Changelog

What changed, and why.

The same standard we hold your config to. Every entry below carries its real commit hash; entries are curated, history isn't.

2026-06-04 29c75cf

Metering completes: edge reads + MAU billed.

Usage flows from the durable audit pipeline to Stripe meters, idempotently. The two meters on the pricing page are these.

2026-06-04 0c774d4

Fixed: TOTP enrollment vs Hyperdrive's query cache.

Read-after-write through an identical cached SELECT rejected fresh secrets. Found in a live browser, like every good deployed-only bug.

2026-06-04 8da4d70

Fixed: requireUser routes on deployed workers.

WebCrypto's key_ops metadata made workerd (correctly, strictly) refuse our verification JWK. Node was lenient; production was not.

2026-06-04 d388c17

Self-serve billing: Stripe Checkout + Billing Portal.

Enterprise stays sales-led on purpose.

2026-06-04 de7eb98 + 2d42c97

Passkeys (WebAuthn) and TOTP MFA, end-to-end.

Phishing-resistant where the client supports it.

2026-06-04 92fb277

@edgevault/sdk: the typed consumer client.

flag(key, fallback) never throws — outages should degrade, not crash.

2026-06-04 92d7886 + 438da50

Enterprise SSO: OIDC end-to-end, hand-rolled SAML 2.0 XML-DSig verification.

Read it before you trust it; that's the point.

2026-06-04 ca4292c

Social OAuth (GitHub + Google), hand-rolled.

Two providers, zero dependencies added.

2026-06-03 b0df98b

The secrets vault: envelope encryption.

Per-secret DEKs, HKDF workspace KEKs, a delivery plane that cannot decrypt.

2026-06-03 1337a42

The audit warehouse: Queues → consumer → R2 NDJSON.

Append-only; this changelog's standard, mechanized.

2026-06-03 6f6f2d3 + e627e74 + 53fedab

The AI layer: semantic search, risk scoring, an agent that cites revisions.

Plus a remote MCP server (Streamable HTTP).

2026-06-03 a0d5791

Durable promotion workflows with an approval gate.

Config moves between environments like a deploy, because it is one.

2026-06-03 88325e3

Real-time config push over WebSocket Hibernation.

The dashboard stopped polling.

2026-06-03 681d352

The delivery worker: the <10 ms edge read path.

KV write-through, in-memory L1.

2026-06-03 c03041f

One SQLite Durable Object per workspace: the system of record.

Everything since builds on this.

2026-06-03 b5d015a + e117dab

Phase 0/1: monorepo bootstrap, Neon + Hyperdrive, custom zero-telemetry auth.

Day one decision: no phone-home, enforced ever since.

The repo is private during the rebuild — hashes become clickable with the public release.

The history is the pitch.

Start free Self-host it