Changelog

Contributor-only Jobs page added - preview of upcoming Jobs tab features with full feature descriptions

Contributor-only Feedback page added - submit bug reports and feature requests directly to the team

Feedback submissions route to support@gridpass.ai via Resend with contributor identity, type, and full description

Contributor links appear in amber in the navbar and dropdown to visually connect them to the Contributor badge

Contributor section in navbar dropdown shows a labeled divider so contributor features are clearly grouped

Both contributor pages are server-auth guarded - non-contributors are redirected away

Donate button added - support Gridpass via a coffee donation, no account or subscription required

Footer updated with donation link and No ads. No data selling. tagline

Changelog footer now includes a Changelog link in the Company section

PDF page break fix - content blocks no longer split mid-element across pages

Section headings stay with their content and are not orphaned at the bottom of a page

Save PDF button added to the My Resumes view modal - generates a complete single document with all sections and source documents

PDF header in My Resumes includes the job title, company, and analysis date for easy identification

Pro users can now select a saved resume directly in the analyzer instead of re-uploading every time

Use Saved Resume button appears above the upload zone for Pro users who have at least one saved scan

Resume picker shows all saved versions with job title, company, date, and overall score for easy identification

Selecting a saved resume pre-fills the resume field with a banner confirming which version is loaded

Saved resumes list refreshes automatically after each scan so newly saved versions appear immediately

Clearing a saved resume or uploading a new file dismisses the saved resume banner cleanly

My Resumes now shows the full tabbed analysis view matching the analyzer exactly - Summary, Keywords, Suggestions, Grammar & Formatting, and Source Documents tabs

My Resumes now decrypts and displays the original resume text and job description used for each scan in the Source Documents tab

Verdict and Top Priority Actions now appear correctly in saved resume analysis view

My Resumes modal header now shows the job title, company, and scan date

Save PDF now generates a single document containing all sections regardless of which tab is active

PDF output order is always: Scores, Verdict, Strengths/Weaknesses, Keywords, Suggestions, Grammar & Formatting, Source Documents

Source Documents section in PDF shows full resume and job description text without truncation

Changelog now visible in the navbar for all logged-in users, not just Pro

Consistent navbar experience regardless of plan - link locations no longer differ by plan

Admin dashboard now shows Contributor role column and per-user grant/revoke buttons

Admin recent users list expanded from 10 to 20 entries

Dependabot configured with rebase-strategy to prevent lock file merge conflicts

Word document (.docx) upload support alongside PDF

Save as PDF / Print button on analysis results

Source Documents tab - view the exact resume and job description used for each scan

Public changelog page so you can track what we ship

Contributor role - grant beta access to early adopters from the admin dashboard

Contributor badge shown in account profile for recognized contributors

Credits API now returns role field so the UI can reflect contributor status

Tabbed results UI with Summary, Keywords, Suggestions, and Grammar & Formatting tabs

AI verdict - one-sentence summary of your biggest strength and most critical gap

Top Priority Actions highlights the 3 most impactful fixes first

Suggestions now grouped by High, Medium, and Low priority

Grammar & Formatting tab shows a clean success state when no issues are found

GitHub Actions CI - automatic lint and TypeScript checks on every push

Dependabot - weekly automated dependency updates with safe minor/patch grouping

Patched 3 high-severity minimatch ReDoS vulnerabilities in dev dependencies

Removed unnecessary @types/bcryptjs - bcryptjs now ships its own type definitions

Tailwind pinned to 3.4.x and TypeScript pinned to v5 - major version upgrades blocked until planned migrations

eslint-config-next aligned to Next.js 15 to avoid breaking changes in Next.js 16

Rate limiting on the analyze endpoint - max 5 scans per minute per user, returns 429 with Retry-After header

Prompt injection detection - 14 regex patterns checked on resume and job description input before reaching Claude

Input length validation - resume capped at 50,000 characters, job description at 10,000 characters

Auth check now happens before body parsing for faster rejection of unauthenticated requests

All error paths now log user email, failure reason, and request duration for easier debugging

JSON parse errors from malformed request bodies now return 400 instead of crashing with a 500

Anthropic API error responses now logged with status code and body for easier diagnosis

Webhook idempotency - stripe_events table prevents duplicate credit grants on Stripe retries

Webhook userEmail reliability fixed for subscription events

Removed dead Pages Router export config from webhook handler that had no effect in App Router

Subscription downgrade now also triggers on past_due status, not just canceled and unpaid

Webhook logs now include email address for easier debugging

Stripe live billing - single scan ($1.99), 10-pack ($14.99), Pro monthly ($12), Pro annual ($99)

7-day free trial for Pro subscriptions

Cancel subscription from account page

My Resumes - Pro users get AES-256-GCM encrypted resume storage with per-user derived keys

Admin dashboard with user stats, plan management, signup chart, and delete user capability

Forgot and reset password flow via Resend email

Google OAuth linked to existing email/password accounts

Credit bar always reads from DB, never shows stale JWT plan

Google OAuth session id not passed correctly through NextAuth - users appeared logged out after signing in with Google

PDF extraction failing on Vercel serverless - switched to client-side pdfjs-dist extraction to avoid server memory limits

Free scan counter not decrementing for Google OAuth users due to missing user id in JWT

Resend domain verified for noreply@gridpass.ai so password reset emails come from the correct domain

Google OAuth authorized redirect URIs updated to include gridpass.ai production domain

Credit bar showing stale scan count after paywall triggered - now refreshes correctly

ATS Resume Analyzer - paste resume and job description, get scored analysis via Claude Sonnet

PDF upload with client-side text extraction - never sent to our servers

Email/password and Google OAuth authentication

3 free scans per account

Keyword matching, grammar checking, formatting analysis, and improvement suggestions

Terms of Service and Privacy Policy pages

gridpass.ai domain live with SSL via Cloudflare and Vercel