Fresh Jots

Changelog

User-facing changes, newest first. Internal refactors and test-only changes are omitted — the canonical engineering changelog lives in the repo.

Unreleased

in progress

Added

  • Team tier (NEW) — $179/seat/year. Multi-seat workspace with shared notes, shared folders, owner / admin / member roles, dead-man alerts with one-click ack, per-team API tokens, and a 90-day audit log. 2-seat minimum, up to 25 seats. Manage from /team after subscribing.
  • Team notes at /team/notes — every team feature from the personal side: full CRUD, search/sort/filter, soft-delete + undo, public share links, append-only locking, revisions, bulk delete. Notes carry the writer's user id for audit and the workspace id for visibility.
  • Team folders at /team/folders — workspace-shared folder containers (100/team max). A personal "Q4" folder and a team "Q4" coexist freely; the API scope-validates folder ids so a team token can never park a team note in a personal folder.
  • Team API tokens at /team/api_tokens — owner/admin-only bearer tokens that hit the team's pool, not the actor's personal pool. Same /api/v1/* surface, same wire format; bulk endpoint enabled on every team token. 30 active tokens per team.
  • Team dead-man alerts + one-click ack. Overdue append-only team notes email every accepted member; the first ack mutes the alert team-wide for 4 hours so the same outage doesn't page everyone repeatedly. Ack works from any phone/tab without sign-in (signed token, 24h TTL).
  • Team audit log at /team/audit_events — owner/admin-only. Every workspace write recorded with who/what/when, 90-day retention.
  • Public per-note share links. Toggle Share on any note to mint a public, read-only URL — anyone with the link can read; toggle off to revoke instantly. Pages set noindex so search engines won't list them.
  • Service limits page at /limits — single canonical reference for every cap and rate limit, pulled live from running configuration.
  • End-User License Agreement at /eula.
  • Per-user API error log at /settings/api_errors — every 4xx your bearer-token requests received, newest first.
  • Idempotency-Key header on API write endpoints — opt-in, 24h dedup window per user, stable error code on conflict.
  • Free-tier usage meter on the dashboard and notes list.
  • Welcome note auto-created on first signup; welcome email sent on first confirmation.
  • Folder view pagination (60 notes per page).
  • SEO metadata: per-page descriptions, Open Graph / Twitter cards, canonical URLs, branded titles.
  • Sign-up rate limit (5/hour/IP) and per-email login throttle (5/20 min) in Rack::Attack.
  • Honeypot field on the sign-up form.
  • API tier (Pro plan) — bearer-token REST API at /api/v1, with notes and folders resources, atomic append, bulk creates, append-by-filename addressing, and /settings/api_tokens for token management.
  • Pricing redesigned to four tiers: Free, Personal ($24/yr), Pro ($149/yr), Team ($179/seat/yr).
  • Lapsed paid users transition to read-only — every existing note remains readable + exportable for up to 12 months after the last payment.
  • Plan-change flow with downgrade gates — switching to a lower tier surfaces a per-cap blocker list.
  • Public API docs at /docs.
  • bin/backup — Postgres dump runner with retention pruning and optional rsync/S3 off-host copy.
  • Sentry error tracking (no-op unless SENTRY_DSN is set).

Changed

  • Full-account export is now async, delivered by email. Options → Download all enqueues a background job, builds the archive off-request, and emails a one-time signed download link valid for 24 hours.
  • API token expiry policy. Tokens default to 90-day expiry; user-set expiries beyond 1 year are rejected.
  • Notes list Latest sort now orders by updated_at (most recently edited) rather than created_at.

Security

  • Email-change abuse window tightened. Devise's email-change endpoint is capped at 3/day per account and 3/day per target address.
  • Tighter throttles on expensive surfaces. Note writes 120 → 30/min/user; per-note PDF/DOCX/TXT downloads 60 → 10/min; billing portal/change-plan 30 → 5/min; full-account export request 5 → 2/hour.
  • api_errors log scoping. The per-user error log is read through current_user.api_errors only — wrong-owner lookups return nothing rather than leaking another user's request paths.

Removed

  • Monthly subscription plan — annual ($19 / year) is now the only paid plan.
  • 30-day trial infrastructure — the freemium 10-note cap replaced it.

The canonical, engineering-detail changelog lives in the repository as CHANGELOG.md. This page is the user-facing curated view. Spotted something missing? Email hello@example.com.