What's new

A running log of changes to GatiFlow that affect customers. Hand-curated; internal refactors and minor fixes are omitted.

v2.9

June 2026
  • Download JSON button on the Report page — export the full intelligence payload with one tap.
  • Hiring & Opportunity Signals now load collapsed for faster scrolling, with a Show All toggle to expand when needed.

v2.8

June 2026
  • Weekly Digest and Saturday Deep Dive emails now arrive at your local time — Monday 7 AM and Saturday 9 AM respectively — instead of a fixed UTC hour.
  • Your timezone is detected automatically when you register. You can also change it anytime in Settings.

v2.7

June 2026
  • Insights is now a true daily brief: one narrative synthesized each day from the day's four collection cycles, instead of mirroring weekly content.
  • Weekly Digest redesigned to look forward: the Monday email now opens with the week-ahead outlook, grounded in up to six months of signal history.
  • Digest emails include a plaintext version for better deliverability and accessibility, and the subject always carries the send date.
  • Research-paper coverage restored: the arXiv source is back online after an upstream change, with safeguards added across all data sources.

v2.6

May 2026
  • Landing page rebuilt with a responsive in-product preview — readable on mobile and accessible to screen readers.
  • Saturday Deep Dive preview on the landing page now renders multiple paragraphs with a soft fade-out instead of a mid-sentence cut.
  • Trend Reading 101 email course: confirmation email matches the visual identity of the lessons; clicking confirm lands on a dedicated confirmation page.
  • Account verification emails now deliver reliably.

v2.5

May 2026
  • AI-generated content now declares itself in report metadata (EU AI Act compliance).
  • Confidence intervals exposed on every report — see the score range, not just the headline number.
  • Trial Grace Period state now visually distinct from active trial in dashboard.
  • Double opt-in for the academy email course (CAN-SPAM-safe).
  • Monthly cap on AI spend prevents runaway billing in case of stuck cron.

v2.4

April 2026
  • Stripe webhook idempotency made robust against partial failures.
  • Watchlist signal collection moved to background tasks — internal cron no longer blocks on slow orgs.
  • Sentry sampling on /collect reduced from 100% to 20% to extend free-tier capacity.
  • Body size limit middleware streams chunks instead of buffering — no more OOM risk on chunked uploads.

v2.3

March 2026
  • Centralized opt-out filter — opted-out subjects now reliably excluded from all report paths.
  • Registration requires explicit Terms + Privacy consent (LGPD/GDPR).
  • DPO/Encarregado named on privacy page; data inquiry response time tightened to 15 business days.
  • Stripe webhook signature validation now has explicit test coverage.
  • Real client IP propagation: per-user rate limits and audit logs now reflect the actual caller, not the BFF edge.

v2.2

February 2026
  • Saturday Deep Dive: 1800-word weekly investigative article with web-grounded fact-checking.
  • Daily intelligence narratives use Claude Sonnet with fact-check pass against numeric facts.
  • RS256 JWT activated in production. Refresh token rotation hardening.
  • Body size limit middleware (1 MB cap) — prevents accidental DoS via large payloads.
  • Public report endpoint with caching for landing-page preview.

v2.1

February 2026
  • Token blacklisting via Redis (jti in JWT, /auth/logout endpoint).
  • Refresh token set as httpOnly cookie (XSS protection).
  • Auth rate limiting (10 attempts/min per IP).
  • Stripe webhook signature validation (stripe.Webhook.construct_event).
  • Quota race condition fix: increment only after successful report.
  • PDF export reads plan and timestamp from canonical fields.

v2.0

February 2026
  • Unified monorepo: 9 separate repos consolidated into one.
  • Full intelligence pipeline: RealCollector → Enricher → Scorer → Assembler.
  • First production deployment of Pro and Business plans.

For incident reports and uptime, see status updates.