Changelog¶

2026-Q2 (Unreleased / Rolling)¶

Two-factor authentication: Optional TOTP + 10 single-use recovery codes for all users; admin force-reset via /admin/mfa. Shipped 2026-05-12.
Row-Level Security: Postgres RLS enforced at the database layer for projects, workspaces, integrations, and GitHub connections. Every tenant's data is isolated even if application-layer auth is bypassed. Live 2026-05-11.
Provider Bridge: Platform-managed AI provider credentials. Workspace admins configure shared API keys once; members select a provider without ever seeing the raw key. Backend shipped; usage dashboards coming.
Sandbox allowlists: Workspace-owned allow/deny rules for AI tool access and network egress. Schema, rule-matcher, and admin CRUD API shipped (migration 073); OS-level enforcement in progress.
Personal vs workspace AI scope: Any workspace member can now add their own personal Copilot account or custom AI provider. Personal rows are invisible to other members and workspace admins. Migration 072.
doable-cli TUI: Rust all-in-one operator binary (doable install / doable admin [--remote]) with 9 sidebar screens covering users, feature flags, AI settings, credits, server config, and DB credential rotation. Shipped 2026-05-09.
DNS wildcard /admin: Automated *.doable.me subdomain provisioning with CF API token KEK-encrypted storage and systemd-based renewal; rounds 1-7 complete.

The authoritative changelog lives on GitHub:

For self-hosted operators, the release notes call out:

Subscribe to releases on the GitHub repo (Watch, Custom, Releases) to get an email whenever a new tag ships.

Doable follows Semantic Versioning loosely:

Pre-1.0, expect occasional breaking changes in minor releases. They'll be called out in the notes.

See Upgrading for the per-deployment-mode upgrade procedure.