OutworxOutworx Docs
Changelog

What’s new in Outworx Docs.

Every user-visible change, newest first. We ship often.

  1. FeaturePlatform

    Enterprise foundation — REST API, PR previews, RBAC, audit log, theme tokens, CLI

    Outworx grows up: a public REST management API with personal access tokens for full automation, PR preview deploys so every pull request gets its own throwaway docs URL, two-layer role-based access control for Business teams, a complete audit log pipeline with SIEM webhooks and per-account retention, per-theme color tokens with a light/dark lock for brand-matched docs, and an official `@outworx/cli` plus `outworx/upload-spec-action` so any CI can push specs in three lines. Six features that close the SOC2 / enterprise gap and make the spec-to-docs loop fully automatable.

    • Public REST API at `/api/v1` — full CRUD on Projects (GET/POST/PATCH/DELETE /api/v1/projects[/{slug}]) and Versions (GET/POST/PATCH/DELETE /api/v1/projects/{slug}/versions[/{label}]). Standard error envelope ({ error: { code, message, details? } }) and list envelope ({ data, pagination }). Single-default invariant enforced server-side: PATCH is_default:true demotes the previous default in the same write, DELETE on the default returns 409. Sensitive columns (password_hash, mcp_token, upload_token) filtered through serializeProject so future schema fields can't auto-leak
    • Personal access tokensotwx_pat_* prefix, sha-256 hashed at rest, plaintext shown once at creation, optional expires_at, revocation by row delete. New personal_access_tokens table with a unique-on-hash index for O(1) auth lookups. New API tokens card on Settings with create / list / revoke + a copy-once dialog. last_used_at is awaited (not fire-and-forget) so the dashboard's dormant-token signal is reliable
    • PR preview deploys — Pro+ feature on the v1 API. POST /api/v1/projects/{slug}/versions?preview=true&pr=42&commit=<sha>&branch=<name> creates a 14-day preview version with PR metadata for the banner. Re-pushing the same label as commits land on the PR updates the row and rolls the TTL forward. Separate maxPreviewsPerProject plan cap so previews don't crowd out release versions. Hidden from the default version list unless ?include_previews=true. Pruning runs in pg_cron — no Vercel Cron quota burn
    • Two-layer RBAC — Business plan unlocks editor / viewer / none roles. Layer 1 (account_collaborators.role) sets the account-wide default; Layer 2 (project_collaborator_roles) is a per-project override. none explicitly hides a project from a collaborator who'd otherwise have access ("Bob can see all my stuff except this acquisition project"). Owners are implicit and never have a row anywhere. Roles enforce in requireApiPermission (v1 API) and requireActionPermission (dashboard server actions) — every mutation goes through the same gate. Pro / Free flatten to editor for back-compat but stored overrides survive a downgrade so re-upgrading restores the permission map without a re-pick
    • Per-project Access tab — owners get a UI to invite seats, set the account-default role for new collaborators, and override roles per project. Viewer rows render with mutation UI disabled across every project tab (Spec, Mock, Customize, SDKs, Diffs, etc.) so the role gate is visible, not just enforced server-side. Cmd+K and direct /dashboard/<id> nav respect none overrides — no leaked surface area for projects you've explicitly hidden
    • Audit log — every mutation (dashboard or API) writes a row with a stable UPPER_SNAKE action code, actor, target, project, source (dashboard / api / system), and structured metadata. 30+ codes covering project lifecycle, branding / theme, versions, previews, specs, collaborators, and tokens. Plan-gated to Business for both writes and reads. New /settings/activity page with a filter strip (date range, actor, project, action category) and CSV export at /api/audit/export.csv for SOC2 evidence dumps. Per-row describeEvent() produces the human one-liner (bob@acme.com: editor → viewer (project override)) instead of dumping raw metadata
    • Audit log retention — per-account audit_log_retention_days configurable from 30 to 3650 days (default 730 / 2 years, covers SOC2 Type II). Daily prune job at 03:23 UTC via pg_cron, single-statement DELETE through the indexed (account, created_at) path. Retention setter is on the new Audit log card on Settings
    • Audit webhook delivery — Business customers can pipe the full event stream into their own SIEM (Datadog Logs, Splunk HEC, Honeycomb). One POST per audit row with Content-Type: application/json, X-Outworx-Event (action code), X-Outworx-Delivery (event uuid for idempotency), and X-Outworx-Signature: sha256=<hex> (HMAC-SHA256 over the body). 5s timeout, never throws — the receiver's own retry/queue handles durability
    • Security notifications — owner gets an email (always) and an optional Slack webhook ping on COLLABORATOR_ROLE_CHANGED and TOKEN_CREATED. Slack uses block-kit (header + section + Review-activity-log button) and a 5s budget so a flapping webhook can't stall the underlying mutation
    • Per-theme color tokens — Pro+ feature gated on brandingEnabled. Override a bounded set of tokens (primary, background, foreground, muted, border, card) per theme, set a shared corner radius, and lock the docs to light-only or dark-only when your brand has no second palette — the theme toggle hides when locked. Tokens apply to both the hosted docs page and the Try-It embed widget. Legacy branding.accentColor falls through as the per-theme primary so existing projects render identically until they opt in. Tokens are preserved across plan downgrades (read-time gated, not wiped) so re-subscription snaps the visual config back without forcing a re-pick
    • `@outworx/cli` on npmoutworx push <spec> --project <slug> works on any CI runner or laptop. Hand-rolled argv parser (no commander/yargs dep) keeps the tarball at ~30KB for fast npx cold-starts. Sniffs the token prefix: otwx_pat_* routes to the v1 API (preview pushes work), otwx_* routes to the per-project upload endpoint. Config resolver walks up from cwd looking for outworx.json / .outworxrc.json (eslint-style discovery). Scriptable exit codes: 1 user error, 2 transient (5xx / network), 3 internal — CI can pattern-match for retry policy
    • `outworx/upload-spec-action` on the GitHub Marketplace — composite action wrapping npx @outworx/cli@<pin>. Three lines in a workflow file replace 15 lines of curl. cli-version input pins a major so wire-format bumps are opt-in. Drops into any workflow that already runs Node 20+ on github-hosted runners
    • Three-tab discovery (CLI / Action / curl) on the PAT card, the per-project upload-token card, the /api Quick Start step, and the empty-state of the Spec tab — every place a customer first realizes "I need to push this from CI" now leads with the right snippet. CLI is recommended for non-GitHub CI and laptop pushes; Action is recommended for GitHub-hosted CI; curl stays as the escape hatch
    • Settings page tabs — eight stacked cards became four tabs (Account / Security / Plan / Danger), URL-persisted at ?section= so deep-links from emails and audit-log notifications land on the right tab. Mobile uses a <Select> instead of a tab strip to avoid horizontal scrolling. Security tab clusters the SOC2 nucleus: API tokens, security notifications, audit log delivery + retention, recent activity
    • Diffs / SDKs / Collections / Monitoring lock cards unified — Pro+ features now share one consistent lock-card chrome with a clear upgrade CTA, replacing four bespoke gating layouts
    • Six new Supabase migrations: add_personal_access_tokens, add_account_collaborators_updated_at, add_preview_versions, add_rbac_and_audit_log, add_account_default_role, add_security_slack_webhook, audit_log_retention, audit_log_webhook, add_theme_tokens — all additive, all RLS-locked or admin-client-only as appropriate
    • ~1,400 lines of new tests covering v1 auth (v1-auth.test.ts), Projects + Versions CRUD with RBAC scenarios (v1-projects.test.ts, v1-versions.test.ts), the CLI argv parser + push routing (tools/cli/tests/), audit-log writers + describe (audit-log.test.ts, audit-log-describe.test.ts), webhook signing + delivery (audit-webhook.test.ts), theme-token resolution (theme-tokens.test.ts), RBAC matrix + action gates (rbac.test.ts, rbac-action-gates.test.ts), and the security notifier (notifications-security.test.ts)
    Read the guide:Outworx REST API — Manage Projects from CI
  2. Feature

    Docs page builder — custom header, per-endpoint markdown, white-label option

    Pro and Business projects can now compose their hosted docs the way you'd compose a marketing page. Replace the default top bar with your own logo, custom title, CTA buttons, top-bar search, and plain-text links. Add markdown intros above the auto-generated parameters and extras below the Try-It panel on every endpoint — same idea as a Mintlify MDX endpoint page, no scaffolding required. Paid plans can also remove the “Powered by Outworx Docs” footer for fully white-labeled docs.

    • Custom docs header — logo override, custom title, up to 6 CTA buttons (solid / outline / ghost variants), up to 8 plain-text links, and an optional ⌘K-aware top-bar search input that mirrors the sidebar filter
    • Per-endpoint markdown overrides — write GitHub-flavored markdown that renders ABOVE the auto-generated parameters/responses (intro) and BELOW the Try-It panel (extras). Headings, tables, task lists, code blocks, and inline links all work; raw HTML is sanitised to prevent cross-tenant XSS
    • Live preview in the dashboard — a new Customize tab with an endpoint picker, version selector, and toggle-able preview pane mirrors exactly how the markdown will render on your public docs
    • Watermark removal toggle — Free-plan docs always show the “Powered by Outworx Docs” badge; paid plans default to keeping it but can flip a single switch to remove it for white-labeled docs
    • 14-day retention on downgrade — if a paid account drops to Free, the saved customizations sit untouched in the database for 14 days. Re-subscribing inside the window restores everything; afterwards the prune cron hard-deletes the rows. Set/cleared on every Stripe webhook and on the safety-net syncSubscriptionStatus path
    • New Supabase tables project_customizations (one row per project: header config + watermark flag) and endpoint_customizations (markdown intros/extras keyed by version + endpoint), both RLS-locked to project owners and active collaborators
    • Plan gate: new customizationsEnabled flag on PlanConfig reused by the dashboard tab, the server actions, and the public renderer — single source of truth, same pattern as mcpEnabled
    • Cron route /api/cron/customizations-prune runs hourly behind CRON_SECRET, deletes expired rows in batches, and clears the expiry timestamp so re-runs are idempotent
  3. FeaturePlatform

    Full API lifecycle — SDKs, spec diffs, uptime monitoring, saved requests, embeddable Try-It

    Outworx becomes the platform for API teams: type-safe SDKs in TypeScript and Python, breaking-change detection on every spec PR with a one-line GitHub Action, per-version uptime monitoring with public status pages, Postman-style saved requests with environment variables, and an embeddable Try-It widget you can drop on any marketing page or blog. Replaces five separate tools (Speakeasy / Bump.sh / Checkly / Postman / docs site) with one $9/mo subscription.

    • SDK generator — every spec compiles to a single drop-in .ts or .py file with typed methods, dataclasses, and a Client class. No npm package to maintain, no build step, no codegen toolchain. Re-download from the dashboard or pipe through curl in CI on every spec change. Adding new languages is a 150-line generator under lib/sdk/
    • Spec diff + GitHub PR action — compare any two project versions with semver-bump suggestion (major / minor / patch) classifying every change as breaking / additive / cosmetic. Drop the included GitHub Action workflow into .github/workflows/ and every PR that touches your spec gets an automatic comment with the diff before reviewers approve. Cross-format guard allows OpenAPI ↔ Swagger (useful for migrations) and refuses GraphQL ↔ HTTP (different semantic models)
    • Per-version uptime monitoring — toggle monitoring per endpoint and we probe every 10 minutes from the edge, recording latency + status. Each version gets its own status page at /status/<slug>/<version> so staging/production branches don't share an incident dashboard. Public projects get a shareable /status/<slug> URL customers can bookmark. GraphQL specs get a single introspection probe instead of per-query checks. 14-day check retention
    • Embeddable Try-It widget — drop a runnable demo of any endpoint into a marketing page or blog with one <script src="https://docs.outworx.io/widget.js"> tag plus a <div data-outworx-embed>. Lazy-loaded iframe, no React or Vue dependency, dispatches a outworx:rescan event for SPA route changes
    • Saved requests + environments (API client built in) — Postman-style request templates with {{var}} placeholders that resolve from a chosen environment at run time. One click to flip between staging and production. Run any saved request with response auto-rendering for JSON / HTML (sandboxed) / XML / images / video / audio / PDF, with byte-faithful base64 round-trip for binary types. Localhost requests automatically route through npx @outworx/proxy (same SSRF guard as the docs Try-It panel)
    • Single source of truth for plan gating via lib/plan-gate.ts — paid features (SDKs / diffs / monitoring / collections / embed) all gate on the same flag with consistent crown badges in the dashboard sidebar and 402 server-side enforcement on every action. Free downgrade is graceful: existing rows survive, cron stops probing, dashboard shows the upgrade UI
    • Per-project rate limits on the diff and SDK endpoints (60/min/project, same Upstash limiter as the MCP route) so CI workflows can't loop hot
    • Two new Supabase migrations: monitor_targets / monitor_checks / project_environments / project_collections (additive, RLS-locked), then monitor_targets.version_id for per-version status pages
    • Cron lives in Supabase pg_cron (free-tier friendly) calling /api/cron/uptime on a 10-minute schedule with the CRON_SECRET Bearer fetched from Vault
  4. FeaturePlatformAI

    Mock server — free mock URL for every public project

    Every public project gets a hosted mock at `docs.outworx.io/mock/{slug}/{...}`. Frontends call it while the real backend is still in flight; integration tests pin it as a deterministic fixture. Spec-driven responses for OpenAPI / Swagger / GraphQL, stateful overrides with dynamic templating, opt-in strict request validation, opt-in spec-driven auth enforcement, network simulation for retry / timeout testing, override import / export bundles, per-version routing, an activity feed, and a working Try It panel for both REST and GraphQL.

    • Path-based mock URL on every public, non-password-protected project — docs.outworx.io/mock/<slug>/<...path> for REST, /mock/<slug>/graphql for GraphQL. No plan gate, on by default
    • Response selection priority: explicit example → named examples → schema-level example → faker-extended sample with full $ref / allOf / oneOf / anyOf resolution and OpenAPI 3.1 nullable handling
    • GraphQL execution via the graphql package — selection-set aware, scalars / enums / lists / mutations all return shape-correct samples (Int → 42, ID → uuid, DateTime → ISO timestamp, lists → 2 sample items, enums → first value). Errors come back as standard {errors:[...]} with status 200
    • Prefer: code=N for status overrides; Prefer: example=<name|random|sequential> for picking a named example or cycling through them. Sequential is Redis-backed and keyed per (project, version, method, path) — perfect for pagination testing
    • Stateful overrides — pin a custom (status, body, headers) for a specific request shape right from the dashboard. Match by method + path + optional query / headers / partial JSON body / GraphQL operationName. Priority + first-match-wins, optional latency simulation (0–10s), 50 overrides per project. One-click duplicate clones a rule into a disabled copy for safe iteration
    • Dynamic templating in overrides — override response bodies, headers, and Content-Type render {{...}} placeholders at request time. ~30 built-in tokens: {{$uuid}}, {{$now}}, {{$timestamp}}, {{$randomInt:1:100}}, {{$randomEmail}}, {{$randomFullName}}, {{$randomCity}}, plus full request echoing — {{request.body.email}} (dotted-path JSON lookup), {{request.path.id}} (template binding), {{request.headers.authorization}}, {{request.query.page}}. Smart unwrapping keeps JSON valid when the placeholder resolves to a number / bool. In-dialog cheatsheet click-to-insert. Graceful degradation on unknown tokens
    • Strict request validation (opt-in) — toggle on per project to validate every incoming request against the matched operation: required path / query / header parameters, JSON body schema (types, required, enum, pattern, format, lengths, ranges, multipleOf, additionalProperties, full $ref / allOf / oneOf / anyOf resolution). Failures return 400 with field-level error paths (body.user.email, query.limit) and X-Mock-Synth: validation-error. Overrides skip validation
    • Spec-driven auth enforcement (opt-in) — toggle on to honor the spec's securitySchemes / securityDefinitions. Requests missing the required apiKey (header / query / cookie) / Bearer / Basic / OAuth2 / OpenID Connect get 401 with a tailored WWW-Authenticate header and a per-scheme hint. Per-operation security overrides spec-level; empty security: [] opts an op out. Presence-only check — catches the SDK-dropping-the-API-key bug class without faking a real auth backend. Overrides skip enforcement
    • Network simulation — configurable latency band (uniform-random per request, 0–30,000ms) plus chaos error rate (0–100% of requests forced to a custom 4xx/5xx). Stress-tests frontend retry logic, loading states, and timeout handling without writing per-endpoint failure rules. Overrides + validation errors bypass the simulator. X-Mock-Chaos-Latency-Ms + X-Mock-Synth: chaos-error diagnostics
    • Override import / export — download every override as a versioned JSON bundle (mock-overrides-<project>-<date>.json), import into another project with merge-or-replace. Per-rule normalisation on import skips malformed entries instead of failing the whole bundle. Capacity-checked up-front against the 50-override cap. Project-local IDs stripped so a bundle round-trips cleanly between staging and prod
    • Multi-version aware — projects with mixed REST + GraphQL get per-version URLs in the dashboard; all-REST projects collapse to one URL with smart fallthrough across versions when a path lives only in v2
    • Per-endpoint disable list — opt specific operationIds out of mocking, scoped per-version or project-wide. Returns 503 for those alone; rest of the spec keeps mocking. Useful for payment / auth / destructive endpoints
    • Activity feed in the Mock Server dashboard tab — last 50 hits with method / path / response source, plus 24h/7d totals, error rate, top endpoint, and a synth breakdown that flags spec gaps (empty-schema highlights endpoints whose spec is missing a response model)
    • Try It panel works for both REST and GraphQL — REST shows the existing method/path/params builder; GraphQL gets a query editor with auto-generated starter, variables JSON, and operationName. Same emerald 'Use Outworx mock server' toggle on both, same Mock override fired badge after a request
    • Open CORS — call the mock from any browser. No built-in auth (use the spec-driven enforcement toggle). Same access threshold as the public docs page
    • Two-layer rate limiting (per-project 120/min, per-IP 60/min) so a single tenant or client can't monopolise the function budget
    • Diagnostic response headers on every call: X-Mock-Server, X-Mock-Synth (override / example / schema-walk / empty-schema / graphql-schema-walk / validation-error / auth-required / chaos-error / etc.), X-Mock-Override-Id when a rule fires, X-Mock-Version, X-Mock-Matched-Path, X-Mock-Operation-Id, X-Mock-Chaos-Latency-Ms when the simulator added delay
    • Empty-schema FastAPI-style responses (schema: {}) return an explanatory placeholder instead of a confusing {} — points at the missing response_model
    • 14-day request-log retention with a 5,000-row cap per project; HTTP-spec-compliant body handling for 1xx / 204 / 304 statuses
    Read the guide:Free Hosted Mock Server for Every API Spec
  5. FeaturePlatform

    Inbox security — HMAC, Basic auth, IP allowlist

    Webhook inboxes can now enforce signature verification, HTTP Basic auth, and a source-IP allowlist on incoming requests. Defaults stay open so the zero-config capture flow still works, but a Security toggle on each inbox turns it into a production-grade endpoint that rejects unsigned, unauthenticated, or off-network traffic before anything is persisted.

    • Per-inbox HMAC verification with 8 branded schemes (Outworx, Stripe, GitHub sha256/sha1, Slack, Shopify, Linear, Zendesk) plus a Custom HMAC mode where you pick the header name, algorithm (sha1/256/512), encoding (hex/base64), and prefix
    • Configurable timestamp tolerance (default 300s) for replay protection on schemes that sign a timestamp; constant-time comparison on every check
    • HTTP Basic auth — username + password gate with a proper 401 + WWW-Authenticate response on mismatch
    • Source IP allowlist — IPv4 and IPv6 CIDR ranges, validated by Postgres at write time so half-configured rules can't ship
    • Replays auto-sign with the inbox's stored secret using the configured scheme — Security-locked inboxes accept their own replays without manually re-pasting the secret
    • Secrets and passwords never leave the server: the Security dialog shows a 'leave blank to keep' affordance instead of round-tripping the stored value to the browser
    Read the guide:Test Webhooks: Capture, Sign, and Replay
  6. FeaturePlatform

    Webhooks playground — capture, sign, replay

    A standalone webhooks workspace that captures incoming requests, lets you fire signed test payloads at any handler, replays captures to a different URL, and verifies signatures from 10 webhook providers — all without leaving Outworx. Built for API providers documenting their webhooks AND for any developer debugging an integration.

    • New /webhooks top-level workspace — Inboxes, Events, Activity sub-sections all URL-persisted
    • Standalone-first inboxes — paste the unique capture URL into Stripe, GitHub, Slack, or any sender; requests stream into the dashboard in real-time via Supabase Realtime
    • Send-test from anywhere — fire arbitrary payloads at any endpoint, sign with HMAC-SHA256 in Stripe-v1 format, and capture the response. Reusable from the workspace, the inbox toolbar, the Cmd+K palette, and per-event from spec catalogs
    • Replay captures — one click takes any captured request and re-sends it to a new URL with the original payload + headers preserved
    • HMAC verifier with 10 schemes — Stripe, both GitHub variants, Slack, Shopify, Square, Linear, HubSpot, Zoom, Zendesk, plus raw HMAC-SHA1/256/512 in hex or base64. Auto-detects the scheme, computes the signature in your browser (secret never hits the server), warns on stale timestamps
    • Tamper-proof plan limits — append-only ingest ledger means clearing your captures doesn't reset the cap; senders that hit the limit get 429 with Retry-After until entries age out
    • Optional project link — when an inbox is tied to a project whose OpenAPI 3.1 spec declares webhooks, the catalog shows up under the Events tab with Send buttons per event
    • Free: 5 inboxes, 500 captures / 7d. Pro: 25 inboxes, 10,000 captures / 30d. Business: unlimited.
    Read the guide:Test Webhooks: Capture, Sign, and Replay
  7. FeaturePlatform

    Team collaboration — invite teammates as seats

    Pro and Business plans now include collaborator seats. Invite teammates by email and they get full access to your projects — upload specs, edit settings, configure MCP, view analytics. Only two things stay owner-only: deleting projects and managing billing.

    • Pro: 3 collaborator seats included. Business: 10 seats.
    • Invite via email; invitees sign in with the invited address to accept.
    • Collaborators see your projects alongside their own with a 'Shared by' badge.
    • Features on shared projects use the OWNER's plan — a Free collaborator gets Business AI chat + MCP when working on a Business-tier project.
    • New Team card in Settings for managing active members + pending invites + one-click remove.
    • Row-Level Security extended across every owner-gated table so data access stays airtight.
  8. v1.0FeatureAIPlatform

    Launch — MCP server, guides hub, dynamic OG

    The 1.0 launch push: every project gets a Model Context Protocol server so AI assistants can operate your API; new /guides content hub with seeded long-form tutorials; dynamic OG image generation for better link previews everywhere.

    • Per-project MCP server at /api/mcp/<slug> with 12 tools (list/search endpoints, generate TypeScript types, ask docs, execute live calls, and more)
    • Schema inference — live calls via execute_endpoint sample response bodies and merge into a stored schema, so generated types stay accurate even when the OpenAPI spec is incomplete
    • Dashboard MCP tab — one-click token + Claude Desktop / Cursor / Cline / curl connection snippets, per-tool permission toggles, recent activity feed
    • Guides content hub at /guides with OpenAPI-to-TypeScript, Claude Desktop MCP setup, GitHub Actions auto-sync, and ReadMe/Mintlify migration tutorials
    • Dynamic OG images via /api/og — every marketing page, guide, and comparison gets a branded, on-brand preview
    • Tightened chat token accounting — visitors are billed per-turn (their message + response) instead of the full system prompt, so daily caps now correlate with real visitor intent
    • Sliding conversation window — chat keeps the last 8 messages instead of the entire session, bounding our OpenAPI bill as threads get long
    Read the guide:Connect Claude Desktop to Your API Docs via MCP
  9. ImprovementPlatform

    Analytics, SEO, and mobile polish

    PostHog analytics wired at the conversion points that matter, structured-data + sitemap cleanups so Google indexes what we actually want, and a pass over the MCP tab for mobile screens.

    • PostHog client-side integration with custom events at chat, subscription, and project lifecycle moments
    • FAQPage / SoftwareApplication / BreadcrumbList / Organization JSON-LD across marketing
    • Sitemap emits subdomain/custom-domain canonicals for hosted docs (no more duplicate-content flags in Search Console)
    • Hero badge, MCP tab, and activity feed laid out cleanly on mobile
    • llms.txt published so Claude, ChatGPT, and Perplexity see accurate context about the product
  10. FixAI

    AI chat quality + billing correctness

    A round of chat-drawer fixes that landed right before launch: accurate endpoint pills in responses, honest daily-token counters, and a hard-to-spot DB constraint bug that was silently dropping every chat usage row.

    • ai_usage CHECK constraint now allows action='chat' — previously every chat usage insert was silently rejected, leaving the daily-tokens counter at 0 forever
    • Fallback completion-token estimation when OpenAI omits the usage chunk
    • Assistant messages now pill-ify [endpointId] citations correctly even when the model wraps them in backticks
    • Copy-to-clipboard on every code block in the chat drawer + the Chat Activity admin view
  11. PlatformFeature

    Sentry, welcome email, and onboarding

    Pre-launch infrastructure so new users have a first-run experience that doesn't feel empty and errors actually get reported.

    • Sentry error monitoring wired for server, edge, and browser runtimes
    • Welcome email on first dashboard load (Resend) with a 3-step onboarding checklist, Outlook + dark-mode-safe HTML, and atomic once-only delivery
    • Dashboard empty state with a clear 'upload your first spec' CTA
    • Global crash page that reports to Sentry
  12. FeatureAI

    AI chat drawer on public docs

    The big visitor-facing AI feature. A floating Ask AI button on every Pro/Business docs site opens a chat drawer trained on the project's spec.

    • Streaming chat completions with per-visitor session persistence via localStorage
    • pgvector-backed RAG retrieval for specs with 50+ endpoints, with lazy embedding on first query
    • Chat Activity dashboard tab so project owners see what visitors actually ask
    • Daily token caps per plan (Free 0 / Pro 25k / Business 200k) + hourly rate limits per visitor
    • Endpoint citations in answers render as clickable pills that jump the docs to the referenced endpoint
  13. FeatureImprovement

    Subscription flows reworked

    Upgrade and downgrade UX rebuilt around explicit preview-and-confirm dialogs, plus scheduled downgrades via Stripe Subscription Schedules so customers never lose paid access mid-cycle.

    • Preview dialog shows exactly what will be charged today, the prorated breakdown, and the next recurring amount
    • Downgrades are scheduled to the end of the current period (not immediate) via Stripe Subscription Schedules
    • Billing cycle switches (monthly ↔ yearly) handled in-place without creating new subscriptions
    • Pricing restructured — Pro at $9/mo, Business at $19/mo, 10-month discount on yearly
  14. FeaturePlatform

    Multi-version + custom domain + auto-sync

    Project-level features that make hosted docs production-ready for teams.

    • Multiple active versions per project with a dropdown switcher on public docs
    • Custom domains with auto-provisioned SSL (Business plan) — one CNAME, done
    • Auto-sync from a spec URL on an hourly / daily / weekly schedule
    • Deep-link to any endpoint by URL hash; Overview page lists every endpoint clickably
  15. AI

    AI search, descriptions, code examples

    First-pass AI features for documentation quality, before the full chat drawer landed.

    • Natural-language search across the spec (Free tier gets 5/month; paid gets unlimited)
    • Auto-generated endpoint descriptions for sparse specs
    • AI code examples in any language or framework — NestJS, Django, Rails, FastAPI, Rust, and more