Applydrop logo Applydrop
Home / Changelog

Changelog

Product updates, improvements, and new features shipped to Applydrop.

April 13, 2026

Security hardening, accessibility, and UI polish

  • Security headers — Added CSP, X-Frame-Options, X-Content-Type-Options, Permissions-Policy, and HSTS with preload to all frontend pages
  • Dependency audit — Patched 5 npm vulnerabilities (Vite path traversal, picomatch ReDoS) to zero
  • Rate limiting fix — Per-client IP rate limiting now works correctly behind nginx reverse proxy
  • Open redirect fix — Blocked potential open redirect via job apply log URLs
  • Migration import hardened — Import now uses an allowlist instead of a blocklist for localStorage keys
  • Dead code removal — Removed 3,200+ lines of unused code, reducing main bundle by 140 KB (29%)
  • Branded favicon — Replaced default React favicon with the Applydrop brand mark

April 12, 2026

Accessibility and UX improvements

  • Keyboard accessibility — Added focus-visible outlines, skip-to-content links, and nav landmarks across all pages
  • Reduced motion — All 12 CSS animations respect prefers-reduced-motion system preference
  • Error boundary — Lazy-loaded views now show a branded recovery screen instead of white-screening on errors
  • Match badges — Added status icons alongside colors for colorblind-friendly score differentiation
  • SSE reconnect — Live progress feed now uses exponential backoff (5s→30s) instead of fixed 5s retries
  • Inline error messages — Job feedback failures now show visible inline errors instead of failing silently
  • Client-side validation — URL validation on Quick Add, 5 MB file size check on CV upload

April 12, 2026

Website enhancements

  • Site footer — Added full navigation footer to homepage (Product, Guides, Legal sections)
  • Cross-page navigation — Added persistent nav bar across About, Pricing, Security, Contact, Terms, Privacy pages
  • Pricing tiers — Added placeholder Free / Pro / Enterprise tier cards
  • Contact form — Added name/email/message form to the Contact page
  • Legal page readability — Added alternating section backgrounds to Terms and Privacy pages
  • SEO improvements — Added missing og:image:alt, twitter:image:alt, llms.txt links, and BreadcrumbList hints
  • PWA manifest — Added id, scope, description, categories, and maskable icon support

April 11, 2026

Backend improvements

  • Transaction safety — Job insert loops now use explicit SQLite transactions (BEGIN IMMEDIATE / COMMIT)
  • Sector relevance engine — Deterministic classifier, scoring composition, backfill worker, correction endpoint (behind feature flags)
  • Saved searches API — CRUD endpoints for saved job search filters with email alert support
  • Recommendations API — Similar jobs, liked companies, and unexplored sectors suggestions
  • Daily matches cron — Scheduled digest builder with email notification support
  • Events API — User engagement tracking (view, save, apply, click events)