Skip to main content

Changelog

Release notes for the KLOAKD API and all SDKs.

v0.5.1

2026-06-06
Scraping EngineAnti-DetectionProxyStability
  • Fix: WebGL Illegal invocation errors — removed post-navigation prototype overrides that conflict with V8 native method binding
  • Fix: Proxy authentication — Chrome --proxy-server now correctly strips inline credentials; auth handled via Patchright context
  • Fix: Honeypot detector SyntaxError — escaped single quotes in JavaScript regex patterns using hex notation
  • Fix: False-positive challenge solve — Tier 2.5 now verifies page is actually unblocked after solver reports success
  • Fix: Tier 3 IndexError when using platform proxy fallback without tenant DB integrations
  • Fix: Property descriptor override removed from post-navigation eval (Playwright uses it internally for serialization)
  • Fix: Plugin spoofing wrapped in try/catch for post-navigation safety on headed Chrome
  • Fix: Honeypot querySelector Illegal invocation resolved via Function.bind(document)
  • Infrastructure: Proxy URL parsing for RealChromeManager and HeadedChromeManager with CDP auth support
  • Infrastructure: Test scripts added for integration connectivity and 3-site validation

v0.5.0

2026-05-27
AuthenticationFetchyrBillingFrontendDocs
  • New: Auth-chain discovery engine — autonomous multi-step login navigation for ADFS, Azure AD, Okta, and generic SSO flows
  • New: Credential caching across auth-chain steps — single prompt handles split-screen login flows without re-asking
  • New: Session cookie injection into the 4-tier fetch chain — authenticated content retrieval after auth-chain completes
  • New: Pre-flight auth detection — lightweight HTTP check before expensive extraction, with automatic auth-chain trigger
  • New: Post-hoc login safety net — detects login pages returned after extraction and triggers auth-chain as fallback
  • New: Live auth-chain progress — step count written to database in real-time, visible via status polling API
  • New: HTML Code/Preview toggle — view fetched HTML as syntax-highlighted source or rendered webpage in a sandboxed iframe
  • New: Stripe billing foundation (Phase 1) — tier enforcement, usage tracking, and subscription management
  • New: Pricing, platform comparison, and use-cases pages on docs.kloakd.dev
  • New: Playground email capture for waitlist signups
  • Fix: Session artifact tenant_id plumbing — cookies now load with correct tenant UUID instead of defaulting to 'default'
  • Fix: Post-hoc auth check no longer re-triggers auth-chain when session_artifact_id was explicitly provided
  • Fix: Frontend auth-chain poll timeout increased from 5 minutes to 10 minutes for complex SSO flows
  • Fix: SSE pipeline completion guard prevents EventSource reconnect after pipeline_complete event
  • Fix: Screenshot capture pipeline and protection report injection corrected
  • Fix: Cascading 401 logout and scrape level UX improvements
  • Fix: Webgrph returns valid SSE termination for expired/completed pipelines instead of 404
  • Fix: Playground test keys pass through tier enforcement on whitelisted paths
  • Fix: Stale analysis_router import removed — prevented production startup crash
  • Infrastructure: Poetry v2 lock file regeneration for dependency compatibility
  • Infrastructure: Rate limiter clean shutdown export for graceful process termination
  • Infrastructure: Tier naming normalization and G5 legacy cleanup

v0.4.0

2026-05-13
Discovery EnginePerformanceSecurityPlatform
  • New: 5-Layer API Discovery Engine — 18 detection strategies across static analysis, runtime interception, active probing, subdomain enumeration, and heuristic matching
  • New: Service Worker interception and Fetch.requestPaused capture for hidden API routes
  • New: SPA framework link extraction for Angular, React, and Vue single-page applications
  • New: WebSocket traffic capture and inline script config extraction for embedded API keys
  • New: Server-authoritative playground quota enforcement — no client-side bypass possible
  • Performance: Chrome DNS error elimination — CDP script accumulation across reuse cycles resolved
  • Performance: Page load timeout reduced from 60s to 20s — prevents budget exhaustion on slow sites
  • Performance: 222 KLOC dead code purge — 12 unwired core modules and legacy adapters removed
  • Performance: Lazy-load sentence_transformers to prevent TensorFlow M2 deadlock on startup
  • Security: Maintenance mode toggle via build-time environment variables with GitHub Actions control
  • Improved: Unified browser fetch — single Chrome pool with ProtectionExecutionReport on all tiers
  • Improved: Unified cookie service — Redis-backed, multi-tenant, encrypted-at-rest
  • Improved: 33 regression tests added for core system changes

v0.3.0

2026-05-10
EvadrIntegrationsDashboard
  • New: All fetch tiers now route through your configured proxy — every request benefits from residential IP rotation
  • New: 36 integration providers available — proxy, CAPTCHA, AI models, audio transcription, OCR, MFA, and OAuth/SSO
  • New: In-dashboard feedback widget — share your experience with one click, directly from any page
  • New: Email notifications for feedback submissions — your team is notified instantly when users report issues
  • Performance: Concurrent discovery requests no longer contend for browser resources
  • Performance: Intelligent rendering detection correctly escalates JavaScript-heavy pages to full browser execution
  • Security: Progressive account lockout protects against brute-force login attempts
  • Improved: Block detection now recognizes 20+ anti-bot patterns for more reliable data extraction

v0.2.1

2026-05-07
PlaygroundDocsAPI Reference
  • New: Interactive API playground at playground.kloakd.dev — discover, select, and extract data from any website
  • New: Rich results viewer with 7 specialized tabs — site structure, extracted data, detected APIs, and more
  • New: Custom API reference with full OpenAPI spec — browse all 8 public modules with Try It panels
  • New: Test key generation — get a free API key instantly to explore the platform with 10 requests per day
  • New: Prominent playground links across docs site — header, hero section, and sidebar for easy access
  • Improved: Try It panels now include auto-generated examples, URL previews, and field descriptions
  • Improved: API reference filters to public modules only — cleaner, focused developer experience

v0.2.0

2026-05-05
SecuritySkanyrAuthentication
  • New: Skanyr detected_apis endpoint — retrieve results from all 12 API detectors after a discovery run
  • New: Skanyr api_data endpoint with pagination — access extracted API data records programmatically
  • New: Free tier for playground demo keys — 10 requests per day, no credit card required
  • New: Batch scraping UI — submit and manage multiple scraping jobs from one interface
  • Security: Organization-level isolation enforced — requests cannot access resources across tenant boundaries
  • Security: All discovery data endpoints require full authentication via JWT or API key
  • Security: Secure session handling with HttpOnly cookies and multi-tab support
  • Improved: HTTPS enabled across all environments with proper cookie security
  • Docs: Updated authentication, rate limits, error reference, and status codes pages

v0.1.2

2026-04-28
EvadrWebgrphDiscovery Engine
  • New: 5-tier intelligent fetch system — automatically selects the optimal extraction strategy per page
  • New: Adaptive detection-to-evasion routing — pages are analyzed for complexity, then routed to the right browser tier
  • New: Webgrph module achieves full feature parity — site mapping, hierarchy analysis, and link graph extraction
  • New: 18 Discovery Engine routers mounted — complete API surface for programmatic site analysis
  • New: 325 endpoints migrated to modular kernel architecture — Skanyr, Fetchyr, Kolektr, Nexus, Evadr, Webgrph
  • New: Glass pipeline UI — real-time visual progress for discovery and extraction jobs
  • Security: Comprehensive cross-tenant isolation audit — defense-in-depth across all data access paths
  • Improved: Discovery results now use live category data instead of static defaults

v0.1.1

2026-04-14
PlatformSDKsDeveloper Experience
  • New: Self-service registration with instant authentication — sign up and start making API calls immediately
  • New: Real-time SSE streaming replays completed results — no missed events, even for fast-finishing jobs
  • New: Organization and workspace context in every API response — seamless multi-tenant workflows
  • New: 5-stage gateway pipeline — authentication, tenant resolution, access control, entitlements, and rate limiting
  • Improved: Frontend SDK achieves 94% type safety coverage — fewer runtime errors, better IDE autocompletion
  • Improved: OpenAPI spec generated directly from code — always in sync, no manual updates required
  • Improved: Production hardening — secure defaults, environment-aware configuration, branded error responses
  • Docs: WCAG 2.1 AA accessibility audit passed — keyboard navigation, screen reader support, mobile responsive

v0.1.0

2026-04-09
PythonTypeScriptGoJava
  • Initial release of all 4 SDKs: Python, TypeScript, Go, and Java
  • 7 module namespaces in every SDK: Evadr, Webgrph, Skanyr, Nexus, Parlyr, Fetchyr, and Kolektr
  • 302 tests passing across all SDKs with high coverage
  • Real-time SSE streaming support in all 4 SDKs
  • Exponential backoff retry with rate-limit-aware Retry-After handling
  • Consistent error hierarchy: AuthenticationError, NotEntitledError, RateLimitError, UpstreamError, and ApiError
  • Artifact chaining — pipe outputs from one module directly into the next