What's new

Moves the user-visible version label to the very bottom of the sidebar, below the account dropdown.

Surfaces the app version (vX.Y.Z · build ) in the sidebar footer + Settings, sourced from the release tag via git describe (CI now fetches tags so it resolves correctly, not 'dev'). Closes the version-display + fetch-tags tickets.

Policies page split into two stacked sections (General · all tools / Tool-specific), "Applies to" indicator, create/edit slideout with scope selector + ai_apps multiselect + precedence helper, and policy delete (row utility button + slideout, admin-RLS-gated confirm). RLS migration (DELETE→admin) applied to prod. Closes #309. Backend already supported general-vs-tool-specific via policy_targets; shield-web enforcement unchanged.

In-extension 'Leave a Review' happy-gate prompt (#274) + locale-robust content-script send selectors & de-flaked selector-health check (#270). Tagging triggers the CWS publish.

Open invitations now lists only actionable invites (pending + expired), not accepted ones (the redeemer is a Member) — fixes the 'shows the same person twice' report; and inviting an email that already has a pending invite no longer creates a duplicate row. Closes #307.

Sidebar widget slot is now a priority registry: onboarding > trial/upgrade nudge > extension-coverage > what's-new. One active widget shows at a time; dismissing reveals the next; each has its own dismissal semantics (auto-clear/snooze/permanent-per-release). Closes #305.

Adds the in-extension 'Leave a Review' happy-gate prompt (#274): engaged users get a two-step 'Enjoying Shield?' → Leave a review (deep-links to the Chrome Web Store) / send feedback prompt, with frequency caps. Tagging triggers the CWS publish.

Larger (lg) avatars across all /users tabs; Invitations now show a relative Expires (with the exact date in a tooltip), sortable+tooltipped columns, and a tooltipped Revoke utility; demo seed assigns random AI-monitoring consent so the Members consent column shows variety. Closes #303.

The Open invitations and Requests tabs on /users now get the Members-v2 table treatment: avatar+email rows, coloured dot-badge statuses (invitations: pending/accepted/expired; requests: pending/approved/rejected) with matching badge filters, sm filter bar + free-text search, column picker, pagination, styled head + descriptions — reusing the shared components. Actions wired (resend/revoke; approve/deny). Closes #280.

Interim polish release: system banner bar no longer double-borders (wrapper div dropped, #296); Members table — consent column + filter now use coloured dot badges (green/red/grey), role filter uses a user icon, edit slideout footer is Cancel-left/Save-right with a dirty-gated Save (#298); table filters default to size sm, audit outcome=ShieldTick / severity=AlertSquare / discovery status=ActivityHeart filter icons, audit + discovery table-header descriptions (#295).

Members tab v2: real avatar photos + email second line (org_members RPC, org-gated), AI-monitoring consent column (badge), styled table head, Discovery-style column picker + filter bar (free-text + badge filters), edit moved to a slideout with name + role editable (admin profile-update policy). Closes #292.

Global, prioritized, role-aware system banner bar above the header (replaces the per-page page-alert). Phase 1: framework (useGlobalBanners registry, single top-priority banner, session/persistent/refresh dismissal) + 3 banners — not_protected (org has no extension activity), app_update (new build deployed → refresh), new_ai_tools (newly discovered apps; admin/security). Discovery's local banner removed (dedup). Closes #288.

Interim release. Modern Untitled UI plan badge on the dashboard; audit-event labels now i18n + identical across the Audit log and dashboard 'Recent events' (shared formatAuditAction + drift test); metric-card subtexts truncate cleanly; 'Shadow IT' → 'Shadow AI' wording. Closes #290.

Admin invite into an org at its admin-seat limit no longer fails with the opaque 'Database error saving new user': demo orgs are exempt from the seat trigger (migration, already hot-applied to prod), and the org-admin invite UI now surfaces the limit up front with a clear EN+DE message instead of failing at the invitee's redemption. Closes #289.

Onboarding setup checklist promoted from a dashboard-only card to a persistent, dismissible sidebar widget in a reusable slot (between Administration and the account card). Progress card + 'Continue setup' opens the full checklist dialog with per-step links; auto-hides at 100%, dismissible, admin+security only, EN+DE. Closes #285.

Members tab on /users rebuilt on the Untitled UI settings table: header (invite + CSV export + description), zebra rows, sortable+tooltipped columns, avatars, role badges, edit/delete utilities, discovery-style pagination (only >10 rows), EN+DE. CSV export defangs formula-injection. Closes #281.

CI edge-function deploy (#277)

Closes the ops gap where shield-control edge functions reached prod only via a manual supabase functions deploy (Supabase MCP) — a mis-paste could break prod billing/auth.

• deploy-production.yml gains a deploy-functions job that redeploys every function this repo owns on each prod release, with the per-function verify_jwt flag baked in (11 --no-verify-jwt, 3 default-on: ingest-audit/ingest-discovery/send-notification).
• A drift test (src/lib/edge-functions-deploy.test.ts) fails CI if a new supabase/functions/* dir isn't wired into the workflow.

No app/runtime change — this release exists to land + exercise the new deploy job. verify_jwt preservation verified by the Orchestrator before/after.

Closes #277

Hardened email domain verification (#263)

Re-introduces the email verification path for organization_domains with full hardening, and closes a latent re-point hijack in the verification guard.

Security

• Guard drift repaired (prod): the verification guard now pins domain + org_id + rate-limit counters on client UPDATE (previously unpinned in the merged file — an org admin could re-point a verified row onto an unclaimed domain). verified_at/method/verification_token stay client-immutable.
• Strict hostname CHECK on organization_domains.domain (NOT VALID → auto-VALIDATEd; prod was clean).

Email verification (hardened)

• Rate-limit: 1 send / 5 min + max 5 lifetime per domain → 429; counters guard-pinned.
• Reject if verified elsewhere → 409 before sending.
• Consent UI: new authenticated /verify-domain route — explicit "grant control of " confirm, never a one-click GET.
• Token handling: 32-byte single-use token, 30-min TTL, carried in the URL fragment (no Referer/server leak), burned on confirm.

Migration applied to prod; verify-domain edge fn deployed (verify_jwt:false). Advisors clean.

Closes #263 · Refs #248, #261, #262

• feat: organization_domains + DNS/email domain verification, anti-hijack single-verified-owner, domain_join_mode (off/request/auto); Settings → Domains UI (free-text domain edit removed)
• feat: access-request approval (Users & Roles) + Resend emails + in-app bell; OAuth-only auto-join for verified+auto domains
• prod migrations applied (organization_domains, repoint, lock, staff_provisioned, access_request_approval); edge fns deployed (verify-domain, manage/notify-access-request)

• fix(auth): signup on a domain that already has an org → join request instead of a duplicate org (#247; prod migration already applied)
• fix(discovery): Catalog tab is selectable again — default tab applied once on load (#253)
• fix(ux): Settings save buttons enabled only when something changed; avatar + language auto-persist and don't gate Save (#251)
• fix(ux): removed the plan tier badge from the account dropdown (#252)

Ships invite-only signup to prod: DB gate + toggle (#230), /auth redemption + codes + waitlist (#231), send-invite email (#233) + staff-gated path (#235). Flag flipped to invite_only on prod.

Ships current main to https://shield.qadar.ai.

Highlights

• fix(auth): SSO handoff single-flight hardening (#221/#223) — concurrent and staggered handoff triggers now share one generateLink and receive the same token; a late request-handoff is re-delivered the cached token instead of being starved. Fixes the retriable-handoff failures live Chrome-Web-Store extension users were hitting (stuck on LoginForm).
• feat(auth): Cloudflare Turnstile bot defense (#218) — signup/login.
• security: disposable/throwaway email block (#217 + DB enforcement) — the block_personal_email_signup auth-layer trigger now rejects disposable domains (mailinator, temp-mail, …) on both email/password and Google OAuth. DB enforcement applied to prod in this cycle (#227).
• docs/infra: migration-history drift guard (#224/#226).

DB (applied to prod ahead of this release, #227)

• Reconciled the prod migration ledger (8 already-applied versions) and applied the 2 genuinely-missing migrations: org_employee_opt_out_policy + block_disposable_email_signup.

Highlights

SSO deadlock fix

The popup no longer gets stuck on "Sign in with Shield Control" when you're already logged in on shield.qadar.ai. The extension now proactively requests the handoff on popup-open / service-worker wake, and re-registers its auth listener after an MV3 wake (#193). Pairs with the shield-control v0.19.0 sender-side fix.

Consent decoupled from authentication

Data-collection consent is now an axis independent of sign-in (#194):

• Logging in never depends on the consent decision; declining no longer logs you out.
• The monitoring toggle is in the popup (StatusCard) — grant or re-grant after a decline without digging into the options page (GDPR Art. 7(3)).
• First-run shows the prominent disclosure non-blocking, over the authenticated UI; telemetry stays off until granted.

Server-side consent record

The shared user_consents record is the single source of truth (#198): the extension reads it on session establish/refresh into a fail-closed local cache, persists declines server-side, and re-affirms when the privacy-policy version changes.

Hardening

• Pre-publish + CI load gate (#188): a build whose manifest/managed_schema fails to load in Chrome can no longer be merged or published (prevents the v0.1.3 dead-on-arrival class of bug).

Verified end-to-end on staging and on production with the CWS review account: the auth × consent cross-product behaves as designed.

Highlights

SSO deadlock fix

Users already signed in to shield.qadar.ai now pair with the Shield Web extension automatically — the handoff fires for a pre-existing session, not only on a fresh login (#193). (Pairs with the Shield Web extension fix shipped separately.)

Consent as an independent axis (privacy)

Data-collection consent is now decoupled from authentication and backed by a server-side record (user_consents) as the single source of truth:

• New Settings → Governance → "Your data-collection consent" self-service toggle — turn monitoring of your own AI usage on/off; it never logs you out (#195).
• Explicit granted/declined status, privacy-policy versioning, and an append-only audit trail for accountability.
• Org-level employee opt-out / enforced-collection policy (#184).

Infra

• Gated DB-migration pipeline: staging auto on merge, prod via human-initiated dispatch (#197, #199).
• Phase-2 merge model adopted (#189); chrome-devtools MCP for debugging (#187).

Deploy notes

• Prod DB migration (user_consents source-of-truth) is already applied + verified.
• Publishing this release deploys the web app to https://shield.qadar.ai.

Fixes the non-syncing prod SSO test: the prod web app now also pushes handoffs to the dev/unpacked shield-web extension ID (manifest-key-derived, unclaimable). #163

Highlights

SSO (sync host + one-time-token handoff, contract v1)

• #163 Web app is the sole login surface: auth-handoff edge function (single-use token_hash, rate-limited, audited), externally_connectable channel to the extension (signed-in/signed-out push, request-handoff/logout ports), /auth?source=extension flow. Jointly E2E-verified with shield-web (4 paths); multi-tab mint dedupe.
• Independent sessions per surface — no shared refresh chains (fixes the SSO instability class). shield-web v0.1.3 ships the consumer side after the current CWS review.

Billing — Stripe as source of truth (#166)

• Webhook hardened: current-state retrieve (out-of-order safe), annual price mapping fixed, checkout org-link via metadata; billing_synced_at.
• Daily billing-reconcile cron: heals mirror drift, flags billing leaks on soft-deleted orgs, full audit trail; dry-run mode.
• admin-billing write-through API for the admin console (contract admin-billing-api.json v1): change_plan / cancel / start_subscription (quote-led) / link_customer / get_overview.

Settings & policy

• #154/#156/#157 Identity tab in the Untitled UI settings-01/20 layout; reusable inline upgrade CTA (Identity + API Keys).
• #159 Secrets are now redacted (transform), not blocked; #158 idempotent demo seeding; #160 admin soft-delete schema catch-up.

Highlights (#151)

• Content detection is now ON by default (core promise): organizations.content_detection_enabled defaults to true and all existing orgs are backfilled. Detection runs on-device in Shield Web.
• Default starter policy PII Awareness → PII Protection (transform/redact; degrades to warn until on-device redaction ships).
• New Governance settings tab uniting Content Detection (opt-out, default-on), Governance (policy mode) and Privacy — moved out of the Organization tab.

Real reversible redaction + default-on consumption tracked in shield-web#143 / #144. EN+DE.

Enhancement to the Secured by Qadar AI trust badge (#148):

• Embed gated to active paying customers (locked state otherwise).
• Copy → dropdown: Copy as HTML / Markdown, Copy AI prompt (Claude Code/Cursor/Codex), Open in Claude / ChatGPT / Bolt (prompt prefilled).

Server-side per-org verification tracked in #149.

Highlights

Billing — self-serve flow complete (behind SELF_SERVE_ENABLED)

• #73 Annual/monthly interval toggle (annual default, 2 months free); live annual Stripe prices.
• #77 Self-serve Stripe Checkout (stripe-checkout edge function, admin-only, server-authoritative prices, seat quantity; double-gated; enterprise stays quote-led).
• #83 Read-only add-ons section (Regulated + general) with Contact-Sales CTA to the marketing site.

Trust & content

• #129 Embeddable "Secured by Qadar AI" trust badge settings tab (preview + copy embed → www.qadar.ai/protected).
• #90 / #141 / #142 Content data-type taxonomy contract + on-device-detection groundwork: per-org content_detection_enabled flag, data_types[] accepted/persisted on ingest (additive, unknown-tolerant).

Platform & DX

• #78 Server-side plan gating (ingest subscription guard + admin-seat-limit trigger).
• #84 Zero ESLint warnings, enforced in CI.
• #80 Dashboard empty states; #133 action-taxonomy contract + drift tests.

Staging API gateway (api-staging.qadar.ai) added so Shield Web's E2E mirrors prod.

First Chrome Web Store submission (replaces the withdrawn v0.1.0).

Enforcement

• Adopt action-taxonomy contract v1 (action-first events, prefix-only matching) + mandatory drift test
• Fix paste/upload enforcement (was silently dead due to action-vocab mismatch) — #72
• Detect + emit file uploads (upload.file) so upload policies fire — #130

Platform & infra

• Sentry error tracking (popup/side panel/service worker), privacy-first
• Complete EN/DE i18n; fix content-overlay locale staleness
• Env-correct SSO key; persist login email; resolve relative avatars
• Prod-only manifest (staging injected only for staging builds)
• Clean store package (no web-app favicons), npm run package
• Automated CWS publish pipeline (tag-triggered, service-account auth)

Auto-published on review approval.

chore(build): husky + lint-staged + svgo auto-optimize staged SVGs on commit (multipass, floatPrecision 3, viewBox/xmlns preserved). ~31% size reduction on logo SVGs.

feat(billing): SELF_SERVE_ENABLED toggle (off for now). Removed mailto from app UI. Plan cards + upgrade ready for self-serve when flag flips.

What's new

• Invoice table in Settings → Billing: fetches from Stripe, shows number, date, amount, status badge, PDF download
• Stripe Billing Portal: "Manage subscription" opens Stripe-hosted portal (payment methods, invoices, cancel)
• Upgrade prompts: UpgradePrompt banner at SSO (Identity tab) + API Keys tab for lower-tier users
• Edge Function gating: ingest-audit rejects canceled subscriptions (403)
• Dashboard: plan badge next to title
• Account Card: plan badge in sidebar
• Stripe customer linking: scripts/link-stripe-customers.ts matches by email
• CLAUDE.md: CI verification rule, no autonomous push/merge/release

Full changelog: https://github.com/qadar-ai/shield-control/compare/v0.14.1...v0.15.0

feat(billing): RadioGroupIconCard plan selector with icons/prices/descriptions + ProgressBar for admin seats and audit retention usage.

What's new

• Stripe Products + Prices: Starter ($10), Business ($14), Enterprise ($22) /user/mo + add-ons
• Webhook: Edge Function handles subscription + invoice events
• API Gateway: /v1/stripe/webhook route
• DB: plan, stripe_customer_id, subscription_status on organizations
• PLAN_LIMITS: per-plan feature limits (admin seats, audit retention, SSO, API keys, etc.)
• usePlan() hook: plan state + canUse(), upgradePlanFor() helpers
• Settings → Billing tab: current plan, features, manage subscription
• UpgradePrompt: reusable component for gated features
• Account Card: plan badge in sidebar
• Hooks: verify-gate (stop), format (post-tool), protect (pre-tool)
• CLAUDE.md: agent behavior rules
• ESLint: hex color token enforcement

Full changelog: https://github.com/qadar-ai/shield-control/compare/v0.13.1...v0.14.0

feat(i18n): profiles.locale as single source of truth. Settings writes on change, login reads and syncs.

• AI app avatar: square, white bg (matches Discovery)
• Outcome + severity: MultiSelect with badge items
• Pagination (25/page)
• Column visibility picker
• Action labels: human-readable i18n (EN + DE)

fix(audit): avatar + initials in User column.

feat(notifications): access request support in audit ingest + notification bell.

feat(audit): search in filter bar, all columns sortable, column tooltips (EN + DE).

fix(audit): empty state matches discovery page (SearchLg, pattern=none, contextual description).

fix(dashboard): avatar grid empty state wrapped in full-width card container.

feat(dashboard): AvatarGrid with 24 AI app signets as empty state (N26).

feat(settings): danger zone with destructive confirmation dialog + delete_own_account RPC. i18n EN + DE.

fix(shell): removed redundant sidebar search (N27). Command Menu (Cmd+K) replaces it.

• Onboarding checklist widget on dashboard with auto-detected step completion
• 5 steps: Account → Org → Extension → First App → First Policy
• Untitled UI Progress.IconsWithText component
• Dismissible, pre-checked first step (endowed progress effect)
• N31 (AI agent) added to backlog

• Removed "Load demo data" seed button — all data flows live from Shield Web
• Dashboard empty state: "Install the Shield browser extension" with link to Discovery
• Backlog: N24 (onboarding checklist), N25 (seed as CLI-only)

• Command Menu (Cmd+K / Ctrl+K) — global search across Navigation, AI Apps, Policies, Users
• Untitled UI command-menu component with autocomplete, sections, keyboard shortcuts
• Search trigger in header-nav with ⌘K badge
• Live Supabase data for all search groups

feat(dashboard): trend chart, sparklines, risk donut now use real audit_events + discovery_events data instead of synthetic LCG noise. N21 + N22 done.

fix(discovery): shadow-md hover effect on metric cards instead of ring border

Redesigned notification items in slideout: unread badge on icon, time right-aligned, 2-line body, mark-all-read below headline. Backlog: N20-N22 added.

Bell opens SlideoutMenu instead of popover. Settings: ButtonGroup multi-select (In-App + Email simultaneously). Summary reports (daily/weekly) added.

What's new

• In-app notification center — bell icon with unread badge, dropdown with notification list, mark-as-read
• Email notifications via Resend ([email protected])
• Settings → Notifications tab — in-app/email toggles, per-event channel (new app, policy block, high risk)
• Automatic notifications — admins get notified on first AI app detection and policy enforcement (block/warn)
• Supabase Realtime — live badge updates without page refresh
• API Gateway — new route api.qadar.ai/v1/notifications/send
• CLAUDE.md — Untitled UI semantic token conventions

Full changelog: https://github.com/qadar-ai/shield-control/compare/v0.9.2...v0.10.0

What's new

• Default policy mode (Open/Managed/Strict) — admin-configurable governance level in Settings
• Starter policies — 5 policies auto-created for every new org via DB trigger (Source Code Protection, PII Awareness, Financial Data Guard, General AI Monitoring, File Upload Control)
• New policy_mode enum + default_policy_mode column on organizations

Full changelog: https://github.com/qadar-ai/shield-control/compare/v0.9.1...v0.9.2

feat(discovery): avatar stacks now show actual users from discovery_events instead of random org profiles.

What's new

• Edge Function ingest-audit — any authenticated user can log policy enforcement events (member-role support). Validates enums server-side. Deployed to staging + production.
• API Gateway — new route api.qadar.ai/v1/audit/ingest

Full changelog: https://github.com/qadar-ai/shield-control/compare/v0.8.8...v0.9.0

fix(discovery): responsive filterbar, chore(infra): user_consents UPDATE policy migration

fix(discovery): triage buttons wrap on narrow discovered cards

• Triage button tooltips (Block/Allow/Review consequences) on cards + slideout
• User avatar hover cards with username
• Users icon + tooltip before avatar stack
• DE: "Prüfen" statt "Jetzt prüfen"
• CLAUDE.md: PR-driven workflow rules + conventional commits

Block (SlashOctagon) → Allow (CheckSquareBroken) → Review (Eye, primary). Consistent order + styling across discovered cards and slideout.

Shortened discovery alert (platform-agnostic), added hover tooltips to Risk and Source badges on discovered cards.

Add Microsoft Copilot signet (official multicolor icon) + logo map entry.

What's new

• First-detection triage: Catalog apps (e.g. Perplexity, ChatGPT) now get status='discovered' when Shield Web detects their first real usage — they appear in the "Neu entdeckt" tab for admin review, matching the industry standard pattern (Torii, 1Password, Nudge Security)
• Discovery UX: Em-dash (—) for apps with 0 users
• Backlog: Added N15–N19 (governance mode, SSO, Google OAuth, CWS publish, privacy policy)

Full changelog: https://github.com/qadar-ai/shield-control/compare/v0.8.1...v0.8.2

What's new

• Edge Function ingest-discovery — any authenticated user (including member role) can now report AI app discoveries via POST /functions/v1/ingest-discovery. Uses service-role key to bypass RLS.
• Backlog cleanup — N1–N9, N12–N14 moved to Done

Full changelog: https://github.com/qadar-ai/shield-control/compare/v0.8.0...v0.8.1

What's new

• Settings layout overhaul — migrated to Untitled UI template pattern (SectionHeader, SectionLabel, SectionFooter, button-border tabs, two-column grid)
• Privacy toggle — show_user_list in Settings → Organization lets admins opt-in to user-level activity display
• Discovery avatar stack — Users column shows overlapping avatars when privacy toggle is ON
• Consent audit trail — new user_consents table for GDPR compliance (written by Shield Web, read by admins)
• Lint cleanup — fixed all lint errors including pre-existing react-refresh issue

Migrations

Full changelog: https://github.com/qadar-ai/shield-control/compare/v0.7.0...v0.8.0

Initial production cut after the staging+production CI/CD wiring lands. Pattern B is the canonical deploy flow from here on: PRs against main → squash merge → staging, then gh release create vX.Y.Z → production.