Changelog
v0.1.0 -- March 2026
First stable release. APIFold is ready for production use on the managed cloud platform and self-hosted deployments.
Transformer Package (Sprint 1)
- OpenAPI 3.0.x and 3.1.x parsing with full
$refresolution - Swagger 2.0 support via automatic conversion
- Automatic tool name generation from
operationIdor path slugs - JSON Schema extraction for tool input parameters
- Flexible filtering by methods, paths (glob patterns), and tags
- Security hardening against prototype pollution, ReDoS, and stack overflow
- Published as
@apifold/transformerunder MIT license
Database Layer and Credential Vault (Sprint 2)
- PostgreSQL schema with Drizzle ORM (specs, servers, tools, credentials, logs)
- AES-256-GCM credential encryption with PBKDF2 key derivation
- Vault secret rotation tooling (
scripts/rotate-vault-secret.ts) - Repository pattern for all data access
MCP Runtime Service (Sprint 3)
- Express-based MCP runtime with SSE transport
- JSON-RPC 2.0 message handling for tool execution
- Upstream API proxying with credential injection
- Circuit breaker pattern for upstream resilience
- Connection pooling and session management
- Redis pub/sub for real-time config updates across instances
- Tiered loading: in-memory registry, Redis cache, PostgreSQL fallback
Web API with Auth (Sprint 4)
- RESTful API for specs, servers, tools, credentials, and logs
- Clerk authentication with OAuth support (Google, GitHub)
- SSRF protection on outbound spec fetches
- Rate limiting with Redis-backed sliding window
- Zod schema validation on all endpoints
- Consistent API response envelope
Dashboard UI and Docs Site (Sprint 5)
- Full dashboard with server management, spec import, and tool testing
- Interactive console for testing tools with schema-driven forms
- Request log viewer with filtering and pagination
- Dark mode support
- Command palette for keyboard-driven navigation
- Responsive design with mobile sidebar
- Fumadocs documentation site at
/docs
Landing Page and Billing (Sprint 6)
- Marketing landing page with feature overview and pricing
- Four-tier pricing: Free, Starter, Pro, Enterprise
- Stripe Checkout integration for subscription management
- Usage metering with Redis atomic counters
- Overage billing with configurable spending caps
- Stripe Billing Portal for self-service management
- Webhook handling for subscription lifecycle events
Docker, Self-Host, and Code Export (Sprint 7)
- Production Docker Compose stack (Nginx, Next.js, Express, PostgreSQL, Redis)
- Development Docker Compose with hot-reload support
- Multi-stage Dockerfiles for optimized image sizes
- Nginx reverse proxy with SSL/TLS support
- Cluster mode for horizontal scaling
- Streamable HTTP transport support
- Code export: download configured MCP servers as standalone TypeScript files
- Self-hosting guide with configuration reference
E2E Tests, Docs, and Launch Prep (Sprint 8)
- End-to-end test suite for critical user flows
- Documentation finalization and accuracy review
- API reference with all billing and usage endpoints
- Architecture Decision Records (ADRs) for all major technical choices
- Security policy with responsible disclosure process
- Changelog and release notes