← Back to Leakd

Changelog

Real-time updates, security logs, and product changes.
v1.2.3 23 May 2026 Free For Everyone · Strategic Pivot
  • Pricing: Leakd is now free for everyone, forever. Every feature — Cloud Sync, P2P, Email Reminders, Year-End Report, Business Expense Report, Category Budgets — is unlocked for every user on every platform. No paywalls, no ads.
  • Support: Revenue now comes from voluntary supporter tiers via Google Play Billing: one-time tips (☕ $1.99, 🍕 $4.99, 🍝 $9.99 — all consumables, repeatable) and recurring Supporter subscriptions (⭐ $5/mo, ⭐⭐ $40/yr). Supporters get a visible badge in their profile; nothing about the app changes.
  • Founding Supporter: Anyone who held a Pro subscription before today, or who supports during the first 90 days after launch, gets a permanent 🏆 Founding Supporter badge. Existing subscribers continue uninterrupted — same SKU IDs (pro_monthly, pro_yearly), just renamed Monthly/Yearly Supporter.
  • UX: The Pro modal got rebuilt as "Support development". New section structure (Recurring / One-time), all tier prices visible at a glance, founding-supporter callout, "Support again" CTA on the thank-you state. Every PRO badge across the app is removed.
  • PWA / iOS / desktop: Web browser users now have ALL features for free (previously the Pro modal in browsers had no purchase path — features were Pro-locked but unbuyable). For tipping, web users will see a Ko-fi link in a future build; until then, the Android app is the supporter entry point.
  • i18n: Over 670 new translated entries across all 28 languages for the new Support flow (modal title, blurb, section titles, tier names, thank-you state, Founding Supporter messaging).
  • Caching: Service Worker bumped to v115 and app.js?v=2026-05-23.120 so existing PWA installs pull the rebranded modal on next launch.
v1.2.2 23 May 2026 Direct P2P Sync & Money-Saved Graveyard
  • Sync (Option B): Brand-new zero-cloud direct device-to-device sync over WebRTC. Pair phone↔laptop with a single QR scan — no Google account, no cloud blob, no server stores your data. AES-GCM 256 session key generated fresh per pairing and embedded only in the QR. The PeerJS broker sees opaque SDP/ICE only; the broker socket is closed the moment the secure channel opens. Pro on the Android TWA build, free in the Chrome extension.
  • UX: Sync modal restructured with a tab selector — Option A · Google Drive vs Option B · Direct P2P. The menu entry renamed from "Cloud sync" to plain "Sync" with subtitle "Cloud backup or direct device pairing", reflecting that not every sync mode is cloud-based.
  • Reconciliation: Smart id-based merge for subscriptions — newer updatedAt wins on collisions, and any sub already in the local Money-Saved graveyard is blocked from being resurrected by a stale remote snapshot. Cancelled/budgets/goals/settings merge by recency of the snapshot timestamp.
  • Graveyard: The cancelled-subs modal got a full overhaul into a "Money Saved" graveyard — animated lifetime savings counter that ticks up over time, tombstone cards (R · I · P · service-name) showing per-sub cumulative savings, plus a Share my wins action via the Web Share API.
  • Landing: Interactive Money Leak Calculator added to the landing page — pick from 14 common services or add your own, instantly see the monthly / yearly / 5-year damage and the "if invested at 7% instead" alternative.
  • Extension: Chrome extension v1.0.3 — vendor libs (PeerJS, qrcode-generator, jsQR ~130 KB) bundled locally because MV3 CSP forbids remote-script injection. Same P2P experience as the PWA, completely free.
  • Localization: 29 new P2P strings + 7 graveyard strings + 6 calculator labels added across all 28 supported languages — over 1 100 new translated entries shipped in this release.
  • Caching: Service Worker bumped to v114, network-first strategy added for HTML and critical JS so future code changes reach the TWA WebView without a forced cache reset.
v1.2.1 20 May 2026 GDPR & Extension Parity
  • Privacy: Disabling Cloud Sync now offers a one-click permanent deletion of the encrypted backup blob from your Google Drive in the same step — closes the GDPR Art. 17 ("right to be forgotten") gap directly in the app via the Drive files.delete API.
  • Localization: Three new sync strings (delete-remote confirmation, success toast, failure toast) added across all 28 supported languages, plus the existing "disable sync" prompt reworded to remove the stale "your Drive data is kept" wording.
  • Extension: Brought the Chrome extension build (leakd-extension/) to feature parity — same deleteRemoteFile() in sync.js, same disable-flow in app.js, all 28 locale bundles updated. Manifest bumped to 1.0.1.
  • Fix: Removed a stray ensureToken() reference in deleteRemoteFile() that would have thrown at runtime (token acquisition is handled by the existing driveFetch() wrapper). Patched in both the PWA and the extension.
  • Compliance: DPIA for Cloud Sync updated — residual risk K7 (consent withdrawal / right to erasure) lowered from 4 → 2 now that the deletion is wired in. Privacy Policy §17.2 rewritten to describe the in-app one-step flow.
  • Caching: Service Worker bumped to v105 so existing PWA installs pull the new sync.js on next launch.
v1.2.0 19 May 2026 Security & Core
  • Security: Fully closed Year-End Report and PDF generation behind the PRO paywall registry checks, ensuring a robust, secure subscription experience.
  • Privacy: Reorganized the static website documents (Terms of Service, Privacy Policy, and Main Landing Page) to be clean, English-only for legal compliance, while fully preserving localization inside the core PWA client.
  • Localization: Seamlessly updated default pricing placeholders from $39 to $40 (and save factor to 33%) across all 28 supported world languages in the i18n translation registry.
  • Caching: Standardized Service Worker versioning (sw.js v97) for instantaneous client-side PWA cache updates upon deployment.
v1.1.5 18 May 2026 Sync & Performance
  • Sync: Introduced end-to-end encrypted Multi-Device Cloud Sync using your own Google Drive storage (appDataFolder). Backups are secured client-side via AES-GCM 256-bit keys derived using PBKDF2-SHA256 from your master password.
  • Performance: Optimized offline-first load states using enhanced Service Worker asset precaching.
v1.1.0 17 May 2026 Budgets & Goals
  • Budgets: Implemented Monthly Category Budgets (Entertainment, Productivity, Hosting, cloud storage) to set visual limits and track actual spending.
  • Goals: Designed the Piggy Bank savings goal tracker, allowing users to define savings targets and automatically estimate months needed based on underused subscription cancellations.
v1.0.0 16 May 2026 Official Launch
  • Core: Launched Leakd core subscription tracking engine with fully offline-first local storage model.
  • Alerts: Integrated in-app browser renewal notification systems.
  • Utility: Added simple CSV/JSON local backup export and import registries.