What we shipped in Q2
and what's queued for Q3.

Q2 was the quarter where the foundations get poured. Less visible than Q1, more durable. Here's what we shipped, what we deprecated, and what's queued for Q3.

What shipped

1. Signed webhook payloads. HMAC-SHA256 with per-tenant rotation. Replay protection via timestamp + nonce.
2. Status page v1. First-party, backed by our own probes, updated every 30 seconds. No external dependency.
3. Workflow rules. If/then routing without a drag-and-drop builder. Plain text DSL, copyable, version-controlled by you.
4. Audit log retention. Per-tier retention policies. 30 days on Pro, 365 on Scale, indefinite on Enterprise.
5. Multi-region failover. Tested in production. RTO under 90 seconds. RPO under 30 seconds.
6. Per-tenant rate-limit overrides. Bumpable from the dashboard, with sane defaults and audit logging.

What we deprecated

The v1 webhook payload format is deprecated as of June 1st. We'll keep delivering it for six months. The v2 format includes the signature header and the nonce. Migration takes about ten minutes of reading and one config change.

We're also retiring the 'legacy export' format that predated our current XLSX pipeline. Three customers were still using it. We migrated them by hand.

The postmortem

On May 14th we had a 23-minute partial outage in the EU region. Cause was a botched deploy that didn't roll back cleanly. Full postmortem is on the status page. The short version: our canary system wasn't comparing the right metric, and the bad deploy passed health checks despite being broken in a way that mattered.

Q3 is mostly automations and integrations. Slack threading, Linear and Notion outbound webhooks, a Zapier app for the long tail. The first of those ships in mid-July.