<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Updated core dependencies, developer tooling and Rust toolchain to
newer stable versions across the repo
* Upgraded Storybook to v10 and improved ESM path resolution for
storybook tooling
* Broadened native binding platform/architecture support and
strengthened native module version validation, loading and WASI handling
* **New Features**
* Exposed an additional native text export for consumers (enhanced
JS/native surface)
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Updated dependency versions across the monorepo (notably zod →
^3.25.76 and vitest-related packages → ^3.2.4), plus minor package bumps
to align tooling and libraries. These are manifest/test-tooling updates
only; no public API, behavior, or end-user features were changed.
<sub>✏️ Tip: You can customize this high-level summary in your review
settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
* Added 'Brazilian Portuguese' to the list of supported translation
languages in both backend and frontend.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added Brazilian Portuguese as a supported translation language across
the app.
* Brazilian Portuguese now appears in language selection for translation
actions.
* AI translation prompts now include Brazilian Portuguese as a valid
target option.
* No other translation behaviors or controls were modified.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Co-authored-by: DarkSky <25152247+darkskygit@users.noreply.github.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added a mutation to request/apply a subscription by transaction ID
(client mutation and server operation), returning subscription details.
* **Bug Fixes / Improvements**
* More robust external subscription sync with safer conflict detection,
optional short-lived confirmation, improved parsing and error logging.
* **Chores**
* Standardized time constants for clarity.
* **Tests**
* Updated subscription test data (expiration date) to reflect new
lifecycle expectations.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Resolved cryptographic compatibility issues with OpenSSL 3.x.
* **New Features**
* Broader support for multiple key types for signing and verification.
* OTP generation adjusted (affects digit distribution/values).
* **Refactor**
* Internal cryptographic key handling reworked for improved stability,
compatibility, and multi-key-type support.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Enhanced audio/video detection for MP4 files to better distinguish
audio-only vs. video.
* **Dependencies**
* Added MP4 parsing dependency and updated AI provider libraries
(Anthropic, Google, OpenAI, etc.).
* **Bug Fixes**
* Tightened authentication state validation for magic-link/OTP flows.
* Stricter space-join validation to reject invalid client
types/versions.
* Improved transcript entry deduplication and data handling.
* **API**
* Transcript submit payload now requires infos and removes deprecated
url/mimeType fields.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Performance**
* Added caching mechanism for subscription product data to reduce API
calls and improve response times.
* **Improvements**
* Enhanced asynchronous processing of subscription entitlements for more
reliable product data retrieval from the payment provider.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Resolved occasional errors when removing document links from sessions,
ensuring cleanup completes reliably.
* Improved reliability during maintenance actions by preventing
unnecessary validation failures in system-initiated updates, while
preserving existing checks for user-initiated changes.
* **Chores**
* Internal adjustments to the session update flow to better support
maintenance operations without affecting user-facing behavior.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Automatic email verification when signing in or reconnecting with a
linked OAuth provider: if the provider confirms the same email and your
account was unverified, your email will be marked as verified
automatically.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- **New Features**
- Safer, consistent file downloads with automatic attachment headers and
filenames.
- Smarter MIME detection for uploads (avatars, workspace blobs, Copilot
files/transcripts).
- Sensible default buffer limit when reading uploads.
- **Bug Fixes**
- Prevents risky content from rendering inline by forcing downloads and
adding no‑sniff protection.
- More accurate content types when original metadata is missing or
incorrect.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Copilot now defaults to the updated Claude Sonnet 4.5 model across
experiences for improved responses.
* **Chores**
* Consolidated available Anthropic models, removing older Sonnet 3.x
variants and standardizing Sonnet 4/4.5 options.
* Updated configuration defaults and schema mappings to reference the
new Sonnet 4.5 model.
* **Tests**
* Updated unit and end-to-end tests to reference the new model to ensure
consistent behavior.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added an on-demand mutation to refresh the current user's
subscriptions, syncing with RevenueCat when applicable and handling
Stripe-only cases.
* Subscription variant normalization for clearer plan information and
consistent results.
* **Tests**
* Added tests for refresh behavior: empty state, RevenueCat-backed
multi-step sync, and Stripe-only scenarios.
* **Client**
* New client operation to invoke the refresh mutation and retrieve
updated subscription fields.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<img width="411" height="205" alt="截屏2025-09-26 10 58 39"
src="https://github.com/user-attachments/assets/c3bce144-7847-4794-b766-5a3777cbc00d"
/>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- Delete icon added to AI session history with tooltip and confirmation
prompt; deleting current session opens a new session.
- Session deletion wired end-to-end (toolbar → provider → backend) and
shows notifications.
- Improvements
- Cleanup now supports deleting sessions with or without a document ID
(document-specific or workspace-wide).
- UI tweaks for cleaner session item layout and safer click handling
(delete won’t trigger item click).
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Ensures deleted sessions and their messages are consistently cleaned
up, preventing lingering pinned or partially removed items.
* **Refactor**
* Streamlined session cleanup into a single bulk operation for improved
reliability and performance during deletions.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- Subscriptions now include an explicit "trial" flag so trialing users
are identified and treated correctly.
- Bug Fixes
- More robust handling when webhook fields are missing or null.
- Improved family-sharing detection to avoid incorrect async processing.
- Refactor
- Status determination and store resolution simplified to rely on
subscription data rather than event payloads.
- Tests
- Test fixtures updated to include trial and store details for accuracy.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* MCP Server integration available in cloud workspaces with a dedicated
settings panel.
* Manage personal access tokens: generate/revoke tokens and view
revealed token.
* One-click copy of a prefilled server configuration JSON.
* New query to fetch revealed access tokens.
* **Improvements**
* Integration list adapts to workspace type (cloud vs. local).
* More reliable token refresh with clearer loading, error and
revalidation states.
* **Localization**
* Added “Copied to clipboard” message and MCP Server name/description
translations.
* **Chores**
* Updated icon dependency across many packages.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Interactive API documentation available at /api/docs when running in
development.
* **Chores**
* Added a development dependency to enable generation of the API
documentation.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Co-authored-by: DarkSky <25152247+darkskygit@users.noreply.github.com>
Co-authored-by: DarkSky <darksky2048@gmail.com>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* RevenueCat support: public webhook endpoint, webhook handler/service,
nightly reconciliation and per-user sync; subscriptions now expose
provider and iapStore; new user-facing error for App Store/Play-managed
subscriptions.
* **Chores**
* Multi-provider subscription schema (Provider, IapStore); Stripe
credentials moved into payment.stripe (top-level apiKey/webhookKey
deprecated); new payment.revenuecat config and defaults added.
* **Tests**
* Comprehensive RevenueCat integration test suite and snapshots.
* **Documentation**
* Admin config descriptions updated with deprecation guidance.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<img width="757" height="447" alt="截屏2025-09-22 17 49 34"
src="https://github.com/user-attachments/assets/bab96f45-112e-4d74-bc38-54429d8a54ab"
/>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- Subscription-aware AI model picker in chat: browse models with version
and category, see active selection, switch models, and receive
notifications when choosing pro models without a subscription.
Selections persist across sessions.
- Central AI model service wired into chat UI for consistent model
selection and availability.
- Changes
- Streamlined AI model availability: reduced to a curated set for a more
focused experience.
- Context menu buttons can display supplemental info next to labels.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
fix#13627
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added configurable display names for primary and fallback SMTP
servers, improving email sender identification.
* Defaults to “AFFiNE Server,” with support for MAILER_SERVERNAME
environment variable for the primary SMTP.
* Exposed in admin settings for easy setup alongside existing SMTP
options.
* Names are now passed through to mail transport options for consistent
use across emails.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* The GraphQL interactive UI is now available only in development
environments and will not be accessible in production. This change
affects only the availability of the interactive interface; public
exports and API context types remain unchanged. Users in development can
continue to use the tool as before, while production deployments will no
longer expose the interactive UI.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
Co-authored-by: DarkSky <25152247+darkskygit@users.noreply.github.com>
Currently, it is only possible to disable all registrations. However, it
would be helpful if you could disable normal registration but enable
OAuth registration.
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Added a setting to enable/disable new user signups via OAuth (default:
enabled).
* Admin Settings (Authentication) now includes a toggle for OAuth
signups.
* OAuth signup flow now respects this setting, preventing new
registrations via OAuth when disabled.
* Self-hosted configuration schema updated to include the new option.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
---------
Signed-off-by: Hudint Finn Weigand <dev@hudint.de>
Co-authored-by: DarkSky <darksky2048@gmail.com>
Co-authored-by: DarkSky <25152247+darkskygit@users.noreply.github.com>
fix AI-419
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- New API to fetch available models for a prompt, returning default,
optional, and pro models with human‑readable names.
- Added temperature and topP settings to prompt configuration for finer
control.
- Refactor
- When no model is chosen, the default model is used instead of
auto-picking a pro model.
- Model metadata across providers now includes readable names, improving
listings and selection UX.
- Tests
- Updated test snapshots and descriptions to reflect the new
default-model behavior.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- Bug Fixes
- Enforced a consistent step limit for AI responses across providers,
preventing excessively long generations in both text and streaming modes
for more predictable results.
- Refactor
- Centralized step limit configuration into a shared provider, ensuring
uniform behavior across providers and simplifying future maintenance.
- Standardized application of step limits in text generation and
streaming flows to align provider behavior and improve overall
reliability.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- Added GPT-5 family and made GPT-5/-mini the new defaults for Copilot
scenarios and prompts.
- Bug Fixes
- Improved streaming chunk formats and reasoning/text semantics,
consistent attachment mediaType handling, and more reliable reranking
via log-prob handling.
- Refactor
- Unified maxOutputTokens usage; removed per-call step caps and migrated
several tools to a unified inputSchema shape.
- Chores
- Upgraded AI SDK dependencies and bumped an internal dependency
version.
- Tests
- Updated mocks and tests to reference GPT-5 variants and new stream
formats.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
fix CLOUD-238, CLOUD-239
#### PR Dependency Tree
* **PR #13477** 👈
This tree was auto-generated by
[Charcoal](https://github.com/danerwilliams/charcoal)
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **New Features**
* Payment method management is now always available directly within AI
and Pro plan cards.
* **Bug Fixes**
* Past-due subscriptions are now included in subscription status
results, ensuring they appear in billing views.
* **Style**
* Plan actions are moved inline within each plan’s description for a
cleaner, more compact layout.
* Actions are grouped horizontally with improved spacing.
* Minor class name and spacing tweaks for consistent styling.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- Smarter embedding pipeline skips re-embedding when content hasn’t
changed; added content sanitization for embeddings and workspace content
retrieval.
- Bug Fixes
- Re-embedding now requires both a document update and the last
embedding being older than 10 minutes, reducing unnecessary work.
- Refactor
- Consolidated embedding preprocessing and moved sanitization utilities
into shared models; upserts now refresh stored content.
- Tests
- Expanded snapshot-based tests covering multiple time/age scenarios for
embedding decision logic.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Bug Fixes**
* Prevents accidental deletion of placeholder documents during embedding
cleanup.
* Improves accuracy when identifying documents to remove, using multiple
data sources.
* Skips unnecessary cleanup when no embeddings or snapshots exist,
reducing noise and overhead.
* **Chores**
* Streamlined and centralized document filtering logic to ensure
consistent cleanup behavior.
* Parallelized data checks to make cleanup more efficient without
changing user workflows.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
- New Features
- None
- Bug Fixes
- Ensures a placeholder embedding is always created when content is
empty or after deletion, reducing errors and improving Copilot
stability.
- Refactor
- Centralized empty-embedding handling for consistent behavior across
workflows.
- Standardized embedding dimension configuration to a single source for
reliability.
- Chores
- Simplified internal embedding module surface and imports for
maintainability.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
