Changelog

Every release that touched production. Security fixes are called out first, then features, then everything else.

  1. 2026-05-20v0.9.4Security

    Auth hardening + analytics pipeline fixes

    • Hardened authentication: register-route no longer leaks account existence, password reset tokens are now SHA-256 hashed at rest, and unauthenticated POSTs are rate-limited per IP.
    • Fixed a NaN drop in the analytics pipeline that was under-counting token usage on long completions.
    • Bumped Next.js to 15.5.18 for the latest security patches.
    • Joined the web container to the shared data network so dashboard queries stop falling back to the public ClickHouse endpoint.
  2. 2026-05-12v0.9.3Feature

    BYOK for Bedrock + custom model routing

    • Bring-your-own-key support for AWS Bedrock (Claude, Llama, Mistral families).
    • Added a routing-rules editor so teams can pin specific prompts to specific upstream models.
    • New per-workspace usage export (CSV + JSON) on the Settings page.
  3. 2026-04-28v0.9.2Performance

    Gateway latency + cold-start improvements

    • Switched the Go gateway to HTTP/2 keep-alive pools per upstream, cutting p50 latency by 18% on Anthropic traffic.
    • Pre-warmed Paddle.js on the pricing page so the checkout overlay opens in under 200ms.
    • Reduced cold-start on the LiteLLM adapter from 4.1s to 1.6s by trimming unused provider plugins.
  4. 2026-04-10v0.9.1Fix

    Dashboard polish + webhook reliability

    • HMAC webhook signatures are now verified with constant-time comparison.
    • Fixed a timezone bug that mis-bucketed usage charts for accounts west of UTC.
    • Dashboard empty states now match the rest of the design system (EmptyState component).

Subscribe to release notes by RSS soon. In the meantime, email us and we’ll add you to the changelog list.