Quail 0.4.0 Beta 3

This beta focuses on a safer, more modular UI foundation plus an automated safety net for future refactors.

Highlights

• Inbox/message/admin templates are now split into partials for maintainability without changing DOM contracts.
• A CSS bundle with cache-busting is now the default, with Makefile targets to keep it in sync.
• Playwright E2E smoke tests, visual baselines, and perf capture add regression protection.

Added

• Playwright E2E smoke tests, visual baselines, and performance capture with a runbook.
• CSS bundle workflow with cache-busted quail.css and Makefile targets for rebuilds.
• Static inbox and layout JS files extracted from templates.
• Admin UI CSRF tokens for state-changing requests.
• Desktop notifications toggle and dynamic tab titles for inbox status.

Changed

• Inbox, message view, admin settings, and quarantine templates split into partials.
• Layout shell and admin form patterns moved into macros/partials.
• make test rebuilds the CSS bundle when partials change.
• install.sh initializes the admin PIN from QUAIL_ADMIN_PIN when unset.
• upgrade.sh can reset the admin PIN when QUAIL_RESET_PIN=true.
• Admin session cookies are marked Secure when HTTPS is detected (including X-Forwarded-Proto).
• Inbox list pages use internal scrolling with sticky headers and aligned list layouts.
• Inbox copy updated (Received Mail title, QA subtitle, filter placeholder) with new empty-state messaging.
• WebSocket inbox adds app-level ping/pong keepalive with jittered reconnect backoff.
• WebSocket inbox loop retries after unexpected errors to keep live updates running.
• Docs clarify that HTML is rendered as sent inside a sandboxed iframe (no sanitization).

Fixed

• Attachment downloads return 404 when files are missing on disk.

Notes

• If you edit CSS partials under quail/templates/partials/styles/, run make css-bundle (or just make test, which
  rebuilds automatically).

Quail 0.3.5 Beta 2

Added

• WebSocket inbox updates with polling fallback, reconnect/backoff, drift detection, and periodic timestamp refresh.
• WebSocket origin allowlist support (QUAIL_ALLOWED_ORIGINS).
• Inbox event retention cleanup.
• Interactive install/upgrade prompts (CI-safe) and optional install smoke test.
• Admin ingest health summary on the settings page.

Changed

• WebSocket inbox updates are enabled by default (QUAIL_ENABLE_WS=true).

Fixed

• SQLite lock during purge event logging by using a shared connection.
• WebSocket event loop row handling.
• Admin PIN validation/enforcement on first install.

Upgrade notes

• If you terminate TLS with nginx, ensure your location / block includes WebSocket upgrade headers and proxy_pass http://127.0.0.1:8000;.
• install.sh and upgrade.sh are now interactive when run in a terminal; use --non-interactive for automation/CI.
• QUAIL_ALLOWED_ORIGINS is optional; leave blank to allow the host origin or set explicit origins for stricter
  WebSocket access.

Quail 0.3.0 Beta 1

Highlights

• Admin quarantine workflows with bulk restore/delete and rule creation.
• Full HTML rendering (sandboxed) with HTML/TEXT/attachments tabs.
• Ingest visibility and policy tooling for QA operations.

Added

• Admin quarantine view with filters and bulk restore/delete plus rule creation.
• Domain policy management and address/content rule CRUD with validation.
• Ingest decision logging, admin audit entries, and ingest visibility metrics.
• Separate retention windows for inbox and quarantine, plus per-domain overrides.
• Full HTML rendering toggle with sandboxed iframe HTML view and HTML/text/attachments tabs.
• Inbox auto-refresh with ETag caching and receiver name column.
• Favicons for common platforms.
• pytest added to requirements for local test runs.
• Postfix transport map configuration and domain list support in install scripts.

Changed

• Message detail layout uses fixed panel scrolling and desktop-tuned spacing.
• Minimal HTML emails inherit the app theme in dark mode for readability.
• install.sh now requires QUAIL_DOMAINS to be explicitly configured; upgrade warns if missing.

Fixed

• Postfix ingest uses the Quail virtual environment interpreter with a clear error when missing.
• Postfix install configuration uses relay domains/transport maps and preserves envelope recipients.
• Ingest pipe sets PYTHONPATH so Quail runs from the source tree.
• Attachment download handling for message detail view.
• Optional tinycss2 dependency handling for HTML sanitization.

Quail 0.2.0 Alpha

Change Log

All notable changes to this project will be documented in this file. This project adheres to Semantic Versioning.

[0.2.0] - 2026-01-12

Added

• Added spam mitigation phase 1 schema tables and message metadata columns.
• Implemented phase 2 deterministic ingest decisions with policy/rule metadata.
• Added admin domain policy management endpoints and UI controls.
• Added admin address/content rule CRUD endpoints, validation, and settings UI.
• Added admin quarantine view with filters and bulk restore/delete/rule creation actions.
• Added quarantine retention settings with optional per-domain overrides in purge logic.
• Added ingest decision logging, admin audit detail fields, and ingest visibility metrics in the admin UI.
• Added purge retention for admin audit entries (30 days).
• Added pytest to requirements to run the test suite locally.
• Added Postfix transport map configuration and domain list support to install.sh.

Fixed

• Ensured Postfix ingest uses the Quail virtual environment interpreter with a clear error when missing.
• Updated Postfix install configuration to use relay domains with transport maps instead of virtual aliases, preserving envelope recipients.
• Ensured the Postfix ingest pipe sets PYTHONPATH so Quail runs from the source tree without packaging.

[0.1.0] - 2026-01-09

Added

• Initial repository scaffolding, including core package layout and FastAPI service.
• Ingest pipeline for storing raw .eml files and metadata.
• Retention purge job with systemd timer.
• Admin settings form and PIN‑gated UI.
• Installation (install.sh) and upgrade (upgrade.sh) scripts with basic functionality.