Changelog

Features

• Hid the sign-up link during account recovery, verification, and identity linking flows.

Fixes

• Redesigned the visual review comments panel by replacing the replies modal with an inline thread view, refreshing the comment card layout, and adding a shared resolve button.

Features

• Split feedback permissions into read, update, and delete.

Fixes

• Fixed display names derived from email addresses containing dots (e.g., firstname.lastname). Updated Account Settings form to accept sanitized names.

• Improved export on the Feedback page by applying active table filters/sort/search to downloads,

Fixes

• Fixed .adoc and .asciidoc files not opening in the Reunite editor.

Fixes

• Updated the Teams page to display automated role-based teams: owners, members, billing, and viewers.

Fixes

• Updated @redocly/openapi-core and @redocly/cli to version 2.31.2.

• Updated @redocly/openapi-core and @redocly/cli to version 2.31.0.

Features

• Moved onboarding access to the sidebar and replaced the drawer with a less intrusive, non-blocking assistive flow.

Features

• Added a start tab in the Reunite editor with file search, recent files, and tools.

Fixes

• Updated @redocly/openapi-core to version 2.30.5.

• Updated the Reunite pull request UI with a card-style header featuring quick actions, a redesigned visual review tab, and an updated comments container.

• Fixed invite failure when the identity domain was verified but no identity providers were defined.

• Fixed date picker to prevent selecting days outside the current month and times in the future.

• Fixed active and hover colors in the user settings modal sidebar to use grey tones matching the main navigation sidebar.

Features

• Added multi-version API support for Docs MCP tools.

• Improved visibility and accessibility of Markdown links by adding an underline.

• Updated styles for page navigation buttons.

• Updated the icon displayed alongside hyperlinks in the project.

• Added Client ID Metadata Document (CIMD) support to the MCP OAuth flow.

• Added support for callback URLs in developerOnboarding.

• Added hreflang alternate links for translated pages.

• Improved language picker accessibility by converting menu options to links.

Fixes

• Prevented search engines from indexing Markdown pages generated by the llms.txt feature.

• Fixed unauthenticated callback execution in the MCP docs server.

• Fixed an issue in OpenAPI docs route resolution where lines not tied to an operation generated incorrect URLs by duplicating the base slug.

• Fixed an issue where searching in projects without searchable content caused a server error.

• Fixed rendering of non-Latin characters by enforcing UTF-8 encoding.

• Fixed an issue where login and logout redirects caused 404 and URI mismatch errors in projects with path prefix.

• Fixed an issue where preview login redirects failed when the branch hostname contained double hyphens.

• Fixed 404 error when opening login from locale-prefixed URLs.

• Fixed an issue where closing the search dialog modal locked page scrolling.

• Fixed an issue in Realm Markdown image handling where inline data: image URLs were incorrectly treated as broken local routes.

• Excluded buttons and links from heading content to improve accessibility.

• Fixed an issue where MCP connect actions were hidden for OpenAPI pages excluded from search (openapi.excludeFromSearch).

• Fixed API function responses with status 204 to prevent errors when calling JSON or text helpers.

• Fixed curation in Typesense search.

• Fixed security vulnerabilities CVE-2026-44455, CVE-2026-44456, CVE-2026-44457, CVE-2026-44458 and CVE-2026-44459 by upgrading hono to version 4.12.18.

• Fixed an issue where the tooltips in API docs and Replay might partially render outside the viewport.

• Fixed an issue where operation-level x-rbac rules removed the OpenAPI definition link from llms.txt.

• Fixed an issue where API functions failed to hot-reload after files were added in Reunite's Webview or local preview.

• Fixed an issue where MCP auth URLs were displayed after MCP docs had been disabled.

• Updated @redocly/openapi-core to version 2.30.5.

• Fixed an issue where navigating on a code walkthrough page prevented automatic scrolling to the active step.

• Fixed an issue where the login page didn't respect language preferences selected by the user.

• Fixed an issue where selected request body examples were not properly synchronized between Redoc and the Try it overlay.

• Fixed an issue in Replay where stale credentials persisted in the active environment across page reloads, and caused intermittent "JWT is expired" errors.

• Fixed an issue in Replay where the request body with invalid JSON input grew after restarts, leading to decreased performance.

Fixes

• Fixed an issue where the login page language didn't match the language selected in the project.

Fixes

• Updated @redocly/openapi-core to version 2.30.3.

• Fixed billing portal checkbox/radio checked contrast in dark mode.

Fixes

• Updated Reunite's pull request summary interface to improve readability of merge status, reviews, and actions on the activity page.

Fixes

• Hardened Realm CORS proxy validation to block private network targets before proxying requests.

Fixes

• Fixed intermittent "Cannot edit in read-only" and dropped keystrokes issue in the Reunite editor.

Features

• Added re-request review functionality.

Fixes

• Updated @redocly/openapi-core to version 2.30.2.

• Retained feedback filters and sort order when switching between Page feedback and Code reports.

Fixes

• Fixed security vulnerability GHSA-39q2-94rc-95cp by upgrading dompurify to version 3.4.0.

• Fixed security vulnerability CVE-2026-41650 by upgrading fast-xml-parser to version 5.7.1.

• Fixed security vulnerability CVE-2026-39356 by upgrading drizzle-orm to version 0.45.2.

• Fixed security vulnerability CVE-2026-41673 by upgrading @xmldom/xmldom to version 0.9.10.

• Fixed multiple moderate security vulnerabilities in hono dependency by upgrading it to version 4.12.14.

Fixes

• Closing the last tab in a Reunite editor default files group now keeps the group in place.

Fixes

• Updated @redocly/openapi-core to version 2.30.1.

• Fixed an Editor issue where the Commit tab badge did not update after file edits.

Features

• Reworked the Reunite editor layout: file and utility tabs now share a single workspace that can be rearranged, split horizontally or vertically, and resized.

Features

• Updated error and permission-denied pages with clearer copy, actions, and navigation that adapts to org or project context.

Fixes

• Updated @redocly/openapi-core and @redocly/cli to version 2.29.1.