Duplicate requests are now handled gracefully across account signup, OTP delivery, and scheduled platform jobs. Submitting the same action more than once returns the correct result without creating duplicate records or triggering duplicate emails — critical for reliability in slow-network scenarios.
Every server action that mutates data now has an automated regression guard verifying that authentication is enforced before any database write. This runs as part of the CI pipeline on every push.
Three database migrations landed in production as part of this release:
The health endpoint now handles gracefully the case where the rate-limiting layer is unavailable, returning a degraded-but-operational status rather than failing the check entirely.
Automated weekly checks now verify that the production environment is in the expected state — no demo data in production, no forbidden environment variables configured, correct separation between staging and production credentials.
Adding a material to a product's bill of materials appeared to work but never actually persisted. The root cause was a misconfigured feature gate — the action was checking for a module name that didn't exist on any account, causing every attempt to be blocked before it reached the database. The gate has been corrected to the canonical module name across all traceability entry points.
Fixing this exposed a second issue: the traceability record creation was receiving the product's public URL identifier instead of its internal database identifier. These are intentionally different values (the URL identifier is human-readable; the database identifier is used for internal record linking). The page now supplies the correct identifier for each purpose. A regression test now covers both cases.
Three automated regression tests now cover this flow: slug-based identifiers are correctly rejected, database identifiers are correctly accepted, and the supplier reference guard behaves as expected.
]]>Documents processed in bulk are now mirrored into the full document management system as first-class records. Each document processed via a bulk AI extraction job creates a proper document record and an associated verification task, with the AI extraction noted in the audit trail. The operation is idempotent — re-running a bulk job on previously processed documents does not create duplicates.
The integration test suite now covers the five compliance document formats most commonly uploaded by operators: UN 38.3 transport test reports, CE Declarations of Conformity, PEF/LCA lifecycle assessment studies, CMRT conflict minerals reports, and Safety Data Sheets. These tests run against the live Anthropic Claude API (not mocked) and are excluded from the default test run to keep CI free.
robots.txt — staging disallows all crawlers; production allows full indexing with sitemapDocument type detection now uses 30+ word-bounded pattern matchers covering all major compliance document formats in English, French, and German. This replaces the previous substring-based detection which was prone to false positives.
Fifteen hardening items applied to Document AI server actions:
Cookie consent state is now deferred until the component is mounted on the client, resolving a server-client hydration mismatch that caused the consent banner to flicker on navigation between pages.
]]>EV battery DPP audit completed — Full field-level review of EV battery DPP requirements against EU Regulation 2023/1542. All mandatory fields for EV batteries (carbon footprint, recycled content, state of health, supply chain due diligence, electrochemical performance, safety certifications) verified as implemented and aligned with Annex XIII requirements.
LMT battery DPP audit completed — Field-level review of Light Means of Transport battery DPP requirements. DPP form coverage confirmed for LMT-specific fields under the 2026 enforcement timeline.
Industrial battery (Annex XIII) audit completed — Comprehensive audit of Industrial battery DPP data requirements against Annex XIII of EU Regulation 2023/1542. All ten data categories (identification, electrochemical performance, carbon footprint, recycled content, safety, supply chain due diligence, materials, end of life, composition, and conformity) verified as supported in the platform.
Regulatory field mapping verified — All Traceable DPP fields mapped to their source articles in EU Regulation 2023/1542. Mapping documented in the compliance reference section of this documentation site.
GDPR audit completed — Data flow mapping, lawful basis documentation, and data subject rights tooling (Articles 15, 17, 20) reviewed and confirmed as implemented. Data Processing Agreement template finalised.
Security audit completed — Infrastructure review covering data encryption at rest (AES-256) and in transit (TLS 1.3), authentication mechanisms, RBAC access controls, audit logging completeness, and rate limiting. All critical findings resolved.
Sub-processor register finalised — Supabase (database, EU Ireland), Vercel (edge/hosting, EU Frankfurt), Resend (transactional email, EU), Sentry (error monitoring, EU), and Upstash (rate limiting, EU) confirmed as EU-resident. No data leaves EU infrastructure.
Data retention policy implemented — Automated cron-based data cleanup aligned with documented retention windows. Account deletion triggers 30-day erasure workflow for all personal data associated with the account.
Rate limiting hardened — Per-IP limits on public endpoints and per-API-key limits on authenticated endpoints active at the edge via Upstash Redis.
Audit trail completeness verified — All create, update, delete, publish, and PoLI access events confirmed as captured with timestamp, actor identity, and resource reference.
Dependency security: upgraded PDF generation library and its peer dependencies, resolving one critical and four high severity vulnerabilities. Additional transitive dependency vulnerabilities resolved via automated audit tooling. Vulnerability count reduced from 42 to 4 — all remaining are in transitive dependencies where upstream maintainers have not yet shipped fixes.
Runtime audit clean: npm audit --omit=dev now returns zero vulnerabilities in production runtime dependencies.
A central AI enable/disable switch now controls all AI features across the platform simultaneously. When disabled, all 21 AI-powered features deactivate cleanly without errors — useful for operational incidents, cost control, or compliance holds. The switch is controlled via an environment variable and takes effect without a deployment.
Searchable dropdown for large field lists — select fields with more than fifteen options now render as searchable comboboxes. Operators can type to filter rather than scrolling through long lists. Particularly useful for country selection and material category fields.
ISO 3166-1 country coverage — all country fields across battery templates now offer the full list of 195 countries via the new searchable dropdown. Previously, some fields offered only EU member states or free-text input.
Schema drift detection in CI — the continuous integration pipeline now blocks pull requests that modify the database schema without including a corresponding migration file. This prevents schema drift between the codebase and the database.
GTIN-14 validation — product GTIN fields now enforce exactly 14 digits and check for uniqueness across the platform. Duplicate GTIN submission is rejected with a clear error.
Product edit status guard — products with a status of Approved or Deprecated can no longer be edited. Editing an approved DPP requires creating a new version, in line with Article 77 of the EU Battery Regulation.
GS1 Digital Link not persisting — the GS1 Digital Link URI (the QR code URL in /01/{GTIN}/21/{serial} format) was being generated correctly but was not being saved to the product record. Operators who subsequently regenerated a QR code would get a correctly formatted URL, but the stored value was never written. Now fixed — the URI is written to the product record at generation time.
PDF export crash — the DPP PDF export was throwing a runtime error for products with certain field configurations. Root cause was an assumption that a specific field would always be an array — adding an array guard resolves the crash for all configurations.
Negative numbers in numeric fields — numeric DPP fields (capacity, cycle life, efficiency, etc.) were accepting negative values that are not physically meaningful. All numeric fields now enforce a minimum of zero by default, with specific field minimums applied where regulation requires.
Form validation not enforcing field rules — the DPP wizard schema validation was not applying field-level validation rules (pattern matching, minimum, maximum) defined in the template configuration. Field constraints are now correctly enforced on form submission.
Document status defaulting to Verified — newly uploaded documents were being tagged with a status of "Verified" rather than "Pending". Documents now correctly enter a Pending state and require explicit verification before being marked as verified.
500 errors on DPP pages — a missing database column introduced in a prior update was causing server errors on all DPP detail pages in the staging environment. The migration applying the column is now included correctly.
Country fields standardised — eight free-text country fields across all five battery category templates have been converted to ISO 3166-1 select dropdowns. This ensures country values in published DPPs are machine-readable and consistently formatted.
DPP submission now includes a binary ESPR approval gate as the final step before publishing. The gate evaluates all mandatory ESPR fields and blocks publication if any are missing or incomplete — replacing the previous percentage-based completeness check. ESPR-mandated fields are marked inline with a help link to the relevant regulatory requirement.
Eight additional fields added to the EV battery DPP template: rated voltage (minimum, maximum, nominal), manufacturer phone number, product model identifier, and three compliance declaration fields. These fields align with the full field set required under EU Regulation 2023/1542 for electric vehicle batteries.
The DPP creation wizard has been reorganised into eleven steps ordered to match the regulatory compliance workflow — identity and classification first, technical performance mid, supply chain and compliance last. A template preview is now shown on the opening step so operators can see the full field scope before beginning.
Date fields across all DPP templates now use a calendar picker with year and month dropdown navigation, making it practical to select historical dates (certificate issue dates, audit dates, manufacture dates) without clicking through months one at a time.
Country fields that are restricted to EU member states now use a 27-country dropdown rather than a free-text field. This ensures published DPPs contain correctly formatted, machine-readable country values.
The DPP wizard now pre-fills manufacturer and operator contact fields from the company profile, reducing repetitive data entry for operators managing multiple products.
Product identifiers now include a random offset component when auto-generated, preventing collisions between products created close together in time.
Draft and submitted DPPs are no longer accessible via direct storage URLs. Only published DPPs are publicly readable; in-progress records require an authenticated session.
The public DPP viewer now validates that file references use correctly signed URLs before rendering, preventing broken asset references in published passports.
Transactional emails (invitations, OTP, data request notifications) have been redesigned with a gradient header and improved layout, aligned with the Traceable brand.
OTP enforcement for all users — one-time password verification is now mandatory on every login, with no bypass paths available in production. Previously, OTP could be skipped under certain session conditions.
Forgot password flow — operators, suppliers, and verifiers can now reset their password via a secure email link without requiring support intervention.
Supplier data isolation — supplier data queries are now scoped strictly to the supplier's own company. A supplier cannot access or infer the existence of materials, certificates, or responses belonging to a different supplier company.
URL protocol validation — all URL fields in DPP forms now validate that the protocol is https:// or http://. Protocols such as javascript:, data:, and file:// are rejected, preventing stored XSS via URL fields.
Industry classification — the signup flow now includes a dynamic industry dropdown populated from the platform's category database, enabling accurate company classification at registration.
Offline detection banner — when a user's internet connection drops, a banner appears immediately across all portal pages. The banner clears automatically when connectivity is restored, without requiring a page refresh.
In-app feedback widget — operators, suppliers, and verifiers can submit feedback directly from any page in the platform. Feedback is routed to the Traceable team without leaving the portal.
Pre-commit code quality hooks — automated checks now run on every commit before it is accepted, enforcing code formatting and lint rules. This keeps the codebase consistent and catches common issues before they reach CI.
Scheduled cron jobs — three automated background jobs are now active: certificate expiry monitoring (notifies operators when supplier certificates are approaching their expiry date), trial expiry management, and data retention cleanup.
Draft backup — the DPP creation wizard now saves a local backup of in-progress form data. If a session expires or the browser is closed unexpectedly, the draft is restored on next visit.
QR code retry — if QR code generation fails (for example due to a transient network error), a retry button is shown inline without requiring the operator to navigate away.
Open Graph metadata on DPP pages — published DPP pages now include Open Graph tags, so sharing a DPP URL in messaging apps, social platforms, or link previews renders the product name and description correctly.
Unsaved changes protection — navigating away from the DPP wizard while there are unsaved changes now triggers a confirmation dialog. Accidental navigation no longer discards work in progress.
Session timeout warning — a five-minute countdown warning appears before an idle session expires. Operators can extend their session with a single click, avoiding the frustration of losing form state after a period of inactivity.
Product search URL sync — the product list search query is now synchronised to the URL as a ?search= parameter. Search results are bookmarkable and survive page refreshes.
Print styles for DPP viewer — published DPP pages now include print-optimised styles. Printing or saving as PDF from the browser produces a clean, structured document suitable for regulatory submissions.
Portal 404 page — the Company Portal now shows a purpose-built 404 page for unrecognised routes, with links back to the main sections of the portal.
AI model fallback with validation — if the primary AI model returns a response that fails schema validation, the platform automatically falls back to a validated safe response rather than surfacing an error to the operator.
AI usage analytics — platform administrators can now view a breakdown of AI feature usage by operator and document type, supporting cost monitoring and capacity planning.
Trial management — trial account expiry is handled automatically: a drip email sequence starts three days before expiry, and a cron job handles account state transitions at the expiry moment.
Last-admin protection — team management now prevents the last administrator on an account from being demoted or removed, preventing accounts from becoming permanently inaccessible.
Database connection pool exhaustion — dashboard queries were running in parallel and overwhelming the connection pool under moderate load. Queries are now serialised where appropriate, and connection handling has been tightened. Dashboard load time and reliability improved significantly.
Signed URL expiry — file download links embedded in DPPs and document views now remain valid for two hours (up from a shorter window that was causing link expiry for operators who kept a tab open).
Signup error messages — generic error messages on the signup flow have been replaced with specific, actionable messages. Email enumeration is protected — the message for "email already registered" does not confirm whether the address exists.
GDPR deletion audit trail — when an operator requests account deletion under Article 17, a system alert is now created for platform administrators. This ensures deletion requests are visible in the admin interface and can be tracked to completion within the 30-day SLA.
Tier 1 Verified badge — published DPP pages now display a "Tier 1 Verified" badge when the DPP has passed independent third-party verification. The badge is linked to the verifier's decision record.
Supplier security tab — the supplier detail view in the Company Portal now includes a security tab showing the supplier's authentication status, last login, and active session count.
System health metrics — the platform health dashboard now includes CPU usage, memory consumption, and uptime metrics, in addition to error counts.
Clear error logs — platform administrators can now clear resolved error log entries, keeping the error log focused on active issues.
Test suite expanded — automated test coverage increased substantially across authentication, GDPR, and DPP rendering flows.
A formal security audit identified 23 issues across the codebase. All findings have been resolved:
Math.random() for security-sensitive operations replaced with crypto.getRandomValues(), the cryptographically secure browser API.localhost fallback URLs in environment detection removed. Production configuration is explicit.Error trend sparkline — the dashboard now shows a seven-day error trend sparkline alongside the error count metric. Operators and administrators can see at a glance whether errors are rising, falling, or stable.
Error severity classification — errors captured by the platform are classified as critical, high, medium, or low severity based on their type and source. High and critical errors trigger email alerts.
Threshold-based alerting — operators can configure alert thresholds on key metrics (error rates, certificate expiry proximity, supplier response rates). Alerts are delivered via the platform notification system and email.
Row-level security expanded — database-level access controls applied to seven additional tables, ensuring that cross-company data access is blocked at the database layer.
Tooltips across all portals — over 100 contextual help tooltips added across the Company, Supplier, Verifier, and public portals. Tooltips explain field requirements, regulatory references, and workflow steps in plain language.
Cron-based alert evaluation — the alerting system evaluates thresholds on a scheduled basis and creates alert records automatically when a threshold is breached.
Coming Soon pages — features planned for future releases (Phase 2) now show informative Coming Soon pages with regulatory context explaining why the feature is planned, rather than blank routes.
Market surveillance authorities, customs bodies, and other entities with a legal right to access restricted DPP data under EU Battery Regulation 2023/1542 can now submit a formal access request through the platform. The flow:
All requests, approvals, and accesses are logged in the audit trail. See the PoLI endpoints documentation for the API reference.
Operators and administrators can define numeric thresholds on key operational metrics. When a threshold is breached, the platform creates an alert record and routes it through the notification and email system. Alerts support acknowledge and resolve workflows so the full lifecycle of an issue is captured.
Operators with multiple products can now generate all QR codes in a single operation from the product list view. Previously, QR codes had to be generated product by product.
The supplier list in the Company Portal can now be exported as a CSV file, including supplier name, contact details, linked materials, response rate, and last activity date.
An AI-powered sustainability insights panel is available on the DPP overview. The panel analyses the product's carbon footprint, recycled content, and supply chain data to surface actionable observations and benchmarks. Powered by Anthropic Claude.
Transactional emails are now driven by a database-backed template system. Platform administrators can manage email content, subject lines, and sender details through the admin interface without a code deployment. Fifteen event-based triggers are wired to the template engine covering invitation, verification, notification, and alert scenarios.
The platform handles email delivery failures gracefully. If the email service is unavailable, the triggering action (signup, OTP, data request) still succeeds and the email is logged for retry rather than causing the user-facing action to fail.
Platform administrators can send broadcast notifications to all operators, all suppliers, or a specific company. Useful for planned maintenance announcements, regulatory updates, and release notifications.
GS1 Digital Link resolver — the platform now exposes a GS1 Digital Link endpoint at /01/{GTIN} (and /01/{GTIN}/21/{serial}) implementing ISO/IEC 18975. QR codes encoded with a GTIN-based GS1 Digital Link URI resolve directly to the DPP viewer. This is the required QR code format under EU Battery Regulation 2023/1542 Article 77 for products with a GTIN assigned.
Shared DPP renderer — the DPP viewer is now a single shared rendering component used by both the GS1 Digital Link resolver and the slug-based DPP URL. Both access methods display an identical, consistent DPP presentation.
Cross-portal notifications — notifications created in the Company Portal (data request sent, verification task assigned) are now delivered to the appropriate Supplier and Verifier portal users in real time.
Verifier task scoping — verifiers now see only the verification tasks assigned to them. Previously the task list was not correctly filtered, allowing verifiers to see tasks across all operators.
traceable.digital domain family. All identifiers, schemas, and URLs updated across the full codebase.
app.traceable.digital. All existing DPP URLs, QR codes, and API integrations have been updated to use the new domain.https://app.traceable.digital to reflect the new domain.The platform now enforces a module access system across all three portals. Features are gated by module — operators only see and interact with features included in their plan. The module system covers 30 distinct capabilities and is enforced server-side on every request.
Platform administrators now have role-based access control: Full Access, Operations, and Viewer roles. Full Access can perform all actions; Operations can manage operators and products; Viewer has read-only access to all data.
A system health dashboard is available to administrators showing real-time platform status, recent error logs with severity classification, and performance metrics. Administrators can view error trends over time and acknowledge or resolve active alerts.
The DPP publication workflow now enforces ESPR field completeness as a gate before publication. Products with incomplete mandatory ESPR fields cannot be published, ensuring that every published DPP satisfies the minimum requirements of the EU regulation.
The public DPP viewer now presents all data categories specified in EU Battery Regulation 2023/1542 Annex XIII, with field labels in the language of the regulatory text. Viewing a DPP in a browser produces a human-readable representation of all required regulatory fields.
All create, read, update, and delete operations across all entities (products, suppliers, materials, certificates, verification tasks, team members, data requests, audit logs) are now fully implemented and connected to the live database. No mock data or placeholder handlers remain.
Every state-changing action across all three portals is now captured in the audit trail with a timestamp, user identity, company scope, and action type. The audit trail is append-only and cannot be modified by any portal user.
All portal interfaces — Company, Supplier, and Verifier — are now fully responsive across mobile, tablet, and desktop viewports. The DPP public viewer is optimised for mobile QR-code scanning flows.
Product approval is handled at the operator level, not the platform level. Operators control the publish workflow for their own products — platform administrators are not required to approve individual DPP publications.
A revenue analytics view is available to platform administrators, showing account growth, active operators, trial-to-paid conversion, and module adoption metrics.
Batch operations for common administrative tasks are available in the admin interface: bulk company status updates, bulk product category reassignment, bulk module assignment.
]]>A comprehensive multi-tenant database schema covering all core platform entities: products and DPP records across all five battery categories, suppliers and their material libraries, verification tasks and decisions, certificates with expiry tracking, audit logs, team members and roles, data requests, and GDPR consent records. Enum types cover all battery category classifications, product lifecycle states, verification outcomes, and regulatory compliance statuses required by EU Regulation 2023/1542.
Secure authentication using email and password combined with one-time password (OTP) verification on every login. Sessions are managed via secure, HTTP-only cookies with server-side validation. OTP delivery is handled via transactional email.
Nine AI-powered workflows built on the Anthropic Claude API:
Full product lifecycle management: create battery products across all five regulated categories (EV, LMT, Industrial, SLI, Portable), populate DPP fields through a structured wizard, manage version history, and control publication state.
Each time a DPP is published, an immutable snapshot of its data is captured. The snapshot record links the published content to the operator's identity, publication timestamp, and DPP version number. Published DPPs cannot be modified — updates require creating a new version.
Certificates linked to products and materials are tracked against their expiry dates. A background job runs daily, identifies certificates within 30 days of expiry, and notifies the relevant operator or supplier so renewals can be initiated before a DPP becomes non-compliant.
Operator accounts support multiple team members with distinct roles: Administrator (full account control), Manager (product and supplier management), and Viewer (read-only). Role assignments are managed by account administrators and take effect immediately.
Products can be imported in bulk via CSV upload. The import validates each row against the DPP field schema for the specified battery category, reports errors per row, and creates all valid product records in a single operation.
Operators can invite suppliers directly from the Company Portal. Invitees receive an email with a secure invitation link. Clicking the link creates a Supplier Portal account pre-linked to the inviting operator, with no separate registration required.