HappyView

v2.7.0

Released 2026-05-13

Bug Fixes

• generate missing IDs for dead letters (174b6ef), closes #20
• move record info into sheets (b814b1c)
• prevent dead letters from being created without an ID (ea4a340), closes #20

Features

• publish node sdk (d81e23c)

v2.6.0

Released 2026-05-12

Bug Fixes

• cleanup broken sessions (8840ac0)
• cleanup derelict items after successful auth (9fe1989)
• dont block space creds on client key check (07c6065)
• fix base path not being respected by trailing slash redirects (fba918e)
• prevent base path collision (4f5a8ef)
• prevent creation of API clients that would break HappyView core client (3ab5e7e)
• prevent errors with IPv6 addresses when building loopback clients (df77c02)
• prevent false match rewrites when a base path is in use (73078bf)
• prevent unauthorized privilege escalation (942a520)
• rate-limit unauthenticated procedure requests before rejecting (abd9e3d)
• reject JWT at exact expiry second (27f9cf8)
• remove duplicate exports in api.ts from merge (deffbd7)
• remove forced HappyView redirect URI from API client creation (572ca51)
• remove oauth redirect hop, and add explicit redirect for the root url (fdb6fac)
• remove public record aggregation from permissioned spaces (91684f3)
• remove route dupes (ec0f624)
• replace the base path sentinel in next.js text files (33028b1)
• require client key for rate limiting on all XRPC routes (671db5a)
• restore SDK scopes types after bad conflict resolution (2003680)
• restrict Bearer space credentials to space XRPC routes (d6ae5cd)
• scopes types in oauth-client sdk after bad conflict resolution (fecc410)
• update scopes type (992e6e0)
• use the correct cursors when paginating spaces (11fda6f)

Features

• add control for experiments to the dashboard (b7bca04)
• add new TID functions (1f51965), closes #16
• add oauth-client-node SDK (4ea257c)
• add support for session hooks (538d033)
• allow the base path to be configured (a23efe6)
• permissioned spaces implementation (4ca2bd8)
• refactor permissioned spaces to better align with Dan's implementation (6db92e0)
• update JS SDKs to more closely match their @atproto cousins (1731533)
• xrpc-proxy: add settings to control the XRPC proxy (267ab7a)

v2.5.2

Released 2026-05-08

Bug Fixes

• better handling for PDS errors (7863b43)
• expose approved oauth scopes to clients (d49b6f5)
• expose oauth scopes via the SDKs (bbcddd0)
• update the base path rewrite to skip Nexts basePath config (23227a1)

v2.5.1

Released 2026-05-07

Bug Fixes

• dont refresh tokens on 4xx status codes (cde70f7)

v2.5.0 — v2.5.0 - The Permissioned Data Release

Released 2026-05-05

Bug Fixes

• remove public record aggregation from permissioned spaces (9ee009f)

Features

• add control for experiments to the dashboard (83df252)
• add support for account write delegation (9026232)
• permissioned spaces implementation (17cc659)
• put permissioned spaces behind an experimental flag (6b666d7)
• update JS SDKs to more closely match their @atproto cousins (7b87c36)
• xrpc-proxy: add settings to control the XRPC proxy (53f63da)

v2.4.1

Released 2026-05-03

Bug Fixes

• add atproto/lex headers to prevent CORS errors (760e0aa)

v2.4.0

Released 2026-04-28

Bug Fixes

• ci: temp disable ATCR pushes (8ed28e5)

Features

• allow first party API clients to child API clients (cdb69c4)
• dashboard: warn users before they use transition:generic (7d4c44a)
• oauth: move third party api client management into built-in XRPCs (fde532d)

v2.3.1

Released 2026-04-27

Bug Fixes

• auth: better handling for allowed scopes during oauth (b27b883)

v2.3.0

Released 2026-04-26

Features

• login: add handle autocomplete (4ee385b)

v2.2.0

Released 2026-04-25

Bug Fixes

• db: convert dead letter resolved_at to TEXT in Postgres setups (deb4aee)

Features

• sdk: allow client to configure clientId (e76acbe)

v2.1.1

Released 2026-04-23

Bug Fixes

• sdk: add gh links to packages (718075a)

v2.1.0

Released 2026-04-23

Bug Fixes

• remove linked accounts page (abe1c04)

Features

• dashboard: add UI for managing dead letters (0345f0b)

v2.0.1

Released 2026-04-22

Bug Fixes

• ci: remove ATCR from publish step (f58d189)

v2.0.0

Released 2026-04-22

Bug Fixes

• add automatic handling for incompatible db.raw (8a13fdf)
• add CORS reflection for auth requests (e813713)
• allow HappyView redirect cookie to be read appropriately (b69c59f)
• allow session cookies to work cross origin (494cb05)
• auth: prevent unauthorized users from seeing the dashboard (fcb3ac2)
• backfill all collections when no collection is selected during backfill creation (5cd2e01)
• coerce query params based on lexicon schema (38bd0d3)
• convert plugin config to text column (dade035)
• convert plugin timestamp columns (9d190cb)
• copy migrations in image (593d361)
• create a dummy bin for the build step (7741c8f)
• dashboard: fix broken interactivity on collection combobox (5cbfc3c)
• database column type mismatch (3932db0)
• delete auth redirect cookie before redirecting (2dd8b19)
• delete auth redirect cookie before redirecting (00d6b8f)
• display the correct version on the about page (e6504fa)
• ditch redirect cookies in favor of storing redirect info in the db (52caa37)
• dont skip HappyView in the external auth callbackloop (210b326)
• ensure handles are always forced to lowercase during dashboard auth (785b00f)
• ensure oauth cookies are correctly removed (7dc2443)
• event-log: prevent double filtering (cf7a227)
• fix auth tests (0036280)
• http resolution for labeler websocket connections (405e61a)
• issue in redirect state capture (9d95cee)
• lint errors (1436f4c)
• lint issues (de48479)
• lint issues (760f50a)
• make sure auth is passed when necessary in lua scripts (cdde018)
• missed a variable ref (fc34c9c)
• pin to debian bookworm, otherwise we have an issue with glibc version (a9a62f0)
• prevent code blocks from overflowing dialog containers (0618e96)
• prevent errors on plugin page when user hasn't set up encryption tokens (41aa70a)
• prevent permission redirects before permissions are known (2b73757)
• prevent record backfill from blocking startup (b502295)
• remove sqlite db from git (134ae00)
• remove user swap (deaa25a)
• resolve proper endpoints for labelers (8e6575e)
• restore reading scopes from redirect uri (8e01945)
• return the correct host data for plugin secrets (937fa4c)
• sdk: prevent CI crash if versions are already deployed (3c4a6d0)
• sdk: take advantage of prior art on crypto from bsky (7df0576)
• separate scopes on the api client page (0bc0f95)
• switch from /oauth/client-metadata.json to /oauth-client-metadata.json (b94f90f)
• switch Tap to sqlite by default (ab7f97b)
• sync plugin and host body types (fd25cb2)
• timestamp comparisons when using Postgres (4bd8b2f)
• update dashboard to use new internal auth (68a1123)
• update primary domain if PUBLIC_URL changes (5e93653)
• update types for rate limits (ab909d3)
• use async calls to get host secrets (753a3af)
• xrpc: fix XRPC writes to use the new auth system (ed5434f)

Features

• add about page for debugging (00e92b3)
• add API clients (3cd960b)
• add attestation support to atproto api (fbd65b1)
• add backfill and realtime streaming directly to HappyView (no more Tap dependency) (0bf605e)
• add builtin oauth, removing AIP dependency (14abcda)
• add config for oauth screen values (0777d8c)
• add configurable rate limiting (ca65897)
• add js sdks (3fd4645)
• add labelers to the dashboard (4ee83d8)
• add Lua module for atproto (a34fb0d)
• add missing HappyView Lua APIs to autocomplete and hover docs (14a1dae)
• add oauth config ui (6f09a58)
• add proper cursors and a separate index for backfill (d9d0544)
• add rate limiting (ec9f55a), closes #3
• add rate limiting + config (7c47bcf)
• add safe subset of Lua's table (d18eca4)
• add support for API clients (435737a)
• add support for arbitrary oauth scopes (22fddeb)
• add support for labelers (b8e6caa)
• add support for multiple domains (b5400c9)
• add support for params to procedures (fda2118)
• add support for plugin manifests and configuration via the dashboard (acc735e)
• add support for redirect uri on auth (1f590ef)
• add support for sqlite (0ba593c)
• add support for upgrading plugins (0bf0673)
• add the lex-agent sdk (9481601)
• add user permissions (89e3925)
• add xrpc libs for Lua (d45bf70)
• allow admin to change logo/document title for the dashboard (b4b5534)
• allow plugins to be loaded dynamically (9653984)
• automate generation of attestatioon signing keys (3b0d335)
• complete plugin sync pipeline with auth, tokens, and PDS writes (7cf33cf)
• dashboard: allow API clients to be created without rate limits (72d1d71)
• display plugin logs in event logs ui (847706a)
• display user handles in users page (47209bd)
• external auth infra (be081fd)
• include success status and error messages (368b969)
• indicate plugins that still need config (6dce092)
• make db connection pool size configurable (f128034)
• move dashboard under the /dashboard route (81e74be)
• move user management into Settings (4012f47)
• reorganize the nav (587ff4c)
• switch to DPoP auth (98bccce)
• switch to sqlite as the default (5868b52)

BREAKING CHANGES

• Scripts should now use cursors instead of offsets.

v1.12.0

Released 2026-03-12

Bug Fixes

• add additional debug logging for Tap connections (fb807f2)
• proper parsing for array query params (8f1146a)
• return the avatar ref from bsky getProfile (391ab19)
• use ResponsiveDialog from DiceUI (fd54d3b)

Features

• add more structure to event logs (6506ff2)
• add request and response data to success events in event log (6aed219)
• allow query XRPCs to receive auth (14beec3)
• improved error logging for scripts (938efc0)
• process Tap events concurrently (28a1057)
• remove read-only restriction from db.raw (5f71d40)
• run index hooks before storing records to enable record bypass and manipulation (518bfc7)

v1.11.0

Released 2026-03-06

Features

• add API keys for things like CI/CD (9f57f1d)
• move API keys into settings (e0e1baa)

v1.10.0

Released 2026-03-05

Bug Fixes

• add support for did:web when resolving DIDs (1bc5114)

Features

• resolve and proxy unrecognized XRPCs (ee43d05)

v1.9.0

Released 2026-03-05

Bug Fixes

• add env table so lua script validation passes (4b45161)
• backfill create test failed without an existing lexicon (4f7a6a0)
• backfill create test failed without an existing lexicon (again?) (cf10723)
• client error on event logs (2ee0589)
• make sure Tap collections are up-to-date on reconnect (38f89e7)
• match design to other tables pages (8f6fe4e)
• prevent logo from clipping (cf7cadb)
• prevent validation error when attempting to concat with env vars in lua scripts (349234e)

Features

• add http module for Lua scripts (4eb108c)
• add event logs to the dashboard (8477dd3)
• add event_logs migration (0df2fc4)
• add index hook scripts (f8cf24d)
• add Lua ENV vars (7190018)
• add support for sorting to the db module (6c91bab)
• event logs (76627d2)
• index hooks (db44e97)

v1.8.0

Released 2026-02-27

Features

• add db.backlinks for filtering results based on backlinks (0a682c9)
• add db.raw for complex queries (read-only) (c347718)

v1.7.1

Released 2026-02-27

Bug Fixes

• database URLs were busted for local dev (a59d70b)

v1.7.0

Released 2026-02-27

Bug Fixes

• force records from db to serialize to arrays (66cc7af)

Features

• add toarray() so users can force a Lua table to serialize to an array (6827ceb)
• enable more complex database operations with db.search() (7bcb5aa)

v1.6.2

Released 2026-02-26

Bug Fixes

• use original auth scheme instead of hardcoded dpop (14252b2)

v1.6.1

Released 2026-02-24

Bug Fixes

• dynamic page routes were broken (a09ce1b)

v1.6.0

Released 2026-02-24

Bug Fixes

• backfill now loads previously deleted records (75dcd8c)
• show collections on Records page even if they have no records (5eab462)

Features

• add "View Records" buttons to lexicons (a9db22c)
• add bulk collection record deletion to the API (3f4833a)
• add bulk collection record deletion to the dashboard (310f3f8)
• allow records to be deleted from the dashboard (e7000a1)
• allow records to be deleted via the API (417f60a)

v1.5.1

Released 2026-02-24

Bug Fixes

• remove backfill switch for query and procedure lexicons (e8c3ec7)

v1.5.0

Released 2026-02-24

Bug Fixes

• prevent rogue records from being stored (26d8400)
• records page now properly lists collections in dropdown (c7d2c44)
• wrap dynamic page with a server component to fix build (a2e4a32)

Features

• add column visibility and better scrolling to records table (2d37ca8)
• add custom processing scripts to procedure and query lexicons (6db74fc)
• add dark mode (6e35616)
• add Docusaurus site and GitHub Pages deploy workflow (5b25d27)
• add proper backfill stats tracking (08989b1)
• additional Lua completions and docs (55a510d)
• merge network and local lexicons (ed7af39)
• use data table with dynamic columns for records page (3111322)
• use Shiki for code blocks (461a2fa)

v1.4.3

Released 2026-02-17

Bug Fixes

• enable trailing slash for static export compatibility (80afc2d)

v1.4.2

Released 2026-02-16

Bug Fixes

• improve AIP proxy error logging and cache Rust deps in Docker (cd1d843)

v1.4.1

Released 2026-02-16

Bug Fixes

• add AIP_PUBLIC_URL for frontend-facing AIP address (ae9f023)

v1.4.0

Released 2026-02-16

Features

• add AIP reverse proxy and runtime config endpoint (c7fb89d)

v1.3.0

Released 2026-02-16

Bug Fixes

• fix dpop resolution for dashboard login (b7c7bbb)
• update backfill e2e test for synchronous handler (1adc65e)

Features

• add admin login page with token auth (bff9876)
• add admins management page (3259868)
• add ATProto OAuth login via handle (16379e5)
• add backfill jobs page (5db4bdc)
• add dashboard navigation with sidebar layout (7643c9b)
• add lexicons CRUD page (d6e4f62)
• add network lexicons page (4d882f4)
• add records browsing page to admin dashboard (994d7cb)
• consolidate docker compose to single postgres instance (5a8863d)
• replace Jetstream and backfill with Tap (dbd2233)
• scaffold web admin app with static file serving (b1977b4)
• switch to AIP OAuth with PKCE and improve lexicon UX (374a2a1)

v1.2.0

Released 2026-02-14

Features

• add convention-based action field for procedure lexicons (1b879c2)

v1.1.0

Released 2026-02-14

Features

• load lexicons from ATProto network via DNS TXT resolution (731c35d), closes #6

v1.0.2

Released 2026-02-14

Bug Fixes

• clear existing admins before adding did column (bc54913)

v1.0.1

Released 2026-02-13

Bug Fixes

• remove unused did field from AdminAuth (0a5657d)

v1.0.0

Released 2026-02-13

Bug Fixes

• resolve clippy warnings and formatting issues (77b3b39)

Features

• add backfill system for historical record discovery and indexing (15e8ffd)
• add Dockerfile, docker-compose, and CI workflow (7c5e7b8)
• add game record XRPC endpoints with DPoP auth (66f097f)
• add Jetstream listener and record indexing with sqlx migrations (8352043)
• add lexicon storage and admin API (94dbfaa)
• add listGames query endpoint with cursor-based pagination (a0ec4b5)
• add unauthenticated getGame query endpoint (1983251)
• add user profile endpoint with AIP userinfo auth (76754e9)
• catch-all XRPC router replaces hardcoded game routes (b763b26)
• dynamic Jetstream subscription driven by lexicon registry (74b0e24)
• index records on create/put, add created_at column (445c862)
• initial server with health endpoint and JWT auth (db5ba0b)
• multi-admin system with API key management and bootstrap (7628cf9)
• parallel multi-arch docker builds with manifest append (a587461)
• read getGame and listGames from database index instead of PDS (5c6713e)