Added

• DC_NO_BROWSER env var — set DC_NO_BROWSER=1 to suppress browser launch during auth; respected by openBrowser() and the browser-auth gate. (#432)
• AI-agent auth gate — IS_AI_AGENT (set by Claude Code and similar tools) is now checked in canStartBrowserAuth(); non-interactive environments automatically fall through to the device-code / env-var path with a clearer error message. (#432)

Fixed

• Windows browser-open injection — replaced cmd.exe /c start with explorer.exe to prevent URL & characters from being parsed as shell command separators (CodeQL js/indirect-command-line-injection). (#431)
• logout removes .env key automatically — deepcitation auth logout now deletes the DEEPCITATION_API_KEY line from .env instead of printing a manual-edit instruction. (#431)
• Review regressions — restored report verdict shell, hardened citation block parsing and markdown rendering, tightened anchor promotion logic, and corrected prepare CLI output contract. (#433)

Full Changelog: v...v0.4.3

✅ Published to npm registry

Added

• deepcitation lint command — pre-flight citation-syntax validator (no network); --json output with errors/warnings arrays; 10+ rules covering duplicate IDs, format mismatches, and orphan markers. (#425)
• deepcitation publish command — re-uploads an already-verified HTML + verify-response.json pair; useful when auto-publish failed or to change visibility after the fact. (#425)
• deepcitation slice command — extracts a page range from a prepared JSON verification file. (#425)
• deepcitation text command — re-renders a prepared JSON file as plain text (no network). (#425)
• Claim card in reports — markdownToHtml gains an optional claim field (and --claim CLI flag) that renders a quoted eyebrow card between the title and the meta strip; supports inline markdown. (#426)
• MODEL chip in reports — markdownToHtml gains an optional model field rendered as a MODEL chip in the meta strip, ordered between ANALYZED and CITATIONS. (#426)
• ≈ approximate-match marker — citation highlights, keyhole strips, and drawer items display ≈ when claimText differs from sourceMatch; a "claimed as ..." annotation surfaces the variance inline. (#428)

Changed

• verify auto-publishes by default — successful runs upload to My Verifications as private; opt-out with --no-publish; pass --vis unlisted or --vis public to widen visibility. (#425)
• Per-attachment assets in verify output — verify-response.json now includes an attachments map (pageImages, originalDownload) alongside verifications when any attachment returned assets. (#430)
• CDN blink animation synced with React — CDN now imports BLINK_* constants from the same source as the React component, fixing a 180 ms vs 120 ms enter-duration discrepancy; implements the full three-stage enter animation with a cancelBlink() guard. (#427)
• Billing copy — quota-exceeded messages and the dashboard description now reflect subscription tiers (Standard 20/week at 20ドル/mo, Pro unlimited at 200ドル/mo). (#427)
• popover.displayedAs → popover.claimedAs — i18n key renamed and copy updated to "claimed as ..." across all locales (en, es, fr, vi). (#428)

Fixed

• CDN reposition race — scheduleReposition defers repositioning until isViewTransitioning() is false, preventing a mid-animation position snap. (#426)
• View-transition depth counter — _transitionDepth is decremented only after both the ghost and content-reveal animations complete, preventing a premature counter reset. (#426)
• Popover scroll passthrough — scroll-lock RAF logic replaced with overscroll-behavior: contain in EvidenceTray, simplifying the scroll-containment path. (#428)

Removed

• --audience CLI flag — audience presets removed; all reports use standard defaults (960 px width, tier-2 sections open). (#426)

Full Changelog: v...v0.4.2

✅ Published to npm registry

Performance

• ~45% main-entry bundle reduction — DeepCitationClient and all prompt helpers are no longer bundled into deepcitation (the main entry). Import from deepcitation/client and deepcitation/prompts directly; the main entry now covers only core parsing/verification. (#420)

Fixed

• getCitationKey field aliases — resolves old-CLI field names (anchorText, fullPhrase) so citations produced by older CLI versions are keyed correctly without manual migration. (#419)

Removed ⚠️ Breaking CLI changes

• deepcitation cite removed — use deepcitation verify --html <file> instead.
• deepcitation env (top-level) removed — use deepcitation auth env instead.
• deepcitation showcase removed (internal dev tool, no public API contract).

✅ Published to npm registry

Added

• reviewUrl() SDK method — new client method with ReviewUrlOptions and ReviewUrlResponse types; full typed error coverage including ValidationError for HTTP 200 + status:error bodies. (#415)
• Page-collapse reverse animation — startEvidencePageCollapseTransition animates spotlight → keyhole strip with a two-phase pre/post-flushSync capture and a fast-tap guard against dual-ghost/orphaned-scrim race conditions. (#413)
• Mouse drag support for drawer — desktop users can drag the drawer handle to close; mouse listeners register on document only during active drag with preventDefault blocking text selection. (#412)
• New React exports — getStatusFromVerification, getStatusLabel, DefaultPopoverContent (with PopoverContentProps/PopoverViewState types), and SnippetZone exported for custom popover wrappers and Remotion stills. (#412)
• denseAnnotatePage() — annotates un-tagged page text with dense sequential <line id="N"> tags for lineId-based anchor lookup; exported from cite.ts. Must not be applied to pages with existing sparse OCR tags.
• TimeoutError class — structured error with phase (one of proxy_connect | tls_handshake | response_headers | response_idle | request_overall), elapsedMs, proxyUrl, and target fields. Exported from src/cli/proxy.ts. (#411)
• Structured CLI error output — formatNetworkError recognizes TimeoutError and emits a human-readable block with phase explanation, redacted proxy URL, and "Do NOT" guidance, followed by a __DC_ERROR__ {...} JSON marker line so agent-driven callers can short-circuit their recovery loop (retryable: false, recoverable: false). (#411)
• CliAuthPage agent-relay polish — hides the "copy key / copy command" toggle in agent-relay mode (isManual && !cliWasListening), forcing the full command format so agents receive actionable context instead of a bare sk-dc-.... (#411)
• Per-step timing and metrics.json — example scripts record upload/llm/verify step durations and write a summary file (provider, model, date, source, timing, citation counts/pct) to the cache dir after each run. (#416)

Changed

• sourceContext/sourceMatch rename — fullPhrase → sourceContext and anchorText → sourceMatch across the full codebase, types, i18n strings, and docs. LLMs emitting old field names are handled via backward-compat alias resolution in normalizeCitationInput. (#412)
• Drawer UX — URL/snippet zones in expanded view, claim-vs-source variance annotation, page badges before status icons, always-render fiber-stability pattern for evidence slots (display:none toggle), active/inactive indicator dot styling. (#412)
• Page-expand ghost — pure translate animation (no scale); clip-path iris convergence (0.42→0.88 progress) trims keyhole padding; border-radius morph from keyhole corners to 0 px at landing; new EASE_GHOST_EXPAND easing. (#413)
• Per-phase transport timeouts — createProxyFetch enforces proxy_connect / tls_handshake / response_headers / response_idle / request_overall timers (5 s / 10 s / 60 s / 30 s / 90 s), each overridable via DC_PROXY_*_MS env vars. Prevents indefinite hangs when a proxy accepts but then stalls. (#411)
• FormData multipart rides the CONNECT tunnel — createProxyFetch serializes FormData inline via encodeMultipart over the hand-rolled TLS tunnel; sendViaUndiciProxy and convertFormData deleted as dead code, eliminating the undici runtime dependency from all proxy paths. (#411)
• tsconfig moduleResolution: bundler — migrates from deprecated node/node10 to bundler, silencing TS5101/TS5107 errors that become hard failures in TypeScript 6.0. (#416)

Fixed

• Popover scrolls with page — portals into the Radix ScrollArea viewport (or nearest scrollable ancestor); with position:absolute inside the scroll container the popover sits in document space and scrolls away naturally. (#417)
• Ghost scale-up for miss/not_found — page-expand ghost for citations without annotations now uses source keyhole dimensions (pure translate, scale=1.0) instead of full viewport rect, eliminating the aggressive "keyhole filling the screen" effect. (#417)
• prepareUrl silent error swallowing — HTTP 200 responses with status:error in the JSON body now throw ValidationError with the server-supplied message instead of silently passing a poisoned response to callers. (#415)
• Date-only timezone shift — YYYY-MM-DD strings are now parsed as local noon (T12:00:00) instead of UTC midnight, preventing off-by-one day display in UTC− timezones. (#415)
• review_extract.py false positives — list-item PLACEMENT, bold-text PLACEMENT, and smart-quote NOT_SUBSTRING false positives fixed; file-handle resource leak and greedy fallback regex also corrected. (#415)
• Parsing truncation after start delimiter — parseCitationData now returns success:true with empty citations when input ends immediately after <<<CITATION_DATA>>> (token-limit cutoff), as distinct from a genuinely empty block (start + end delimiter with nothing between).
• Cowork verify hang — createCoworkFetch no longer routes through undici.EnvHttpProxyAgent, which hung indefinitely on JSON POSTs through localhost:3128 in Claude Cowork. Now delegates to createProxyFetch (built on Node built-ins only) with deterministic per-phase timeouts. (#411)

✅ Published to npm registry

Added

• verifyIterative() SDK method — LLM-agnostic retry loop: verifies citations, invokes an onAttemptComplete callback so consumers can amend and re-verify up to maxAttempts. Includes LlmSearchAttempt, LlmAmendment types and computeAmendments() diff utility. (#404)
• Amendment timeline UI — AmendmentRow in the search narrative shows field-level diffs and false-positive rejections between LLM retry passes. Rendered as dashed-border markers in VerificationLog. i18n added for en/es/fr/vi. (#404)
• deepTextPagesByAttachmentId — replaces deepTextPages / deepTextPromptPortion with a per-attachment page array keyed by attachmentId, eliminating ambiguity in multi-attachment workflows. (#403)
• merge CLI command — merges citation JSON files from parallel-section workflows into a single output. (#403)
• Body-marker auto-cite — deepcitation verify --markdown auto-generates citations from cite:N markers in the body when no citations file is provided. Supports cite:N "anchor text" for explicit anchor control. (#403)
• AttachmentAssets type — pageImages, originalDownload, convertedDownload hoisted from per-citation objects to a top-level attachments map on VerifyCitationsResponse, eliminating per-citation duplication. normalizeVerifyResponse() handles backward-compat with legacy server responses. (#405)
• Interactive HTML reports in examples — fixture-to-html.ts converts offline fixtures to full interactive HTML reports; verify-html.ts Playwright tests validate citation span rendering and popover initialization. (#405)
• Update checker — CLI checks for new versions with a 24-hour throttle and prints a notice to stderr when an update is available. (#406)
• Unified auth command — new deepcitation auth triggers the browser login flow automatically; includes --text fallback for non-browser environments and IS_AI_AGENT detection for agent-aware auth messages. (#407)
• Favicon fallback chain — useFaviconSrc hook with StackedFavicon component; retries image loads on 404 during pending CDN renders. (#406)
• Download progress indicator — animated percentage counter with aria-live="polite" announcements at 25% buckets. i18n strings added for en/es/fr/vi. (#406)
• computeBracketTarget — tight bounding hull for anchor text highlights. (#406)

Changed

• Drawer UX — document icon for non-URL sources, status indicator converts to collapse caret on hover/focus, auto-scroll on expand and page-badge click, status border moved to expanded content area, CompactSingleCitationRow removed. (#404)
• StackedStatusIcons — drawer header verification indicators consolidated into a single row; gains activeIndex, size, gap, and onPage props. (#403)
• CDN popover — switches to position:fixed when expanded-page height exceeds 80% of viewport, preventing scroll-away. Resets lastCoords on mode switch to avoid stale coordinate comparisons. (#407)
• Keyhole image — simplified to natural-size rendering via AnchorTextFocusedImage; keyhole strips use alignX: "start" to show the anchor's left edge immediately. (#407, #404)
• anchor_text rules — hard 4-word maximum enforced; paraphrased anchor text is promoted to display_label automatically during hydration. (#407)
• CLI output co-location — URL source map enriches citations with verifiedUrl/verifiedDomain metadata for popover rendering. (#404)
• SKIP_DTS build toggle — set SKIP_DTS=true to skip declaration generation during iterative development. (#405)

Fixed

• U+2060 word joiner — inserted between anchor text and superscript/indicator in all CitationContentDisplay variants, preventing mid-citation line breaks. (#403)
• Body scroll lock in drawer — prevents double scrollbar when drawer is open. (#403)
• CDN popover coordinate reset — lastCoords cleared when switching between position:fixed and position:absolute modes. (#407)
• pages variable scope — was block-scoped inside an if branch and referenced outside, causing a compile error. (#407)
• Jump-to-top on expand — fixed scroll jump during side=top expand transitions. (#407)
• Stale-closure interval fix — download progress interval now always reads current state. (#406)
• safeTest() for untrusted inputs — replaces raw inline regex on downloadUrl and label values in commands.ts to prevent ReDoS. (#406, #403)
• Git Bash TTY detection — fixed false non-TTY detection in Git Bash on Windows. (#407)

Full Changelog: v...v0.3.11

✅ Published to npm registry

Added

• Rich report header meta strip — report HTML shell now renders a SOURCE · ANALYZED · AUDIENCE · CITATIONS · PAGES meta strip using BEM dc-meta classes, replacing the single .meta paragraph. (#402)
• Brand logo SVG in report footer — square caps, crispEdges rendering per branding guidelines. (#402)
• Cowork notice banner — informational banner injected into both plain and report HTML shells when running in Cowork mode. (#402)

Changed

• undici for Cowork proxy — Cowork fetch now uses undici EnvHttpProxyAgent instead of globalThis.fetch, resolving proxy CONNECT failures in corporate network environments. createClient is now async; undici is externalized in the tsup bundle. (#402)
• Report table style — no fill, heavier separators, blue hover row highlight. (#402)
• Report link color — #3B82F6 → #0284C7; background #FDFBF7 → #F8FAFC. (#402)

Fixed

• Proxy error propagation — sendViaUndiciProxy outer catch narrowed to import-only errors; real network errors (DNS, TLS, proxy-auth) now propagate instead of silently retrying with globalThis.fetch. Falls back to EnvHttpProxyAgent with a console warning when ProxyAgent construction fails. (#402)

✅ Published to npm registry

What's Changed

• feat(cli): cowork proxy fix + rich report header meta strip by @bensonwong in #402

Full Changelog: v0.3.8...v0.3.9

✅ Published to npm registry

Contributors

• @bensonwong

Added

• [anchor](cite:N) citation syntax — LLMs can now wrap the key phrase directly in markdown-link citation syntax, eliminating positional ambiguity of the legacy [N] suffix format. All parsing, rendering, and HTML conversion functions support both formats simultaneously. Old [N] format remains fully supported for backward compatibility.

Fixed

• verifiedFullPhrase preservation — strategy-result phrases are now kept intact so computeKeySpanHighlight draws the correct highlight span instead of falling back to a partial match.
• CLI auth copy — em dash removed from manual_done message; now uses a plain hyphen for terminal compatibility.
• CLI auth i18n — locale strings for the CLI authentication flow are now consistently applied across all copy variants.

✅ Published to npm registry

Added

• display_label field on CitationData — compact key d, alias displayLabel; overrides anchor_text as the clickable trigger text. CLI injects data-dc-display-label attribute into verified HTML output. (#398)
• Per-group drawer page badges — multi-source drawers now show page badge strips inline with each source group header instead of one merged strip in the drawer header. (#398)
• CLI all-not-found diagnostics — when all citations are not-found, prints actionable hints (common format issues, page_id format, stale attachmentId). (#398)
• customPopoverActions prop — new PopoverAction interface threaded from CitationComponent → DefaultPopoverContent → SourceContextHeader / PopoverFallbackView. Each action renders as an icon-only button with reveal-on-hover. label doubles as aria-label and React key. (#397)
• Phrase trimming — trimPhraseToAnchorWindow() in textCleanup.ts: trims fullPhrase to a ±150-char context window when significantly longer than anchorText. Applied in HighlightedPhrase, LookingForSection, and PopoverFallbackView. (#397)
• Jest test suites — ~1980 tests across four new CLI suites (cliUnit, cliCommands, cliAuthScenarios, cliIntegration). npm test now uses Jest with forceExit. (#397)
• resolveAuth() helper — single source of truth for API key resolution (env var → .env files → credentials.json) used by all CLI commands via requireAuth(). (#395)
• Cowork (cloud) support — credentials stored in project-relative .deepcitation/; non-TTY login provides Cowork-specific setup instructions; proxy CONNECT errors suggest NO_PROXY workaround. (#395)
• Auth key source reporting — status and whoami show where the key was loaded from; logout gives source-aware removal instructions. (#395)

Changed

• CLI output co-location — verified HTML outputs now default to the same directory as the input file instead of CWD. inject strips -annotated/-draft suffixes from the output filename. (#398)
• CLI refactor — cli.ts shrunk from ~1260 → 127 lines by extracting command logic to src/cli/commands.ts, proxy utilities to src/cli/proxy.ts, and pure helpers to src/cli/cliUtils.ts. (#397)
• Anchor text validation thresholds — loosened from hard limits (40 chars / 4 words) to soft readability suggestions (60 chars / 6 words). (#395)
• IS_COWORK centralised — extracted to auth.ts as single source of truth (was duplicated). (#395)

Fixed

• CDN popover positioning — position:static portal targets no longer cause offset miscalculation (e.g. centred body with margin:auto). Added viewport Y-axis clamping for tall expanded popovers. (#398)
• Punctuation-only anchor handling — wrapCitationMarkers emits an empty data-cite span instead of wrapping garbage text; validation warnings added for punctuation-only and sub-3-char anchors. (#398)
• Login process hang — process.stdin.destroy() called after browser OAuth completes so the process exits cleanly. (#397)
• Billing URL — corrected from /api#billing to /billing in CLI help text. (#397)
• Double printFreeTierWelcome() — no longer called twice on terminal-paste login. (#395)
• Unhandled rejection on login() — properly handled. (#395)

Removed

• USAGE_WARN_PCT / USAGE_CRITICAL_PCT exports — these constants were inadvertent public exports; canonical definitions remain in packages/shared. warnUsage callback and its onUsageUpdate wiring removed from createClient(). src/billing.ts deleted. (#396)

Full Changelog: v...v0.3.6

✅ Published to npm registry

What's Changed

• feat: --markdown verify mode, viewBoxOriginY CropBox fix, and get command by @bensonwong in #391
• ci: bump the github-actions group with 5 updates by @dependabot[bot] in #389
• fix: popover absolute positioning, anchor highlight guard, DC_LOGIN_URL validation by @bensonwong in #392
• feat: auto display labels, billing, login UX, and popover scroll fixes by @bensonwong in #394

Full Changelog: v0.3.4...v0.3.5

✅ Published to npm registry

Contributors

• @bensonwong
• @dependabot