Skip to main content
Back to Home

Changelog

What's shipping in VolunteerCal. New entries appear at the top. Subscribe to /status for live operational health.

May 2026

  1. ImprovementMay 27, 2026#110

    Activity feed now captures every sensitive change

    The org Activity log (Settings → Activity) now records member invites, role changes, removals, tier changes, kiosk activations, child checkout, and CSV exports. Customer support has a complete record when answering 'who changed Sarah's role last Tuesday?'

  2. FeatureMay 27, 2026#111

    Notify team leads when a schedule is ready for review

    The Request Approval button on Growth+ schedules now actually sends an email to each ministry lead, asking them to review and approve their team's portion. Falls back gracefully when a team has no lead email set.

  3. InfraMay 26, 2026#101#102#103#104#105#106#107#108

    Every API route now uses standardized auth and validation

    Internal: 19 high-risk API routes migrated to a shared authz library with consistent error messages and Zod-validated request bodies. Tightens the seam where bugs love to hide and surfaces a uniform 401/403/400 vocabulary to clients.

  4. ImprovementMay 26, 2026#99

    Schedule status now denormalized for faster reads

    Internal: child assignment docs carry their parent schedule's status so volunteer-facing lookups no longer pay a per-read parent-fetch cost. Sets up later strict access rules for draft schedules.

  5. ImprovementMay 26, 2026#95

    Reminder send loop now bullet-proof against duplicates

    Retried cron sends never re-send the same email or SMS, thanks to per-channel claim flags written inside a Firestore transaction. The legacy array shape is auto-migrated on first run.

  6. InfraMay 26, 2026#96

    Cron visibility — see when scheduled jobs last ran

    New Platform Admin → Cron Runs page surfaces the last 7 days of cron starts, completions, durations, and processed counts. Cron failures stop being invisible.

  7. InfraMay 25, 2026#92#93#94

    Structured logging + Content-Security-Policy reporting

    Internal: a new lib/log wrapper unifies our error pipeline into Sentry with no console-statement leaks. CSP violations now report to Sentry in report-only mode, with enforcement flipping on after ~1 week of telemetry.

  8. ImprovementMay 25, 2026#87#88#89#90

    Admin sign-ins now count for org activity status

    Previously the org list showed 'dormant' for any church whose owner hadn't signed in even when their admins were in the app daily. Activity status is now the max of every admin-level sign-in date.

  9. FixMay 24, 2026#86

    Safari sign-in fixed via Firestore long-polling fallback

    Safari's tracking protection blocks the WebSocket Firebase needs by default. The client now auto-falls back to long-polling so login works for all volunteers regardless of browser.

Want to suggest something? info@volunteercal.com