Release notes

Changelog

Keep track of all the latest updates, improvements, and bug fixes.

v1.4.0·Enhancement·

Performance Optimization and Vercel Best Practices

Applied Vercel and Next.js best practices across every API route, service, hook, and provider. Parallelized async work, deferred non-critical tasks with after(), added mutex-based token refresh, and eliminated redundant re-renders.

Improved

  • Parallelized dbConnect() and request.json() with Promise.all across all API routes, reducing cold-start latency.
  • Deferred non-blocking work (verification emails, welcome emails, auth event logging) using Next.js after() to speed up response times.
  • Parallelized GitHub OAuth user and emails API calls with Promise.all, and user profile + auth data queries in user-details endpoint.
  • Added mutex pattern to token refresh interceptor preventing concurrent 401 responses from triggering duplicate refresh requests.
  • Converted avatar upload hook from manual useCallback to useMutation with automatic cache invalidation via TanStack Query.
  • Replaced manual username availability check (useState + useEffect) with useQuery for built-in caching, deduplication, and stale-time control.
  • Simplified useLogout by replacing identical onSuccess and onError handlers with a single onSettled callback.
  • Replaced useEffect-based provider initialization with lazy useState for synchronous cookie reads in useLastUsedProvider.
  • Hardened AuthProvider with stored user validation, reactive hasToken state, and cleanup on corrupt localStorage data.
  • Narrowed useEffect dependencies in FontProvider and profile form to primitives, preventing unnecessary re-renders from object references.
  • Added typed return values (ApiResponse<T>) to all service functions for end-to-end type safety.
  • Parallelized user data deletion (UserModel, UserSessionModel, UserAuthModel) with Promise.all in delete-user endpoint.
  • Removed dead barrel export files (lib/auth/auth.ts, protected/components/index.tsx) that added bundle weight with zero consumers.

Fixed

  • Fixed OAuth welcome email bug where welcome messages were sent on every login instead of only on first signup.
  • Fixed cache race condition in useUpdateUserDetails and useChangeUsername by awaiting invalidateQueries before reading fresh cache.
  • Fixed useDeleteUser hook that was logging users out even when account deletion failed.
  • Fixed Google OAuth token exchange using wrong client_secret value (was sending client ID instead of secret).
  • Fixed UploadThing avatar upload 500 error by passing JWT authorization header via useUploadThing headers callback.
v1.3.0·Feature·

Comprehensive Documentation with Fumadocs

Launched full documentation site powered by Fumadocs, covering authentication flows, API reference, database schemas, and deployment guides.

Comprehensive Documentation with Fumadocs

Added

  • Added complete documentation site with Fumadocs integration featuring search, syntax highlighting, and responsive navigation.
  • Documented authentication system including email/password, GitHub OAuth, Google OAuth, and email verification flows.
  • Created API reference with detailed endpoint documentation, request/response examples, and TypeTable schemas.
  • Added database documentation covering MongoDB models, schemas, indexes, and common query patterns.
  • Included customization guide for extending OAuth providers, user models, and email templates.
  • Published deployment guide with Vercel setup, environment variables, and OAuth configuration steps.
v1.2.0·Release·

Monorepo Architecture and Developer Tooling Overhaul

Transformed the project into a production-ready monorepo with modern tooling, streamlined development workflows, and comprehensive code quality automation.

Monorepo Architecture and Developer Tooling Overhaul

Added

  • Established pnpm workspaces monorepo structure separating marketing site and SaaS starter kit applications.
  • Implemented cross-workspace scripts for linting, formatting, and development workflows (dev:all, lint:all, format:all).

Improved

  • Migrated from deprecated next lint to modern ESLint CLI with comprehensive configuration and build directory exclusions.
  • Enhanced Prettier configuration with file-type specific formatting rules and better integration with ESLint.
  • Streamlined development experience with concurrent dev servers and unified workspace management.

Fixed

  • Resolved 26,000+ linting issues by properly excluding build artifacts and generated files from ESLint scanning.
v1.1.0·Enhancement·

UI/UX Enhancements and Profile Features

Refined dashboard layout for better consistency, added location fields to profiles, and improved form interactions with searchable dropdowns and confirmation dialogs.

UI/UX Enhancements and Profile Features

Improved

  • Streamlined dashboard UI with consistent spacing, removed redundant data displays, and balanced section padding for a cleaner experience.
  • Enhanced social account selector with a searchable command palette dropdown for easier platform selection.
  • Wrapped auth layouts and protected routes with Suspense boundaries to fix useSearchParams prerender errors.

Added

  • Added location fields (address, city, state, country, ZIP) to the profile form with a quick reset option.
  • Implemented confirmation dialogs for session revocation to prevent accidental actions.
v1.0.0·Release·

General availability release

Graduated the starter kit to v1.0.0 with production-ready session controls, hardened auth flows, and polished developer tooling.

General availability release

Added

  • Shipped cross-device session management so users can review active logins and revoke any device instantly.

Improved

  • Refined account settings journeys and OAuth redirects to avoid accidental sign-out loops.
  • Unified auth mutation toasts and empty states for a consistent developer-facing experience.

Fixed

  • Patched token rotation edge cases uncovered during release hardening.
v0.9.0·Enhancement·

Account settings and redirect improvements

Focused on removing friction throughout authentication flows: cleaner redirect handling, clearer account feedback, and tighter OAuth guardrails.

Added

  • Introduced a `useSafeRedirect` hook and wired it across auth forms to prevent unsafe navigation targets.

Improved

  • Streamlined password and email update screens with concise validation messaging.
  • Smoothed OAuth callback handling so GitHub and Google logins land on the intended destination every time.

Fixed

  • Eliminated stale session race conditions occurring during rapid provider switching.
v0.8.2·Feature·

Developer dashboard refresh

Rebuilt the authenticated dashboard to spotlight developer-centric context with a new hero, account snapshot, and accessible quick actions.

Developer dashboard refresh

Added

  • Introduced a hero layout with account badges, quick actions, and username status indicators.
  • Added preference summary blocks that surface theme, font, and username change availability.

Improved

  • Standardized protected dashboard spacing with shadcn tokens for a calmer reading rhythm.

Fixed

  • Gracefully handle missing profile documents with refresh and edit shortcuts.
v0.7.1·Enhancement·

Changelog timeline upgrade

Modernized the changelog experience with a tracing beam timeline, sticky release metadata, and tidy typography.

Changelog timeline upgrade

Added

  • Embedded the tracing beam animation from the UI library to guide readers through releases.

Improved

  • Grouped change bullets by category with consistent spacing and iconography.
  • Added release count and last-updated badges to the header for quick context.

Fixed

  • Resolved mobile badge wrapping and ensured titles remain visible while scrolling.
v0.6.0·Release·

Starter kit baseline release

Cut the first public-ready build of the SaaS starter with authentication, uploads, email flows, and polished marketing pages.

Added

  • Email + OAuth auth flows with verification, password reset, and JWT rotation.
  • Avatar upload pipeline using UploadThing with client-side cropping.

Improved

  • Safe redirect helpers across auth routes to avoid stray dashboard loops.
  • SEO-ready marketing pages featuring hero, feature grid, tech stack, and FAQ blocks.

Fixed

  • Stabilized token refresh flow to recover gracefully from expired sessions.
v0.5.3·Patch·

Stability patch and polishing

Addressed early adopter feedback with OAuth callback hardening, upload resiliency, and UI tidy ups.

Fixed

  • Corrected OAuth callback redirects to honor safe return paths.
  • Resolved avatar deletion edge cases that left orphaned UploadThing files.

Improved

  • Clarified onboarding copy and FAQ answers on the marketing site.
  • Smoothed email templates with consistent typography and fallbacks.
v0.5.0·Feature·

Landing page and brand uplift

Rolled out the public marketing surface with refreshed branding, iconography, and messaging tuned for the starter kit audience.

Added

  • Published a marketing landing page with hero, feature grid, FAQ, and footer calls-to-action.
  • Added a collection of polished logo components for tech stack callouts.

Improved

  • Unified typography tokens across marketing sections for better readability.

Fixed

  • Tidied responsive spacing to prevent content clipping on small screens.
v0.4.0·Enhancement·

Authentication UX overhaul

Polished the core auth experience with streamlined forms, clearer feedback, and reusable toast patterns.

Added

  • Introduced reusable toast helpers to surface success and error states across auth flows.

Improved

  • Refined sign-in and sign-up layouts with better spacing, hint text, and validation messages.
  • Simplified forgot-password and verification handoffs to reduce drop-off.

Fixed

  • Resolved inconsistent focus rings between dark and light themes.
v0.3.0·Feature·

Database and email foundation

Laid the groundwork for persistent auth with MongoDB models, transactional email templates, and verification flows.

Added

  • Defined Mongoose models for auth users, sessions, and profile documents with TypeScript safety.
  • Added email verification, welcome, and forgot-password templates powered by React Email.

Improved

  • Centralized JWT helpers for access/refresh token generation and validation.

Fixed

  • Patched early nodemailer configuration issues that blocked local delivery.
v0.2.0·Update·

Core scaffolding and UI shell

Established the Next.js App Router foundation with shadcn/ui primitives, theme switching, and protected route plumbing.

Added

  • Bootstrapped Root and Auth providers with TanStack Query, theme handling, and session context.

Improved

  • Composed marketing hero, feature grid, and footer components as reusable blocks.
  • Implemented protected route HOC plus middleware-ready helpers for server APIs.

Fixed

  • Eliminated hydration warnings when toggling between light and dark themes.
v0.1.0·Update·

Project initiation

Initial commit of the SaaS starter skeleton including linting, formatting, and foundational configuration.

Project initiation

Added

  • Configured Next.js 14 App Router with TypeScript, ESLint, Prettier, and Turbopack dev tooling.
  • Added Tailwind CSS with shadcn/ui setup for rapid interface development.

Fixed

  • Resolved initial PNPM workspace quirks and ensured scripts run across Windows and macOS.