Changelog
Everything below is built and verified against a real database. Nothing here is a plan.
- Marketing site, security, docs, platform and legal pages.
- Dashboard pages for hosts, events, pipelines, work and settings.
- Ingest keys can be created and revoked from Settings; the key is shown once.
- Fixed: the agent install script and robots.txt were being redirected to the login page.
- Host telemetry agent: a dependency-free shell collector, plus the /api/ingest endpoint.
- Ingest keys are hashed with SHA-256 and compared in constant time.
- Verified that a request forging another organization's id writes only into its own.
- Organizations, members and roles, with invitations.
- Row-level security on every table, deny-by-default.
- Verified tenant isolation: user A cannot read user B's rows; anonymous reads return nothing.
- Email/password and magic-link sign-in.