What's New in QueryBase

* Note redistribution pipeline, matview response_type fix, QueryTracker prep

* Agency profile pages, My Agents overhaul, PDF fix — Phase 31

* Full enrichment pipeline — import all 27 OUTPUT CSV columns + UI

* Update lightningcss exclude version to 1.31.1 for license check

* Add super_admin test user + eliminate all test.skip calls

* SEO, AEO, performance, growth & referral program (Phase 29)

* Add 7-day edit/delete window and self-vote prevention (forum)

* Make all CREATE POLICY/TRIGGER/INDEX idempotent (migrations)

* Show timestamps in user's local timezone (changelog)

* Consolidate CI/CD into 2 workflows with zero overlap (ci)

* Auto-save UX, forum moderation, admin fixes, Stripe pricing (Phase 26)

* Intel ecosystem, moderation UX, and production fixes (Phase 25)

* Editable personal notes, custom fields UX, query auto-date, mapping pagination

* UX consistency, graceful degradation, custom fields & version alignment

* Production fixes, import UI overhaul, feature flags, roadmap-changelog linking

* Import overhaul — no data loss, match confirmation, smart suggestions

* Excel stats import + PDF export

* Agent UX & admin enhancements — preview dialog, agency persistence, admin pages, sign-in fix

* Public access & auth UX — leaderboard, sign-in visibility, route audit

* Phase 18 - nav cleanup, forum public access, user identity badges

* Address round 2 review - strict assertions, error handling, scoped selectors

* Address Copilot review — add suggestion tests, sync feedback prop

* Phase 10 (Milestone 3) — naming convention overhaul, voting UX, nav fixes

* Phase 9 — contributor badges, agency ratings, timeline, last heard, cron, CSV tests

* Phase 6 carry-forward — agency combobox, field errors, notifications, feedback

* Add pricing page and subscription UI components * Redesign navigation with role-aware admin dropdown and grouped sections * Add super admin settings page with system info and integration status * Add Stripe Checkout integration with webhook handler and subscription actions * Add admin user management page with role and subscription controls * Update client hooks for 4-tier role hierarchy * Add role hierarchy types, shared role checks, and refactor all admin actions * Improve feedback table with category editing, GitHub confirm dialog, and search * Add security/performance fixes migration and update AI_PLANNING.md with Phase 7 * Add role hierarchy, account types, and subscription system migration * Add Stripe CSP directives and strengthen RLS column grants * Check DB error when updating stripe_customer_id in stale customer recovery * Address round 8 Copilot review — is_active checks, subscription consistency * Address Copilot review round 7 — Stripe resilience, divergence warnings, and defensive checks * Escape SQL wildcards in ILIKE search patterns and restrict subscription overrides to super_admin * Guard clerk_user_id fallback and log zero-match activations * Empty account-type guard, orphaned Stripe customer cleanup, loading state * Address 11 Copilot review comments — webhook robustness, admin safety, config consistency * Set_user_role UPDATE-only + INSERT policy account_types check * Address Copilot review — security, error handling, and test fixes * Reset roadmap form on entry/open change for permanently mounted dialog

* Add admin feedback management, in-app notifications, and UX improvements * Use structured logger instead of console.error in client components * Address round 18 Copilot review — sanitization, double-escaping, env validation * Add length limits to createNotification title and message * Address round 14 Copilot review — link regex, escapeHtml, notification sync, HMAC docs * Address round 13 Copilot review — HMAC timing-safe auth, open redirect hardening, sanitization improvements * Address round 12 Copilot review — sanitize all user input in GitHub issues and notifications * Address round 11 Copilot review — schema-qualify RLS, escape MD links, timing-safe auth * Address round 10 Copilot review — sanitize roadmap path, derive page state, idempotent enums * Address round 9 Copilot review, eliminate all lint warnings and test failures * Add notification ARIA labels, validate links, document PII exclusion * Log notification failures, reset pagination on data change * Cross-revalidate feedback paths, improve pagination clamp comment * Clear stale notifications on popover close, make migration idempotent * Address Copilot review round 4 — multi-tab polling, CRON_SECRET docs, RLS defense-in-depth * Address Copilot review round 3 — error handling, docs, migration comments * Address Supabase linter warnings and Copilot review feedback * Address review feedback on PR #27

* Leaderboard display names, user profile, admin nav, import UX, RSS fix * Update syncUserProfileFromClerk JSDoc and use Clock icon for Pending Submissions * Always sync avatar from Clerk, preserve user-set display_name * Remove duplicate RLS policies, improve username input sanitization * Username UX, RLS policies, timezone role preservation * Trim display_name whitespace and use maybeSingle for timezone lookup * Simplify Clerk sync condition to only check display_name * Address round 3 Copilot review feedback * Handle whitespace-only username and trim form fields before submit * Address PR review comments for profile and leaderboard features

* Admin review editing, bulk import page, import UX, deploy preflight * Use Set for concurrent processing state to prevent race conditions * Add aria-expanded to toggle, scope dialog disabled to specific review ID * Clear stale reject dialog state on close via Cancel/ESC/outside click * Keep dialog open on failure so admin can retry without losing edits * Add release guard, prototype-safe field check, clear stale dialog state * Prettier formatting + add pre-commit verification SOP to CLAUDE.md * Address review feedback for Tailwind classes, validation, and dialog behavior * Idempotent migration, pin vercel CLI, add concurrency groups * Address review feedback for RLS policies and deploy workflow * Add release deployment + DB performance cleanup

* Add retry logic to roadmap sync for transient failure resilience * Fix sync-content job ordering and error handling in auto-release

* Optimize RLS policies for Supabase performance advisor * Address 6 Copilot review comments - WITH CHECK, service_role, fetch tags * Address 10 Copilot review comments on RLS and release workflow * Replace release-it with direct tagging to prevent duplicate tag failures

**Features**: add admin deduplication and update-suggestion flow to CSV import (4557032) | **Bug Fixes**: address 11 Copilot review comments - agency matching, field allowlists, .xls removal, bulk actions (be47e4d)

**Features**: add agent name search functionality (c9398b6) | **Bug Fixes**: add DROP statements to roadmap analytics functions migration (52a1b5e)

**Features**: add API routes for sync, RSS, notifications, and version (d8b0cf7) | **Bug Fixes**: add maximum bound check for warmup delay (817f525)

**Bug Fixes**: resolve 401 Supabase errors and add navigation links (d4260fe)

**Features**: Phase 4 - Enhanced transparency and community feedback (60b3e97) | **Bug Fixes**: address Copilot review comments round 2 (0a64aa5)

**Features**: Phase 2 - Landing page, contributor features, and admin tools (e71dc7d) | **Bug Fixes**: address security concerns in impersonation and admin bootstrap (15fcf10)