Changelog

Every shipped change lands here on the day it ships. Grouped by the standard Keep a Changelog categories: Added / Changed / Deprecated / Removed / Fixed. Dates are UTC.

Subscribe by RSS or watch the repo — your call.

Planned

Scheduled for the next release. Shape may change before launch.

Planned — Added

• Webhooks: signed POST delivery, HMAC-SHA256 signatures, retry policy, subscription registration. See Webhooks for the committed shape.
• Ads CRUD on Meta, TikTok, Apple (POST/PATCH /v1/projects/:id/ads/{campaigns,adsets,ads}).
• Approval v2: trust_threshold + current_trust_score for auto-transition to continuous approval.
• Engagement template v2: firstComment.strategy, replies.{tone, maxPerPostPerHour, ignoreCommentsMatching, escalateNegativeSentiment}.
• Leased-account request-flow visibility: richer status vocab (requested → in_review → provisioning → assigned → failed), webhook: lease_request.assigned.
• SSE streaming on GET /v1/jobs/:jobId/events (optional — polling keeps working).
• Recommendations taxonomy: new_hook, cadence, audience_gap, ads_budget.
• Per-project credit CSV export for partner rebilling.

2026-04-24 — Preview release

First public release.

Added

• GET /v1/whoami — resolve an API key to its organization, scopes, and rate-limit tier.
• Projects: create, list, get, patch, archive. customer_external_id for sub-tenant scoping.
• GitHub install + ingest: register an installation, list visible repos, kick off POST /v1/projects/:id/ingest/github to generate and open an SDK-install PR.
• SDK apps: create, get, patch. CAPI status per app for Meta, TikTok, Apple.
• Deterministic install-spec generator for non-GitHub installs (iOS SPM, Android Gradle, web npm, react-native, flutter, expo).
• Event stream query + per-user signal endpoint, project-scoped and PII-redacted by default.
• Conversions rollup and Apple Ads attribution records, project-scoped.
• Influencers: create (async), clone (sync, from image URL or existing), patch, archive, bind reference media.
• Content: generate (async), regenerate, clone-from-post, read, list with filters, signed asset URLs.
• Approval: POST /v1/content/:id/approve / reject, per-project requires_approval + first_n_posts_blocked policy, scheduled-posts gate enforcement.
• Social OAuth with partner-owned returnUrl (allowlisted); status-poll endpoint; account list, reauth URL, revoke.
• Scheduling + publishing across connected accounts, with approval gate enforced pre-publish.
• Leased TikTok accounts: request endpoint (queued for Layers to fulfill manually), list, release. Provisioning remains a manual admin function — permanently.
• Engagement config read + patch (v1 template shape only).
• Metrics: unified organic metrics, ads metrics, top-performers ranking, scored ads-content list with override PATCH.
• Ads reads: campaigns, ad-sets, ads across Meta, TikTok, Apple. CRUD is planned.
• Unified jobs envelope: GET /v1/jobs/:jobId, POST /v1/jobs/:jobId/cancel. One pattern covers every long-running operation.
• Idempotency-Key on every mutating POST, 24h replay window. Partner-created resource IDs as a stronger alternative.
• Rate limits on pilot / gic_pilot / gic_ga tiers, per-endpoint-class buckets.
• Kill switch — per-key, per-org, and global.
• Stable error codes with requestId on every response.

Known gaps

• Ads campaign, ad-set, and ad writes — planned. Reads are live.
• Trust-score approval auto-transition — planned. Today you flip requires_approval manually or lean on first_n_posts_blocked.
• Webhooks — live. HMAC-SHA256 signed, 8-attempt retry ladder, dedupe + replay. See Webhooks. Polling remains supported; webhooks are an optimization, not a replacement.
• Defense-in-depth on every publish path — gated at schedule + scheduled-posts-publish-due today; IG / TikTok / Managed publish paths get rechecked in a future release.
• LinkedIn + YouTube social platforms — not committed; gated on platform prioritization.