## v0.5.3 — Phase 5 Batch 6: Footer + Contact Improvements — 2026-05-17 ### Completed - Footer cleanup: email (`info@queuenorth.com`), phone (`(906) 482-6616`), and CTA (`Request Consultation`) all present - Contact page hero: prominent phone/email display + CTA button - Home page CTA links added to Trust Signals, Services, Why Queue North sections - Minor updates to Support page ### Files Modified - `src/components/layout/Footer.jsx` — Footer cleanup - `src/pages/Home.jsx` — CTA links in sections - `src/pages/Contact.jsx` — Hero CTA - `src/pages/Support.jsx` — Minor updates - `package.json` — Version bumped to 0.5.3 ### Verified - `npm run build` passes - Docker image builds and container starts on port 3001 - Footer renders with email, phone, and CTA - Contact page hero displays phone/email and Request Consultation button --- ## v0.5.2 — Phase 5 Batch 5: Why Queue North Section Refinement — 2026-05-17 ### Completed - Replaced generic "Architecture/Deployment/Lifecycle" pillars with 4 concrete differentiators - Added lucide-react icons: Headphones, UserCheck, Activity, ShieldCheck - Changed grid from 3-col to 4-col responsive layout (1 col mobile, 2 col tablet, 4 col desktop) - Removed unused CardDescription import - Updated Why Queue North section subtitle to "Four concrete differentiators that set us apart" - Clean card layout with centered icon containers and consistent styling ### Files Modified - `src/pages/Home.jsx` — Why Queue North section complete redesign - `package.json` — Version bumped to 0.5.2 ### Verified - `npm run build` passes - Docker image builds and container starts - Home page loads on http://localhost:3001 - Responsive layout verified (1/2/4 columns as specified) --- ## v0.5.1 — Phase 5 Batch 1: Hamburger Menu Fix + DialogTitle A11y — 2026-05-13 ### Verified Complete - Fixed SheetContent missing positional CSS classes (panel was zero-size) - Installed and configured tailwindcss-animate - Added visually hidden SheetTitle for accessibility (Radix DialogTitle requirement) - Forgejo issues #22, #23 closed --- ## v0.5.4 — Phase 5 Batch 4: Services Rewrite — Business Outcomes — 2026-05-17 ### Completed - Section title changed: "Our Services" → "What We Handle" - Subtitle changed to outcome-focused: "From phones to firewalls, we keep your business running" - Added `homeDesc` field to all 7 services in `src/data/services.js` with business-outcome language - Service cards now show: icon + name + homeDesc (outcome) + shortDesc (supporting) + CTA - lucide-react icons per service: MessageCircle, Users, LifeBuoy, GraduationCap, LinkIcon, Wifi, Network - B2B professional card layout with icon containers (primary-navy/10 bg) - Service detail pages (ServiceDetail.jsx) unchanged ### Files Modified - `src/pages/Home.jsx` — Services section rewrite - `src/data/services.js` — Added homeDesc field to each service - `FUTURE.md` — Marked batch 0.5.4 complete --- ## v0.5.3 — Phase 5 Batch 3: Trust Signals Section — 2026-05-17 ### Completed - Added dedicated Trust Signals section immediately after hero section - 8x8 Certified Partner badge: prominent white card with logo, certification number, and descriptive text - Veteran Owned badge: VCERT verified with certification #, values-based messaging - "25+ Years Experience": metric card with 25+ using Georgia font (font-numeric class) - Metrics grid: 4 key stats displayed (99.99% uptime, <15m response, 24/7 support, 100% satisfaction) - Clean card layout: white cards on section-alt background with hover effects - Mobile-first: three-column grid on desktop, stacked on mobile - Business outcomes focus: reliability, experience, support承诺, not technical jargon ### Files Modified - `src/pages/Home.jsx` — Added Trust Signals section after hero - `FUTURE.md` — Marked batch 0.5.3 complete ### Notes for Next Agent - The trust signals are now front and center after the hero, before services - Georgia font (`font-numeric`) consistently used for all metrics - All metrics use realistic placeholder values that can be replaced with real stats when available - The white card design provides contrast against the section-alt background --- ## v0.5.2 — Phase 5 Batch 2: Hero Section Rewrite — 2026-05-17 ### Completed - Hero headline replaced: "Modern Communications Infrastructure Without the Vendor Noise" → "Reliable Business Communications — Without the Runaround" - Subtext updated to emphasize trust, reliability, and business outcomes - 8x8 Certified Partner badge made prominent (featured card with logo, not small pill) - Trust signals immediately visible on mobile without scrolling - CTAs updated: "Schedule Consultation" (primary, /contact), "View Services" (secondary, /services) - Color palette evolved: navy base with teal-900 gradient accent - Mobile-first design verified — trust signals visible above fold on phone viewports ### Files Modified - `src/pages/Home.jsx` — Hero section rewrite - `.learnings/scarlett/LEARNINGS.md` — Added hero rewrite entry - `FUTURE.md` — Marked batch 0.5.2 complete ### Notes for Next Agent - The 8x8 badge is now prominently featured — keep this prominence in future sections - Georgia font (`font-numeric`) used for "25+ Years Experience" — consistent with design rule - Consider similar trust signal presentation in the Trust Bar section --- ## v0.4.8 — Phase 4 Batch 8: Error Handling Hardening + Dep Audit — 2026-05-13 ### Verified Complete - Global error handlers: uncaughtException + unhandledRejection → log + exit(1) - 404 catch-all for `/api/*` routes returns `{ error: 'Not found' }` - Health check enhanced: DB connectivity check, returns `{ status: 'ok', db: 'ok' }` or 503 - Request timeout: 30-second middleware, 504 response - Consistent error format: 400/404/429/500/503/504 all follow `{ error, fields? }` pattern - `npm audit`: 0 vulnerabilities - `npm outdated`: major updates noted (Express 5, Vite 8, etc.) but not upgraded ## v0.4.7 — Phase 4 Batch 7: Rate Limiting + Security Headers + CORS — 2026-05-13 ### Verified Complete - express-rate-limit: 5 req/min per IP on /api/leads and /api/support, configurable via RATE_LIMIT_PER_MINUTE - helmet: CSP (scripts 'self', styles 'self' inline, fonts 'self' + Google Fonts), HSTS, X-Content-Type-Options, X-Frame-Options DENY - cors: configurable via CORS_ORIGIN env var, credentials enabled, API routes only - Trust proxy enabled for correct client IP behind Docker/reverse proxy - Rate limit returns 429 with JSON error + retryAfter - All security headers confirmed via curl - Docker config updated: all new env vars in Dockerfile and docker-compose.yml ## v0.4.6 — Phase 4 Batch 6: Zoho Forwarding Layer — 2026-05-13 ### Verified Complete - Zoho CRM forwarding via REST API v8 (POST /crm/v8/Leads) - OAuth2 token management: refresh token → access token, in-memory cache with auto-refresh - Fire-and-forget: Zoho forwarding is async, never blocks form response - Configurable via 6 env vars: ZOHO_ENABLED, ZOHO_API_DOMAIN, ZOHO_CLIENT_ID, ZOHO_CLIENT_SECRET, ZOHO_REFRESH_TOKEN, ZOHO_REDIRECT_URI - Best-effort design: Zoho failures logged but never propagate to client - ZOHO_ENABLED=false: no Zoho activity, form submits normally - ZOHO_ENABLED=true with invalid creds: form still succeeds, Zoho errors logged to console ## v0.4.5 — Phase 4 Batch 5: Server-Side Validation + Input Sanitization — 2026-05-13 ### Verified Complete - Zod schemas updated with `.trim()` and `.max()` on all fields - Input sanitization: strip HTML/script tags, truncate to max lengths - Request body size limit: 1MB (returns 413) - Validation errors formatted as `{ error, fields }` — no stack traces - All curl tests pass: valid data, empty fields, invalid email, XSS, max length, short issue - XSS test confirmed: `