v0.2.0

Added

• Redesigned exception page with conditional error display for debugging (#8)
• #[AutomaticallyOrdered] attribute for automatic model ordering (#6)
• Configurable retention period for API request logs (#4)
• Scheduled model:prune command for daily cleanup (#4)
• Encrypted cast for token_prefix on API tokens (#4)
• Polling support for API Request Log widgets (468826b)
• Missing #[SensitiveParameter] attributes and IP restriction validation with a custom exception (0e20e01)
• Documentation deployment workflow (#3)
• Test coverage expansion (#5)

Changed

• BREAKING: Logout route changed from GET to POST for CSRF protection (#8)
• BREAKING: SESSION_ENCRYPT now defaults to true (#8)
• BREAKING: LoginLink model renamed to UserLoginLink (#4)
• BREAKING: UserRepository removed in favor of UserBuilder class (#4)
• BREAKING: CreateUserByLookup renamed to FindOrUpdateUserFromDirectory (6ecad4e)
• BREAKING: Removed project:customize Artisan command (#5)
• API_DEMO_USER_TOKEN now empty by default in .env.example (#8)
• Renamed sort_index to order_index (#5)
• Removed defer() usage in AuthenticatesApiTokens middleware (#5)
• Organized action namespaces (Api, Directory, Impersonation, Local) (#5)
• Refactored NetID status logic into dedicated utility class (b0daffd)
• Enhanced audit methods moved to isolated traits (#4)
• Improved login link notification with signed URL explanation (0e20e01)
• Moved mockery/mockery to dev dependencies to support EventHub mocking (aa04ae3)

Fixed

• Exception handling before service providers boot (#7)
• Session fixation vulnerability in login link flow (127ad79)
• Open redirect vulnerability in impersonation controller (2270db2)
• IP address validation for restricted API tokens (0e20e01)
• Documentation site deployment trigger filtering (a558b79)
• Sentry feedback integration from captureUserFeedback() to captureFeedback() (#8)

Removed

• spatie/laravel-ignition package dependency (#7)
• Unneeded casts on ApiRequestLog model (#4)