v0.5.0

What's Changed

• List sessions by @straeter in #200
• Add Helm chart, deploy workflow, and staging support for MCP server by @RafaelPo in #201
• Add REDIS_PASSWORD to MCP server secrets by @RafaelPo in #203
• Fix JWKS verification failure on staging MCP server by @RafaelPo in #204
• Add basedpyright check to MCP deploy workflow by @RafaelPo in #202
• Remove pull_request trigger from deploy-mcp workflow by @RafaelPo in #206
• Unified input API: artifact_id + data replaces input_csv by @RafaelPo in #207
• Security hardening: SSRF, headers, Redis TLS, container lockdown by @RafaelPo in #208
• Regenerate types from OpenAPI spec by @rgambee in #211
• Security hardening: auth replay, encryption guards, rate limits, CORS by @RafaelPo in #209
• Security audit: network policy & infrastructure by @RafaelPo in #215
• Security audit: SSRF attack surface analysis by @RafaelPo in #213
• Move non-secret config from SOPS secrets to plain env vars by @RafaelPo in #219
• Security audit: MCP server secret management by @RafaelPo in #216
• Security audit: tenant isolation crossover report by @RafaelPo in #217
• Regenerate types to reflect API changes to insufficient balance response by @rgambee in #212
• Security audit: auth bypass & manipulation review by @RafaelPo in #214
• Introduce blog section and add post about LLM provider quirks by @rgambee in #210
• Fix basedpyright type errors blocking CI deploys by @RafaelPo in #221
• Fix CI: basedpyright --level error by @RafaelPo in #222
• Remove basedpyright check from MCP deploy CI by @RafaelPo in #223
• Add UPLOAD_SECRET to staging and production secrets by @RafaelPo in #225
• Fix network policy: allow Redis Sentinel port 26379 by @RafaelPo in #227
• Fix network policy: add GKE service CIDR for Redis by @RafaelPo in #228
• Fix staging deploy: startup probe and disable network policy by @RafaelPo in #230
• Add pagination to list_sessions by @jackwildman in #229
• Remove blog section by @rgambee in #231
• Replace curl-download with paginated inline results + widget JSON endpoint by @RafaelPo in #232
• Expose balance through MCP by @jackwildman in #234
• Skip widget JSON for Claude Code clients by @RafaelPo in #235
• Refactor result storage from CSV to JSON in Redis by @RafaelPo in #237
• Scale staging to 2 replicas by @RafaelPo in #239
• Allow Supabase JWT passthrough by @rgambee in #238
• Personify utilities by @dschwarz26 in #233
• Skip widget, session URL, and page_size prompt for internal clients by @RafaelPo in #240
• More relationship types by @straeter in #164
• Switch widget UA detection to whitelist by @RafaelPo in #244
• Check readmes for broken links by @straeter in #149
• Add missing CSV file for FDA products by @rgambee in #245
• Surface output artifact_id for operation chaining by @RafaelPo in #246
• Implement built in list browsing and fetching by @dschwarz26 in #241
• Implement SDK and MCP methods for Classify by @dschwarz26 in #242
• Delegate presigned uploads to Engine API by @RafaelPo in #248
• Increase production MCP server to 2 replicas by @RafaelPo in #249
• feat: add everyrow_list_session_tasks MCP tool by @nikosbosse in #243
• chore: bump auto_page_size_threshold to 100 by @RafaelPo in #253
• Update MCP server docs for directory submission by @RafaelPo in #252
• Add info-level logging to all MCP tools by @RafaelPo in #250
• Fix video/poster assets: use GitHub LFS media URLs by @RafaelPo in #254
• feat: display input/context artifact IDs in list_session_tasks by @nikosbosse in #251
• fix: stop guard treats stale task.json as expired after 60 minutes by @nikosbosse in #256

Full Changelog: v0.4.0...v0.5.0