Generated: 2026-04-15
Changerawr is a self-hosted changelog management platform with AI assistance, custom domains, SSO/SAML, Slack/GitHub integrations, and embeddable widgets.
License: CNC OSL (Non-Commercial Open Source)
changerawr/
├── app/ # Next.js App Router (pages + API routes)
│ ├── (auth)/ # Auth page group (login, register, setup, 2FA)
│ ├── (email)/ # Email-related pages (unsubscribed)
│ ├── api/ # 145+ API route handlers
│ ├── dashboard/ # Authenticated dashboard
│ │ ├── admin/ # Admin panel (users, system config, SSO, audit)
│ │ ├── projects/ # Project management & changelog editor
│ │ └── settings/ # User settings
│ ├── changelog/ # Public changelog pages + RSS feeds
│ └── .well-known/ # ACME challenge routes
├── components/ # React UI components by feature
├── lib/ # Business logic, utils, auth, services
├── hooks/ # 13 custom React hooks
├── prisma/schema/ # Modular Prisma schema (6 files)
├── emails/ # Email template components
├── context/ # React context providers (auth, setup)
├── widgets/ # Embeddable changelog widget source
├── scripts/ # Build & maintenance scripts
└── public/ # Static assets
| Path | Purpose |
|---|---|
app/layout.tsx |
Root layout with providers |
app/page.tsx |
Root redirect |
app/(auth)/setup/page.tsx |
First-run setup wizard |
lib/api/middleware.ts |
API request middleware (auth, permissions) |
next.config.ts |
Next.js config (React Compiler, Turbopack) |
docker-entrypoint.sh |
Container startup |
- Token: JWT in
accessTokencookie — verified viaverifyAccessTokenfromlib/auth/tokens - Methods: Password, OAuth, SAML/SSO, Passkey/WebAuthn
- Roles:
ADMIN,STAFF,VIEWER - 2FA Modes:
NONE,PASSKEY_PLUS_PASSWORD,PASSWORD_PLUS_PASSKEY - CLI Auth: Token-based code flow at
/api/auth/cli/*
Key auth files:
lib/auth/tokens.ts— JWT generation/verificationlib/auth/oauth.ts— OAuth 2.0 provider integrationlib/auth/saml.ts— SAML implementationlib/auth/webauthn.ts— Passkey/WebAuthnlib/api/permissions.ts— Permission checkinglib/api/route-permissions.ts— Route-level permission config
Route groups:
auth/— Login, register, OAuth, SAML, passkeys, CLI, password resetadmin/— Config, users, AI settings, SSO providers, API keys, audit logsprojects/[projectId]/— CRUD, changelog entries, integrations, analyticschangelog/— Public access, subscriptions, RSScustom-domains/— Domain verify, SSL management, browser rulesacme/— Let's Encrypt certificate issuance/renewalintegrations/slack/— Slack OAuth callbackconfig/timezone— Public effective timezone (no auth)health— Health check
Business logic separated from API handlers:
analytics/— Analytics data processingchangelog/— Entry CRUD, publishing, schedulingemail/— SMTP sending, newsletter managementgithub/— Commit sync, tag creationslack/— Slack bot notificationsjobs/— Background job execution (ScheduledJob queue)projects/— Project operationssponsor/— License/sponsor managementtelemetry/— Telemetry trackingsearch/— Full-text PostgreSQL searchcore/markdown/— Markdown parsing & custom extensions
See Authentication System above.
format-date.ts— Timezone-aware date formattingcookies.ts— Cookie helpersencryption.ts— Encryption utilitiesauditLog.ts— Audit log helpersapi.ts— API utilities
service.ts— Domain managementssl/— ACME/Let's Encrypt logicdns.ts— DNS verification utilities
Schema split across prisma/schema/:
base.prisma— Datasource & generatorusers.prisma— User, OAuth, SAML, Passkey, 2FA, Invite, PasswordResetprojects.prisma— Project, Changelog, ChangelogEntry, ChangelogTag, Widgetsystem.prisma— SystemConfig, ApiKey, AuditLog, ScheduledJob, Analytics, CustomDomainintegrations.prisma— EmailConfig, SlackIntegration, GitHubIntegration, Subscribersenums.prisma— All enum definitions
Key models:
User— Core user with role, timezoneSystemConfig— Global app config (timezone, email, AI, Slack OAuth, customDateTemplates as JSONB)Project/Changelog/ChangelogEntry— Main content modelsScheduledJob— Background job queue (publish, email, SSL renewal, telemetry)CustomDomain/DomainCertificate— Domain management with SSL
components/
├── changelog/editor/ # Entry editor (AI, versioning, scheduling)
│ └── VersionSelector.tsx # Version/date template picker
├── markdown-editor/ # Custom markdown editor with AI
│ ├── MarkdownEditor.tsx
│ ├── MarkdownToolbar.tsx
│ ├── MarkdownPreview.tsx
│ └── ai/ # AI assistant panel
├── admin/ # Admin UI (API keys, audit logs, requests)
├── analytics/ # Chart components
├── project/ # Project sidebar, navigation, settings
│ └── catch-up/ # Feature recap display
├── sso/ # SSO configuration UI
├── setup/ # First-run setup wizard
├── settings/ # User security settings
├── ui/ # Shadcn/Radix UI primitives
├── CommandPalette.tsx # Global command palette
└── Logo.tsx
| Hook | Purpose |
|---|---|
use-timezone.ts |
Resolves effective timezone (user → system → UTC) |
useAIAssistant.ts |
AI writing assistant |
useMarkdownState.ts |
Markdown editor state management |
useEditorHistory.ts |
Undo/redo for editor |
useSlashCommands.ts |
Slash command handling |
useCommandPalette.ts |
Command palette state |
useBookmarks.ts |
Bookmark management |
useChunkedData.ts |
Data chunking for large lists |
useTelemetry.ts |
Telemetry tracking |
useWhatsNew.ts |
What's new modal |
| File | Purpose |
|---|---|
next.config.ts |
Next.js (React Compiler on, strictMode off, Turbopack) |
tailwind.config.ts |
Tailwind CSS |
components.json |
shadcn/ui component config |
tsconfig.json |
TypeScript (strict, @/* alias) |
prisma/schema/ |
Database schema |
.env.example |
Required environment variables |
Dockerfile + docker-compose.yml |
Container deployment |
Caddyfile / nginx.conf |
Reverse proxy configs |
| File | Topic |
|---|---|
README.md |
Features, quick start, deployment |
CHANGELOG.md |
Version history |
APIDOCGUIDE.md |
API documentation guide |
ideas.md |
Feature ideas/roadmap |
issues.md |
Known issues |
useful-information-for-development/ |
Dev notes (Slack scopes, etc.) |
| Package | Version | Purpose |
|---|---|---|
| next | 16.1.6 | Framework |
| react | 19.2.4 | UI library |
| prisma | 6.7.0 | ORM |
| jose | — | JWT tokens |
| @node-saml/node-saml | — | SAML/SSO |
| @simplewebauthn/* | — | Passkeys |
| @tiptap/react | — | Rich text editing |
| @tanstack/react-query | — | Server state |
| @scalar/nextjs-api-reference | — | API docs UI |
| recharts | — | Analytics charts |
| framer-motion | — | Animations |
| zod | — | Schema validation |
| react-hook-form | — | Form handling |
| nodemailer | — | Email sending |
| @slack/bolt | — | Slack integration |
cp .env.example .envand fill in required varsnpm installnpx prisma migrate dev— run DB migrationsnpx prisma generate— generate Prisma clientnpm run dev— starts on port 3001- Visit
/setupon first run
Build widget: npm run build:widget
API docs: npm run generate-swagger → visit /api-docs
- Auth: JWT in
accessTokencookie;verifyAccessTokenfromlib/auth/tokens - Permissions: Role-based, configured in
lib/api/route-permissions.ts - Services: Business logic in
lib/services/, not in route handlers - Timezone: User.timezone → SystemConfig.timezone → UTC; use
useTimezone()hook client-side - Admin layout:
/^\/dashboard\/admin\/system/pattern catches sub-pages - SystemConfig: Single row, full object sent on PATCH — new fields need defaults
- Background jobs:
ScheduledJobmodel polled by cron endpoints - Custom domains: DNS verification + Let's Encrypt via ACME protocol