Changelog
Every release that touched production. Security fixes are called out first, then features, then everything else.
- 2026-05-20v0.9.4Security
Auth hardening + analytics pipeline fixes
- Hardened authentication: register-route no longer leaks account existence, password reset tokens are now SHA-256 hashed at rest, and unauthenticated POSTs are rate-limited per IP.
- Fixed a NaN drop in the analytics pipeline that was under-counting token usage on long completions.
- Bumped Next.js to 15.5.18 for the latest security patches.
- Joined the web container to the shared data network so dashboard queries stop falling back to the public ClickHouse endpoint.
- 2026-05-12v0.9.3Feature
BYOK for Bedrock + custom model routing
- Bring-your-own-key support for AWS Bedrock (Claude, Llama, Mistral families).
- Added a routing-rules editor so teams can pin specific prompts to specific upstream models.
- New per-workspace usage export (CSV + JSON) on the Settings page.
- 2026-04-28v0.9.2Performance
Gateway latency + cold-start improvements
- Switched the Go gateway to HTTP/2 keep-alive pools per upstream, cutting p50 latency by 18% on Anthropic traffic.
- Pre-warmed Paddle.js on the pricing page so the checkout overlay opens in under 200ms.
- Reduced cold-start on the LiteLLM adapter from 4.1s to 1.6s by trimming unused provider plugins.
- 2026-04-10v0.9.1Fix
Dashboard polish + webhook reliability
- HMAC webhook signatures are now verified with constant-time comparison.
- Fixed a timezone bug that mis-bucketed usage charts for accounts west of UTC.
- Dashboard empty states now match the rest of the design system (EmptyState component).
Subscribe to release notes by RSS soon. In the meantime, email us and we’ll add you to the changelog list.