filters (cabf512)
• implement Sprint 4 - Review fixes, notifications, and global search (bf1c43e)
• serve frontend from backend in production mode (4a55e18)

Bug Fixes

• ensure .env is loaded when running start script (72e78d8)
• improve gap analysis to compare only completed tasks estimates vs actual time (e41cad9)
• replace catch-all route pattern for Express 5 compatibility (b31cfc9)
• resolve ESLint errors - remove unused imports and fix conditional hooks (3a279a8)

Performance Improvements

• implement code splitting with lazy loading for pages (aa10dfe)

Changelog

All notable changes to TPI Flow will be documented in this file.

This file is managed automatically by Release Please from Conventional Commits merged into main.