-
Run #14 remediation: governor sweeper, scan/storage/payments hardening
-
server: Ultra Fuzz Run #13 remediation — security fixes + chronic structural fix
-
server: delegated login ("Sign in with Makenot.work") for testnot
-
server: site access gate for testnot (fan+/creator only)
-
server: gallery/carousel, promo-validator, fuzz #11/#12 remediations, embed port, observability
-
server: /docs/economics is now an Askama page with live runway disclosure
-
server: cost-allocation widget round-trips through assumptions.toml
-
server: hotfix 0.9.1 — remove duplicate /robots.txt route
-
server: route template tier prices through assumptions.toml; bump to 0.8.15
-
launch-eve audit pass: Ultra Fuzz Runs #8-9 + cross-cutting sweeps
-
server: replace global CSRF allowlist with per-route posture helpers
-
SyncKit v2 billing: open-platform developer billing
-
v0.6.16: pg_stat_activity saturation alert + caddy-ask concurrency cap
-
Convert .map_err Internal(anyhow!) to ResultExt::context, fix variant misuse
-
v0.5.16: Fix SyncKit device registration, doc fuzz cleanup, code fuzz fixes
-
Add S3, CDN, and Stripe domains to CSP
-
Allow inline scripts in CSP
-
Fix scheduler SQL errors, add robots.txt
-
Split helpers.rs into formatting, crypto, rate_limit modules
-
Server: Everything tier pricing, OpenAPI, SyncKit push idempotency, docs refresh
-
Audit Run 16: type safety, performance, dedup, testing (A- -> A)
-
Creator trust audit round 4, Everything tier rename, privacy job tracking
-
Add guest checkout, embeddable widgets, and trust audit fixes
-
Security hardening: code fuzz round 3 fixes
-
v0.4.1: Creator trust audit, security hardening, account lifecycle
-
Add WAM (Whack-a-Mole) ticket manager with 25 proactive ticket sources
-
Security audit: fix 23 flaws from adversarial code fuzz, harden test suite
-
Stripe/McMaster-Carr quality remediations
-
Restructure into monorepo