Changelog

What's new in
OmniOps.

Product updates, new features, and improvements. We ship fast and communicate transparently.

Unreleased

Added
  • -OmniOS subsystem: 7 living markdown documents (SOUL, BUSINESS, GOALS, TODO, INTEGRATIONS, PREFERENCES, LEARNINGS) per organization
  • -YAML frontmatter metadata on every document with version, timestamps, update rules, and staleness thresholds
  • -Tiered memory architecture with progressive disclosure (300-line limit, auto-splitting to sub-documents)
  • -Tag extraction and sub-document routing for semantic retrieval
  • -Quantitative document summaries for housekeeping cron
  • -Self-healing auto-creation of missing documents
  • -Structured editing system with dashboard UI
  • -Housekeeping cron for staleness, cleanup, and consistency maintenance
  • -Vault-inspired memory improvements with episodic memory wiring
  • -Claude Agent SDK integration with programmatic tool calling
  • -Dynamic context-aware tool selection based on active integrations
  • -Progressive tool discovery infrastructure (85% token reduction via tool search)
  • -Conversational approval system for sensitive operations (refunds, cancellations)
  • -Background delegation system for fire-and-forget operations
  • -Natural acknowledgment streaming before tool execution
  • -Proactive capability recommendations based on context
  • -95 agent tools across commerce, operations, analytics, and integrations
  • -Agent Teams for parallel multi-agent execution
  • -Omni Skill Platform with per-org enablement and tool gating
  • -Memory tool for ephemeral working notes
  • -Research tools (web search, deep research)
  • -Update OmniOS document tool for self-maintenance
  • -Business Pulse notification system with email delivery and scheduling
  • -Cash flow tracking and runway projection
  • -Customer segmentation tools
  • -Fraud detection system
  • -Goal tracking with analytics
  • -Marketing ROI tracking
  • -Inventory management tools
  • -Supplier scorecard tracking
  • -Margins handlers with currency-aware calculations
  • -Returns management dashboard with return policy configuration
  • -Native SwiftUI app (Phase 1) with SSE streaming chat
  • -10-theme persona system (5 personas x light/dark variants)
  • -Google OAuth sign-in
  • -Haptics toggle, dark mode, dynamic text size
  • -Voice recording/dictation with hold-to-dictate and swipe-up lock
  • -Immersive persona theming with full dynamic theme system
  • -Polished UI from prototype to product
  • -Google Workspace: Calendar, Gmail, Drive, Contacts, Sheets, Forms, Meet
  • -Microsoft 365: Calendar, Mail, OneDrive
  • -Meta Ads: OAuth, dashboard UI, performance metrics
  • -WhatsApp Business: setup guidance, template builder, manual send UI, approval badges
  • -Instagram and Facebook Messenger with multi-account support
  • -Telegram with webhook signature verification
  • -Slack message sync with queue position tracking
  • -Unified integrations overview page with webhook health monitoring
  • -OAuth token revocation detection with credential deactivation
  • -File attachments in both chat endpoints with semantic search
  • -Voice recording/dictation in chat (web and mobile)
  • -Message queue for typing while Omni streams
  • -Conversational narration for richer responses
  • -Widget retheme to dark navy brand palette
  • -Full-screen widget mode on mobile
  • -Custom logo/icon upload with background removal
  • -Widget customization with progressive disclosure
  • -Streaming enabled by default for all widget users
  • -Chat-first onboarding (eliminated form steps)
  • -Product tour for first-time users
  • -Voice dictation during onboarding conversation
  • -Pacing and wrap-up logic for natural conversation flow
  • -Post-onboarding OmniOS initialization from conversation data
  • -Branded header with ghost avatar and grain texture
  • -Welcome screen with Opus 4.6 conversation
  • -ElevenLabs SDK integration with custom LLM voice calling
  • -Voice recording and dictation in Omni chat
  • -Redesigned voice system prompt with modular architecture
  • -Business-aware voice commerce tools (platform-agnostic)
  • -Single-container deployment replacing dual-container live-next system
  • -GitHub Actions CI/CD pipeline to Hetzner
  • -Maintenance page for database outages
  • -Zombie build cleanup and uptime monitoring
  • -Feature-critical environment validation with clear warnings
  • -Supabase metrics monitoring CLI and security advisor
  • -GDPR cookie consent system
  • -Trust and security page (`/trust`)
  • -Retention cleanup cron with configurable policies
  • -Decision audit for AI reasoning transparency
  • -Approval-cleanup cron for stale approval records
  • -Cross-tenant isolation enforcement across all routes
  • -Unified system activity log with per-cron logging
  • -Agent cost monitoring with Telegram reports and per-org breakdown
  • -Messaging analytics (Phase 7)
  • -Commerce parity gate for WooCommerce/Shopify feature alignment
  • -Our Story and Pitch Deck pages
  • -Redesigned landing page with AI employee positioning
  • -Beta signup with two-panel design
  • -Updated pricing with dual-axis tier differentiation
  • -Legal pages refresh with full provider disclosure
Changed
  • -Migrated 226 API routes to unified `createRouteHandler` pattern with built-in auth, CSRF, rate limiting
  • -Replaced 13 hardcoded specialist agents with dynamic agent composition
  • -Consolidated 82 loose `lib/` files into 19 organized modules
  • -Consolidated 95+ test files into 30 (saved ~59 Jest worker cycles)
  • -Migrated all Claude models to Sonnet 4.6 / Opus 4.6
  • -Replaced all `console.log/error/warn` with structured logger across entire codebase
  • -Renamed hooks from camelCase to kebab-case
  • -Simplified Anthropic provider, removed legacy code (-27% LOC)
  • -Unified mobile and web chat routes into shared `executeChatStream`
  • -Extracted shared system prompt builder for Omni agents
  • -Archived 181 redundant docs, deleted 370 boilerplate READMEs (71k lines removed)
  • -Squashed 307 database migrations into single baseline
  • -Replaced prescriptive search rules with philosophy-based intent detection
  • -Single source of truth for environment variables
Fixed
  • -Eliminated all `any` type errors (599 → 0 across codebase)
  • -Fixed 35+ instances of `.single()` on multi-row `organization_members` table (PGRST116 crashes)
  • -Closed IDOR vulnerabilities across order operations, creative routes, domain upserts, and Shopify refunds
  • -Fixed SSRF vulnerabilities in webhook endpoints and domain validation
  • -Hardened rate limiting with atomic operations to prevent TOCTOU bypass
  • -Fixed prompt injection via XML boundary isolation for user content in system prompts
  • -Replaced MD5 with SHA-256 for cache key generation
  • -Fixed `setMonth` overflow bugs in financial calculations across 5 modules
  • -Guarded `parseFloat` on external numeric data to prevent NaN cascading
  • -Used nullish coalescing (`??`) instead of `||` for numeric business values
  • -Fixed streaming SSE consistency and tool executor improvements
  • -Resolved circular dependencies in commerce, operations, and cache modules
  • -Fixed Docker build caching (BuildKit per-stage CACHEBUST) that served stale code for 29 commits
  • -Replaced `curl|bash` NodeSource install with node-donor pattern in Docker
  • -Fixed Caddy reload cascade for reliable deployments
  • -Fixed concurrent crawl conflicts with per-job Crawlee storage isolation
  • -Prevented chatbot from hallucinating products from business descriptions
  • -Fixed widget icon flash, typing indicator visibility, and scroll locking
  • -Resolved account deletion stuck on loading screen
  • -Fixed false maintenance alerts from auth mismatch
Performance
  • -Prompt caching optimization with deterministic tools and stable prompts
  • -Dynamic effort and progressive tool loading (default for Omni)
  • -Adaptive thinking with effort parameter for cost optimization
  • -Parallel tool execution on all iterations
  • -Lazy-load platform-specific prompts based on availability
  • -Optimized RLS policies to prevent per-row auth re-evaluation
  • -Dropped 167 unused database indexes, added 16 missing FK indexes
  • -React.memo and frontend rendering optimizations
  • -Infrastructure safety caps and browser pool optimization
Security
  • -Addressed 25 zero-day audit vulnerabilities
  • -Fail-closed authentication across all critical paths
  • -Timing-safe token comparisons for webhook and API auth
  • -Magic byte validation to prevent MIME spoofing attacks
  • -JSON size validation and error message sanitization
  • -Security hardening across 32 files (CORS, code leak prevention, MFA, rate limiting)
  • -Restricted Google Workspace tools to business-only paths with `stripBusinessOnlyTools()`
  • -Beta lockdown enforcement on OAuth sign-in flow
  • -Device token takeover guard

v2.0.0

January 28, 2026

This release marks a fresh start for Omniops versioning. We've established semantic versioning to provide clear, predictable releases going forward.

Highlights

  • AI-Powered Customer Service - Autonomous support that learns your brand voice
  • Multi-Tenant Architecture - Brand-agnostic platform serving multiple businesses
  • E-commerce Integrations - WooCommerce and Shopify support out of the box
  • 40+ Language Support - Automatic language detection and multilingual responses
  • GDPR/CCPA Compliance - Privacy-first architecture with data residency controls
  • RAG-Powered Responses - Accurate answers grounded in your knowledge base
Added
  • -Embeddable chat widget with 5-minute setup
  • -Real-time order tracking integration for WooCommerce and Shopify
  • -Automatic language detection and translation
  • -Conversation analytics dashboard with key metrics
  • -Team collaboration features with role-based access
  • -Custom branding options (colors, logo, position)
  • -API access for enterprise customers
  • -Webhook support for CRM integrations
  • -Knowledge base management with web scraping
  • -Human handoff system with Slack/email notifications