The changelog

marketing+legalsurface MCP server on web pages, frame it in the DPA

api-docsScalar 'Try it' blocked by CSP — advertise request origin in servers

changelogauto-update on every deploy

apiv1.1 — read endpoints, hybrid search, webhook docs

landingadd missing p-6 on Organize bento cards (raw dv-card has no padding)

uigreen-on-green contrast + archive wall grid

marketingimage paths use existing public/Images casing (Vercel is case-sensitive)

marketingAI-generated OG images + blog hero + real archive-wall tiles

marketingradical landing redesign + pricing, AI search, blog, changelog pages

seocanonicalize all URLs to www.designvault.net

buildexclude mcp/ from root TypeScript build

api+mcpextend /api/v1 write surface + DesignVault MCP server

importPDF upload + AI "Auto" tab (multi-page, Figma URLs) (#18)

legalLinear-parity legal pages — DPA, subprocessors, FR versions (Loi 96)

billingwire sendLimitWarningEmail — warn owner at 80% of plan cap

lifecycle emails, Stripe webhook idempotence, onboarding + robustness quick wins

settingsrename the organization (General tab) (#17)

tagsshow AI-categorized tags in Settings → Tags (#16)

aisuggest a title during auto-tag review (#15)

securityharden DB functions per Supabase advisors + M-2 typing (#11)

polishaddress code-review findings on Block C (#7)

polishwebhook delivery history, smart-collection edit, multi-page pins

searchwire AI hybrid search into the grid

webhookswire remaining events + fix [org] URL placeholder

webhooksoutbound webhooks with HMAC + retry + UI

annotationsFigma-style pins on asset thumbnails

collectionssmart collections — dynamic queries

referralsgive-a-month, get-a-month program

aifind similar assets — embedding-based nearest neighbors

docspublic changelog at /docs/changelog

adminrate-limit admin writes + permanent plan override

securityclose suspended-org bypass on API routes and api_keys

adminplatform-admin dashboard + Starter plan ($19/mo)

corsallow Figma plugin (origin=null) to call public bearer-auth APIs

figma-pluginredesign with DV brand, Sign-in flow, tag autocomplete

v1-apiread-only tags + collections endpoints

plugin-authOAuth device-flow for the Figma plugin

figmalazy-refresh thumbnails when the asset detail page opens

aikeep asset 'active' through AI review (don't hide on awaiting_review)

figma-pluginone-click "Send selection to DesignVault" plugin

assetsdirect-to-Storage uploads, paste/drop/URL/API ingest paths

emailredesign emails, bilingual locale-aware (fr/en), Supabase Auth templates

sentryalign with sentry-nextjs-sdk SKILL — replay, logs, OpenAI, crons

securityadd Upstash rate limiting on expensive endpoints

securitywire Sentry foundation (no-op until DSN provisioned)

securityadd CSP, HSTS, and Permissions-Policy headers

add Canva share link field on assets

add Adobe share link field on assets

aiper-org AI toggle (Settings → AI)

aiP1 Stages 3-6 — worker, auto_tag, /review, hybrid search

aifoundation for Spec_AI_v0 P1 — pgvector + jobs queue + lib scaffolding

marketingeditorial-tech landing redesign

middlewareskip auth redirect for /api/cron/* paths

assets date filter + Data view with CSV export

notifications system (in-app + email digest + AI bridge stub)

perf overhaul + compliance + DS migration + Radix UI

external links, comments, WebP thumbnails, dnd-kit reorder, audit fixes

move Open in Figma button from thumbnail area to sidebar

title fallback when empty string + title word-wrap in sidebar

show all asset fields in view mode, not just when editing

match asset detail edit form with import modal options

add public/private share links for assets and collections

add inline rename for asset types in settings

allow deleting default asset types from settings UI

add custom asset types, multi-page imports, description/client/product fields

convert Figma node ID from URL format (1-852) to API format (1:852)

complete app routes, components, and security hardening