pguerrerox/leads4less
Public Access
1
0
Fork 0
Code Actions Wiki Activity
Files
232342d6a1637280e9c1c49cc7fbc3f5e26f6adb
leads4less/CHANGELOG.md
T

110 lines
9.0 KiB
Markdown
Raw Blame History

# Changelog
All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
## [2026-05-25]
### Added
- Added migrations to enforce workspace membership roles as `owner`/`member` only and to introduce DB-backed application-admin identities with access-audit storage.
- Added centralized admin authorization and audit helpers so internal `/admin/*` routes can use one shared access check and log admin support activity.
- Added a first-run admin bootstrap flow with `/api/admin/bootstrap/status` and `/api/admin/bootstrap/claim` so the initial application-admin account can be claimed safely.
- Added `bootstrap-token` and `bootstrap-enabled` environment/config support, plus setup docs and operational checklist updates for first-run admin provisioning.
- Added authenticated UI admin-badge visibility by exposing `isAdmin` on shared session/auth payloads.
### Changed
- Replaced env-only billing-admin authorization with application-admin checks backed by database records, while keeping env allowlist fallback support for rollout safety.
- Updated account and workspace permission handling so only workspace owners can manage workspace settings, and admin tooling visibility is driven by the new app-admin identity.
- Updated environment and setup docs for Stripe keys plus the new preferred `ADMIN_EMAILS` allowlist variable (with `BILLING_ADMIN_EMAILS` retained as a deprecated fallback).
- Reorganized the pricing rollout tracker to reflect completed phases, deferred work, and the new app-admin and workspace-role migration milestones.
- Updated auth/session responses to include canonical admin-status checks so admin UI state stays consistent after refresh and login.
- Updated README and TODO planning docs for phased admin-console rollout and the first-run operational checklist.
## [2026-05-22]
### Added
- Added an authenticated `Account` page with editable profile settings, workspace details, usage summaries, and placeholders for upcoming billing and team management.
- Added workspace and workspace-membership schema foundations plus new account API endpoints so each user now has a default personal workspace for future company, billing, and team features.
- Added a shared billing catalog, entitlement policy helpers, and feature-gate logic for Starter, Growth, Pro, and Enterprise packaging so pricing and future subscription enforcement can share one source of truth.
- Added workspace-scoped billing foundation storage, repository/service layers, and add-on catalog definitions for billing accounts, usage periods, usage counters, purchases, and balances.
- Added backend entitlement enforcement for basic search and deep research routes using shared workspace billing state and reusable usage-cost estimation.
- Added workspace-readiness reference material plus billing-aware account usage, add-on, and upgrade surfaces to keep plan promises honest during the workspace migration phase.
- Added Stripe payments foundations with checkout, billing-portal, and webhook processing routes plus idempotent webhook event storage for subscription sync and export-pack fulfillment.
- Added billing lifecycle hardening data and support workflows, including Stripe sync metadata, grace-period support, workspace billing timeline events, and billing-admin workspace visibility endpoints.
- Added billing and revenue instrumentation via a shared analytics event pipeline, API/webhook event emitters, and an admin analytics summary endpoint for pricing conversion, quota pressure, churn, and expansion signals.
### Changed
- Normalized the product UI around shared design primitives for buttons, cards, alerts, tabs, and page shells to keep public, auth, research, results, dashboard, map, and account surfaces visually aligned.
- Refined the authenticated app for mobile with a phone-friendly top bar, bottom tab navigation, shorter inline research maps, touch-friendlier map gestures, and a mobile lead-card presentation in the dashboard while preserving desktop layouts.
- Rebranded public, auth, worker, and supporting documentation copy from `Leads4less` to `LocaleScope` and repositioned the product around local market intelligence and territory research.
- Expanded the pricing experience with monthly/annual plan toggles, interval-specific pricing cards, and a comparison table derived from canonical billing metadata.
- Bootstrapped existing and new workspaces into a pre-payments Starter billing state so usage tracking and enforcement can run before subscription automation exists.
- Updated dashboard, map, and results copy to describe saved businesses and research outputs instead of lead-focused terminology.
- Replaced account-page billing placeholders with Stripe-backed upgrade, add-on purchase, and billing-management actions while keeping enterprise on a manual sales path.
- Hardened entitlement enforcement to treat past-due subscriptions as grace-window access before blocking chargeable actions, with clearer lifecycle messaging in account and API responses.
## [2026-05-01]
### Added
- Added a multi-stage `Dockerfile` and `docker-compose.yml` for running the web app, API, worker, and PostGIS database as a local container stack.
### Changed
- Updated the Docker Compose deployment config to read app secrets and Vite build settings from environment variables, and added a `.dockerignore` to keep container builds leaner.
- Aligned the Docker Compose and example environment settings so local and deployment configs use the same variable names and document URL-encoded database passwords when needed.
- Simplified container deployment by adding a dedicated migration image and Compose startup ordering so the database becomes healthy, migrations run automatically, and the API, worker, and web services start afterward.
- Published the Docker web and API services to host ports so local Compose runs are reachable directly from the browser with configurable `WEB_PORT` and `APP_PORT` values.
### Fixed
- Fixed the Docker startup flow by passing required env validation into the migration container, bundling SQL migrations into the runtime image, and creating pg-boss queues before the worker starts consuming them.
## [2026-04-19]
### Added
- Added separate `Research` and `Results` workspaces so new runs and saved run browsing live in distinct flows while preserving bundled map selection.
- Added dedicated Basic and Deep Research results views, plus a public landing page and dedicated auth route for the unauthenticated experience.
### Changed
- Made Basic research map-first by requiring a dropped pin or current location, sending coordinate-based searches through the API, and cleaning up shared map presentation.
- Simplified shared Google Maps rendering by moving Basic, Deep Research, and result review maps onto the same cleaner visual style.
### Fixed
- Fixed local logout behavior so the session cookie is cleared consistently and optional session-id logout requests can remove the active server session record.
## [2026-04-12]
### Changed
- Improved local development networking by making API env loading work with `.env.local`, adding LAN-friendly API URL fallback behavior, and fixing development CORS handling.
- Fixed local research inserts so nullable Google Places coordinates no longer break business upserts.
- Improved postal data tooling with streaming imports, clearer CRS validation, progress logs, and a status command for checking imported areas and adjacency counts.
### Added
- Added postal-area import and adjacency build scripts for US ZIP/ZCTA and Canada FSA datasets.
- Added a dedicated `Deep Research` view with map pin placement, propagation preview overlays, batch history, and bundled map navigation.
- Added backend deep-research preview, batch creation, and batch detail APIs, reusing the existing research engine to create one child search per postal area.
### Removed
- Removed stale local metadata, placeholder postal seeding code, and leftover Supabase-era repository artifacts.
## [2026-03-27]
### Changed
- Migrated the app from a Supabase runtime to a local Fastify API with PostgreSQL, PostGIS, and cookie-based session auth.
- Reworked the research experience with the `Leads4less` branding, the renamed `Research` view, a top-form layout, and a filterable grid of research jobs.
- Added local API wiring for research, dashboard, and map flows while keeping selected-job map behavior and broader lead retrieval support.
### Added
- Added local backend scaffolding under `server/` for auth, health checks, search routes, database access, and worker startup.
- Added local database migrations and scripts under `db/`, including the first PostGIS-enabled schema and migration runner.
- Added shared app types and frontend API/auth helpers for the local stack.
### Removed
- Removed the Supabase browser client, Edge Function runtime, and Supabase migration artifacts from the active app stack.
## [2026-03-26]
### Added
- Initial Leads4Less app with React and Vite.
- Supabase-backed authentication, lead storage, and search job persistence.
- Research, dashboard, and map views for running searches, browsing leads, and visualizing results on Google Maps.
View Git Blame Copy Permalink