Core Platform Release Notes

May, 2026

New Features

• Per-domain publishable API keys for embedded widgets: Each whitelabel domain configured for an embedded widget can now carry its own publishable API key, enabling per-domain auth scope and independent key rotation without changing the hub-level key.

Improvements

• Large-source ingestion reliability: Hardened ingestion workflows recover automatically from network issues and other stalls. This helps progress more reliably through ingestions that process hundreds to thousands of documents. Cancellation is reliable end-to-end (no more stuck CANCELLING), accidental duplicate re-ingestion attempts are blocked.

Improvements

• Security hardening: A round of penetration-testing discovered no major issues. Low priority findings were remediated across the dashboard and API surfaces:

  • Strict nonce-based Content Security Policy now replaces permissive defaults across page and API responses, materially reducing XSS attack surface.

• Large-source ingestion stability: Several reliability improvements for very large sitemaps and PDF-heavy crawls:

  • Indexing progress rows are now bounded, preventing workflow progress tracking bloat on multi-thousand-document crawls.
  • Sitemaps that begin with a UTF-8 BOM but lack an explicit charset header are now parsed correctly (previously caused a hard ingestion failure).

April, 2026

New Features

• New connector: Khoros Community: Khoros Community forums are now a supported ingestion source, enabling community knowledge bases to flow into the platform.

• Partial re-ingestion: Retry specific failed documents without a full source re-crawl, supported across major connectors.

• Scheduled ingestions live (end-to-end): Recurring source ingestion is now fully operational, with overlap protection and throttling safeguards to prevent duplicate or runaway runs.

• Public evaluation API: New non-streaming hub agent endpoint for programmatic evaluation workflows.

• Jira OAuth in production: Jira Cloud and Data Center ingestion now authenticates via centralized OAuth (Cloud) and PAT (Data Center) replacing manual static credential handling.

Improvements

• Stronger tenant isolation: Cross-domain email authorization hardened with explicit logging for unauthorized cross-tenant access attempts.

• Embed reCAPTCHA scoping: Badge visibility is now tied to the active hub's reCAPTCHA key, preventing interference with other reCAPTCHA instances on customer pages.

• Web crawler performance boost: Shared browser context caching for headless crawls reduces repeated asset downloads by ~80% on subsequent page loads, plus explicit HTTP 307 redirect handling fixes previously missed content.

• Extraction cache is code-change aware: Cache keys now include the extraction recipe version, so logic changes auto-invalidate stale output.

Bug Fixes

• Textract extraction quality fix: Figure bounding boxes now expand to include intersecting caption text, fixing clipped images and captions in datasheet-style documents.