CAP Workspace

CAP v1.0.0-rc.2

Sign in

Resource Library

Browse every Markdown guide bundled with CAP.

Stakeholder presentation
15 resources
Project

Changelog

CHANGELOG.md

Changelog

Unreleased

  • Restyled the CAP stakeholder presentation with an executive navy, cool-gray, and ClearCoin mint business theme, portable Aptos typography, improved content hierarchy, and rebuilt light-mode product screenshot slides.
  • Added a downloadable 13-slide CAP stakeholder PowerPoint covering platform purpose, user roles, attestation workflow, evidence integrity, product screenshots, architecture, security controls, current limitations, roadmap, and stakeholder decisions.
  • Added public stakeholder-presentation download links to the home page, Help Center, and Resource Library for desktop and mobile visitors.
  • Added an extensive public Help Center for non-technical auditors, administrators, management, guests, and general users, with role boundaries, complete workflows, platform component explanations, report statuses, safety guidance, and troubleshooting.
  • Added Help Center links to the desktop and mobile navigation, top bar, home page, and sign-in page.
  • Fixed the document upload success path so the form resets without dereferencing React's cleared submit event after an asynchronous upload.
  • Expanded the relayer architecture documentation with a detailed explanation of relayer responsibilities, current dry-run behavior, future Oracle broadcast flow, CAP/API integration, ClearCoin connectivity, key management, failure handling, idempotency, observability, and production readiness requirements.

1.0.0-rc.2

  • Added visible resource-library links in the top bar, home page, and login page so the online documentation hub is discoverable before and after sign-in.
  • Moved the user manual into docs/User's Manual.md and refreshed the in-app resource library so the manual is read online with the other documentation.
  • Added an in-app resource library at /resources that bundles and displays every repository Markdown guide for online access from the portal.
  • Added a novice junior developer guide defining Git, GitHub, GitHub Actions, workflows, commits, pushes, tags, pull requests, secrets, CI failures, and the CAP daily development and deployment routine.
  • Expanded VPS2 CI/CD documentation into a beginner tutorial covering GitHub Actions, repository secrets, SSH keys, Tailscale-based VPS2 access as john@clearcoin-vps2, Docker group setup for john, optional deploy-user setup, VPS2 bootstrap, first and subsequent deployment behavior, container inventory, Portainer usage, Caddy topology, deployment tags, verification, rollback, and troubleshooting.
  • Added optional Tailscale OAuth login to the VPS2 deployment workflow so GitHub-hosted runners can deploy to a Tailscale-only VPS2 when TS_OAUTH_CLIENT_ID and TS_OAUTH_SECRET are configured.

1.0.0-rc.1

  • Added GitHub Actions CI for API tests, OpenAPI drift checks, time-service tests, relayer tests, and Docker image builds.
  • Added GitHub Actions VPS2 deployment workflow that publishes API, portal, time-service, and relayer images to GHCR and deploys them over SSH to Docker on VPS2.
  • Added docker-compose.vps2.yml, scripts/deploy-vps2.sh, and VPS2 CI/CD documentation with secrets, bootstrap, verification, rollback, and backup expectations.
  • Added report management approval workflow with required approve/reject reasons and approval-gated submission.
  • Added evidence lifecycle hardening: validation freezes report evidence and locks attached documents, and frozen reports reject additional evidence attachments.
  • Added admin-gated audit log listing and CSV/JSON export endpoints, and replaced the static audit page with a live export-capable view.
  • Added relayer status proxy at GET /api/chain/relayer-status for operator checks without direct browser access to the relayer container.
  • Updated OpenAPI, endpoint docs, user manual, deployment docs, readiness docs, VERSION, package metadata, and environment examples for 1.0.0-rc.1.

0.7.0

  • Added protected admin release-readiness API with platform checks for version, chain ID, superadmin seed accounts, auditor availability, storage configuration, platform time, and audit trail activity.
  • Added an admin dashboard readiness panel with version, operational counts, generated timestamp, and pass/warn/fail check details.
  • Centralized the API version in settings so OpenAPI metadata and runtime configuration stay aligned.
  • Added release-candidate readiness documentation with the remaining pre-RC workstreams and 1.0.0-rc.1 gate.
  • Added API tests for readiness RBAC and OpenAPI version alignment.
  • Upgraded Next.js and Next.js ESLint tooling from 14.2.30 to 14.2.35 to stay on the patched Next 14 line before release-candidate testing.

0.6.0

  • Added authenticated document permissions: guests can view evidence, but cannot upload or hash documents.
  • Changed document uploads to bind to the current signed-in user and reject duplicate PDFs by SHA-256 hash.
  • Added report evidence attachment API and UI so uploaded PDF hashes can be bound to real reports.
  • Replaced static report list/detail pages with live authenticated report views.
  • Added report workflow actions for validate, submit to queue, and management reject with visible validation errors.
  • Added audit events for report evidence attachment, report actions, user CRUD, soft delete, and forced logout.
  • Improved mobile table behavior for reports and report evidence by using stable widths and horizontal scrolling.

0.5.0

  • Fixed mobile login and admin fetch failures by routing browser API calls through same-origin /api paths.
  • Added a Next.js API rewrite so direct portal access can proxy API requests without relying on device-local localhost.
  • Reworked document upload into a client-side PDF upload workflow with visible success/error feedback.
  • Added an evidence register that refreshes after upload and displays document size, SHA-256 hash, upload time, and lock state.
  • Updated report creation to submit through same-origin API routing.

0.4.0

  • Added named superadmin seed accounts for Darrell Choates and John McClenon, Jr. with password-backed authentication.
  • Added guest role for investors and prospective auditors without auditor permissions.
  • Added login session tracking with login time, logout time, session duration, IP address, and browser user-agent details.
  • Added superadmin forced logout controls for individual sessions and all active sessions for a user.
  • Added soft-delete behavior for user deletion and blocked deletion of superadmin accounts.
  • Expanded admin dashboard with guest CRUD, password reset, soft delete, forced logout, and login history views.

0.3.0

  • Added role-based authentication for auditor, admin, and superadmin development accounts.
  • Added auditor and admin dashboards with role-aware navigation and superadmin user CRUD.
  • Fixed portal sign-in/sign-out behavior with stored sessions and role-based dashboard routing.
  • Added mobile hamburger navigation, header version display, and footer version/developer attribution.
  • Added active/inactive user enforcement and startup compatibility migration for existing local databases.
  • Updated OpenAPI coverage and tests for RBAC and admin user management.

0.2.0

  • Changed ClearCoin chain ID configuration from clearcoin-main to clearcoin across API defaults, relayer defaults, environment examples, documentation, and portal UI.
  • Added a dedicated CAP Platform Time Service as the authoritative platform date and time source.
  • Added API proxy endpoint GET /api/platform-time/current backed by the time service.
  • Added local time-service port 39226, Docker health checks, environment settings, OpenAPI updates, and tests.
  • Added User's Manual.md with end-to-end guidance for auditors and ClearCoin management.

0.1.1

  • Added a committed OpenAPI specification at docs/openapi.json.
  • Added Docker Compose Swagger UI service on port 39225 for API inspection.
  • Documented OpenAPI and Swagger URLs in README and API endpoint docs.
  • Added Swagger UI origin to API CORS configuration for local development.

0.1.0

  • Initial CAP MVP scaffold with Docker Compose, Next.js portal, FastAPI API, Go relayer, PostgreSQL, Redis, MinIO, and Caddy.
  • Added auditor report lifecycle, PDF upload hashing, audit logs, health checks, documentation, and tests.