Änderungsprotokoll

Unify footer across layouts and add visible breadcrumb navigation

Resolve sitemap lastmod from DB and files

Updated author name from Nikhil Mehta to Nikhil Rao

Tighten changelog filter to exclude infrastructure commits

Fixed key-facts component alignment on competitor pages

Added citation system for AI search engine visibility

Added FAQPage schema, FAQ sections, and BraveBot crawler access

Added LLMS generation, i18n, integration steps

Removed stale statefulApi() and tighten broadcast auth tests

Fixed broadcast auth: use web+session auth instead of API+Sanctum

Fixed Echo client to connect to Reverb instead of Pusher cloud

Enabled session broadcast auth and fix listeners

Added light/dark mode toggle to email preview panel

Sync plan feature tables with billing config and fix stale marketing claims

Added developer docs, OpenAPI spec, and L5-Swagger

Fixed OOM in clearMailboxMessages by chunking attachment deletion

Added structured data (FAQPage, enhanced Organization) and fix content accuracy

Wrap broadcast() calls in try/catch to prevent blocking HTTP requests

Added webhook v2 events, stream broadcasts & APIs

Added message inspection endpoints and timeline timestamps

Allow string _id in cursor decoding

Added Search and Wait APIs with concurrency

Fixed CSP blocking Pusher WebSocket connections for real-time emails

Added cursor pagination and metadata enrichment

Added target="_top" to billing links

Use Message model for Mongo updates; add ObjectId tests

Added link check job, SafeUrlResolver and UI

Fixed API card response shape and spam card plan accuracy

Added REST API, OTP extraction, and spam analysis to marketing pages

Added test for API token modal reopen clearing token display

Clear API token display when modal is reopened

Clear stale failure flags on successful content extraction retry

Fixed ObjectId crash in content extraction for non-ObjectId message IDs

Updated rest-api-otp-extraction-checklist.md

Added OTP and magic link extraction from emails

Added REST API v1 with mailbox-scoped tokens

Mark cross-cutting concerns as done, 1 item remaining (CloudWatch)

Added REST API + OTP extraction checklist

Updated spamassassin checklist to reflect actual production state

Added inline refresh button for pending rule analysis state

Move spam analysis to dedicated tab with bar gauge and review fixes

Added UI/UX Pro Max skill for Claude Code

Fixed spamd hang: half-close write socket after sending email

Reduce spam-analysis production workers from 3 to 2 to match spamd max-children

Merge remote-tracking branch 'origin/spam-analysis'

Enabled spam rule breakdown for all paid plans, not just Pro/Max

Added SpamAssassin Phase 3: simulator, smart rules, filters, admin widget

Revert "Add SpamAssassin Phase 3: simulator, batch command, smart rules, admin widget"

Added SpamAssassin Phase 3: simulator, batch command, smart rules, admin widget

Added SpamAssassin Phase 2: REPORT rules, plan gating, full UI

Updated Fazier badge image and remove hidden class

Added SpamAssassin Phase 1: core infrastructure, score analysis, and UI

Added Fazier badge and allow Fazier images in CSP

Added SMTP and email testing blog posts

Added competitor comparison and email testing stats

Added related posts and feature cross-links

Added Bing Webmaster config and scheduler

Added Bing sitemap schedule tests and response body validation

Updated PostsTable.php

Added Save action, redirect, and record links

Added Mailosaur and Ethereal Email comparison pages and best tools blog post

Added feature pages for SMTP sandbox, team collaboration, webhooks, and email previews

Added framework integration guides and complete Phase 1 SEO roadmap

Switch schema to BlogPosting; remove SVG

Added worker-src blob: to CSP for FilePond Web Workers

Fixed CSP blocking FilePond blob: image previews in Filament admin

Expand comparison pages to 2,000+ words with unique content per competitor

Fixed CSP blocking Filament file uploads, avatars, and Cloudflare beacon

Added Mailpit comparison page, sitemap entry, and blog cover templates

Fixed CSP blocking S3 blog images and standardize OG image dimensions

Harden image proxy: DNS pinning, SSRF mitigations, IPv6, error handling

Fixed broken email images with server-side image proxy

SEO and security improvements: CSP header, title tags, logo, GTM position, font cache

Replace inline logo and remove admin greeting

SEO improvements: About page, breadcrumbs, font preload, schema fixes

Combine user listing columns and fix broken IP lookup URL

Added admin email action with audit trail and snapshot persistence

Infra: expose redis for shared haraka use

Added unified form submissions system with Filament admin panel

Fixed SEO schema gaps: shared JSON-LD partial, config-driven pricing, proxy-aware redirects

Enforce non-www canonical URLs across all SEO-facing outputs

Fixed SEO issues: hreflang, lazy images, homepage meta, edge caching

Tighten .eml raw data heuristic: skip text/plain raw when HTML exists

Fixed .eml download serving incomplete raw data instead of full HTML content

Fixed /_boost/ blocking: root-level 410 route, middleware exclusion, all bot groups

Block /_boost/ from search engines and return 410 Gone

Added .eml file download for inbox messages

Fixed SEO audit issues: theme-color, self-hosted fonts, sitemap lastmod, single-hop redirects

Fixed SEO audit issues: schemas, breadcrumbs, caching, noindex, dark mode

Fixed SEO audit issues: security headers, image CLS, sitemap, touch targets, trailing slashes

Added async attribute to Termly consent script

Removed FAQPage and HowTo JSON-LD schema from marketing and docs pages

Hardcode SendPit as project name in Sentry Slack notifications

Revert to Sentry's hosted brand icon for Slack notifications

Use self-hosted Sentry SVG logo for Slack webhook notifications

Use separate SENTRY_SLACK_WEBHOOK_URL for Sentry relay

Added Sentry webhook relay to Slack with signature verification

Fixed data race in TestAcceptMessage_QuotaGuard_Rejects

Enforce org email quotas; add quota tests

Added email_limit to subscription state and backfill

Exclude document and media file extensions from locale redirect

Create 30-day-sendpit-roi-template.xlsx

Updated SubmitGoogleSitemap.php

Harden Google sitemap command with retry predicates, error handling, and comprehensive tests

Detect locale from URL path in middleware

Wrap JSON-LD in @verbatim to prevent Blade interpreting @context/@type as directives

Added Google Search Console sitemap submit command

Set locale URL default early in EnsureOrganizationContext middleware

Escape @ symbols in MarkdownRenderer to prevent Blade directive errors

Show last activity in admin user's local timezone

Harden test discovery and phase startup guards

Show real-time last activity in admin panel via Redis-first lookup

Bound attachment parsing memory with per-part size limits

Fixed failing tests — smart rule limits, suite isolation, slug collisions

Harden operational defaults (TLSRequired, MaxConnections, MaxLineLength)

Split compose into shared/standalone modes for MySQL

Share MySQL between web and SMTP via Docker network

Bound webhook fan-out concurrency (SP_WEBHOOK_MAX_WORKERS)

Added per-connection message and command rate limiting

Fixed test expectation for Livewire morph hook

Fixed Tier 3 test failures — Slack mock, contact args, transaction payload

Fixed message view tests — add RefreshDatabase and fix body assertion

Align password reset tests with anti-enumeration controller behavior

Preserve native MongoDB arrays in Email model

Make duplicate username retry DB-agnostic and add retry path tests

Eliminate DATA terminator goroutine leak and DoS surface

Fixed BillingPlanTest mailbox creation and email limit assertions

Updated MailboxService tests to verify encrypted password storage

Rewrite locale middleware tests as focused direct-invocation suite

Redact AUTH credentials and message content from SMTP logs

Validate and test getRawLabelIds behavior

Added SMTP line-length limit (RFC 5321)

Added configurable per-message recipient cap (SP_MAX_RECIPIENTS)

Narrow TestMaxConnections run to specific cases

Allow SSH in Claude Code permissions for prod server access

Added configurable SMTP connection limit

Added user last-activity tracking (Redis → MySQL)

Generate sitemap: add blog posts, --base-url option

Bump geo cookie to v3 and accept legacy timezones

Rename geo_captured cookie to geo_captured_v2

Set geo_captured cookie only after timezone

Require org-owner role for email deletion via EmailController routes

Tighten message access; remove mailbox appends

Added logo image assets

Require org-owner role for message deletion and prevent cross-mailbox IDOR

Use signed temporary URLs for S3 blog images instead of public URLs

Escape regex in Search to prevent injection

Added Mermaid.js support, admin preview button, and post creation UX improvements

Auto-capture user timezone and IP address on app usage

Replace env() calls with config() in MailboxService

Prevent account enumeration in password reset and registration

Added rate limiting to language switch route

Revert "fix: Reduce session lifetime from 30 days to 8 hours"

Replace wildcard postMessage origin with window.location.origin

Reduce session lifetime from 30 days to 8 hours

Changed TRUSTED_PROXIES default to empty to prevent IP spoofing

Require update permission for message delete and mailbox clear

Escape user input in MongoDB regex queries to prevent ReDoS

Added timezone and IP address columns to admin users listing

Added mailbox/org verification to MessagePolicy to prevent cross-org access

Scope email deletion to mailbox to prevent IDOR vulnerability

Save timezone during registration and add IP address to Slack notifications

Move pause/unpause/regenerate actions to edit pages

Replace broken MutationObserver with Livewire morph hook for timezone conversion

Use configurable MongoDB collection and fix retention fallback for unknown plans

Configure Redis timeouts & set Horizon job limits

Use CSS.Trusted mode for full CSS3 support in email sanitizer

Enabled CSS3 properties in HTML sanitizer (border-radius)

Added critical security hardening measures

Added Termly cookie consent integration

Added Termly cookie consent integration

Revert "feat: Enable Cookiebot cookie consent integration"

Enabled Cookiebot cookie consent integration

Improved mobile responsiveness and auth page consistency

Added auto-restart to SMTP health monitor

Added production architecture docs and SMTP health monitoring

Refined logo color filters and update landing page logos

Added blog feature with posts, admin, and frontend

Added MailHog and MailCatcher comparison pages

Added "What is Sendpit?" marketing page

Refined plan badge logic and color mapping

Configure custom update endpoint for locale-prefixed URLs

Removed auto-select of first email and add empty state

Fixed modal reopen issue in ShareLinkManager and add tests

Increase Smart Rules limits: Pro 100, Max 500

Added message copy functionality tests

Added Smart Rule badges and improve copy functionality in message iframe

Redesign landing page pricing cards

Added scenario filtering to mailbox messages list

Added feature comparison page

Updated plan comparisons with Smart Rules feature

Added Horizon supervisor for smart-rules queue

Added Smart Rules feature for automatic email classification

Added Smart Rules translations for all supported languages

Added attachment count and presence accessors to Message

Added plan comparison documentation

Updated admin check in EnsureOrganizationContext middleware

Added last email timestamp to mailbox table

Added admin timezone detection and display support

Fixed mailbox email queries and Email model table name

Show dynamic email count and last email date in table

Removed admin invoice download route and controller

Added admin invoice download functionality

Added Transactions relation manager to OrganizationResource

Removed legacy plaintext auth, require encrypted credentials

Removed legacy plaintext auth, require encrypted credentials

Added scheduled command to detect missing Paddle data

Exclude Paddle routes from locale redirect middleware

Updated PlanEnforcementSecurityTest for MongoDB email counts

Added paddle:sync command for recovering failed webhooks

Calculate email count from MongoDB instead of stored counter

Removed attach actions from user relation managers

Prevent duplicate org invitations and enforce org membership for mailbox access

Unify email templates with SendPit branding

Integrate Sentry for production error tracking

Updated impersonate import for v4.x compatibility

Handle bcrypt and plaintext passwords gracefully in UI

Implemented AES-256-GCM decryption for SMTP authentication

Implemented AES-256-GCM encryption for SMTP credentials

Use route helpers for message actions in mailbox view

Removed password encryption to fix SMTP auth

Added SMTP password encryption with migration support

Added encrypted cast and fix regenerate action

Use Color::Amber constant for primary color

Use Color::hex() instead of non-existent generateV3Palette()

Removed right gradient overlay and fix infinite scroll jump

Added visual mockups to Powerful Features section

Ensure left alignment for mailbox names and email counts

Ensure left alignment for team member names/emails

Consistent padding and alignment in hero mockup

Improved hero mockup alignment and remove indentation

Added spacing around company logos section

Correct SMTP host and team members alignment

Removed unnecessary scrollbar from login/register pages

Added FAQ section with JSON-LD schema

Use 301 permanent redirect for locale URL prefixing

Added multi-language hreflang support

Enhanced user listing and edit page

Aggressively remove fixed widths from forwarded content

Added inline responsive styles to forwarded content

Use text logo and improve content scaling

Use absolute URL for logo in email template

Resolve modal not opening on subsequent clicks

Added Horizon link to admin navigation

Move Horizon to admin domain

Revert "fix(email-forwarding): use verified sendpit.com domain for sending"

Use verified sendpit.com domain for sending

Added core email forwarding components

Added plan gating and UI integration

Correct Horizon artisan path in supervisor config

Simplify sendpit-logo component and improve nav spacing

Updated logo throughout the system

Updated branding with new logo and favicon

Use mail.sendpit.com subdomain for outgoing emails

Added manage links modal with tabs for active/expired links

Use execCommand fallback for copy on HTTP

Added Pro+ time-limited share links for emails

Removed raw headers from free user upgrade promo

Added Pro+ enhanced email header inspector

Make username generation race-safe with DB constraint

Fail fast when required organization roles are missing

Defer email sending until after transaction commits

Wrap registration flow in DB transaction for atomicity

Enforce Message-ID uniqueness via MongoDB index

Migrate SMTP passwords from plaintext to bcrypt

Updated CTA button to use brand yellow background

Removed misleading email address from invitation templates

Show registration time in user's timezone

Fixed failing security middleware tests

Added user impersonation for super admins

Handle redirect responses in PaymentStatusMiddleware

Changed SMTP encryption value to tls

Added locale parameter to invitation routes

Exclude impersonate routes from locale redirect

Added mailbox transfer between organizations

Added Slack notifications for new registrations and subscriptions

Added swap lock in resume() to prevent webhook race condition

Preserve plan during grace period and repair missing state on resume

Exclude admin subdomain from locale redirect middleware

Updated LoadMoreMessagesUITest for Livewire-based pagination

Updated frontend tests for locale routing and proper test setup

Added anti-spam protection to registration and password reset forms

Move tests from incorrect nested directory

Mock Slack webhook calls during testing

Added locale prefix to security test routes

Updated test routes to include language prefix

Correct route names in SubscriptionController

Use route() helper for locale-aware AJAX endpoints

Extend anti-spam protection to all public forms

Updated email translation keys

Preserve non-default user language preferences

Updated language switcher for URL-based locale

Include locale prefix in controller redirects

Configure URL-based locale routing in bootstrap

Added URL-based locale routing infrastructure

Added honeypot and time-based anti-spam protection

Reduce contact form rate limit and add IP tracking

Improved mobile responsiveness and SEO meta tags

Ignore custom_data.plan_slug for transaction plan detection

Correctly identify plan in proration transactions

Handle swap response when called via subscribe endpoint

Check Paddle subscription before OrgSubscriptionState

Restore plan_slug when resuming cancelled subscription

Show 'Keep this plan' on correct card during grace period

Show correct plan name in grace period badge

Handle upgrade from free plan with expired subscription

Changed main headings to H2 on docs pages

Link logo to home page

Actually update org_subscription_state when no Paddle subscription

Prevent webhook from overwriting free plan downgrade

Added Google Tag Manager to public pages

Changed hero CTA text to "Start using SendPit"

Added admin dashboard widgets

Link mailbox row to edit page in organization relation

Improved user and organization resources

Removed duplicate Team Collaboration and improve text visibility

Rewrite copy button with Alpine.js for better UX

Show toast messages above modals

Hide loading state text by default in users list

Restore modal button functionality

Removed parallax and update feature text

Prevent dropdown flash on page load with x-cloak

Changed domain from .local to .test for faster DNS resolution

Click user row to navigate to edit page

Disambiguate created_at column in UsersRelationManager

Added relation managers to OrganizationResource

Implemented organization-specific coupon system

Escape @ symbols in JSON-LD structured data

Added OG image for social sharing

Implemented comprehensive SEO fundamentals for public pages

Store plan_slug with transactions for accurate invoice descriptions

Get plan name from subscription items price_id

Show correct plan name for each transaction

Added backup postMessage listener for Paddle checkout events

Move eventCallback to Paddle.Initialize() for proper event handling

Ensure checkout success callback updates subscription state

Load Paddle.js when client_side_token is set

Accept client_side_token as alternative to seller_id

Block disposable email domains on public forms

Check organization pause before mailbox pause

Added organization-level pause kill switch

Reject emails to paused mailboxes

Added pause/throttle functionality

Added modern code snippets with syntax highlighting and copy button

Added developer documentation links

Removed flaky timing assertion from CI

Added heading IDs to markdown renderer for navigation

Correct sidebar navigation anchor links

Added public developer documentation page

Handle openssl TLS 1.1 rejection test gracefully

Fixed TLS version tests to check for connection success

Added build tags to standalone connectivity tests

Added artisan command to seed test emails into MongoDB

Improved loading state and copy button styling

Added webhook feature to Pro and Max plans

Added UI gating with upgrade flow for Pro feature

Implemented per-mailbox webhooks with delivery logs

Use file-based SQLite for tests and run migrations in CI

Added broadcast and Pusher test configuration

Email retention purge using wrong MongoDB field name

Security: Fix IDOR and harden inline preview in AttachmentController

Security: Add Layer 3 per-IP authentication rate limiting

Added CAP_NET_BIND_SERVICE for privileged ports

Correct binary path to match systemd service

Added per-connection authentication failure limits

Updated Claude Code project settings

Added SMTP security penetration test suite with sandbox semantics

Security: Add ASVS-tagged penetration test suite and fix IDOR vulnerabilities

Added edit and delete functionality to label manager

Removed array cast from label_ids - MongoDB stores arrays natively

Label and unread filters for MongoDB array fields

Config: Hide Quick Translate, move Translation Manager to System group

Added use-translation-manager gate for admin users

Skip locale merge for Admin model (no language column)

Implemented subdomain routing for admin panel

Security: Harden cookie security attributes

Security: Harden CORS configuration with explicit origin allowlist

Security: Add HMAC signature to webhook requests

Security: Add HMAC authentication to email webhook endpoint

Added rate limiting and Turnstile to auth routes

Added email labels feature with organization-scoped labels

Close nav dropdowns on Escape key and iframe clicks

S3 package

Use inline disposition for PDF preview to display in modal

Added inline preview for image and PDF attachments

Added Livewire scripts to landing page and keyboard navigation for emails

Align subject copy button with title

Added one-click copy buttons for email fields

Added advanced email search and filtering to mailbox

Updated refund policy to 14-day guarantee per Paddle requirements

Added dark mode support to contact, feature request, and bug report pages

Added Enterprise plan to billing page

Cancel subscription button not opening modal

Added dark mode support to Paddle checkout and billing success page

Added Bug Report and Feature Request links to authenticated footer

Footer consistency, button visibility, and Slack notification improvements

Pre-populate user data on contact form and remove phone field

Added Bug Report and Feature Request links to footers

Removed social links, Documentation, and Status from footers

Removed SMTP localhost reference from footers

Added Bug Report and Feature Request pages with Slack notifications

Added Enterprise plan with pricing guidelines for Paddle

Updated refund policy to 7-day guarantee and fix domain

Added login page translations

Exclude locale cookie from encryption

Sync guest language preference on login

Persist language preference via cookie after logout

Convert language selector from Livewire to form submission

Added dark mode base styles for form inputs

Added dark mode support to profile form partials

Added dark mode support to Livewire components

Added dark mode support to mailbox and message views

Added dark mode support to billing and invoice views

Added dark mode support to organization views

Added dark mode support to UI components

Added backdrop for click-outside and fix theme selector persistence

Added theme-changed event dispatch and mailbox layout dark mode init

Added landing.js to Vite build inputs

Added full landing header/footer to auth pages

Reorganize register form with 2-column layout

Added Turnstile scripts to auth layout

Updated register page to match landing design

Updated login page to match landing design

Revert login/register routes to controller-based auth

Added landing page translations for all languages

Added landing page content with i18n support

Added landing page static assets

Added landing page layout and infrastructure

Added hash-based URL navigation for section links

Merge master into landing branch

Resolve merge conflict in claude settings

[Phase 9] Complete final review and documentation

Fixed LanguageSelector return type and middleware ordering

Wrap all view files with translation helpers

Added comprehensive UI translations for all pages

[Phase 8] Add localization tests and bug fixes

[Phase 7] Add Livewire locale support and date formatting

[Phase 6] Add API localization support

[Phase 5] Add email localization

[Phase 4] Add translation content for all 5 languages

[Phase 3] Add frontend language selector components

[Phase 2] Add translation infrastructure

[Phase 1] Add locale detection middleware and service

[Phase 1] Add language column to users table

Mark attachment implementation 100% complete (v1.1.0)

Complete Phase 10 security verification for attachments

Fixed double base64 encoded attachments

Fixed Eloquent accessor/relation naming conflict for attachments

Fixed attachment display and download for embedded attachments

Fixed MIME parsing for nested multipart emails with attachments

Updated task list: Phase 12 (sendpit-web API) complete

Added email attachment support (Phase 12)

Added SSE-S3 encryption and update Phase 8 completion status

Added unit tests for attachment handling and MIME parsing (Phase 8)

Added MinIO development environment for S3 attachment storage (Phase 7)

Added attachment metadata to webhook notifications (Phase 6)

Integrate S3 attachment storage into session handler (Phase 5)

Added DATA size tracking during transmission (Phase 4 complete)

Added RFC 1870 SIZE extension for message size limits (Phase 4)

Added MIME parsing and attachment extraction (Phase 3)

Added S3 client for attachment storage (Phase 2)

Added S3 and attachment configuration (Phase 1)

Added email attachment handling documentation and task list

Added TLS unit tests and webhook documentation

Revert DATA terminator changes that broke email delivery

Fixed DATA terminator detection using suffix match instead of exact match

Fixed DATA terminator goroutine leak

Code review complete - approved

Updated task list: PR #1 created

Complete Phase 5 and Phase 7.2 tasks

Complete Phase 4 testing and update TLS documentation

Updated TLS task list with new phases and progress tracking

Simplify port display to inline layout

Added multi-port options to SMTP credentials modal

Added SMTP session tests for QUIT command handling

Fixed QUIT command blocking after DATA terminator

Added multi-port SMTP listener support for CI3 compatibility

Updated SMTP docs for Let's Encrypt certificate

Added STARTTLS encryption to SMTP credentials display

Added Phase 3-4 TLS testing and fix STARTTLS callback

Added unit tests for TLS implementation

Implemented STARTTLS support (Phase 2: Core TLS Implementation)

Added TLS configuration fields and environment variables

Merge tech lead's TLS security enhancements into task list

Added TLS implementation task list for tracking progress

Enhanced TLS implementation plan with missing cases

Added TLS/STARTTLS implementation documentation

Added ReplyServiceNotAvailable to SMTP reply package

Added RFC 5321 compliant idle connection timeout

Merge realtime-email: Add webhook notification for received emails

Fixed mailbox messages timezone and search box issues

Added member count and pending invites to organization Total Users card

Decode MIME-encoded email headers before storing

Added webhook notification for received emails

Fixed Quick-Mongo document listing to use correct field paths

Updated Quick-Mongo document listing with email-specific columns

Sort Quick-Mongo collections by created_at descending (newest first)

Fixed timezone conversion for message listing timestamps

Use @this syntax instead of $wire for Livewire compatibility

Simplify Livewire hook for timezone conversion

Fixed Alpine.js event listener syntax for Livewire morphing

Convert email timestamps to browser's local timezone

Fixed canceled subscriptions to remain active until period ends

Fixed Sanctum config to not require Sanctum class

Added real-time email updates using Pusher

Added manual refresh button to mailbox messages list

Fixed mailboxes page showing mailboxes from all organizations

Improved plan downgrade confirmation UI with visual indicators

Fixed modal flash on page reload using x-cloak

Added subscription cancellation undo feature

Updated billing system and organization controller

Enhanced billing UI with cancellation modal

Improved update payment method flow

Enhanced webhook payment status restoration

Added tests for payment failure system

Integrate payment failure handling with billing system

Added payment failure UI components and views

Added payment status middleware and resolution controller

Added payment failure tracking database structure

Fallback routes

Dark mode theme

Email font consistency

Redesign payment success page

Show mailbox and user limits on mailboxes dashboard

Added recent invoices section to billing page

Added WebFetch for developer.paddle.com to allow list

Enforce user invite limits based on plan in MailboxMemberInvite

Fixed spacing in messages count label

Updated allowed tools in Claude local settings

Added marketing landing page

Added Alpine persist plugin for dark mode

Added Cypress test for timezone auto-selection

Convert auth pages to Livewire full-page components

Added auth layout matching landing page design

Replace alert with modal for error messages in billing

Improved mailbox invitation handling and feedback

Updated pricing grid to use 4 columns on large screens

Restrict user management links on organization page by permission

Removed test checkout simulation for billing in dev mode

Added reusable error alert component and display errors

Removed 'custom' plan from billing and UI

Added test for deleting mailbox emails from MongoDB

Updated billing dashboard with PDF download links

Implemented PDF invoice download functionality

Improved Paddle webhook handling and transaction processing

Added receipt_url column to transactions table

Removed billing portal functionality

Removed billing portal redirect and related code

Improved subscription swap and billing UI with webhook polling

Enabled test checkout in non-production environments

Added Admin support to policy classes for authorization

Fixed method call for currentOrganization in Blade view

Added Admin model, migration, and authentication guard

Replace and enhance plan_mappings migration

Added paddle_product_id to plan_mappings table

Updated plans and subscriptions migrations for clarity

Enhanced organization admin table and improve boot script

Extend session and remember me duration to 30 days/10 years

Improved team member usage display format in billing page

Improved billing page error handling for already-on-plan scenario

Resolve subscription cancellation and free plan downgrade issues

Updated UI views with billing integration

Enhanced organization context and multi-tenancy

Added billing management console commands

Implemented organization billing page with upgrade modal

Added billing UI views and components

Added plan limit enforcement system

Implemented subscription management controllers

Added Paddle webhook handling with duplicate prevention

Implemented core billing logic with SparkBilling

Added billing infrastructure and database schema

Fixed cascade deletion of invitations when canceling from organization or mailbox

Added get-config to allowed Claude tools

Fixed missing org-member role issue preventing invitation acceptance

Improved invitation acceptance flow and UI feedback

Set new organization as current on creation

Removed TrustProxies middleware and configure proxies in app.php

Added HTTPS enforcement and trust proxies middleware

Make email handling case-insensitive across authentication

Added new MCP commands and WebSearch permission

Added pricing plans documentation

Changed organization update method to PATCH

Added device preview switcher to email iframe view

Added tabbed email view with HTML, source, text, and raw source

Added Livewire mailbox messages list with search and pagination

Updated user role badges and mailbox message count UI

Improved organization email stats and user role display

Include org owners in mailbox member counts

Improved timezone selection on registration form

Added conditional rendering to success alert component

Show organization user count in navigation menu

Simplify regenerate credentials success handling and modal header spacing

Organize SMTP tests into dedicated Feature/Smtp folder

Improved success alert with transitions and counter-based key

Improved success alert component and regenerate credentials UI

Updated test files to match improved test patterns

Convert mailbox credentials regeneration to Livewire component

Added password reset complete flow tests

Added comprehensive email verification flow tests (8 tests)

Fixed organization creation bug and add organization switching tests

Complete comprehensive font size standardization

Fixed failing frontend tests

Standardize font sizes and add timezone selector to registration

Improved mailbox show page layout and consistency

Improved timezone selector with GMT offset labels

Added timezone support for user accounts

Removed auto-open logic for manage users modal

Show organization owners in mailbox members list

Removed orphaned DashboardFunctionalityTest

Auto-open manage users modal for mailboxes with no explicit members

UI improvements and Alpine.js fix for non-Livewire pages

Added page rendering tests for all frontend pages

Convert mailbox member management to Livewire and fix lazy loading

Removed mobile wrapper from marketing pages and unify site design

Improved DashboardFunctionalityTest skip message

Removed PasswordResetFlowTest throttling test

Re-enable ContactFormTest with proper user organization context

Re-enable 'organization shows mailbox count' test

Removed VSCode mcp.json configuration

PagesAccessTest - mailbox create now in modal on mailboxes index page

OrganizationFunctionalityTest - update to session-based routes without IDs

Organization routes - use singular organization.show without ID parameter

PasswordResetFlowTest - add Organization import

Message headers test - check for actual header fields displayed

HTML message test - create directly and check for iframe srcdoc

Plain text message test - create message directly without factory defaults

Single email deletion - use Message model and cast mailbox_id to int for comparison

Email deletion authorization and use Message model for MongoDB _id compatibility

MessagesFunctionalityTest - add Organization and Mailbox imports

MessagesFunctionalityTest - check iframe wrapper subject instead of body content

MarkMessageAsReadPestTest - update expected status from 404 to 403

MailboxFunctionalityTest - add missing Role import

MailboxFunctionalityTest - add missing Organization import

MailboxFunctionalityTest - update invite page test for modal

MailboxFunctionalityTest - update members view test for modal consolidation

LoadMoreMessagesUITest - add missing User import

EmailVerificationTest - add missing Organization import

Organizations/show - replace non-existent mailboxes.create route

ProfileManagementTest - add Organization import and fix error bags

SMTP tests - add role seeding to beforeEach

InvitationAcceptanceTest - route and validation fixes

CurrentOrganizationTest - add missing imports

CreateInvitationTest - duplicate invitation prevention

ContactFormTest - contact form page accessible

AuthenticationFlowTest - terms and privacy links accessible

AuthenticationFlowTest - registration fires registered event

Added FormRequest validation and policy authorization to all forms

Removed orphaned routes and consolidate to modals

Convert mailbox creation to modal and standardize modal headers

Fixed unread count display and revert navigation text size

Added manage users modal to mailbox page

Redesign legal pages with condensed formatting and proper navigation

Redesign organization pages with modern UI and consolidated settings

Fixed UI design issues and enhance contact form

Redesign legal pages with beautiful modern interface

Strengthen legal protections with comprehensive liability disclaimers

Added comprehensive terms of use and privacy policy system

Standardize buttons across application pages

Implemented beautiful modal system with Alpine.js and SendPit branding

Redesign organization creation page with beautiful split-panel layout

Upgrade to Tailwind CSS 4 and implement Flux modals with redesigned dropdowns

Added Claude Code configuration files

Option 1: Refactor InvitationAcceptanceTest with modular infrastructure

Removed non-essential tests, keep only Pest frontend and SMTP tests

Fixed resend invitation to synchronize expiry for linked invitations

Added SendPit logo SVG component and integrate across all pages

Added npx cypress run to allowed Bash commands

Added comprehensive Cypress E2E tests for invitation system

Added migration to assign org-member role to existing users

Fixed org-member role assignment for mailbox invitations

Added database table records for all invitation scenarios

Updated Permissions.md to match actual codebase implementation

Removed legacy docs

Updated settings.local.json

Removed outdated documentation and unimplemented API

Reorganize invitation documentation with clear logical flow

Updated documentation: Problem 4 fully implemented

Fixed Problem 4: Skip org invitation redirect for users already in organization

Consolidate documentation from 11 files to 4 essential files

Integrate expiration handling as core functionality in documentation

Updated documentation: Problem 1 fix integrated into core functionality

Fixed Problem 1: Expired linked invitations causing redirect loops

Document all invitation edge cases with comprehensive flowcharts

Added mailbox invitation link redirect to organization invitation

Show pending invitations on create organization page and clarify create intent

Create unified copy button architecture with consistent UX

Added copy invite link functionality to mailbox members page

Fixed user redirect to org creation page after mailbox invitation acceptance

Fixed Form Request classes to use consolidated find() method

Fixed CreateInvitationTest routes to use current organization endpoints

Fixed EmailController and MessageFactory for repository consolidation

Fixed multiple test failures in frontend test suite

Fixed MessageFactory to match actual MongoDB document structure

Consolidate repository methods to prefer domain objects over IDs

Show hyphen instead of empty role box in organization members page

Fixed method name conflict in InvitationRepository

Phase 3: Refactor controllers to use services/repositories

Phase 1 & 2: Add repository/service methods and MemberStatus enum

Laravel boost installed

Fixed duplicate entries in mailbox members listing

Removed redundant organization routes and clean up URL structure

Improved TestCase MongoDB configuration to use dynamic database naming

Fixed MongoDB connection issue in tests

Fixed login throttling test by correcting error message case

Fixed remember me functionality test by using flexible cookie detection

Fixed password confirmation test by adding route name and middleware exclusion

Fixed email verification test by excluding verification routes from organization middleware

Fixed password validation test to check correct error bag

Fixed password update test by excluding profile routes from organization middleware

Fixed undefined variables in MailboxAccessGrantedMail email template

Fixed route error in MailboxAccessGrantedMail and improve test infrastructure

Fixed undefined array key 'username' in OrganizationWithMailboxInvitationMail and improve email testing infrastructure

Fixed recipient email display in message list

Fixed unread count showing blank instead of 0 on mailboxes page

Make footer more compact to save screen space

Fixed load more messages functionality and add smooth scrolling

Fixed email alignment issue when marking as read

Make email listing sidebar more compact with improved unread indicator

Added proper subtitles to mailbox pages and enable 4-column layout

Reduce UI element sizes for more compact interface

Fixed mailbox page layout to prevent outer scrolling

Added unread email indicator and mark as read functionality

Added HTML test components to all emails and fix link handling

Fixed MongoDB ID type mismatch causing empty mailbox views

Fixed email links to open in new tabs instead of iframe

Fixed MongoDB query casting issue in MessageRepository

Updated mailbox index to show all accessible mailboxes

Fixed MailboxController to use correct MessageRepository methods

Fixed tests to use database field instead of session for current organization

Fixed all failing CurrentOrganizationTest tests

Added organizations index view with test improvements

Fixed SQL error on mailbox members page and refactor to repository pattern

Fixed mailbox visibility after creation

Fixed mailbox creation 404 error - use current organization

Fixed undefined variable errors in invitation emails

Fixed invitation email system - resolve missing view errors

Fixed failing frontend tests for Profile, Password Reset, and Organization Switch

Added comprehensive frontend tests for ProfileController, Password Reset, and Organization Switch

Fixed organization switch test route

Added organization check for mailbox creation

Fixed remaining test issues and mailbox create page

Implemented clean organization switching with proper URLs

Summary of frontend test fixes

Move dashboard route into auth middleware group

Move dashboard logic from route to controller

Removed organization ID from URLs using session-based routes

Improved email validation logic to exclude production specifically

Fixed OrganizationController DTO method calls

Skip DNS validation for emails in non-production environments

Removed redundant 'Select a role' option from organization invite form

Updated custom command namespaces and improve naming

Fixed mailbox permission tests to expect 403 status

Fixed mailbox controller and enable mailbox view test

Fixed mailbox controller and test issues

Fixed undefined variables in organization show page

Complete InvitationType enum implementation across codebase

Removed outdated sections from Invitations documentation

Added comprehensive invitation system documentation

Updated controllers to use InvitationType enum

Added InvitationType enum and update models/services

Clean up remaining references to legacy invitation models

Fixed remaining invitation system issues after refactoring

Updated test commands and add comprehensive invitation flow tests

Added organization invitation acceptance route

Added authorized emails to Horizon access gate

Fixed remaining failing frontend tests

Fixed authentication and contact form tests

Fixed all invitation flow tests

Fixed failing frontend tests and validation errors

Added comprehensive frontend Pest tests and model factories

Removed action buttons from organization dashboard

Fixed undefined method error in OrganizationController

Removed legacy dashboard view and add maintenance scripts interface

Added mailbox commands with detailed logging

Fixed organization page lazy loading and dropdown checkmark display

Updated tests for unified invitation system compatibility

Implemented unified invitation system for organizations and mailboxes

Removed font-medium from message subject and add tests

Fixed tests for recent role/permission changes and add Turnstile support

Implemented complete CSS isolation for email content using nested iframes

Condense header bar and reduce spacing throughout site

Redesign mailbox listing page with tile layout and performance optimizations

Implemented smart mailbox invitation system for existing and non-existing users

Added navigation links to user and mailbox cards on organization page

Make emails clickable and replace dashboard with organization show page

Updated organization selector to navigate to organization show page

Added organization show page with beautiful statistics

Updated dashboard SMTP configuration for production

Implemented 'Load More' pagination for email list

Updated organizations/create page to match site design consistency

Redesign mailbox page with modern split-pane layout

Rename MySQL and Redis Docker containers and volumes

Allow org owners to view and manage mailbox credentials

Fixed compilation error and add comprehensive Go-based tests

Removed all MailHog references and rebrand to SendPit

Removed MongoDB/Mongo Express and change Mailcatcher port to 2525

Fixed quick-mongo MongoDB issues and navigation

Added MongoDB architecture documentation and quick-mongo project

Added MongoDB browser tool (quick-mongo)

Enabled session encryption by default for security

Removed obsolete MailHog documentation and test files

Updated and reorganize documentation

Removed redundant MongoDB configuration fields

Fixed VSCode log file visibility and clean up SendWelcomeEmail

Fixed welcome email issues and improve email validation

Fixed mailbox view route and remove access restricted message

Fixed Docker volume mounts after moving Laravel to root and add Mailcatcher service

Implemented email layout inheritance and update all emails to SendPit style guide

Fixed password reset throttling for local development

Added welcome email for new user registrations

Installed horizon

Make Cloudflare Turnstile containers full width

Simplify landing page with centered SendPit heading

Added user-friendly error messages for Turnstile verification

Configure Filament admin panel settings

Clean up repository for SMTP-only server

Redesign user dropdown to be more integrated and compact

Updated mailbox members pages to match style guide

Fixed organization switcher dropdown styling

Added organization switcher dropdown to navbar

Added description column to permissions table

Unit tests

Logo, style guide

Simplify permission system with single guard and prefixed permissions

Tests and invitations controller

Implemented fluid width layout and create comprehensive style guide

Redesign all pages with modern minimalistic flat design and reusable components

Fixed navigation active states and sticky footer layout

Added global site footer with dark theme

Updated navigation to black theme with yellow dashboard header

Redesign navigation and dashboard with modern minimalistic flat design

Added comprehensive database seeding

Improved organization context and user flow

Added login link package integration

Fixed user authorization and policy issues

Docker optimizations

Complete Docker optimization with worker OPcache and huge pages

Optimized Docker performance with delegated volumes and enhanced OPcache

Added custom theme colors to SendPit

Theme colors - yellow and black

Added mailbox-specific user management system

Fixed invitation system to use Role models throughout

Move authorization logic from controllers to Form Request classes

Added organization switcher functionality

Removed all ability to delete organizations

Updated Filament ContactResource to use ContactStatus enum and service methods

Added ContactStatus enum using Enumhancer

Added Laravel code review subagent configuration

Implemented DTOs for service layer and update architecture guidelines

Added mailbox name edit functionality and remove all database transactions

Updated database.php

Removed organization-scoped mailbox routes and consolidate controllers

Updated AWS SES region to ap-south-1 (Mumbai)

Integrate AWS SES for email sending

Updated default config for Redis, MySQL, and SMTP

Added composer

Restrict Filament admin access to [email protected] on non-local environments

Fixed email count recalculation after message deletion and clearing

Added message deletion and mailbox clearing functionality

Added email count feature with MongoDB recalculation

Simplify mailbox listing page

Move back button to avoid accidental mailbox deletion

Implemented email message viewing functionality

Simplify Cloudflare Turnstile setup for local development

Added Cypress tests for authentication and contact forms

Added Cloudflare Turnstile verification to all authentication forms

Fixed SMTP test failures and improve authentication handling

Fixed mailbox message isolation and SMTP test assertions

Contact us

Removed permission creation from migration

Claude settings

Added named volumes for Redis and MongoDB config

Fixed MailHog Docker build by correcting vendor directory path

Added comprehensive Haraka SMTP server implementation guide

Disabled authentication for MongoDB Express

Added separate MailHog test container and test database configuration

Added comprehensive SMTP tests for security audit implementation

Implemented security audit recommendations for SMTP

Updated smtp-issue.md with optimization analysis and RFC compliance

Added comprehensive documentation to SMTP workaround

Fixed SMTP response timeout issue in password reset flow

Added Pest test for forgot password functionality

Implemented user removal from organizations with self-removal prevention

Fixed Laravel test database configuration to use SQLite

Fixed all non-SMTP Laravel tests

Fixed role management to use Spatie permissions correctly

Combine mailbox settings and email listing into unified view

Added comprehensive Pest tests for mailbox isolation and SMTP authentication

Implemented SMTP authentication and email segregation by mailbox

Rename invitations section to users

Convert from role-based to permission-based authorization

Fixed permissions for invitations navbar link

Docker changes

Fixed message viewing functionality and MongoDB integration

Added message viewing functionality for mailboxes

Fixed organization role references after Spatie permissions migration

Changed mailbox credentials from encrypted to plaintext storage

Migrate to Spatie permissions and implement service/repository pattern

Added Laravel Conventions section with architecture patterns

Added comprehensive invitation system for organizations

Implemented MySQL-based mailbox system with encrypted credentials

Added organization creation during user registration

Convert MailHog to SMTP-only server

Configure MailHog to use MongoDB storage

Complete MySQL connectivity for MailHog

Revert MailHog to original open source version

Docker changes

Removed lock files and Filament assets from version control

Updated settings.local.json

Added Claude Code settings with allowed/denied commands

Create sendpit.code-workspace

Rename project from DevInbox to SendPit

Added health checks for mailhog and php services

Make Form Request classes mandatory for all web form inputs

Added comprehensive Laravel Form Request validation requirements

Added input validation and ID verification security requirements

Added security constraints: no file access or commands outside project root

Updated remaining app/ references to laravel/ in documentation

Rename app/ directory to laravel/ (lowercase)

Added Claude context optimization guide and ignore file

Implemented Laravel backend for organization and mailbox management

Merge fix-compilation-errors: Complete Laravel integration and project restructure

Create Hello World dashboard with MailHog branding

Setup Laravel with Breeze authentication and MongoDB support

Integrate Laravel Docker setup with MailHog

Removed unused imports and methods from storage layer

Implemented comprehensive environment variable support

Improved dashboard authentication timing to prevent redirect loops

Cypress test fixes and UI improvements

Fixed authentication and add Cypress E2E tests

Fixed compilation errors and implement tests

Implemented password reset and account settings functionality

Redesign UI with users management page and improved mailbox view

Resolve contextKey redeclaration error in auth package

Implemented role-based access control and admin features

Implemented user invitation system with email notifications

Make product branding configurable via environment variables

Rebrand frontend - remove all MailHog references

Fixed SMTP Reply construction - use proper Reply helper functions

Fixed SMTP authentication implementation - use proper Reply objects

Added SMTP authentication for multi-tenant mailboxes

Fixed form submission security issue - forms were submitting via GET

Updated information about installation

Fixed order of install docs

Added install documentation for FreeBSD

Use multistage build to minimize container size

Revert letter case change - it's lowercased now

Tweak path to MailHog for Ubuntu installation

Removed unnecessary loop and select when waiting on exitCh

Updated BUILD.md

Added link to PHP library to docs

Updated CONFIG.md

Re-arrange installation and add Ubuntu/Debian

Use official golang as base container

Updated docs/config

Added notice how to mount "maildir" storage.

Added vendor back in (again!)

Added mention to releases

Added release notes for 1.0.0

Temporarily remove vendor directory

Mention using sendmail and PHP config

Updated vendor

Fixed build issue

Updated vendor

Updated storage

Fixes mailhog/MailHog#148 and fixes mailhog/storage#7

Updated MailHog-UI assets vendor

Added a snapcraft.yaml file for building snaps (https://snapcraft.io) of MailHog

Added note about reverse proxies and firewalls for #117

Removed references to Rockerfile

Added libraries doc for #120

Added version flag which displays the current version.

Updated mgo dependency

Added release notes for 0.2.1

Removed 1.4/1.5 from .travis.yml

Added vendor directory

Updated build docs

Force rocker build to ignore cache

Updated import path for mgo

Added fix from @kkrauth to swagger json

Added info about starting mailhog service with brew

Example init script 404 - updated link

Use single API constructor

API spec doesn't define the search query parameter

Added 1.5/1.6 to .travis.yml

Fixed configuration documentation

Updated year

Added release notes

Fixed for mailhog/MailHog#25. Provide a new configuration parameter ui-web-path.

Optimized docker image size

Updated version to 0.1.8

Removed golang 1.3 (http.BasicAuth needs 1.4+)

Fixed markdown

Added missing info

Attempt to add HTTP authentication for #40

Make `MailHog sendmail` a shortcut to `mhsendmail` for #45

Added some ASCII art

Updated releases

Removed gotcha (fix #42)

Quote port number in smtp config JSON

Removed comma from last value in smtp config JSON

Updated badge

Added v0.1.6 release

API v2 search and message list documentation for #36

Document outgoing SMTP config for #36

Updated screenshot

Updated releases

Updated RELEASES.md - fix #31

Updated .travis.yml - remove go 1.2, add go 1.4

Updated releases

Added APIv2 (and update download badge)

Updated screenshot

Updated url

Clean up flags

Updated releases doc

Move stuff around

Clean up config

Updated config

Make naming more consistent

Updated github URLs

Removed data package

Removed http package

Removed storage

Switch to github.com/mailhog/smtp

Introducing Jim, the Chaos Monkey

Fixed session close bug

Added release documentation

Fixed #11 - add build documentation

Fixed #12 - support invalid MAIL/RCPT syntax

Fixed #16 (on the right branch this time!)

Updated docs to refer to correct /api/v1 URL.

Correct display of text/plain and text/html multipart messages with quoted-printable transfer type

Move some packages

Added build status badge

Hopefully fix drone.io tests

Hopefully fix travis issue

Added .travis.yml

Added godoc reference

Fixed routes

Removed old tests, fix import

Move stuff around

Removed old config package

Move assets and main func

Move config/message/http/storage packages

Move smtp package

Added AUTH LOGIN tests

Added AUTH PLAIN tests

Added AUTH EXTERNAL tests

Added session tests

Use io.ReadWriteCloser in place of net.TCPConn for SMTP session

Removed old session tests and add basic validation handler tests

Added reply struct tests

Avoid testing log output

Added more protocol tests

Added more protocol tests

Added some protocol tests

Make ident configurable

Added LOGIN/PLAIN/CRAM-MD5 authentication hooks

Fixed storage interface and fix dependency mess

Added hook for EXTERNAL authentication mechanism

Added sender/recipient validate hooks

Clean up reply handling

Removed protocol dependency on config

Added bintray download icon

Fixed #5 - support leading tab on multi-line header

Updated releases

Missed header

Partial support for RFC2047 (#4)

Changed release output path, add missing LICENSE file

Configure from environment

Hopefully fix #2

Fixed gotcha support (and some other bugs)

Fixed eventstream

Start converting to use github.com/ian-kent/gotcha

Updated APIv1 docs

Added releases summary

Resizable message list, hide HTML tab if message has no HTML

Added support for nested multipart messages

Toggle event stream connection

Real-time updates using EventSource

Clean up static content routing

Clean up routing

Fixed markdown

Clean up API

Updated screenshot

MIME part viewer and download individual parts

Message count in web ui

Added icons to menus

Added glyphicons to events

Web UI message search

Fixed scroll bug on first load

Don't auto-remove failed events

Slightly better UI error handling

API error reporting

Release messages via SMTP

Use go-bindata to embed assets

Improved web UI message list

Message preview UI fixes

Fixed bugs in header parsing

Added message download

Added glyphicons to show/hide header buttons

Default to in-memory storage

Added in-memory storage, clean up config

Web UI improvements

More auth tests, fix bug

Added AUTH tests and fix a bug

Added basic AUTH support (RFC4954)

Removed content/MIME from message list API

Mime support and html email rendering

MIME detection and add some error responses

Multiple messages per connection, advertise pipelining

Clean up mongodb

Only show first subject header

Added subject to example test

Added message source preview

Better header rendering

Get single message API

Clean up http handling

Delete single message api

Added message list api

Added HTTP server and assets

Improved received header

Clean up message parsing and add tests

Added DATA/RCPT commands

More commands, better connection handling/logging

Added basic EHLO/HELO support

Read from socket

Begin implementing RFC5321

Basic go echo server