Skip to main content

July 2026

  • Strengthened the native Rust CLI and repository checks with a pinned toolchain, maximum compiler and Clippy policy, strict documentation checks, and target-specific dependency review.
  • Hardened npm and PyPI native launchers with bounded downloads, trusted redirect validation, checksum enforcement, tamper-resistant caches, and focused security tests.
  • Made native releases reproducible across Linux, macOS, and Windows with a Rust-generated build matrix, Rust-generated checksum sidecars, immutable Actions, and resumable asset publication.
  • Bound npm, PyPI, and crates.io publication to their dedicated trusted workflow identities and one verified release tag and commit.
  • Tightened the public OpenAPI contract with explicit collection and string bounds while keeping private implementation and service topology out of status responses and documentation.

June 2026

  • Focused the public CLI on scraper API workflows: login, account, pricing, scraper catalog, request lifecycle, usage, billing, and support.
  • Removed public deploy and customer infrastructure commands from docs, package metadata, and contract checks.
  • Added a hard public-data boundary for scraper inputs: public URLs, public search terms, public handles, public place ids, and public identifiers only.
  • Kept npm and PyPI as thin launchers for the native Rust binary.
Last modified on July 11, 2026