Changelog

Everything below is built and verified against a real database. Nothing here is a plan.

    • Marketing site, security, docs, platform and legal pages.
    • Dashboard pages for hosts, events, pipelines, work and settings.
    • Ingest keys can be created and revoked from Settings; the key is shown once.
    • Fixed: the agent install script and robots.txt were being redirected to the login page.
    • Host telemetry agent: a dependency-free shell collector, plus the /api/ingest endpoint.
    • Ingest keys are hashed with SHA-256 and compared in constant time.
    • Verified that a request forging another organization's id writes only into its own.
    • Organizations, members and roles, with invitations.
    • Row-level security on every table, deny-by-default.
    • Verified tenant isolation: user A cannot read user B's rows; anonymous reads return nothing.
    • Email/password and magic-link sign-in.