* 2.24.1
- Updated dependencies
- MCP Server: better compatibility with Windows
- MCP Server: allow using a custom root for better flexibility
- Version Check: use package.json version instead of number of commits
- Prettier: reformatted some files
- Add SSH_AUTH_SOCK to dev passThroughEnv to solve SSH issues; handle execSync errors
- Use GIT_SSH to fix SSH issues on Windows
- Updated Stripe version
- Updated application version from 2.24.0 to 2.24.1 in package.json.
- Enhanced error handling in billing services to include error causes for better debugging.
* MCP Server 2.0
- Updated application version from 2.23.14 to 2.24.0 in package.json.
- MCP Server improved with new features
- Migrated functionality from Dev Tools to MCP Server
- Improved getMonitoringProvider not to crash application when misconfigured
- Updated application version from 2.23.13 to 2.23.14 in package.json.
- Refactored error handling components in web app to utilize a new ErrorPageContent component for improved code organization and readability.
- Simplified error and not found page layouts by removing redundant code and enhancing localization keys for better user experience.
* chore: bump version to 2.23.10 and enhance workspace loading logic
- Updated application version from 2.23.9 to 2.23.10 in package.json.
- Refactored workspace loading functions to use async/await for improved error handling and added redirects for missing workspaces or users.
- Updated sidebar layout components to handle asynchronous data fetching and redirection more effectively.
- Minor adjustments to personal account dropdown styles for consistency.
* refactor: consolidate AGENTS.md and CLAUDE.md files, update tech stack and architecture details
- Merged content from CLAUDE.md into AGENTS.md for better organization.
- Updated tech stack section to reflect the current technologies used, including Next.js, Supabase, and Tailwind CSS.
- Enhanced monorepo structure documentation with detailed directory purposes.
- Streamlined multi-tenant architecture explanation and essential commands.
- Added key patterns for naming conventions and server actions.
- Removed outdated agent files related to Playwright and PostgreSQL, ensuring a cleaner codebase.
- Bumped version to 2.23.7 to reflect changes.
* chore: bump version to 2.22.1 and update dependencies
- Updated application version from 2.22.0 to 2.22.1 in package.json.
- Updated various dependencies including @marsidev/react-turnstile to 1.4.1, @stripe/react-stripe-js to 5.4.1, @stripe/stripe-js to 8.6.1, and react-hook-form to 7.70.0.
- Adjusted lucide-react version to be referenced from the catalog across multiple package.json files.
- Enhanced consistency in pnpm-lock.yaml and pnpm-workspace.yaml with updated package versions.
* chore: bump version to 2.23.0 and update dependencies
- Updated application version from 2.22.1 to 2.23.0 in package.json.
- Upgraded turbo dependency from 2.7.1 to 2.7.3 in package.json and pnpm-lock.yaml.
- Enhanced end-to-end testing documentation in AGENTS.md and CLAUDE.md with instructions for running tests.
- Updated AuthPageObject to use a new secret for user creation in auth.po.ts.
- Refactored team ownership transfer and member role update dialogs to close on success.
- Improved error handling for weak passwords in AuthErrorAlert component.
- Adjusted database schemas and tests to reflect changes in invitation policies and role management.
- Updated application version from 2.21.18 to 2.21.19 in package.json.
- Improved invitation validation by handling cases where the invitation is not found and ensuring email comparison is case insensitive.
* chore: bump version to 2.21.12 and implement safe redirect path validation
- Updated application version from 2.21.11 to 2.21.12 in package.json.
- Introduced `getSafeRedirectPath` and `isSafeRedirectPath` utility functions to validate user-supplied redirect URLs, enhancing security against open redirect attacks.
* fix: address page reload issue in Admin tests for CI
* chore: update package versions and dependencies across multiple files
- Bumped application version to 2.21.3 in package.json.
- Updated dependencies including turbo to version 2.6.1, @next/bundle-analyzer and @next/eslint-plugin-next to version 16.0.3, and @supabase/supabase-js to version 2.81.1.
- Adjusted @types/node, @types/react, and @types/react-dom versions for consistency.
- Refactored package.json files to utilize catalog dependencies for improved management.
- Incremented various other dependencies such as react-i18next to version 16.3.3 and tailwind-merge to version 3.4.0.
* chore: downgrade @next/bundle-analyzer and @next/eslint-plugin-next to version 16.0.2 and update next to version 16.0.2 in pnpm-lock.yaml and pnpm-workspace.yaml
- Updated package versions for consistency across the project.
- Adjusted the overflow property in the PageWithSidebar component for improved layout handling.
* feat: add sorting functionality to DataTable header
- Implemented click handler for sortable headers in the DataTable component, allowing users to toggle sorting between ascending and descending order.
- Enhanced user interaction by updating the header's visual state based on the current sorting direction.
* fix: update layout and structure in UserHomePage and DashboardDemo components
- Added a new div structure within the PageBody of UserHomePage for improved layout.
- Simplified the grid structure in DashboardDemo by adjusting the number of columns for better responsiveness.
- Enhanced the PageWithSidebar component to ensure proper flex behavior and layout consistency.
* refactor: simplify PageBody structure in UserHomePage
- Removed unnecessary div elements within the PageBody of UserHomePage for cleaner layout.
- Enhanced readability and maintainability of the component structure.
- Incremented application version from 2.21.0 to 2.21.2 in package.json.
- Added logic to conditionally show email option in account settings based on enabled authentication methods.
- Updated PersonalAccountSettingsContainer to utilize the new showLinkEmailOption feature flag.
- Refactored migration script to correct delimiter usage for better parsing of migration lines.
* chore: update project dependencies and documentation for Next.js 16
- Upgraded Next.js from version 15 to 16 across various documentation files and components.
- Updated references to Next.js 16 in AGENTS.md and CLAUDE.md for consistency.
- Incremented application version to 2.21.0 in package.json.
- Refactored identity setup components to improve user experience and added confirmation dialogs for authentication methods.
- Enhanced invitation flow with new logic for handling user redirection and token generation.
* refactor: streamline invitation flow in e2e tests
- Simplified the invitation flow test by using a predefined email instead of generating a random one.
- Removed unnecessary steps such as clearing cookies and reloading the page before user sign-up.
- Enhanced clarity by eliminating commented-out code related to identity verification and user membership checks.
* refactor: improve code readability in IdentitiesPage and UpdatePasswordForm components
- Enhanced formatting of JSX elements in IdentitiesPage and UpdatePasswordForm for better readability.
- Adjusted indentation and line breaks to maintain consistent coding style across components.
* refactor: enhance LinkAccountsList component with user redirection logic
- Updated the LinkAccountsList component to include a redirectToPath option in the useLinkIdentityWithProvider hook for improved user experience.
- Removed redundant user hook declaration to streamline the code structure.
* refactor: update account setup logic in JoinTeamAccountPage
- Introduced a check for email-only authentication support to streamline account setup requirements.
- Adjusted the conditions for determining if a new account should set up additional authentication methods, enhancing user experience for new users.
- Incremented application version from 2.20.1 to 2.20.2 in package.json.
- Added captchaSiteKey prop to SignUpPage for enhanced security.
- Refactored captcha field rendering in various authentication components to ensure consistent placement and functionality.
* chore: bump version to 2.20.1 in package.json and refactor layout and form components
- Incremented application version from 2.20.0 to 2.20.1 in package.json.
- Refactored RootLayout to optimize asynchronous calls and introduced getRootClassName function for better class management.
- Updated font handling in getFontsClassName function to streamline class generation.
- Enhanced various authentication form components by replacing Input with EmailInput and PasswordInput for improved consistency and usability.
- Adjusted layout styles in AuthLayoutShell and other components for better responsiveness.
* fix: improve content rendering fallback logic in ContentRenderer component
- Enhanced the ContentRenderer function to explicitly check for the presence of a renderer before returning content.
- Added a fallback mechanism to return raw content as React nodes when no renderer is found, improving robustness and user experience.
* feat: add changelog feature and update site navigation
- Introduced a new Changelog page with pagination and detailed entry views.
- Added components for displaying changelog entries, pagination, and entry details.
- Updated site navigation to include a link to the new Changelog page.
- Enhanced localization for changelog-related texts in marketing.json.
* refactor: enhance Changelog page layout and entry display
- Increased the number of changelog entries displayed per page from 2 to 20 for better visibility.
- Improved the layout of the Changelog page by adjusting the container styles and removing unnecessary divs.
- Updated the ChangelogEntry component to enhance the visual presentation of entries, including a new date badge with an icon.
- Refined the CSS styles for Markdoc headings to improve typography and spacing.
* refactor: enhance Changelog page functionality and layout
- Increased the number of changelog entries displayed per page from 20 to 50 for improved user experience.
- Updated ChangelogEntry component to make the highlight prop optional and refined the layout for better visual clarity.
- Adjusted styles in ChangelogHeader and ChangelogPagination components for a more cohesive design.
- Removed unnecessary order fields from changelog markdown files to streamline content management.
* feat: enhance Changelog entry navigation and data loading
- Refactored ChangelogEntry page to load previous and next entries for improved navigation.
- Introduced ChangelogNavigation component to facilitate navigation between changelog entries.
- Updated ChangelogDetail component to display navigation links and entry details.
- Enhanced data fetching logic to retrieve all changelog entries alongside the current entry.
- Added localization keys for navigation text in marketing.json.
* Update package dependencies and enhance documentation layout
- Upgraded various packages including @turbo/gen and turbo to version 2.6.0, and react-hook-form to version 7.66.0.
- Updated lucide-react to version 0.552.0 across multiple packages.
- Refactored documentation layout components for improved styling and structure.
- Removed deprecated loading components and adjusted navigation elements for better user experience.
- Added placeholder notes in changelog entries for clarity.
* Upgraded to Next.js 16
* Refactored code to comply with React 19.2 ESLint rules
* Refactored some useEffect usages with the new useEffectEvent
* Added Identities page and added second step to set up an identity after accepting an invitation
* Updated all dependencies
* Introduced PNPM catalogs for some frequently updated dependencies
* Bugs fixing and improvements
- Incremented application version from 2.18.1 to 2.18.2 in package.json.
- Refactored GlobalErrorPage component to improve structure and readability, encapsulating the error content in a separate function and ensuring proper HTML semantics.
- Bumped application version from 2.17.0 to 2.17.1 in package.json.
- Updated Node.js engine requirement from >=v18.18.0 to >=20.10.0.
- Upgraded Supabase dependency from 2.47.2 to 2.48.3 in both package.json and pnpm-lock.yaml.
- Updated schema-utils from 4.3.2 to 4.3.3 in pnpm-lock.yaml.
- Changed major version in Supabase configuration from 15 to 17.
* Enhance Marketing Pages and UI Components
- Updated the marketing homepage to include an Ecosystem Showcase component, improving the presentation of the SaaS Starter Kit.
- Refined various UI components, including adjustments to spacing, typography, and layout for better visual consistency.
- Improved accessibility by adding aria-labels and ensuring proper semantic structure in components.
- Adjusted styles across multiple components to enhance responsiveness and user experience.
- Updated the pricing table and feature cards to align with the new design standards, ensuring a cohesive look and feel throughout the application.
- Updated plan picker design
- Added Feature Policy API: a declarative system to enable/disable/modify default behavior in the SaaS kit
- Team invitation policies with pre-checks using the Feature Policy API: Invite Members dialog now shows loading, errors, and clear reasons when invitations are blocked
- Version bump to 2.16.0 and widespread dependency updates (Supabase, React types, react-i18next, etc.).
- Added comprehensive docs for the new policy system and orchestrators.
- Subscription cancellations now trigger immediate invoicing explicitly
- Removed `react-is` and `require-in-the-middle` overrides from `package.json` and `pnpm-lock.yaml`.
- Updated various dependencies across multiple packages, including `@types/node` to `^24.5.2`, `react-hook-form` to `^7.63.0`, and `@ai-sdk/openai` to `^2.0.32`.
- Deleted the `loading.tsx` component from the admin accounts directory, streamlining the codebase.
- Adjusted `playwright.config.ts` to use a configurable number of workers for CI environments, enhancing test performance.
- Improved error handling in user ban and reactivation dialogs to provide clearer feedback to the admin user.
- Use ESM for building the MCP Server
- Added own Postgres dependency to MCP Server for querying tables and other entities in MCP
- Vastly improved AI Agent rules
- Added MCP Prompts for reviewing code and planning features
- Minor refactoring
* Update AGENTS.md and CLAUDE.md for improved clarity and structure
* Added MCP Server
* Added missing triggers to tables that should have used them
* Updated all dependencies
* Fixed rare bug in React present in the Admin layout which prevents navigating to pages (sometimes...)
* feat(docs): add interactive examples and API references for Button, Card, and LoadingFallback components
- Updated dependencies
- Set `retries` to a fixed value of 3 for consistent test retries across environments.
- Increased `timeout` from 60 seconds to 120 seconds to allow more time for tests to complete.
- Reduced `expect` timeout from 10 seconds to 5 seconds for quicker feedback on assertions.
- Incremented version in package.json from 2.12.1 to 2.12.2.
- Updated the UpdatePasswordPage component to utilize the new requireUser function for improved user session handling.
- Refactored requireUser function to include a next parameter for redirecting after authentication failures, enhancing user experience.
- Introduced a helper function getRedirectTo for cleaner redirect logic.
* chore(version): bump version to 2.12.1 and update auth middleware to use getClaims instead of getUser
- Incremented version in package.json from 2.12.0 to 2.12.1.
- Refactored middleware to replace supabase.auth.getUser() with supabase.auth.getClaims() for improved claims handling.
- Updated user checks in middleware to validate claims instead of user object.
* refactor(middleware): update user authentication to utilize getClaims for improved claims validation
- Replaced calls to supabase.auth.getUser() with supabase.auth.getClaims() in middleware for better claims handling.
- Adjusted user validation checks to ensure claims are used instead of the user object, enhancing security and consistency in authentication flow.
* refactor(auth): update VerifyPage to use getClaims for user validation
- Replaced the use of supabase.auth.getUser() with supabase.auth.getClaims() in the VerifyPage component for improved claims handling.
- Adjusted user validation logic to check for claims instead of the user object, enhancing security and consistency in the authentication flow.
* refactor(auth): replace Supabase `User` type with new `JWTUserData` type across the codebase
- Replaced usage of Supabase's `User` type with the newly defined `JWTUserData` type for better type mapping and alignment with JWT claims.
- Refactored session-related components and hooks (`useUser`, `requireUser`) to use the updated user structure.
- Updated Supabase client keys to use `publicKey` instead of `anonKey`.
- Adjusted multi-factor authentication logic and components to use `aal` and additional properties.
- Applied consistent naming for Supabase secret key functions.
- Incremented version to 2.12.0.
- Introduced a new `deprecated` property in the `EnvVariableModel` type to handle deprecated environment variables.
- Updated the `EnvList` component to display a warning badge for deprecated variables, including reason and alternative suggestions.
- Enhanced filtering logic to allow users to toggle the visibility of deprecated variables.
- Added new deprecated variables for Supabase keys with appropriate reasons and alternatives.
- Added support for filtering deprecated environment variables in the `FilterSwitcher` component.
- Updated the `Summary` component to display a badge for the count of deprecated variables.
- Introduced a button to filter and display only deprecated variables.
- Adjusted filtering logic to include deprecated variables in the overall state management.
add BILLING_MODE configuration to environment variables
- Introduced a new environment variable `BILLING_MODE` to configure billing options for the application.
- The variable supports two values: `subscription` and `one-time`.
- Marked as deprecated with a reason indicating that this configuration is no longer required, as billing mode is now automatically determined.
- Added validation logic for the new variable to ensure correct value parsing.
* Update billing page data handling and version bump to 2.12.0
- Refactored billing page components to streamline data loading for subscriptions and orders.
- Introduced `getProductPlan` function to encapsulate product plan resolution logic.
- Updated `package.json` version from 2.11.0 to 2.12.0.
- Bumped dependencies: `lucide-react`, `react-hook-form`, `@supabase/supabase-js`, `@tanstack/react-query`, `@sentry/nextjs`, and more.
- Added `react-dropzone` to `@kit/ui` for file upload support.
- Adjusted `reset-password.html` to streamline style usage and HTML structure.
- Added new translation keys for file upload functionality.
- Cleaned up import order in `existing-account-hint.tsx`.
- Export `MultiFactorAuthError` from `require-user` for reuse.
- Implement MFA handling during team invitations' sign-in flow.
- Add E2E test for team invitation flow with MFA.
- Update components to improve i18n translation handling.
* Refactor sign-in flow to ensure fallback return paths
Updated logic to use fallback values for `returnPath` to prevent potential undefined behavior. Improved consistency in handling default paths during sign-in and redirection processes.
* Add Cloudflare generator with Wrangler and OpenNext support
This update introduces a new Cloudflare generator to streamline configuration and deployment via Wrangler and OpenNext. It registers the necessary templates, modifies project files, and adds Cloudflare-specific scripts and dependencies to the package.json. Additionally, .hbs files are updated in .prettierignore for formatting consistency.
* Add GitHub username prompt and improve setup scripts
Introduce a prompt for GitHub username to personalize project setup. Enhance the setup scripts by adding PNPM verification, configuring `upstream` remote, and removing the `origin` remote. Adjust health check and error handling for better reliability.
* Add Dockerfile generator to turbo generators
Introduced a new generator to create Dockerfile configurations for standalone Next.js applications. This includes modifying `next.config.mjs` for standalone output, updating dependencies in `package.json`, and adding a Dockerfile template. The generator is now registered in the turbo setup.
* Add console-based logger implementation. This is required for edge environments such as Cloudflare.
* Remove deprecated Supabase client utilities
The `server-actions-client`, `route-handler-client`, and `server-component-client` utilities have been removed in favor of `getSupabaseServerClient`. This simplifies and consolidates the API, ensuring consistency across server-side usage. Version bumped to 2.9.0 to reflect breaking changes.
* Update team member check in join page to use RPC call
Replaces direct API call with an RPC function to verify if a user is already a team member. This improves efficiency and ensures consistency with database operations.
* Add CSP nonce support and enhance security headers
Introduced secure headers and CSP nonce to improve app security by integrating `@nosecone/next`. Updated middleware, root providers, and layout to handle nonce propagation, enabling stricter CSP policies when configured. Also upgraded dependencies and tooling versions.
* Add OTP and security guidelines documentation and additional checks on client-provided values
- Introduced additional checks on client-provided values such as cookies
- Introduced a new OTP API documentation outlining the creation and verification of OTP tokens for sensitive operations.
- Added comprehensive security guidelines for writing secure code in Next.js, covering client and server components, environment variables, authentication, and error handling.
These additions enhance the project's security posture and provide clear instructions for developers on implementing secure practices.
* Update Stripe SDK and dependencies
1. Upgrade `stripe` package from version 17.7.0 to 18.0.0 in `package.json`.
2. Update `STRIPE_API_VERSION` in `stripe-sdk.ts` to '2025-03-31.basil'.
3. Refactor `StripeWebhookHandlerService` to retrieve subscription details using Supabase client, ensuring compatibility with the new Stripe version.
4. Introduce helper methods `getPeriodStartsAt` and `getPeriodEndsAt` for better handling of subscription periods based on the Stripe API changes.
These changes enhance the integration with the latest Stripe API and improve the overall reliability of the billing service.
* Refactor billing payload builders to remove config dependency
Removed direct dependency on `BillingConfig` in subscription payload builders.
Introduced `PlanTypeMap` to streamline plan type resolutions. Updated webhook handlers and event processing functions to handle plan types more efficiently and improve extensibility.
* Refactor Stripe subscription handling for improved accuracy
1. Add user creation and password reset dialog functionalities; added Junie guidelines
Introduced new `AdminCreateUserDialog` and `AdminResetPasswordDialog` components for managing user accounts in the admin panel. Updated the `AdminAccountsTable` page with a button for user creation and implemented backend logic for password resets with robust error handling.
2. Added Jetbrains AI guidelines
