v1.2.0
Upgrade note: After pulling v1.2 updates, run `bun run migrate` in gridwork-hq to apply schema changes.
Added
- SQLite database via Drizzle ORM (replaces Vercel KV dependency)
- Full CSS token system (gw-* custom properties) with dark/light mode support
- Docker support (Dockerfile + docker-compose.yml)
- WelcomeBanner onboarding flow with demo data seeding
- EmptyState components on all dashboard pages
- Database migration support via drizzle-kit
- 12 automated cron jobs (up from 4 documented)
- Pipeline-server SSE rate limiting
- CHANGELOG.md and expanded ADVANCED_EXTENSIONS.md
Changed
- Marketing copy: accurate pipeline count (17 + compiler), cron count (12)
- Knowledge vault: all branding replaced with {{AGENCY_*}} placeholders
- Setup wizard: collects PIPELINE_SERVER_URL, runs health check, substitutes knowledge placeholders
- All docs: correct directory names, correct commands, SQLite references
- Chat panel: responsive on mobile (full-width overlay)
- 92 icon-only buttons now have aria-labels
Fixed
- spawner.ts: 'undefined/.output' bug in findOutput()
- worktree-manager.ts: shell injection via execSync replaced with execFileSync
- system-routes.ts: shell injection via TRACKED_REPOS
- 59 silent error catches replaced with proper logging
- 8 API routes: added try/catch for external calls
- 5 API routes: no longer return 200 on error
Security
- Cron command allowlist prevents arbitrary shell execution
- CSP nonce extended to style-src
- Pipeline-server SSE rate limiting (20 connections/min per IP)