Changelog

Last Updated: 2026-02-19

All notable changes to cloak.business are documented here. We release updates regularly to improve security, add features, and enhance performance.

February 2026#

v6.13.0 — Official SDKs (2026-02-17)#

New Features:

• JavaScript/TypeScript SDK — Official SDK with full TypeScript support, automatic retry logic, and client-side encryption
  • npm: npmjs.com/package/@cloak-business/sdk
  • Install: npm install @cloak-business/sdk
  • Client-side AES-256-GCM encryption via ClientCrypto module
  • Works in Node.js 18+ and modern browsers
• Python SDK — Official SDK with type hints (PEP 484) and async support
  • PyPI: pypi.org/project/cloak-business
  • Install: pip install cloak-business
  • Optional client-side encryption: pip install cloak-business[crypto]
  • Python 3.9+ compatible with full async support

SDK Features (both languages):

• Text analysis (analyze, batchAnalyze)
• Anonymization with all operators (replace, redact, hash, mask, encrypt)
• Deanonymization (decrypt encrypted PII)
• Image processing (analyze and redact)
• Account management (token balance, sessions)
• ClientCrypto for zero-knowledge client-side encryption
• Automatic retry with exponential backoff
• Rate limit handling with retry-after support
• Typed errors (AuthenticationError, RateLimitError, ValidationError)

Documentation:

• New SDK Reference with comprehensive usage examples
• SDK source code in SDK_packages/ folder
• Deployment guides for npm and PyPI publishing
• Updated API Reference with official SDK examples
• Updated Quick Start guide with SDK recommendation
• Added SDK client-side encryption examples to Zero-Knowledge Auth docs
• Added SDK integration section to Reversible Encryption docs
• SDK translations added to all 48 locales

Security:

• Desktop App: Replaced Math.random() with CSPRNG for retry jitter

Office Add-in v5.31.0 — Code Quality & Security (2026-02-19)#

Security (P0):

• Secure API token clearing — Overwrite token before nulling to prevent memory inspection
• Console log sanitization — Guard all sensitive logs with isDevelopment check
• Email sanitization — Show only domain in production logs (***@example.com)
• Message origin validation — Strict allowlist for postMessage origins in preview window

Reliability (P1):

• Race condition fix — Added AsyncMutex to prevent concurrent token refresh calls
• Timeout protection — Added 30-second timeout on ZK login sync operations with allSettledWithTimeout
• Centralized validation — Consolidated encryption key validation (16/24/32 chars for AES-128/192/256)
• Component refactoring — Split AnonymizerPanel into focused sub-components (QuickSettingsSection, OptionsSection, ResultSection)

Stability (P2):

• DeanonymizePanel race condition — Added cancellation flag for rapid key selection changes
• PreviewDialog bounds validation — Prevent crashes with invalid entity positions
• API type guards — Runtime validation for analyze API responses (isEntity, isAnalyzeResponse)
• Settings null safety — Improved array validation in loadSettings with type filtering

Code Quality (P3):

• Console guards — Added isDevelopment checks to all console statements in presidio.ts and AnalyzePanel
• Named constants — Extracted magic numbers (STORED_RESULTS_VALIDITY_MS)
• Cleanup utilities — Added cancel() and isPending() methods to debounceAsync for component unmount cleanup
• Removed unused variables — Cleaned up dead code in settingsStore

New Utilities:

• AsyncMutex class — Promise-based mutex lock for async operations
• withTimeout / allSettledWithTimeout — Wrap promises with timeout protection
• DebouncedAsyncFunction interface — Type-safe debounced functions with cancel capability

Office Add-in v5.32.0 — UI Reorganization (2026-02-19)#

Header Consolidation:

• Single-line header — App name, version, settings icon, token balance, and sign out in one compact row
• Settings moved to header — Gear icon in header opens Settings panel (removed from tab bar)
• Cleaner tab bar — Now shows only 3 tabs: Anonymize, Analyze, Restore

Account Integration:

• New Account section in Settings — Collapsible section with full account management
• User profile display — Avatar, name, email, and plan badge
• Token balance — Visual progress bar with balance/total display
• API token management — Copy and regenerate tokens inline
• Connection status — Test connection directly from settings
• Quick actions — "Manage Account" link and Sign Out button

Translations:

• Account settings translations added to all 48 locales

Build Automation:

• Automated version sync — sync-version.js script syncs package.json version to manifest.xml and constants
• Runs on prebuild — Version consistency guaranteed on every build
• Removed unused AccountPanel — Merged into SettingsPanel, deleted orphaned component

Office Add-in v5.33.0 — Encryption Key Fix (2026-02-19)#

Bug Fix:

• Auto-fetch encryption key — Selecting a saved key now automatically fetches the decrypted value from server
• Fixed "Encryption key is required" error when using saved keys
• Loading indicator — Shows spinner while fetching key from server
• Removed confusing "enter key value below" message

Office Add-in v5.34.0 — Encryption Key Persistence Fix (2026-02-19)#

Bug Fix:

• Auto-fetch key on panel load — When Anonymize panel loads with a previously-selected key, now automatically fetches the key value
• Fixes "key not recognized" error when key ID was persisted but key value wasn't (security: key values are never stored locally)
• Seamless session continuity — Previously-selected keys work immediately without re-selection

v6.12.0 — Database Management (2026-02-16)#

New Features:

• Database Management Dashboard — New admin tab for database backup, restore, and configuration
• Automated Backups — Create compressed PostgreSQL backups with one click
• Backup Retention — Configure automatic cleanup of old backups
• Download Backups — Download backup files directly from the dashboard
• Restore from Backup — Restore database from any previous backup

v6.11.x — Server Administration (2026-02-16)#

New Features:

• Server Dashboard — Comprehensive admin panel for server management
• Service Monitoring — Real-time health status for all 6 backend services
• Language Model Management — View, load, and unload NLP models
• Memory Monitoring — Track RAM usage with visual progress bars
• Fail2ban Integration — Ban/unban IPs and manage whitelists
• Alert Configuration — Set up email notifications for server events
• SMTP Configuration — Edit email settings directly from the dashboard

Improvements:

• Model unloading to free memory when not needed
• Package update checking for NLP models
• Enhanced tooltips across all admin controls

v6.10.x — Global Coverage & SEO (2026-02-14)#

New Features:

• 15 Additional IBAN Countries — Egypt, Libya, Sudan, Iraq, Mongolia, and 10 more
• 13 Universal Entity Types — IPv6, MAC addresses, UUIDs, crypto addresses now detected in all languages
• LLMs.txt — Machine-readable product information for AI discovery

Improvements:

• Universal entities (phone, email, credit card) now work across all 48 languages
• Turkish language support fixed (now uses Stanza NER)
• Ukrainian IBAN detection added
• Enhanced SEO with structured data (JSON-LD)

v6.9.x — Quality & Polish (2026-02-12–13)#

New Features:

• Batch Analysis API — Process up to 50 texts in a single request
• Dark Themed Sidebar — Consistent dark branding across the app

Improvements:

• Fixed 195 preset entity mappings (all presets now work correctly)
• Mobile touch targets meet WCAG 2.5.8 accessibility standards
• Preset selector improvements across all clients (web, desktop, extension)
• Cross-language context words for better detection

Security:

• External penetration test completed (61/100 score)
• 14 security findings remediated

v6.8.x — Request Limits & Performance (2026-02-11)#

New Features:

• Backend Request Limits — Configurable limits for entities, recognizers, and patterns
• /limits Endpoint — Discover current limits programmatically

Improvements:

• Analyzer memory optimization (reduced cached languages)
• Hash type validation (SHA-256 and SHA-512 only)
• MD5 removed from API for security

v6.7.0 — Entity Expansion (2026-02-10)#

New Entity Types (39 added):

• US identifiers: SSN, Passport, Driver License, Medicare, Green Card
• Healthcare codes: ICD-10, ICD-11, CPT, HCPCS, LOINC, SNOMED
• Financial: CUSIP, ISIN, LEI, SEDOL
• Crypto: Bitcoin, Ethereum addresses
• Location: GPS coordinates, vehicle tracking numbers

Total: 317 pattern recognizers

v6.6.0 — Technical Secrets (2026-02-10)#

New Entity Types (68 added):

• AI API keys: OpenAI, Anthropic, Google AI, Azure OpenAI, Mistral, Cohere
• Cloud credentials: AWS, Azure, GCP
• Git tokens: GitHub, GitLab, Bitbucket
• Database URIs: PostgreSQL, MySQL, MongoDB, Redis
• Infrastructure: Docker, Kubernetes, SSH keys

v6.5.0 — Image Anonymization v2 (2026-02-08)#

New Features:

• Desktop Image Mode — Process images in the desktop app
• OCR Language Hints — Better text extraction in non-English documents
• EXIF Handling — Automatic image orientation correction

Improvements:

• Bounding box accuracy improvements
• Adjacent text boxes merged for cleaner redaction
• 4px padding on redaction boxes

v6.4.x — Core Stability (2026-02-08–09)#

Improvements:

• ReDoS protection for all regex patterns
• Input size validation
• Plan-based file and text limits
• Token cost rebalancing for images

Earlier Releases#

v6.3.0 — Image Redactor v5.2.0 (2026-02-07)#

• 37 OCR languages supported
• Custom entity filtering for images
• Fill color options (black, white, red, green, blue, gray)

v6.2.0 — Phase 1-5 Entities (2026-02-06)#

• 186 new pattern recognizers added
• Coverage: DACH, Nordic, Balkans, CIS regions

v6.1.0 — Initial Entity Set (2026-02-03)#

• 171 pattern recognizers
• 48 language support
• NLP engines: spaCy, Stanza, XLM-RoBERTa

Platform Components#

Current Versions#

Staying Updated#

• Status Page: status.cloak.business
• Twitter/X: @cloakbusiness
• Release Notes: Subscribe to email updates in your dashboard

Feedback#

Have suggestions or found an issue?

• Email: support@cloak.business
• Feature Requests: Dashboard > Feedback

Document maintained by cloak.business