Skip to content

Releases: brooksy4503/chatlima

v0.42.0 - Model Comparison Mode

Choose a tag to compare

@brooksy4503 brooksy4503 released this 29 Jun 21:31

🚀 ChatLima v0.42.0 - Model Comparison Mode

🎯 What's New

  • Model comparison mode — send one prompt to 2–3 models side-by-side and compare responses in a stacked timeline within the same chat.
  • Compare model picker — pick and manage comparison models with a dedicated UI bar and per-model response cards.
  • Clipboard image paste — paste images from the clipboard directly into the attach file panel for faster uploads.
  • Compare history persistence — comparison turns are saved with model metadata so you can revisit past side-by-side results.

🔧 Technical Implementation

  • Added POST /api/compare with NDJSON streaming (model-start, text-delta, model-finish, model-error, turn-complete).
  • New compare UI: CompareModeBar, CompareModelPicker, CompareTimeline, CompareResponseCard, ComparisonTurnGroup.
  • Extracted chat stream execution into lib/chat/executeChatStream.ts; compare orchestration in lib/chat/compareOrchestrator.ts.
  • Added CompareProvider context and useCompareOrchestrator hook for client-side compare state.
  • Database migration 0044_message_compare_columns.sql adds model_id, model_provider, model_display_name, and comparison_turn_id to messages.
  • Fixed AI SDK v6 compatibility by casting DB message parts to UIMessage parts when loading chat history.
  • Added unit tests for compare history, model priority, file upload (clipboard paste), and chat store.

🛡️ Security & Privacy

  • Compare mode respects existing credit validation and daily free-tier limits (one increment per compare turn).
  • No new required environment variables.
  • Compare mode disables MCP, web search, image generation, presets, and file attachments to reduce attack surface in v1.

📈 Benefits

For Users

  • Evaluate multiple models on the same prompt without switching chats or retyping.
  • See model names and responses grouped by turn for easy side-by-side review.
  • Paste screenshots or images from the clipboard without hunting for files.

For Platform Operators

  • Compare usage is credit-gated per model with explicit turn-level billing.
  • Compare turns persist in the database for support and analytics.

For Developers

  • Chat route logic is further modularized (executeChatStream, compare orchestrator).
  • SPEC.md documents compare API contract, disabled features, and message schema extensions.

🔄 Migration Notes

Database Migration Required

Run migrations before or after deploy:

pnpm db:migrate

This applies 0044_message_compare_columns.sql (adds nullable compare columns to messages).

Compare Mode Limitations (v1)

  • Text-only — no file attachments, MCP, web search, image generation, or presets in compare mode.

No Breaking API Changes

Existing chat, billing, and auth flows continue to work unchanged.

🚀 Deployment

Standard Deployment Process

pnpm db:migrate   # apply compare columns migration
pnpm build
git push origin main --tags

Automatic Deployment

Pushing main automatically triggers production deployment via Vercel GitHub integration.

Pre-Deployment Checklist

  • Feature merged to main
  • Production build passes
  • Run pnpm db:migrate on production database
  • Monitor Vercel deployment dashboard
  • Verify compare mode on production after deploy

📊 Changes Summary

Key Areas Added/Modified

  • Compare feature: API route, orchestrator, UI components, context, policy
  • Chat refactor: Stream execution extracted from monolithic route
  • File upload: Clipboard paste support
  • Database: Message compare columns migration
  • Tests: Compare history, model priority, file upload, chat store

Commits Since v0.41.0

  • feat: add model comparison mode for side-by-side multi-model chat
  • refactor(compare): simplify orchestration and remove redundant helpers
  • fix: cast DB message parts to UIMessage parts for AI SDK v6 compat
  • Add clipboard image paste to attach file panel
  • test: add unit tests for lib/models/model-priority.ts
  • docs: add package source lookup instructions to AGENTS.md
  • docs: add /feature-release Cursor command for release workflow

Full Changelog: v0.41.0...v0.42.0

v0.41.0 - Marketing Site, Image Generation & Chat Refactor

Choose a tag to compare

@brooksy4503 brooksy4503 released this 14 Jun 07:39

🚀 ChatLima v0.41.0 - Marketing Site, Image Generation & Chat Refactor

🎯 What's New

  • Marketing homepage — new public landing experience with ChatLima moved to /chat for a clearer product/marketing split.
  • Image generation — generate images in chat with model selection, cost visibility, download support, and credit-based billing integration.
  • MarketingShell layout — consistent marketing layout and accessibility improvements across homepage, pricing, and related pages.
  • OpenRouter Fusion support — Fusion and meta-router models work in chat with dedicated 50-credit-per-message billing.
  • MiniMax M3 presets — preset manager support for MiniMax M3 with updated max-token handling.
  • Smarter sign-in redirects — Google OAuth sign-in returns users to their intended page after authentication.
  • Cyberpunk theme fixes — code blocks and tables are readable again in the cyberpunk theme.
  • Clearer pricing copy — credit-based plan usage messaging is easier to understand on marketing and billing surfaces.

🔧 Technical Implementation

  • Decomposed POST /api/chat into modular lib/chat/* services for stream setup, finalization, and route orchestration.
  • Added client-side message persistence and improved chat stream finalization with createdAt on AI/chat UI messages.
  • Introduced image generation tool handling, model validation, cost integration, and UI components (image-modal, textarea cost visibility).
  • Added marketing routes and MarketingShell component; integrated across multiple pages for shared layout/SEO structure.
  • Extended chat routing for OpenRouter Fusion/meta-router model IDs and billing pre-checks.
  • Updated docs/architecture/flows.json, flow explorer, SPEC.md, and README for subscription tiers, credit pricing, and the chat refactor.
  • CI: Neon PR branch schema push is now non-interactive.
  • Dev: added docs:flows script and Codex worktree setup helpers.

🛡️ Security & Privacy

  • No new required environment variables for production.
  • No database migrations required.
  • Image generation and Fusion model usage remain credit-gated with pre-check validation.
  • Auth redirect support preserves intended destination without exposing sensitive state.

📈 Benefits

For Users

  • A polished marketing site explains ChatLima before sign-in; chat lives at a dedicated /chat URL.
  • Generate images directly in conversation with transparent cost handling.
  • Fusion/meta-router models are usable without routing errors.
  • Cyberpunk theme users get readable markdown tables and code blocks.
  • Sign-in no longer drops users on a generic page after OAuth.

For Platform Operators

  • Modular chat pipeline is easier to maintain and extend.
  • Fusion billing is explicit (50 credits/message) rather than ambiguous token-based estimates.
  • Marketing and product surfaces are separated for better SEO and onboarding.

For Developers

  • lib/chat/* modules clarify responsibilities previously buried in the monolithic chat route.
  • Architecture flow docs and SPEC updates reflect the refactored chat pipeline.
  • Expanded type safety for image generation models and API key provider checks.

🔄 Migration Notes

URL Change

  • The main chat UI is now at /chat. Bookmarks or integrations pointing at / for chat should be updated.

No Breaking API Changes

Existing chats, accounts, billing, and provider integrations continue to work.

For Developers

  • Run pnpm install after pulling.
  • No new required environment variables.
  • No database migrations.
  • Review SPEC.md and docs/architecture/flows.json for updated chat architecture.

🚀 Deployment

Standard Deployment Process

pnpm test:unit
pnpm build
git push origin main --tags

Automatic Deployment

Pushing main automatically triggers production deployment via Vercel GitHub integration.

Pre-Deployment Checklist

  • Feature branches merged to main
  • Release notes generated for v0.41.0
  • Version bump and tag prepared for v0.41.0

📊 Changes Summary

Key Areas Added

  • Marketing homepage and /chat route split
  • Image generation tool pipeline and UI
  • lib/chat/* modular chat services
  • MarketingShell shared layout component
  • OpenRouter Fusion / meta-router chat support

Key Areas Modified

  • app/api/chat/route.ts → decomposed into lib/chat/*
  • Marketing pages, auth sign-in flow, preset manager
  • Billing/credit handling for Fusion models
  • Cyberpunk markdown rendering (tables, code blocks)
  • SPEC.md, README, architecture flow docs

Commits Included (since v0.40.0)

  • Marketing homepage and /chat route move (PR #35)
  • Chat route quality refactor (PR #34)
  • Image generation capabilities end-to-end
  • MarketingShell integration and accessibility
  • MiniMax M3 preset support
  • OpenRouter Fusion chat + 50-credit billing
  • Cyberpunk theme markdown fixes
  • Auth redirect support
  • Pricing copy improvements

Statistics

  • 114 files changed since v0.40.0
  • 29 non-merge commits
  • Enhancement: Marketing site, image generation, and chat architecture refactor

Full Changelog: v0.40.0...v0.41.0

🎉 What's Next

Future work can extend landing-page SEO, deepen image generation model coverage, and build on the modular chat pipeline for additional OpenRouter capabilities.

v0.40.0 - OpenRouter Agentic Web Search (AI SDK v6)

Choose a tag to compare

@brooksy4503 brooksy4503 released this 28 May 21:34

🚀 ChatLima v0.40.0 - OpenRouter Agentic Web Search (AI SDK v6)

🎯 What's New

  • OpenRouter agentic web search — web search now uses OpenRouter server tools (openrouter:web_search, openrouter:web_fetch) instead of the deprecated :online suffix and web_search_options plugin pattern.
  • AI SDK v6 upgrade — chat streaming, message handling, and tool invocation are updated for AI SDK v6 and @openrouter/ai-sdk-provider 2.x.
  • Smarter web search billing — credits are charged based on actual web search invocation count rather than a flat per-request assumption.
  • Improved reasoning display — reasoning models show clearer tag-based and native reasoning extraction in the chat UI.
  • Google/Gemini tool compatibility — tool schemas are sanitized at resolution time so Gemini and Vertex models no longer fail on $schema fields in tool definitions.
  • Codex worktree env sync — new pnpm env:sync script copies local env files into Codex worktrees for faster dev setup.

🔧 Technical Implementation

  • Upgraded AI SDK packages and @openrouter/ai-sdk-provider to v2.x.
  • Refactored web search into lib/services/chatWebSearchService.ts and lib/services/openRouterWebSearchRouteSetup.ts for clearer route integration and tool-calling model gating.
  • Extracted message persistence logic into lib/chat-message-persistence.ts and shared utilities in lib/message-utils.ts.
  • Added lib/google-model-tools.ts to strip $schema from tool input schemas without mutating tool objects.
  • Updated app/api/chat/route.ts, components/chat.tsx, and components/message.tsx for AI SDK v6 UIMessage structure, tool invocation labels, and citation display.
  • Enhanced reasoning middleware in ai/providers.ts with tag-based and native reasoning extraction.
  • Added architecture flow documentation in docs/architecture/ (flow explorer HTML + flows JSON).
  • Added scripts/sync-env-local.sh and pnpm env:sync / pnpm dev:codex scripts.
  • Expanded unit test coverage:
    • __tests__/api/chat-route-web-search.test.ts
    • lib/services/__tests__/openRouterWebSearchRouteSetup.test.ts
    • lib/services/__tests__/chatWebSearchService.test.ts
    • __tests__/lib/message-utils.test.ts
    • __tests__/lib/chat-message-persistence.test.ts
    • lib/__tests__/google-model-tools.test.ts

🛡️ Security & Privacy

  • No new required environment variables for production.
  • No database migrations required.
  • Web search billing remains credit-gated with pre-check validation before requests.
  • Tool schema sanitization is applied at resolution time only — no changes to stored user data.

📈 Benefits

For Users

  • More reliable web search with live indicators, citation display, and clearer tool invocation labels.
  • Better reasoning model output visibility in the chat UI.
  • Google/Gemini models work correctly with MCP and function tools enabled.
  • Web search costs reflect actual usage rather than flat per-request charges.

For Platform Operators

  • Modern OpenRouter integration aligned with current API patterns (agentic tools vs deprecated plugins).
  • Expanded test coverage makes future AI SDK and provider changes safer to ship.
  • Architecture flow docs improve onboarding for contributors.

For Developers

  • AI SDK v6 patterns established across chat route, components, and services.
  • Clear separation between web search setup, message persistence, and route handling.
  • Codex worktree env sync reduces friction when working across multiple checkouts.

🔄 Migration Notes

No Breaking Changes for End Users

Existing chats, accounts, billing, and model integrations continue to work. Web search behaviour is improved but the globe toggle UX is unchanged.

Provider Behaviour Changes

  • OpenRouter web search now uses agentic server tools when the feature flag / route setup enables them.
  • Legacy :online suffix and web_search_options plugin paths remain supported as fallbacks where applicable.
  • AI SDK v6 message format is used internally — persisted messages follow the updated UIMessage part structure.

For Developers

  • Run pnpm install after pulling — dependency versions have changed significantly.
  • No new required environment variables.
  • No database migrations.
  • Optional: run pnpm env:sync to copy env files into Codex worktrees.

🚀 Deployment

Standard Deployment Process

pnpm test:unit
pnpm build
npm version minor -m "chore: release v%s"
git push origin main --tags

Automatic Deployment

Pushing main automatically triggers production deployment via Vercel GitHub integration.

Pre-Deployment Checklist

  • Unit tests passing: 1472 passed, 20 skipped, 62 passed suites
  • PR #33 merged to main
  • Release notes generated and reviewed
  • Version bump and tag prepared for v0.40.0

📊 Changes Summary

Key Files Added

  • lib/services/openRouterWebSearchRouteSetup.ts
  • lib/chat-message-persistence.ts
  • lib/message-utils.ts
  • lib/google-model-tools.ts
  • scripts/sync-env-local.sh
  • docs/architecture/flow-explorer.html
  • docs/architecture/flows.json

Key Files Modified

  • app/api/chat/route.ts
  • components/chat.tsx
  • components/message.tsx
  • lib/services/chatWebSearchService.ts
  • ai/providers.ts
  • package.json / pnpm-lock.yaml

Commits Included

  • fc8a231 — Merge pull request #33: OpenRouter agentic web search tools (AI SDK v6)
  • 88fc10e — Update dependencies and enhance message handling
  • 33bfab9 — Enhance message processing and synchronization in chat components
  • 2c14290 — Refactor reasoning middleware and enhance message handling
  • 5f8455f — Enhance web search functionality and message handling
  • c5de94a — fix: strip $schema from Google model tool schemas without mutating tools
  • 63e7e73 — Add env sync script for Codex worktrees

Statistics

  • 63 files changed since v0.39.0
  • 8,062 insertions, 1,746 deletions
  • Enhancement: OpenRouter Agentic Web Search and AI SDK v6 Migration

Full Changelog: v0.39.0...v0.40.0

🎉 What's Next

Future work can build on this release by extending agentic tool support to additional OpenRouter capabilities, further stream persistence improvements, and deeper architecture documentation for the chat pipeline.

v0.39.0 - Background Chat Streaming and Stop Controls

Choose a tag to compare

@brooksy4503 brooksy4503 released this 08 May 08:30

🚀 ChatLima v0.39.0 - Background Chat Streaming and Stop Controls

🎯 What's New

  • Background chat stream consumption — chat responses now continue being consumed server-side even if the client disconnects or navigates away mid-generation.
  • Stop generation support — users can stop an in-progress chat response using a dedicated stop action.
  • More stable session handling — improved auth session retrieval reduces avoidable re-render loops and keeps authenticated chat state steadier.
  • Stream resilience groundwork — includes research and implementation planning for more durable chat streaming behaviour.

🔧 Technical Implementation

  • Added lib/chat-stream-consumption.ts to continue consuming stream responses in the background.
  • Added lib/chat-stop-registry.ts to track and cancel active chat generations.
  • Updated app/api/chat/route.ts to integrate background stream consumption and stop handling.
  • Updated components/chat.tsx to support the improved chat generation lifecycle.
  • Improved auth/session helpers in lib/auth-client.ts and lib/context/auth-context.tsx.
  • Added focused coverage for stream consumption and stop registry behaviour:
    • __tests__/api/chat-stream-consumption.test.ts
    • __tests__/lib/chat-stop-registry.test.ts
    • Updated __tests__/components/chat.test.tsx

🛡️ Security & Privacy

  • No new environment variables are required.
  • No database migrations are required.
  • No known privacy-impacting data model changes.
  • Stop handling is scoped to active chat generation control rather than exposing additional user data.

📈 Benefits

For Users

  • Fewer lost or abandoned responses when browser/client state changes during generation.
  • Better control over long-running generations with an explicit stop path.
  • Smoother authenticated chat experience from improved session handling.

For Platform Operators

  • More robust streaming behaviour reduces support friction around interrupted generations.
  • Better test coverage around the chat streaming lifecycle makes future changes safer.

For Developers

  • Clearer separation of concerns for stream consumption and stop/cancel tracking.
  • Dedicated tests document the intended behaviour for resilient streaming and stop controls.
  • Research and planning docs provide a foundation for future stream persistence improvements.

🔄 Migration Notes

No Breaking Changes

This release maintains full backward compatibility. Existing chats, accounts, projects, billing, and model integrations remain unchanged.

User-Facing Changes

  • Users may notice more reliable chat generation behaviour when navigating away or interrupting requests.
  • Users can stop in-progress chat generation through the updated stop action flow.

For Developers

  • No new required environment variables.
  • No database migrations.
  • No dependency updates required for this release.

🚀 Deployment

Standard Deployment Process

This release follows the standard ChatLima deployment workflow:

pnpm test:unit
pnpm build
npm version minor -m "chore: release v%s"
git push origin main --tags

Automatic Deployment

With GitHub integration enabled, pushing main automatically triggers production deployment via Vercel.

Pre-Deployment Checklist

  • Unit tests passing: 1414 passed, 20 skipped, 56 passed suites, 1 skipped suite
  • Production build completed successfully
  • Release notes generated and reviewed
  • Version bump and tag prepared for v0.39.0

📊 Changes Summary

Files Added

  • __tests__/api/chat-stream-consumption.test.ts
  • __tests__/lib/chat-stop-registry.test.ts
  • docs/chat-stream-resilience-research.md
  • docs/plans/2026-05-06-option-1-stream-resilience-plan.md
  • lib/chat-stop-registry.ts
  • lib/chat-stream-consumption.ts

Files Modified

  • app/api/chat/route.ts
  • components/chat.tsx
  • lib/auth-client.ts
  • lib/context/auth-context.tsx
  • __tests__/components/chat.test.tsx
  • codefetch/codebase.md

Commits Included

  • 9b3f02c — feat(auth): add getSession method and improve session management
  • 0ecfef2 — fix(auth-client): enable default session fetching to prevent re-render loops
  • 45a1f09 — feat(chat): implement stop action for chat generation
  • ab4cb71 — feat(chat): integrate background stream consumption for chat responses
  • 3399a3d — Merge pull request #32 from brooksy4503/plan/option-1-stream-resilience
  • 08580a5 — docs: add option 1 stream resilience plan
  • c7cbd86 — docs: add chat stream resilience research

Statistics

  • 13 files changed since v0.38.0
  • 121,242 insertions, 60,754 deletions including generated codebase context updates
  • Enhancement: Background Chat Streaming and Stop Controls

Full Changelog: v0.38.0...v0.39.0

🎉 What's Next

Future stream resilience work can build on this release by adding deeper persistence/recovery for long-running generations and richer client-side resume behaviour.

v0.38.0 - Projects, Access Gating, Web Fetch & Settings

Choose a tag to compare

@brooksy4503 brooksy4503 released this 06 Apr 03:00

🚀 ChatLima v0.38.0 - Projects, Access Gating, Web Fetch & Settings

🎯 What's New

This release delivers first-class Projects for organizing chats and files, subscription and BYOK access rules for premium models, a native URL fetch capability for the assistant, a unified settings sheet with tabs, and broad improvements to the model picker, API key management, and SEO comparison pages.

📁 Projects

  • Project APIs and chat linking: Create and manage projects, link chats to projects, and inject project context into conversations.
  • Project-first flows: Start chats from a project and keep project context aligned as you work.
  • Sidebar and detail UI: Project section in the sidebar with project detail sheets and improved navigation; layout and overflow fixes for long file names and mobile.
  • Bug fix: Corrected malformed project file URLs when resolving read_file for project attachments.

💳 Model access (subscription & BYOK)

  • Access gating: Premium or restricted models respect subscription status and bring-your-own-key (BYOK) rules.
  • Clearer UX for anonymous users: Sign-in and upgrade affordances in the chat sidebar; access dialog explains premium models and subscription benefits.

🌐 Web fetch (URL tool)

  • Native URL fetch: The assistant can fetch and work with content from URLs, with streamlined HTML parsing and extraction in the web fetch pipeline.

⚙️ Settings & keys

  • Settings sheet: Replaces the older settings dropdown with a tabbed settings sheet for API keys, MCP, preferences, and related options.
  • API key manager: Improved handling, storage events, and coordination with model context so keys and availability stay in sync.
  • Model picker: Better loading and error states, availability checks aligned with API key validation, and smoother selection when models are blocked or loading.

🔎 SEO & routing

  • Comparison pages: Updated flagship model lineup on SEO comparison pages.
  • Slugs: Multi-word provider names work correctly when mapping slugs to model IDs.

📄 Files & data

  • CSV and Excel: Stronger parsing for spreadsheets used with uploads and file-backed workflows.
  • Specification & docs: Application spec and README/CLAUDE updates (including settings panel documentation); AGENTS.md and dev-environment housekeeping.

🧪 Quality

  • PDF utilities: Expanded tests for markdown and text handling in PDF rendering.
  • TypeScript: tsconfig updated to include declaration files in compilation where appropriate.

🔧 Technical Implementation

  • Projects: New and updated routes and services for project CRUD, chat–project association, and context injection; integrated into chat components and sidebar (feat(projects) / project PR merge).
  • Billing & access: Server and client logic for gating model use by plan and BYOK; hooks in chat UI for upgrade and sign-in paths.
  • Web fetch: web-fetch feature and webFetchService refactor for extraction and HTML parsing; chat route/tooling wired for native URL fetch.
  • Settings UI: Sidebar refactor from dropdown to sheet-based settings with tab navigation.
  • Model picker / API keys: model-context and api-key-manager updates for storage events, availability, and validation.
  • Tooling / DX: AGENTS.md, removal of snapshot-managed Cursor env file where superseded, PDF test coverage, tsconfig fix.

🛡️ Security & Privacy

  • Access gating reduces unintended use of high-cost or restricted models without an appropriate plan or user-supplied keys.
  • Web fetch should only retrieve URLs exposed through the product’s normal tool flow; review deployment CORS and allowlists as you extend fetch behavior.

📈 Benefits

  • Projects give users a clearer way to group work, files, and threads.
  • Transparent access rules align model choice with subscription and keys, with fewer confusing failures at send time.
  • URL fetch supports research and summarization workflows without manual copy-paste.
  • Settings are easier to scan and maintain in one place.

🔄 Migration Notes

  • Environment: No new required env vars are introduced solely by this release summary; follow existing docs for Blob, auth, and AI keys. If you customize web fetch or project storage, confirm production secrets and feature flags.
  • Database: If your deployment uses project-related migrations, run the usual Drizzle migrate flow (pnpm db:migrate) after deploy when migrations are present in the branch.
  • Breaking changes: None called out for typical chat usage; behavior changes mainly around which models are selectable under gating rules.

🚀 Deployment

  • Build: pnpm build
  • Tests: pnpm lint, Playwright as configured (pnpm test:basic, etc.); install browsers for E2E if needed.
  • Push main with tags triggers production deployment via GitHub/Vercel when integrated.

Full Changelog: v0.37.0...v0.38.0

v0.37.0 - Improved File Upload System

Choose a tag to compare

@brooksy4503 brooksy4503 released this 27 Feb 22:54

🚀 ChatLima v0.37.0 - Improved File Upload System

🎯 What's New

This release introduces an improved dual-path file upload system with Vercel Blob Storage for documents and enhanced file handling and documentation for user-uploaded files.

📎 Dual-Path File Upload

  • Images: Processed client-side and sent as base64 for vision-capable models
  • Documents: Uploaded to Vercel Blob Storage and made available to the AI via a read_file tool
  • Supported types: Images (JPEG, PNG, WebP), PDF, CSV, Excel (.xls, .xlsx), and text/code (.txt, .md, .json, .js, .ts, .py, etc.)
  • Limits: 30 MB max file size, 5 files per message, with parser limits for Excel (1,000 rows/sheet) and CSV (10,000 rows)

📄 File Handling & UX

  • File preview component for images and document metadata
  • Client-side validation for file size and type before upload
  • Structured documentation for the file upload system and implementation plan

🔧 Technical Implementation

  • app/api/upload-files/route.ts: Multipart upload API storing files in Vercel Blob Storage
  • app/api/chat/route.ts: Chat route updated to accept file references and integrate with the read_file tool
  • components/file-upload.tsx: Upload UI with drag-drop and file picker
  • components/file-preview.tsx: Preview for images and document info
  • lib/file-upload.ts: Client-side upload and validation logic
  • lib/file-reader/: Parsers for PDF, CSV, Excel, and text (used by read_file tool)
  • lib/browser-storage.ts: Browser storage utilities
  • Tests: E2E and unit tests for upload API, file-upload component, and file-reader/PDF parser

🛡️ Security & Privacy

  • Files stored in Vercel Blob with timestamp-based unique names to avoid collisions
  • Client-side validation reduces unnecessary server load and improves UX
  • Document content is only fetched and parsed when the AI uses the read_file tool

📈 Benefits

  • Users can attach documents and images to conversations for vision and RAG-style use cases
  • Clear separation between vision (inline images) and document processing (Blob + tool) keeps payloads and costs predictable
  • Documented architecture and limits make it easier to extend or tune the system

🔄 Migration Notes

  • No breaking changes. Existing chats and API usage remain unchanged.
  • Optional: ensure BLOB_READ_WRITE_TOKEN (or equivalent) is set in Vercel for Blob Storage if using document uploads.

🚀 Deployment

  • Build and tests: pnpm build (Playwright tests require pn exec playwright install for browser binaries)
  • Push to main triggers automatic production deployment via GitHub/Vercel integration
  • No database migrations required

Full Changelog: v0.36.1...v0.37.0

v0.36.1 - Programmatic SEO & Security Patch

Choose a tag to compare

@brooksy4503 brooksy4503 released this 29 Dec 12:05

🚀 ChatLima v0.36.1 - Programmatic SEO & Security Patch

🎯 What's New

This release introduces Programmatic SEO for Model Pages, enabling dynamic, search-engine-optimized pages for AI models and comparisons. Additionally, this release addresses critical security vulnerabilities in React Server Components by updating Next.js and related dependencies to their latest secure versions.

🚀 Programmatic SEO Feature

  • Dynamic Model Pages: Automatically generated SEO-optimized pages for top 100 AI models at /model/[slug]
  • Model Comparison Pages: Pre-built comparison pages for popular model pairs at /compare/[slug]
  • Models Listing Page: Comprehensive models directory with search and filtering at /models
  • Enhanced Sitemap: Dynamic sitemap generation including model pages, comparison pages, and static pages
  • SEO-Optimized Metadata: Dynamic Open Graph tags, titles, and descriptions for all model pages
  • Structured Data: Rich metadata for search engines to better understand model capabilities
  • Cross-Linking: Intelligent model recommendations and comparison links for better discoverability

🛡️ Security Fixes

  • React Server Components CVE: Fixed vulnerabilities in React Server Components implementation
  • Next.js Update: Updated from 15.3.6 to 15.3.8 with security patches
  • Dependency Updates: Updated React Server Components dependencies to secure versions:
    • react-server-dom-webpack
    • react-server-dom-parcel
    • react-server-dom-turbopack
  • Automatic Security Scanning: Applied fixes using Vercel's automated security tooling

🛡️ Security Fixes

  • React Server Components CVE: Fixed vulnerabilities in React Server Components implementation
  • Next.js Update: Updated from 15.3.6 to 15.3.8 with security patches
  • Dependency Updates: Updated React Server Components dependencies to secure versions:
    • react-server-dom-webpack
    • react-server-dom-parcel
    • react-server-dom-turbopack
  • Automatic Security Scanning: Applied fixes using Vercel's automated security tooling

🔧 Technical Implementation

Programmatic SEO Implementation

Dynamic Model Pages (app/model/[slug]/page.tsx)

  • Static generation for top 100 models using generateStaticParams
  • Dynamic metadata generation with model-specific titles, descriptions, and Open Graph tags
  • Comprehensive model information display with hero section, specs, descriptions, and prompts
  • Premium access checks and upgrade CTAs for restricted models
  • Related models cross-linking for better discoverability

Model Page Components

  • components/model-page/model-hero.tsx - Hero section with CTA and capability badges
  • components/model-page/model-specs.tsx - Technical specifications (context, pricing, capabilities)
  • components/model-page/model-description.tsx - Detailed descriptions with strengths, use cases, and limitations
  • components/model-page/model-prompts.tsx - Sample prompts organized by category
  • components/model-page/model-related.tsx - Cross-linking to similar models
  • components/model-page/model-premium-banner.tsx - Upgrade CTAs for premium models
  • components/model-page/model-comparison-links.tsx - Links to related comparison pages

Comparison Pages (app/compare/[slug]/page.tsx & app/compare/page.tsx)

  • Pre-built comparison pages for popular model pairs
  • Side-by-side model comparison with detailed feature tables
  • components/comparison/comparison-cards.tsx - Visual model comparison cards
  • components/comparison/comparison-table.tsx - Detailed feature comparison table
  • Dynamic metadata for SEO optimization

Models Listing Page (app/models/page.tsx)

  • Comprehensive directory of all available models
  • Search and filtering capabilities
  • Category-based filtering
  • components/models-listing/models-grid.tsx - Grid display of models
  • components/models-listing/models-filter.tsx - Filtering interface

SEO Enhancements

  • app/sitemap.xml/route.ts - Enhanced with dynamic model and comparison page URLs
  • app/robots.txt/route.ts - Updated to allow crawling of /model/, /models/, and /compare/ paths
  • Top 100 models pre-rendered for optimal SEO performance
  • 20 pre-built comparison pages included in sitemap
  • 24-hour sitemap caching for performance

Slug Utilities (lib/models/slug-utils.ts)

  • Model priority selection for SEO
  • Slug generation and normalization
  • URL handling improvements

Security Updates

package.json (Updated)

  • Updated next from 15.3.6 to 15.3.8
  • Security patches applied to all React Server Components dependencies
  • All vulnerable versions automatically patched based on official React advisory

pnpm-lock.yaml (Updated)

  • Lock file updated with secure dependency versions
  • Transitive dependencies updated to secure versions
  • Babel core updated from 7.26.10 to 7.28.0 as part of dependency chain

Automated Security Fix

This security patch was automatically applied by Vercel's fix-react2shell-next tool, which:

  • Scanned all package.json files for vulnerable versions
  • Applied fixes based on official React security advisories
  • Updated dependencies to their secure versions
  • Ensured all React Server Components dependencies are patched

🛡️ Security & Privacy

Critical Security Improvements

  • CVE Mitigation: Fixed React Server Components vulnerabilities that could potentially be exploited
  • Proactive Security: Applied security patches immediately upon availability
  • Dependency Security: All React Server Components dependencies updated to secure versions
  • Automated Protection: Leveraged automated security tooling for rapid response

Security Best Practices

  • Immediate Update Recommended: This is a security patch that should be deployed as soon as possible
  • No Breaking Changes: Security updates maintain full backward compatibility
  • Transparent Process: Security fixes applied using official React advisories
  • Automated Scanning: Continuous security monitoring and automated patching

📈 Benefits

For Users

  • Enhanced Discoverability: Find AI models through search engines and direct links
  • Better Model Information: Comprehensive model pages with detailed specifications and use cases
  • Easy Comparisons: Side-by-side model comparisons to make informed decisions
  • Improved SEO: Better search engine visibility for ChatLima and its models
  • Enhanced Security: Protection against potential security vulnerabilities
  • Peace of Mind: Application secured with latest security patches
  • No Disruption: Security updates applied without breaking changes
  • Transparent Updates: Clear communication about security improvements

For Platform Operators

  • SEO Growth: Programmatic SEO drives organic traffic and discoverability
  • Better User Acquisition: Model pages serve as landing pages for specific AI models
  • Improved Rankings: Comprehensive, well-structured content improves search rankings
  • Content Scalability: Automatically generate pages for new models without manual work
  • Risk Mitigation: Reduced security risk from known vulnerabilities
  • Compliance: Up-to-date with security best practices
  • Automated Updates: Leveraged automated security tooling for rapid response
  • Maintenance: Easy to apply security patches through standard update process

For Developers

  • SEO Infrastructure: Reusable components and patterns for programmatic SEO
  • Type Safety: Full TypeScript support for all new components
  • Static Generation: Optimal performance with Next.js static generation
  • Extensible Architecture: Easy to add new model pages and comparisons
  • Secure Foundation: Building on secure, up-to-date dependencies
  • Best Practices: Following security update best practices
  • Automated Tooling: Leveraging automated security scanning and patching
  • Clear Documentation: Comprehensive release notes for security updates

🔄 Migration Notes

No Breaking Changes

This release maintains full backward compatibility. All existing functionality continues to work without modification.

Immediate Action Required

  • Deploy Immediately: This is a security patch that should be deployed as soon as possible
  • No Code Changes: No code changes required for security updates - dependency updates only
  • No Configuration Changes: No environment variables or configuration changes needed
  • No Database Migrations: No database changes required

New Features Available

  • Model Pages: Access individual model pages at /model/[model-slug]
  • Comparison Pages: View model comparisons at /compare/[comparison-slug]
  • Models Directory: Browse all models at /models
  • Enhanced Sitemap: Updated sitemap includes all new programmatic pages
  • SEO Improvements: Better search engine visibility and discoverability

Update Process

  1. Automatic Deployment: If using GitHub integration, deployment happens automatically
  2. Manual Deployment: Run standard deployment process if needed
  3. Verification: Verify application functionality after deployment
  4. Monitoring: Monitor application for any issues post-deployment

For Developers

  • No Code Changes: No code modifications required
  • Dependency Update: Dependencies automatically updated via package manager
  • Lock File: pnpm-lock.yaml updated with secure versions
  • Testing: Standard testing procedures apply

🚀 Deployment

Standard Deployment Process

This release follows the standard deployment workflow:

# Completed:
# 1. Version bumped to 0.36.1
# 2. Git tag created (v0.36.1)
# 3. Tags pushed to remote

Automatic Deplo...

Read more

v0.36.0 - Tiered Credit System & Enhanced Workflows

Choose a tag to compare

@brooksy4503 brooksy4503 released this 07 Dec 09:52

🚀 ChatLima v0.36.0 - Tiered Credit System & Enhanced Workflows

🎯 What's New

This release introduces a tiered credit cost system that charges different amounts of credits per message based on the actual API pricing of AI models. This major enhancement protects against abuse where users could consume $100+ of API costs while only paying $10 in credits, while also providing transparent pricing to users. Additionally, this release includes significant improvements to the release workflow automation and enhanced OAuth functionality.

💰 Tiered Credit Cost System

  • Five-Tier Pricing Structure: Models are categorized into five tiers based on their API pricing:

    • Free/Standard: 1 credit (free or low-cost models)
    • Premium: 2 credits ($3-15/M input or $5-50/M output)
    • High Premium: 5 credits ($15-50/M) - Claude Opus, GPT-4
    • Very High Premium: 15 credits ($50-100/M) - GPT-5 Pro
    • Ultra Premium: 30 credits ($100+/M) - o1-pro, o3-pro
  • Transparent Pricing: Credit costs are displayed in the model picker, allowing users to make informed decisions

  • Smart Calculation: Automatically calculates credit costs based on model pricing data

  • API Endpoint: New /api/models/[modelId]/credit-cost endpoint provides real-time credit cost information

  • Protection Against Abuse: Prevents users from consuming expensive API resources while paying flat rates

🔄 Release Workflow Enhancements

  • Smart Branch Detection: Automatically skips merge step when already on main branch
  • Critical Branch Protection: Prevents accidental deletion of protected branches (main, master, develop)
  • Improved Safety: Enhanced error handling and validation in release automation

🔐 OAuth Improvements

  • Clear Auth Button: New button to easily clear OAuth authorization for MCP servers
  • Enhanced Logging: Improved OAuth flow logging for better debugging
  • Fetch Interceptor: Integrated OAuth fetch interceptor for seamless token management
  • Session Optimization: Optimized session handling and model refresh logic

📝 Message Formatting Enhancements

  • Tool Message Filtering: Enhanced message formatting by filtering out tool messages
  • Improved OpenRouter Compatibility: Refined message filtering logic for better compatibility with OpenRouter API
  • Better Message Handling: More robust message conversion and formatting

🔧 Technical Implementation

Tiered Credit System

lib/utils/creditCostCalculator.ts (New)

  • Central utility function calculateCreditCostPerMessage() that calculates credit costs based on model pricing
  • Five-tier pricing structure with automatic tier determination
  • Fallback behavior for missing pricing data
  • Support for both input and output pricing calculations

lib/tokenCounter.ts (Enhanced)

  • Updated trackTokenUsage() to accept modelInfo parameter
  • Integrated variable credit cost calculation
  • Updated hasEnoughCredits() to validate based on model-specific credit costs

lib/services/chatCreditValidationService.ts (Enhanced)

  • Integrated tiered credit cost validation
  • Pre-flight credit checks based on model pricing
  • Enhanced error messages showing required credit costs

app/api/models/[modelId]/credit-cost/route.ts (New)

  • RESTful API endpoint for querying model credit costs
  • Real-time credit cost calculation
  • Error handling for missing models

components/model-picker.tsx (Enhanced)

  • Credit cost display in model details panel
  • Real-time credit cost fetching
  • Visual indicators for premium models
  • Color-coded credit cost display (yellow for premium models)

Release Workflow Script

scripts/release-workflow.ts (Enhanced)

  • Added protection for critical branches (main, master, develop)
  • Automatic detection of main branch to skip merge step
  • Improved error messages and validation
  • Enhanced safety checks before branch deletion

OAuth Enhancements

lib/services/chatMCPServerService.ts (Enhanced)

  • Improved OAuth status checking and logging
  • Optimized session handling and model refresh logic
  • Integrated OAuth fetch interceptor
  • Enhanced logging throughout OAuth flow

components/mcp-server-manager.tsx (Enhanced)

  • Added "Clear Auth" button for easy OAuth revocation
  • Enhanced OAuth flow logging
  • Improved status indicators

Message Formatting

Message Conversion Logic (Enhanced)

  • Enhanced message formatting by filtering out tool messages
  • Refined message filtering logic in convertToOpenRouterFormat
  • Better compatibility with OpenRouter API requirements

🛡️ Security & Privacy

Security Enhancements

  • Tiered Credit Protection: Prevents abuse of expensive models by requiring appropriate credit costs
  • Credit Validation: Enhanced pre-flight credit checks prevent unauthorized usage
  • OAuth Security: Improved OAuth token management and session handling
  • Branch Protection: Prevents accidental deletion of critical branches in release workflow

Privacy Considerations

  • Transparent Pricing: Users can see credit costs before using models
  • No Data Collection: Credit cost calculations use existing model pricing data
  • Local Calculations: Credit costs calculated server-side with no external data sharing

📈 Benefits

For Users

  • Fair Pricing: Credit costs reflect actual API pricing, ensuring fair usage
  • Transparent Costs: See credit costs before selecting models
  • Better Planning: Understand credit requirements before sending messages
  • Protection: System protects against unexpected high costs

For Platform Operators

  • Cost Protection: Prevents abuse where users consume expensive API resources at flat rates
  • Fair Billing: Credit costs align with actual API costs
  • Better Economics: Sustainable pricing model that scales with usage
  • Transparency: Clear pricing structure builds user trust

For Developers

  • Extensible System: Easy to adjust tiers or add new pricing models
  • Type-Safe: Full TypeScript support with proper type definitions
  • Well-Documented: Comprehensive documentation in docs/variable-credit-costs-implementation.md
  • Test Coverage: Comprehensive test suite for credit cost calculations

🔄 Migration Notes

No Breaking Changes

This release maintains full backward compatibility. All existing functionality continues to work without modification.

New Features Available

  • Tiered Credit Costs: Credit costs now vary by model (1-30 credits)
  • Credit Cost API: New /api/models/[modelId]/credit-cost endpoint
  • Credit Cost Display: Credit costs visible in model picker
  • Release Workflow: Enhanced automation with branch protection
  • OAuth Clear Button: Easy OAuth revocation in MCP Server Manager

User-Facing Changes

  • Credit Cost Display: Models now show credit costs in the model picker
  • Variable Costs: Different models cost different amounts of credits
  • Clear Auth Button: New button in MCP Server Manager for OAuth management

For Developers

  • New Utility: calculateCreditCostPerMessage() function in lib/utils/creditCostCalculator.ts
  • New API Route: /api/models/[modelId]/credit-cost for credit cost queries
  • Enhanced Services: Updated credit validation and token tracking services
  • No Database Migrations: No database changes required
  • No Environment Variables: No new environment variables needed

Usage Examples

Checking Credit Cost for a Model:

// Via API
const response = await fetch(`/api/models/${modelId}/credit-cost`);
const { creditCost } = await response.json();

// Programmatically
import { calculateCreditCostPerMessage } from '@/lib/utils/creditCostCalculator';
const creditCost = calculateCreditCostPerMessage(modelInfo);

Credit Cost Tiers:

  • Free models (gpt-3.5-turbo): 1 credit
  • Premium models (claude-3-sonnet): 2 credits
  • High Premium (claude-opus, gpt-4): 5 credits
  • Very High Premium (gpt-5-pro): 15 credits
  • Ultra Premium (o1-pro, o3-pro): 30 credits

🚀 Deployment

Standard Deployment Process

This release follows the standard deployment workflow:

# Completed:
# 1. Version bumped to 0.36.0
# 2. Git tag created (v0.36.0)
# 3. Tags pushed to remote

Automatic Deployment

With GitHub integration enabled, pushing to main automatically triggers production deployment via Vercel.

Environment Considerations

  • ✅ No new environment variables needed
  • ✅ No database migrations needed
  • ✅ Backward compatible with all previous versions
  • ✅ Credit cost calculations use existing model pricing data

Pre-Deployment Checklist

  • Tiered credit system tested with various models
  • Credit cost display verified in UI
  • API endpoint tested and working
  • Release workflow script tested
  • OAuth enhancements verified
  • Message formatting improvements tested

📊 Changes Summary

Files Modified

  • lib/tokenCounter.ts - Integrated tiered credit cost calculation
  • lib/services/chatCreditValidationService.ts - Added tiered credit validation
  • lib/services/chatTokenTrackingService.ts - Updated to use variable credit costs
  • lib/services/creditCache.ts - Enhanced credit checking with tiered costs
  • lib/services/directTokenTracking.ts - Added model info fetching for credit costs
  • lib/services/chatMCPServerService.ts - OAuth improvements and logging
  • components/model-picker.tsx - Added credit cost display
  • components/mcp-server-manager.tsx - Added Clear Auth button and OAuth improvements
  • scripts/release-workflow.ts - Added branch protection and main branch detection
  • app/api/chat/route.ts - Updated to pass model info for credit calculations

Files Added

  • `li...
Read more

v0.35.0 - MCP OAuth 2.1 Authorization Support

Choose a tag to compare

@brooksy4503 brooksy4503 released this 06 Dec 11:42

🚀 ChatLima v0.35.0 - MCP OAuth 2.1 Authorization Support

🎯 What's New

This release introduces comprehensive OAuth 2.1 authorization support for Model Context Protocol (MCP) servers, enabling secure authentication with remote MCP servers that require user login. This major enhancement expands ChatLima's MCP capabilities to support authenticated services like CogniMemo and other OAuth-protected MCP servers.

🔐 OAuth 2.1 Authorization Flow

  • Browser-Based Authentication: Seamless OAuth flow with automatic browser redirects
  • PKCE Security: Implementation of Proof Key for Code Exchange (PKCE) for enhanced security
  • Token Management: Automatic token storage, refresh, and expiration handling
  • Multi-Server Support: Independent OAuth authentication for each MCP server
  • Persistent Sessions: OAuth tokens persist across browser sessions

🎨 Enhanced MCP Server Manager

  • OAuth Toggle: Easy-to-use checkbox to enable OAuth authentication for SSE and Streamable HTTP servers
  • Authorize Button: One-click authorization flow initiation
  • Status Indicators: Visual feedback showing authorization status (Authorized/Not Authorized)
  • Session Management: Automatic cleanup of session storage during OAuth flow

🔄 OAuth Callback Handling

  • Dedicated Callback Page: New /oauth/callback route for handling OAuth redirects
  • Error Handling: Comprehensive error handling with user-friendly messages
  • Automatic Redirect: Seamless return to chat interface after successful authentication
  • State Management: Secure handling of OAuth state and authorization codes

🔧 Technical Implementation

OAuth Provider Implementation

lib/services/mcpOAuthProvider.ts (New)

  • Complete implementation of OAuthClientProvider interface from MCP SDK
  • PKCE code verifier generation and storage
  • Token storage and retrieval using localStorage
  • Client metadata management for OAuth registration
  • OAuth endpoint discovery via .well-known/oauth-authorization-server
  • Token expiration checking and validation
  • Secure token exchange with authorization codes

OAuth Callback Page

app/oauth/callback/page.tsx (New)

  • Handles OAuth redirect callbacks from authorization servers
  • Extracts authorization codes from URL parameters
  • Exchanges authorization codes for access tokens
  • Manages session storage cleanup
  • Provides user feedback during authorization process
  • Handles errors gracefully with clear error messages

MCP Service Updates

lib/services/chatMCPServerService.ts (Enhanced)

  • Added useOAuth flag support in server configuration
  • Integration with MCPOAuthProvider for authenticated transports
  • OAuth token injection into HTTP requests
  • Support for OAuth-enabled Streamable HTTP transports

MCP Context Updates

lib/context/mcp-context.tsx (Enhanced)

  • Added useOAuth field to MCPServer interface
  • OAuth state management per server
  • Token status tracking and validation
  • Integration with OAuth provider for token management

MCP Server Manager UI

components/mcp-server-manager.tsx (Enhanced)

  • OAuth toggle checkbox for SSE and Streamable HTTP servers
  • Authorize button with loading states
  • Authorization status indicators (green for authorized, yellow for not authorized)
  • Session storage management during OAuth flow
  • Improved error handling and user feedback

API Route Updates

app/api/chat/route.ts (Enhanced)

  • Support for OAuth-enabled MCP server configurations
  • Token passing to MCP service layer

🛡️ Security & Privacy

Security Enhancements

  • PKCE Implementation: Uses Proof Key for Code Exchange to prevent authorization code interception attacks
  • Secure Token Storage: OAuth tokens stored securely in browser localStorage with server-specific prefixes
  • Token Expiration: Automatic token expiration checking and validation
  • No Client Secrets: Uses PKCE instead of client secrets for enhanced security
  • Session Isolation: Each MCP server's OAuth tokens are stored separately and securely

Privacy Considerations

  • Local Storage Only: All OAuth tokens stored locally in user's browser
  • No Server-Side Storage: Tokens never sent to ChatLima servers
  • User Control: Users can authorize and revoke access at any time
  • Secure Redirects: OAuth redirects use secure HTTPS endpoints
  • State Management: Proper OAuth state handling prevents CSRF attacks

📈 Benefits

For Users

  • Access to Protected MCP Servers: Connect to OAuth-protected MCP servers like CogniMemo
  • Seamless Authentication: Simple one-click authorization flow
  • Persistent Sessions: Stay authenticated across browser sessions
  • Visual Feedback: Clear status indicators show authorization state
  • Secure Access: Industry-standard OAuth 2.1 with PKCE security

For Developers

  • Standard Implementation: Follows MCP SDK OAuth 2.1 specification
  • Extensible Architecture: Easy to add support for additional OAuth providers
  • Well-Documented: Clear code structure and error handling
  • Type-Safe: Full TypeScript support with proper type definitions

For Platform Operators

  • Expanded MCP Ecosystem: Support for more MCP servers requiring authentication
  • Better User Experience: Streamlined authentication flow
  • Security Best Practices: Implementation follows OAuth 2.1 security guidelines

🔄 Migration Notes

No Breaking Changes

This release maintains full backward compatibility. All existing MCP server configurations continue to work without modification.

New Features Available

  • OAuth Support: New optional useOAuth flag available for SSE and Streamable HTTP servers
  • OAuth UI: New OAuth toggle and authorize button in MCP Server Manager
  • Callback Route: New /oauth/callback route for OAuth redirects

User-Facing Changes

  • New UI Elements: OAuth toggle checkbox and authorize button in MCP Server Manager
  • New Route: /oauth/callback route handles OAuth redirects (users typically won't see this directly)
  • Status Indicators: Authorization status indicators for OAuth-enabled servers

For Developers

  • New Service: MCPOAuthProvider class available for OAuth implementations
  • New Page: OAuth callback page at app/oauth/callback/page.tsx
  • Enhanced Interfaces: MCPServer interface now includes optional useOAuth field
  • No API Changes: No changes to existing APIs
  • No Database Migrations: No database changes required
  • No Environment Variables: No new environment variables needed

Usage Examples

Enabling OAuth for an MCP Server:

  1. Add an SSE or Streamable HTTP MCP server
  2. Check the "Use OAuth Authentication" checkbox
  3. Click "Authorize" button
  4. Complete authentication on the MCP server's authorization page
  5. You'll be redirected back to ChatLima with tokens stored

Checking Authorization Status:

  • Green "Authorized" indicator: Server has valid OAuth tokens
  • Yellow "Not authorized" indicator: OAuth enabled but no valid tokens - click "Authorize"

🚀 Deployment

Standard Deployment Process

This release follows the standard deployment workflow:

# Completed:
# 1. Version bumped to 0.35.0
# 2. Git tag created (v0.35.0)
# 3. Tags pushed to remote

Automatic Deployment

With GitHub integration enabled, pushing to main automatically triggers production deployment via Vercel.

Environment Considerations

  • ✅ No new environment variables needed
  • ✅ No database migrations needed
  • ✅ Backward compatible with all previous versions
  • ✅ OAuth flow works entirely client-side

Pre-Deployment Checklist

  • OAuth flow tested with test MCP server
  • Token storage and retrieval verified
  • Error handling tested
  • UI components tested
  • Callback page tested
  • Session storage cleanup verified

📊 Changes Summary

Files Modified

  • app/api/chat/route.ts - Added OAuth support for MCP servers
  • components/mcp-server-manager.tsx - Added OAuth UI elements and authorization flow
  • lib/context/mcp-context.tsx - Added OAuth state management
  • lib/services/chatMCPServerService.ts - Integrated OAuth provider support
  • README.md - Updated documentation with OAuth information
  • package.json - Version bumped to 0.35.0

Files Added

  • lib/services/mcpOAuthProvider.ts - OAuth provider implementation (299 lines)
  • app/oauth/callback/page.tsx - OAuth callback handler (136 lines)
  • .cursor/plans/mcp_oauth_authorization_e897ed04.plan.md - Implementation plan
  • releases/RELEASE_NOTES_v0.35.0.md - This release notes file

Commits Included

  • f394625 - Merge pull request #26 from brooksy4503/feature/mcp-oauth-authorization
  • e55521c - fix: clean up sessionStorage keys during OAuth flow
  • 5f20081 - feat: implement OAuth 2.1 support for MCP servers

Statistics

  • 10 files changed
  • 1,087 insertions, 45 deletions
  • Net improvement: +1,042 lines
  • Enhancement: OAuth 2.1 authorization support for MCP servers

Full Changelog: v0.34.2...v0.35.0

🎉 What's Next

This release significantly expands ChatLima's MCP capabilities by enabling secure authentication with protected MCP servers. Future enhancements may include:

  • Token refresh automation
  • OAuth token revocation UI
  • Support for additional OAuth grant types
  • Enhanced OAuth error recovery
  • OAuth token expiration notifications
  • Support for custom OAuth scopes

v0.34.2 - Release Automation & Analytics Integration

Choose a tag to compare

@brooksy4503 brooksy4503 released this 04 Dec 09:44

🚀 ChatLima v0.34.2 - Release Automation & Analytics Integration

🎯 What's New

This release introduces powerful automation tools for the release process and integrates Vercel Analytics for improved tracking and insights. Additionally, Next.js has been updated to the latest version for enhanced security and performance.

🤖 Release Workflow Automation

  • Automated Release Process: New script that handles the complete feature release workflow from merge to deployment
  • Version Management: Automatic version incrementing with git tag creation
  • Branch Management: Automated feature branch merging and cleanup
  • Pre-Release Checks: Built-in validation for tests, builds, and branch status
  • Dry-Run Mode: Test the release workflow without making changes

📝 Release Notes Generator

  • Automated Generation: Script that generates comprehensive release notes following the ChatLima template
  • Git Integration: Automatically extracts commits, file changes, and statistics
  • Version Detection: Auto-detects current and previous versions
  • Interactive Mode: Optional interactive editing for customization
  • Template Compliance: Ensures all release notes follow the established format

📊 Vercel Analytics Integration

  • Enhanced Tracking: Integrated Vercel Analytics for improved user behavior insights
  • Performance Monitoring: Better visibility into application performance metrics
  • Privacy-Focused: Analytics implementation respects user privacy while providing valuable insights

🔒 Security & Performance Updates

  • Next.js 15.3.6: Updated to latest version with security patches and performance improvements
  • Dependency Updates: Updated related dependencies for compatibility and security

🔧 Technical Implementation

Release Automation Scripts

scripts/release-workflow.ts (New)

  • Complete automation of the release workflow
  • Handles pre-release checks, merging, versioning, and cleanup
  • Supports patch, minor, and major version increments
  • Includes dry-run mode for safe testing
  • Validates working directory, branch existence, tests, and builds

scripts/generate-release-notes.ts (New)

  • Automated release notes generation
  • Extracts git commit history and file changes
  • Generates statistics and changelog links
  • Creates properly formatted release notes files
  • Supports interactive editing mode

scripts/README.md (New)

  • Comprehensive documentation for all scripts
  • Usage examples and guidelines
  • Troubleshooting information
  • Complete script reference

Analytics Integration

app/layout.tsx (Enhanced)

  • Added Vercel Analytics component (@vercel/analytics/react)
  • Integrated Analytics provider for tracking
  • Maintains existing layout structure and functionality

Framework Updates

package.json (Updated)

  • Next.js updated from previous version to 15.3.6
  • Added @vercel/analytics dependency
  • Updated pnpm-lock.yaml with new dependency versions

🛡️ Security & Privacy

Security Improvements

  • Next.js Security Patches: Updated to version 15.3.6 with latest security fixes
  • Dependency Security: Updated dependencies to address known vulnerabilities
  • No Breaking Changes: All updates maintain backward compatibility

Privacy Considerations

  • Vercel Analytics: Privacy-focused analytics implementation
  • No Personal Data: Analytics tracks aggregate metrics without personal information
  • GDPR Compliant: Analytics implementation respects privacy regulations

📈 Benefits

For Developers

  • Streamlined Releases: Automated workflow reduces manual steps and potential errors
  • Consistent Documentation: Automated release notes ensure consistent format and completeness
  • Time Savings: Release process automation saves significant time
  • Better Tracking: Analytics provides insights into application usage and performance
  • Improved Workflow: Scripts make the release process more reliable and repeatable

For Platform Operators

  • Better Insights: Vercel Analytics provides valuable user behavior and performance data
  • Faster Releases: Automated workflow enables quicker release cycles
  • Consistent Versioning: Automated version management ensures proper tagging
  • Audit Trail: Release notes provide clear history of changes

For Users

  • Improved Performance: Next.js updates bring performance improvements
  • Enhanced Security: Latest security patches protect user data
  • Better Experience: Analytics helps identify and fix performance issues

🔄 Migration Notes

No Breaking Changes

This release maintains full backward compatibility. All existing functionality remains intact.

User-Facing Changes

  • No user-facing changes in this release
  • Analytics integration is transparent to end users

For Developers

  • New Scripts Available: Release workflow and notes generation scripts are now available
  • New Commands: Added pnpm release:workflow and pnpm release:notes commands
  • No API Changes: No changes to existing APIs
  • No Database Migrations: No database changes required
  • No Environment Variables: No new environment variables needed

Usage Examples

Release Workflow:

# Standard release workflow
pnpm release:workflow --branch feature/my-feature --version minor

# Patch release (bug fixes)
pnpm release:workflow --branch feature/bugfix --version patch

# Dry run to test
pnpm release:workflow --branch feature/test --version patch --dry-run

Release Notes Generation:

# Generate release notes
pnpm release:notes --version 0.34.2 --feature "Release Automation"

# With interactive editor
pnpm release:notes --version 0.34.2 --feature "Feature" --interactive

🚀 Deployment

Standard Deployment Process

This release follows the standard deployment workflow:

# Completed:
# 1. Version bumped to 0.34.2
# 2. Git tag created (v0.34.2)
# 3. Tags pushed to remote

Automatic Deployment

With GitHub integration enabled, pushing to main automatically triggers production deployment via Vercel.

Environment Considerations

  • ✅ No new environment variables needed
  • ✅ No database migrations needed
  • ✅ Backward compatible with all previous versions
  • ✅ Analytics automatically configured via Vercel integration

Pre-Deployment Checklist

  • Build verification completed
  • Code quality checks passed
  • Scripts tested and documented
  • Analytics integration verified
  • Next.js update tested

📊 Changes Summary

Files Modified

  • app/layout.tsx - Added Vercel Analytics component
  • package.json - Updated Next.js to 15.3.6, added analytics dependency
  • pnpm-lock.yaml - Updated dependency versions

Files Added

  • scripts/release-workflow.ts - Release workflow automation script
  • scripts/generate-release-notes.ts - Release notes generation script
  • scripts/README.md - Comprehensive scripts documentation
  • releases/RELEASE_NOTES_v0.34.2.md - This release notes file

Commits Included

  • 65ac12a - feat: add release workflow and notes generation scripts
  • 50501f8 - chore: update Next.js to version 15.3.6 in package.json and pnpm-lock.yaml
  • 98c2a3d - feat: integrate Vercel Analytics for improved tracking
  • 604e536 - docs: add release notes for v0.34.1

Statistics

  • 10 files changed
  • 1,166 insertions, 106 deletions
  • Net improvement: +1,060 lines
  • Enhancement: Release automation and analytics integration

Full Changelog: v0.34.1...v0.34.2

🎉 What's Next

This release establishes a solid foundation for streamlined releases and better insights. Future enhancements may include:

  • Enhanced analytics dashboards
  • Additional release workflow features
  • Automated changelog generation
  • Integration with CI/CD pipelines
  • Performance monitoring alerts
  • User behavior analytics insights