Changelog

• Zero-Knowledge Token Delivery: Implemented token exchange and delivery refinements for Vercel integration with stronger secret-handling boundaries.
• CORS Validation Hardening: Added stricter CORS checks and integration route protections across Vercel status, sync, callback, token, and webhook flows.
• Environment Mapping UX: Improved Vercel project linking and environment mapping behavior in both backend routes and dashboard integration controls.

MCP Registry, HITL Security, and Operational Reliability

• Official MCP Registry Publishing: Added automated MCP Registry publication workflow with server.json metadata and GitHub Actions OIDC login flow.
• HITL Enforcement for Standalone Mutations: Routed standalone MCP mutation paths through the HITL SDK pipeline for non-bypassable approval semantics.
• MCP Runtime Stability: Improved MCP module path resolution and release pipeline test signaling; added a macOS-safe HITL verification script for staging checks.
• MCP Security Docs Expansion: Expanded MCP server security and contributor documentation to clarify HITL behavior, auth expectations, and release workflows.

Licensing and Documentation Alignment

• License Scope Clarification: Updated repository license scope and exceptions, explicitly carving out mcp-server/ and src/lib/sdk/ paths.
• Deployment and CI/CD Guidance: Refined internal and platform docs for Vercel-native sync, CI runtime wrapper usage, and MCP operational guidance.

Build and Release Stream Updates

• Build Script Reliability: Reverted app build execution path to native next build for more predictable Vercel deployment behavior.
• SDK/MCP Stream Progression: Included coordinated SDK and MCP package stream bumps (sdk-v1.6.0 -> sdk-v1.7.0, mcp-v1.10.0 -> mcp-v1.12.0) with matching release automation updates.

• Service Token Management: Enhanced CI/CD integration and comprehensive pipeline token access.
• Client-Side Decryption: Refactored secret handling to transition towards secure client-side AES-GCM decryption.
• Email Customization: Added dark and light mode logo support to email templates, dynamically utilizing EMAIL_PUBLIC_APP_URL.

Ecosystem & Developer Tooling

• Envault CLI (v1.36.1): Fixed decryption fallbacks allowing legacy plaintext structure usage explicitly; enhanced notification suppression logic.
• Envault SDK (v1.5.0): Ecosystem bump reflecting backend architectural enhancements and CI integrations.

User Flows & Local Provisioning

• Email Validation Links: Substantially improved user flows handling invalid or expired confirmation links.
• Local Dev vs Prod Build Setup: Enhanced configuration for cleaner, secure secret provisioning locally.

• Added animated theme toggle transition flow with lifecycle hardening, keypress locking, and safer cleanup timing.
• Introduced capability-gated browser handling with fallback paths for Safari, DuckDuckGo, and Edge to prevent rebound/flicker artifacts.

UI and Platform Updates

• Added global shortcut provider and landing interaction refinements, including transition/animation tuning.
• Expanded dashboard/auth surface work and refreshed Open Graph + favicon/PWA assets.

Branding, Typography and Governance

• Refined font handling with new layout/tailwind font variables for more consistent typography behavior across surfaces.
• Updated licensing terms and supporting documentation to align legal/policy messaging across the project.

• Static Open Graph Coverage: Added static Open Graph assets across route pages to reduce runtime dependency on dynamic OG generation.
• Platform Compatibility Improvement: Updated Open Graph metadata references from .svg to .png across marketing, dashboard, auth, docs, and global layouts for broader crawler/client compatibility.

CLI UX and Developer Tooling

• Animated CLI Loaders: Added branded, consistent animated loaders across key CLI commands (approve, deploy, pull, run, audit, doctor, env, init, mcp, sdk) with proper stop/cleanup behavior on error paths.
• Loader Preview Command: Added hidden __loader-preview command for visual QA and loader theme validation.
• Command Robustness: Refined command utility behavior to improve loader lifecycle handling and error propagation.

Skills and Documentation System

• View Transitions Skill Pack: Added a complete Vercel React View Transitions skill package with implementation guidance, CSS recipes, Next.js integration notes, and supporting metadata/references.
• Skill Dependency Locking: Added skills lock tracking to keep agent skill dependencies consistent.

Release Stream Updates

• SDK Stream: Published sdk-v1.3.0 release stream updates tied to the new view transitions skill artifacts.
• CLI Stream: Published v1.33.0 CLI release stream updates including loader and related enhancements.

• MCP Token Lifecycle Management: Added full MCP token lifecycle support with creation, regeneration, revocation, expiration handling, and lifecycle notifications.
• Automated Token Cleanup: Added cron-backed cleanup flow for expired MCP tokens, including supporting security logic and lifecycle test coverage.
• Standalone MCP Mode: Enhanced MCP server behavior with standalone mode support for broader integration scenarios.
• Context Retrieval Expansion: Added new context retrieval tooling for improved MCP agent workflows and runtime introspection.
• Cross-Platform MCP Setup Stability: Improved platform-specific command handling and MCP config/postinstall behavior for more reliable installation and execution across environments.

Secrets API, Error Handling & Configuration

• Secrets Sync Controls: Added pruneMissing support in secrets management paths to improve state reconciliation behavior.
• Environment Base URL Support: Added ENVAULT_BASE_URL support across relevant MCP and API integration paths.
• Auth/Error UX Improvements: Improved API error handling with clearer authentication hints, especially for 401 scenarios during setup and agent-driven operations.

Documentation & Platform Clarity

• Comprehensive Docs Expansion: Added and expanded documentation for accessibility, notifications, projects/environments, security, and system status.
• SDK + MCP Workflow Guidance: Enhanced setup and operational guidance for SDK/MCP agent workflows with clearer structure and execution paths.
• Platform Information Architecture: Improved docs organization and navigability across core, configuration, and platform-focused documentation surfaces.

• MCP Lifecycle Management: Added dedicated MCP integration management commands and improved the command surface for more predictable local setup and day-to-day usage.
• MCP Packaging Stability: Fixed MCP publish contents to reliably include postinstall.mjs, closing installation regressions across npm flows.
• SDK Packaging Hardening: Fixed SDK package layout and imports for package-local typecheck/build paths, and ensured postinstall assets are included in published artifacts.
• Auth Continuity UX: Improved sign-in continuity by remembering the last auth provider and hydrating user state earlier in the flow.
• Platform Messaging: Updated landing and docs surfaces to better present the SDK + MCP platform story and AI safety/GUI integration guidance.

Release & CI Improvements

• Provenance-Ready Publishing: Added required repository metadata for npm provenance and aligned release streams for app, SDK, and MCP.
• Pipeline Isolation: Split semantic-release configurations by target stream and tightened CI authentication (including OIDC-only npm publishing for SDK/MCP).
• Post-Release Validation: Added package smoke verification after publish to catch artifact/runtime issues earlier.
• Build/Repo Hygiene: Migrated Tailwind config to mjs, removed obsolete MCP config files, and refined ignore rules for local editor artifacts and secret-safe workflows.

• Added first-class TypeScript SDK package (@dinanathdash/envault-sdk) with delegated agent token flow, compatibility checks, and HITL polling execution support.
• Added standalone MCP server package (@dinanathdash/envault-mcp-server) with direct Envault tools for status, pull/push, approvals, and local key edits.
• Added inline terminal approval command envault approve <approval_id> for machine-agent workflows.
• Introduced SDK/MCP backend routes for delegate auth, pending approvals, approval status polling, and SDK version compatibility.
• Added global + project agent access kill switches and dedicated audit events for agent approvals/rejections.
• Added independent semantic-release pipelines for SDK and MCP with decoupled tag streams (sdk-v*, mcp-v*).
• Expanded docs and legal pages to cover SDK/MCP setup, security model, and policy implications.

• Account and Header Navigation: Added direct Dashboard and Notifications access from the account menu, and aligned header navigation behavior across dashboard and system-status surfaces.
• Interaction Reliability: Fixed notification tooltip reopen edge cases and refined keyboard shortcut behavior to suppress global hotkeys while users are typing in input/contenteditable fields.
• Secrets UI Consistency: Standardized add-variable dialog naming/structure and improved masked secret rendering consistency across variable views.
• Accessibility and Input Experience: Added global haptics feedback with persistent opt-out controls, and cleaned up keyboard hint visuals/content across docs and UI surfaces.

Runtime Stability, Security & Account Lifecycle

• View Transition Guard Hardening: Improved transition handling for hidden tabs, callback timeouts, development-mode behavior, and unsupported browsers by introducing safer no-op/fallback execution paths.
• Auth and Callback Robustness: Tightened OAuth callback handling and related routing behavior for more reliable sign-in flows across environments.
• Account Soft-Delete Lifecycle: Consolidated the 7-day deletion window, revival flow, purge automation, and deletion/revival notification behavior into a more resilient account lifecycle.
• Cron and Endpoint Protection: Enforced cron secret validation (x-cron-secret) for scheduled maintenance endpoints and aligned operational safeguards.
• Dependency Compatibility: Aligned key runtime dependencies (mermaid, three, @types/three) and normalized ASCII-safe output/copy patterns to reduce rendering and terminal compatibility issues.

Docs, Changelog & Developer Experience

• Changelog Rendering Pipeline: Migrated changelog entry body rendering to server-side MDX components to preserve rich MDX content and avoid CSP/runtime eval-related regressions.
• Docs Page Actions: Added Copy Markdown and Open actions to docs pages, backed by a dedicated raw markdown endpoint (/api/docs/markdown).
• Public Docs API Access: Updated proxy allowlist/auth behavior so public docs markdown actions no longer fail with unauthorized responses.
• Docs Content Structure Cleanup: Normalized top-level docs heading structure to avoid duplicate page-level H1 output when frontmatter titles are present.

• Hybrid Realtime Sync + Tab Focus Optimization: Implemented hybrid realtime synchronization with optimized tab-focus fetch behavior for dashboard, editor, and audit surfaces to improve freshness while reducing unnecessary refetch churn.
• GitHub Multi-Account Integration Flow: Added multi-account GitHub installation support with improved installation/add-account UX, expanded integration audit coverage, and repository selection/search flow refinements.
• Portless Local HTTPS Development: Migrated local development from ngrok/localhost setup to portless, with first-class dev command integration for secure callback testing.

Improvements

• Windows Dev Compatibility for Portless: Enhanced portless developer workflow on Windows and added OpenSSL installation guidance to reduce setup friction across environments.

• Server-First Architecture: Migrated Envault to a strict Next.js Server Component architecture. Completely removed "use client" directives from page and layout files, drastically reducing the client-side JavaScript bundle size and mitigating the "white screen" issue on slow connections.
• Deep Folder Restructuring: Consolidated and reorganized src/lib and src/components into domains (/auth, /infra, /system, /dialogs, etc.) to improve project maintainability and strict separation of concerns.
• Animation Restoration & Client Isolation: Restored beautiful framer-motion animations across the landing page using strictly isolated Client Component wrappers (FadeIn.tsx and SlideUp.tsx), ensuring full SSR compatibility.
• Throttled Window Focus Refresher: Implemented a lightweight, throttled window-focus refetching strategy to sync the web UI with CLI actions without exhausting database or Redis limits.

Improvements

• Account Deletion Data Preservation: Shared secrets are now preserved during account deletion and reassigned safely to the project owner instead of being removed.
• Identity Continuity After Member Exit: Secret records now retain creator/updater identity snapshots so audit logs and variable tables remain attributable even after a user account is deleted.
• Audit Logs Filtering & UX: Enhanced audit logs interface with improved filtering capabilities, better detail semantics, and improved fallback handling for edge cases.
• Audit Event Taxonomy & Privacy: Enforced structured event taxonomy with privacy-aware access controls and member-level access policies for audit log visibility.
• Secret Share Management: Editors can now manage secret shares directly, improving workflow efficiency for environment access requests.
• Approval + Access Consistency: Fixed role assignment during share-request approval so the selected role is applied correctly, with environment access handling aligned for simple and advanced project modes.
• Project Activity Freshness: Project dashboard cards now track latest project activity updates from editor/owner secret mutations, with broader cache invalidation to reduce stale timestamps.
• CLI & Release Workflow Reliability: Updated publish workflow gating to release when CLI files changed since the last CLI tag, added missing conventional-changelog-conventionalcommits dependency, fixed CLI wrapper metadata, modernized GoReleaser keys, and regenerated lockfile state.

• Environment-Scoped Access Flow: Added requested-environment propagation across access requests, owner approvals, notifications, and shared-environment UX so approvals can be scoped precisely.
• CLI/API Environment Enforcement: Enforced environment access constraints in CLI secrets APIs and added graceful 403 handling in CLI commands when users target unauthorized environments.
• Username Normalization: Standardized default usernames across email, Google, and GitHub sign-ins with migration-backed profile normalization.
• Member Access Control UX Refresh: Redesigned member access controls with expandable accordions, clearer validation, and improved approval/share interaction patterns.

Improvements

• Share Dialog & Approval Polish: Improved share dialog save behavior, mobile member identity display (username-first), and approve-request UI consistency.
• Navigation and Dashboard Refinements: Polished app header/back navigation and shared-project dashboard interactions for smoother project workflows.
• Landing Scene Reliability: Added conditional GlobalScene initialization to resolve missing 3D scene rendering on auth/approval related pages.
• Changelog Timeline Refactor: Simplified changelog entry processing and removed unused MDX serialization paths.

• Immutable Audit Logs: Added a full audit logging system with UI and API coverage, persistence schema support, and rate-limited access patterns for safer forensic visibility.
• Owner-Only Audit Access Controls: Tightened access enforcement so sensitive audit operations align with strict owner-level authorization and policy boundaries.

Improvements

• Approval/Join Request UX Refactor: Split approval and join request flows into dedicated client components with cleaner loading states and toast feedback, reducing complexity and improving operator clarity.
• Changelog Integration Foundation: Added structured changelog/timeline integration for tracking post-1.2.0 product updates in a consistent format.
• Hybrid Release Workflow: Removed app-level changeset/Husky release gates and moved to manual app versioning/changelog, while keeping CLI release automation through CI.

• GitHub Auto-Approval: Viewer access requests are now automatically approved when a GitHub App installation is detected, eliminating manual review friction for low-privilege roles.
• CLI Verbose Mode: Added --verbose / -v flag to CLI commands for detailed diagnostic output and improved error reporting during troubleshooting.
• Feedback System: Introduced a send-feedback script with a dedicated Resend-powered email pipeline, including reply-to address support for two-way communication.
• Key Hygiene Automation: Added a cleanup action that automatically removes retired encryption keys and completed background rotation jobs, keeping the vault lean.
• FSL License Transition: Migrated to the Functional Source License (FSL-1.1-MIT), reflecting Envault's transition to a source-available commercial model. Updated all file headers and documentation.
• CLI Audit Command: Implemented envault audit for automated git hygiene checks, scanning repositories for accidentally committed .env files.
• Site-wide OpenGraph: Added siteName to all OpenGraph metadata entries for richer link previews across social platforms.
• Orb Animation Optimisation: Refactored the hero orb animation to use an efficient lazy-loading strategy, significantly reducing initial page load cost.

Improvements

• Type Safety: Strengthened API route and component type annotations across the codebase, eliminating implicit any and improving IDE inference.
• Admin Role Simplification: Consolidated admin role checks into a single shared utility, reducing duplication across server components.