Protocolv0.15.3 beta
Back to Dev Log
v0.15.1-Feb 25, 2026Patch

In-App Support Requests + Security Hardening

Added in-app support request intake with Supabase persistence, then hardened public endpoints with rate limiting, attestation, and sanitization.

SupportSecuritySupabaseRateLimitingReliability

Shipped

  • Implemented SupportRequestDialog to submit bug reports/feature requests/routine requests in-app
  • Added backend ingestion route to persist support requests in Supabase
  • Integrated support request entry points into settings and routine catalog flows
  • Added abuse protection:
    • Rate limiting
    • Request validation + allowed fields enforcement
    • Response sanitization + better error handling
    • Attestation tokens to verify installation identity for secure submissions
  • Added unit tests for support draft builder + rate limiting logic
  • Updated backend docs + ERD to reflect new support entities and security posture

Why

  • Fast support intake improves product iteration speed during beta
  • Public endpoints need default-deny posture and measurable abuse controls

Next

  • Add monitoring hooks for abuse/rate limiting triggers
  • Keep tightening the security checklist around any new public routes
Install App