ReplyArcReplyArc
Get started
CHANGELOG · LATEST FIRST

Every ship, dated.

Backfilled from the git log across our three repos. One entry per ship, not per commit. Each entry tells you what changed for an operator or end client — not what the diff looked like.

CATEGORY
RSS feed
  1. MAY 27 26
    replyarc-marketing
    Feature

    Marketing site adds /security, /customers, /about, /changelog, /docs, /status

    Six new public pages give mid-market prospects the surfaces they expect — security posture, case studies, founder bio, public docs, and live status.

    Phase 9 of the launch plan landed the missing marketing pages: security architecture diagram + compliance posture, three anonymized customer installs with chart visualizations, an about/team page, an MDX-driven changelog, a public OpenAPI render placeholder, and a custom status page. Every page uses the editorial system primitives — sharp corners, grayscale photography, Inter Tight + Bricolage + Instrument Serif typography.

  2. MAY 26 26
    replyarc-marketing · replyarc-dashboard
    Feature

    Multi-modal CTA capture on the landing page

    Visitors who aren't ready to book a call can now subscribe to the playbook or open a contact form — closing the audit gap on single-CTA dependency.

    Email subscribe + contact form modals (P8.4). Honeypot + rate-limited. Submissions POST to the dashboard backend's new marketing_leads table for triage. Founder strip + trust signals shipped alongside (P8.3).

  3. MAY 26 26
    replyarc-marketing
    Fix

    Sharp-corner design rule enforced in CI

    All chrome now ships at 0px or 2px corners. A pre-commit lint rule blocks rounded-md/lg/xl regressions across components/ and app/.

    P8.2 closed the design-restraint feedback loop. PillNav buttons, DashboardMockup chrome, and a dozen other surfaces dropped their soft corners. The lint:design script (scripts/check-sharp-corners.sh) runs in CI and on every commit.

  4. MAY 26 26
    replyarc-marketing
    Feature

    Favicon, OG image, sitemap, robots.txt

    Marketing site ships proper share-card metadata + crawler hints. Lighthouse SEO climbs to ≥95.

    P8.1 — apple-touch-icon, OG image at /og, per-page openGraph metadata, sitemap.ts enumerating live routes, robots.txt allowing index. metadataBase set to NEXT_PUBLIC_SITE_URL so per-page canonicals resolve correctly.

  5. MAY 25 26
    replyarc-dashboard
    Fix

    Branded error + loading boundaries on every dashboard route

    A crashed route now renders an editorial error page with Sentry capture instead of a white screen. Loading states use brand-token skeletons.

    P7.1 + P7.2 — error.tsx + loading.tsx boundaries cover all (app)/ routes. Every list page audited for empty/loading/error states. Dashboard frontend hardening phase complete.

  6. MAY 25 26
    replyarc-dashboard
    Fix

    Hardcoded hex colors replaced with brand tokens

    Per-install brand cascade (3-color whitelabel) now applies cleanly to every dashboard page. Beacon Labs install renders in teal/amber/sky without surgery.

    P7.4 — grep swept hardcoded hex across the frontend, replaced with var(--brand-primary) / var(--brand-secondary) / var(--brand-tertiary). Dark-mode parity verified.

  7. MAY 24 26
    replyarc-dashboard
    Security

    Signing-secret hash separated from HMAC key

    A leak of the SHA-256 verifier no longer yields a usable HMAC key. Fernet-encrypted secret rotation is documented in DR-RUNBOOK.

    P6.1 — signing_secret_hash (SHA-256 for shown-once verification) and signing_secret_encrypted (Fernet-encrypted, used for HMAC signing) are now distinct fields on the install record. Encryption key sourced from OPS_ENCRYPTION_KEY. Migration script re-keys existing installs.

  8. MAY 24 26
    replyarc-dashboard
    Security

    Webhook routes fail-closed when secret is unset in production

    Production startup now fails loudly if `WEBHOOK_SECRET` or `TRACKING_SECRET` is missing. Dev keeps fail-open with a warning.

    P6.2 — webhooks.py + tracking.py raise on app startup when their secret env vars are missing in production. A regression test asserts the prod boot fails without secrets.

  9. MAY 23 26
    replyarc-dashboard
    Performance

    Tenacity retry + circuit breaker around every outbound provider call

    Provider hiccups (Anthropic 500s, Email Bison throttles, Resend timeouts) no longer turn into client-visible errors.

    P6.3 — exponential backoff with jitter, max 3 retries, circuit trips at 5 failures in 60s (open for 5min). Failed-after-retries logged to Sentry with full context.

  10. MAY 23 26
    replyarc-dashboard
    Performance

    Phone-home events queued + replayable on ops outage

    An ops backend down for hours no longer drops audit events. Local Redis buffers; a DLQ table holds anything older than 24h for manual replay.

    P6.8 — phone-home events queue locally, retry on ops 5xx, and dead-letter to phone_home_dlq after 24h of unreachability. Sentry alerts after 3 consecutive failures.

  11. MAY 22 26
    replyarc-dashboard · replyarc-ops
    Security

    Every ops mutation writes an audit event

    Secret rotations, install updates, billing changes, repair-token failures — all show up in the ops audit log with actor + diff.

    P5.1 + P5.2 — closed the audit gaps on ops/api.py mutations. Repair-token verify failures (unknown, revoked, expired, already-used) now write distinct audit rows; brute-force attempts are rate-limited.

  12. MAY 22 26
    replyarc-ops
    Security

    Ops UI fails to boot in production without OPS_ACCESS_TOKEN

    Defense-in-depth: if the access token env var isn't set in a prod-like environment, the ops control plane refuses to serve traffic.

    P5.3 — middleware-enforced access check + vercel.json deny rule on non-main branches. README updated with verification steps.

  13. MAY 21 26
    replyarc-dashboard
    Security

    AI provider credentials scoped per workspace, not per user

    Two users in the same workspace now share provider keys; a user in a different workspace can't see them. Closes a multi-workspace isolation gap.

    P4.1 — ai_provider_credentials UniqueConstraint changed from (user_id) to (workspace_id, provider). Backfill script seeds workspace_id from each row's owning user's first workspace. Read paths re-scoped.

  14. MAY 21 26
    replyarc-dashboard
    Fix

    Cached install state expires after 24h with stale flag

    Installs reading an ops state cache older than 24h now know it's stale and degrade accordingly — serve+warn on most routes, refuse on gating routes.

    P4.2 — install_state_cache.get_cached_state() checks fetched_at age. Poller logs structured failure events; alerts fire after N consecutive failures.

20 MIN · NO PITCH

Book the call.

Twenty minutes. We'll tell you, honestly, whether an install is the right call right now — or whether you should keep renting an agency for another quarter.

Book a callSee install pricing