Product Notes
Changelog
Public-facing changes that affect positioning, trust, workflow, or product behavior.
May 2026
Security hardening and agency hub
- -LinkedIn access token removed from session cookie — stored exclusively in Supabase via server-side credentials table.
- -Cron analytics endpoint redesigned: no longer relies on browser cookies, now queries all connected users from the database using CRON_SECRET verification.
- -Agency Hub wired to real database (agency_clients table with RLS). Fake mock clients removed.
- -Workspace save loop replaced with single batch upsert — eliminates N+1 write pattern at scale.
- -Background Sync tag now registered in PWA so offline replay actually fires when connectivity returns.
- -Service worker updated: replaced unreliable navigator.onLine check with try/catch fetch pattern.
May 2026
Infrastructure and dead route cleanup
- -Deleted dead /write redirect folder that competed with the config-level 308 redirect.
- -Purged committed dev log files from the repository. *.log already excluded in .gitignore.
- -Fixed import ordering violation in app-session.ts.
- -Rate limiter WARNING comment added — known in-memory limitation pending Upstash/KV migration.
May 2026
Positioning and pricing cleanup
- -Synced plan data across landing, pricing, schema, and CTAs.
- -Removed fabricated ratings and fake enterprise proof.
- -Added honest plan comparison language around voice profile, archive, and agency workflows.
May 2026
Free tools and support surfaces
- -Shipped working public tools for hooks, headline analysis, profile scoring, viral checks, carousel outlines, and engagement heuristics.
- -Replaced dead links with real routes or explicit current-state copy.
May 2026
Trust pass across brand surfaces
- -Standardized Qalam branding across major pages while keeping byqalam.com as the domain.
- -Reworked auth, legal, and support surfaces to avoid invented company history or fake traction claims.