Changelog
All notable changes to SchemaStack are documented here.
2026-03-06
Added
- Create your own organisation after registration — no invitation required
- Check organisation slug availability before creating an organisation
- Check workspace slug availability within an organisation
- Check view slug availability within a workspace
- Schema options (nullable, unique, length, precision, scale, default value) can now be set directly when creating a new column
- Timestamp auto-set behavior (created_at, updated_at) configurable in both the add-column dialog and column properties panel
Improved
- New SVG logo replaces the text lettermark across the entire app for a sharper, scalable brand identity
- SVG favicons added for both admin and spread apps
- Dialog widths standardized across all dialogs for a more consistent experience
- Column type selector now shows icons alongside type names for easier scanning
- Workspace overview shows a prominent call-to-action when no workspaces exist yet
- All documentation and help links now point to docs.schemastack.io
2026-03-05
Improved
- File uploads and thumbnail generation moved to dedicated JVM worker for better performance with large files and improved reliability
- Replacing a file or image in a cell now automatically deletes the old file from storage — no orphaned files left behind
2026-03-04
Added
- Column constraints (e.g., NOT_BLANK, MAX_LENGTH, EMAIL, PATTERN) can now be sent inline when creating a column, removing the need for separate API calls
- Default value support in advanced column options
- Visibility and access controls (API visible, sortable) can now be set when creating a column
Improved
- Default values are now validated against the column type before saving — invalid combinations (e.g.,
now()on a boolean) are rejected with a clear error message - Default value input now shows type-aware placeholders, contextual hints, and quick-insert chips for common defaults (e.g.,
true/falsefor checkboxes,now()for timestamps)
2026-03-03
Added
- Owner crown badge on member tables across organization, workspace, and view permissions
- Inline "Pending" badge for invited members in the organization members list
- Joined date shown on all member rows (e.g., "Joined Mar 2026")
- Summary stat cards below member tables: Active Members, Pending Invites, and Admin Users
- Reusable alert banner component with warning, error, info, and success variants
- "Current Usage" overview section and "Usage by Workspace" breakdown on the Plan & Billing page
- View column properties panel with description editing
Improved
- Access mode dialog redesigned with colored icon avatars, capability chips, "Selected" badge, and blue info box
- Dialog headers updated with larger icons, bolder titles, and subtle gradient in dark mode
- Consistent green/red capability chips across the app with proper dark mode colors
- Blue info boxes now have explicit light and dark mode styling
- Form field backgrounds now properly adapt to dark mode
- Gray borders unified across the app for a cleaner look
- Plan & Billing page redesigned: active plan card is visually elevated with teal-green border and badges, Enterprise card has a dark premium look with golden crown
- Consistent elevation styling across header cards, member tables, and plan cards
- Standardized lighter gray for secondary/metadata text across all admin pages
- Typography utility classes (
.mat-display-largethrough.mat-label-small) now correctly generated in compiled CSS - Member avatars updated to 40px rounded squares for a modern look
- Workspace overview tabs no longer stretch to full width
2026-03-01
Added
- Widget options framework: per-widget-type configurable settings stored as JSONB on view columns
- DATETIME auto-set timestamps: configure columns to auto-fill
CURRENT_TIMESTAMPon insert, update, or both — applied at the database level viaDEFAULTand triggers - S3 storage backend: configure per-workspace S3 credentials (AWS S3, MinIO, DigitalOcean Spaces, Backblaze B2) for file and image storage instead of local filesystem
- S3 connection testing: verify bucket access before saving configuration
- Smart file mapping: map existing S3 files to FILE/IMAGE columns using path templates with row-level expressions (
${value},${row.column_name},${workspace.uuid}) - Entity-level default file path template: set a fallback S3 template for all FILE/IMAGE columns in an entity
- Column-level S3 path template: override the entity default for individual columns
- Presigned URLs enabled by default: file downloads redirect directly to S3, reducing API bandwidth
- Thumbnail presigned URLs served from platform S3 for faster image previews
hasStorageConfigfield on workspace membership endpoint so the frontend knows when S3 is configured- Proxied mapped file downloads: seamless download of template-resolved S3 files through the existing file download endpoint
- File path templates configurable at 3 levels: workspace (admin), view, and column (IMAGE/FILE columns only), with collapsible variable reference and live preview
- Shared widget components for file upload and simple inputs, reused across cell-edit popover and add-row dialog
- IMAGE/FILE upload support in the add-row dialog
Fixed
- Column schema migrations (widget options, type changes, constraints) now correctly use the actual database column name instead of the display name
- SQL identifiers in schema migrations are now properly quoted, preventing errors with column names containing spaces or special characters
Improved
- New columns created through the UI now use sanitized database column names (e.g., "Created at" →
created_at) instead of storing the display name - Renamed column-level
s3PathTemplatetofilePathTemplatefor consistency across all levels (column, entity, workspace) - Managed files (uploaded through SchemaStack) now always resolve correctly even when a file path template is configured on the column
- File path template changes require explicit "Apply" instead of auto-saving, preventing interference with in-progress uploads
- Warning shown when changing path templates that existing files will not be moved
- Storage configuration check now uses the workspace member endpoint instead of a separate API call
Security
- S3 credentials encrypted at rest using AES-256/GCM (same encryption as database credentials)
- S3 secrets are write-only in the API — never returned in responses
- Path traversal protection in S3 template resolution
2026-02-28
Added
- Real-time SSE updates for workspace events: status changes, settings updates, member changes, and database configuration now sync instantly across all open tabs and users
- Real-time view access updates: changes to view permissions (addable, editable, exportable) are reflected immediately for all collaborators
- Real-time view member and guest link changes are broadcast to all connected users
- Plan limit enforcement: workspace, view, and member creation is now blocked when your subscription tier limit is reached, with clear error messages showing the current count and maximum allowed
- Subscription tiers (Free, Pro, Enterprise) with configurable plan limits for workspaces, views, members, API calls, and storage
- Usage tracking: monthly request counts, row reads/writes, and storage are recorded per workspace
- Usage & Subscription API: view current plan, usage summary, and per-workspace breakdown via
/api/subscription - Rate limiting for the workspace API: per-minute burst limits and monthly request quotas, with standard
X-RateLimit-*response headers - Per-workspace and per-entity rate limit overrides configurable from the admin app
- SSL/TLS support for external database connections: configure SSL mode (Disable, Prefer, Require, Verify CA, Verify Full), upload CA and client certificates for secure connections to cloud-managed databases (AWS RDS, Azure, DigitalOcean, Google Cloud SQL)
- Connection timeout setting for external database connections
- Categorized connection test errors (Network, Auth, SSL, Timeout) for clearer troubleshooting
- Workspace-level API settings: configure max expand depth and CORS allowed origins per workspace
- Per-entity API settings: manage default expand, field selection, expandable relationship whitelists, and filterable field whitelists from the admin app
- Column API visibility: hide sensitive columns from REST API responses while keeping them visible in the admin UI
- Public access for entities: configure unauthenticated access (None, Read Only, or Read & Write) per entity
- Dynamic CORS: per-workspace origin restrictions replace the previous allow-all default
- Workspace-level max expand depth acts as fallback when entity-level is not configured
Security
- Upgraded encryption from AES/ECB to AES/GCM for database credential and 2FA secret storage (existing encrypted values are automatically decrypted via backward-compatible fallback)
- SSL certificate temp files are now cleaned up when workspace metadata is evicted from cache instead of accumulating until shutdown
Improved
- Workspace API URLs now use dashed slugs (e.g.
/column-metadata) matching org and workspace URL conventions - Swagger/OpenAPI sandbox lists entities with dashed slug URLs
- SSE connection status banners now show when real-time connection is lost or reconnecting
- Offline detection banners in both Admin and Data Platform apps
- Confirmation dialogs for all destructive actions (replaces browser confirm prompts)
- SSE reconnection uses jitter to prevent thundering herd on server restarts
Fixed
- Production environment detection now uses Angular's built-in
isDevMode() - CI/CD pipeline build paths and linting
- Console logging stripped from production builds
Fixed
- SSE disconnect banner now matches the height of other status banners
- View permissions toggles (addable, editable, exportable) no longer break after the first change
- Workspace status changes now update the status banner in real time
- Retry logic for newly created views no longer silently drops the final error