Changelog

All notable changes to the Statisticians Workbench. Format based on Keep a Changelog, versioning follows Semantic Versioning.

0.0.11

2026-07-11 β€” 145 commits

Added

  • Virtual Datasets β€” Chatbot-driven dataset creation with auto-introspection of source schemas. Federated joins across DuckDB, PostgreSQL, and MySQL. Full lifecycle: SAVE / CREATE / DELETE via chat. convert_type support in create_virtual_table().
  • isShared Sharing System β€” isShared flag on all shareable resources: datasets, DB connections, AI connections, recipes, preparation rules, notebooks. datasetGroup stores owning group; correct query scoping. Frontend toggle UI with group badge and attribution. Admin group dropdown on User details and DB connection edit pages. Removed group-00 sharing restriction.
  • Recipe Execution Pipeline β€” Recipe execution wired to Python backend (replaced Prisma-only stub). LLM-controlled stage progression through all 10 stages. Data preparation stage executor with _apply_operation_in_memory. Cancelled execution kill support. Virtual dataset support. Preparation rules preview endpoint. Column schema fetch endpoint.
  • Database Design Tool β€” Schema analysis for PostgreSQL & MySQL. RAG integration: full-text search via pg_trgm + AI-powered answer generation with citations. Semi-structured data analysis: code system detection (SIC, HS), keyword extraction, category classification. AI-powered normalisation suggestions. PDF export with translated labels. Email PDF functionality. Graceful 503 on ECONNREFUSED. Zero-tables warning with GRANT instructions.
  • Statistics & Visualisation β€” Statistics router: descriptive stats and correlation matrix (pearson/spearman/kendall) with shared-memory caching. Visualisation stage in recipe execution: bar, pie, line, scatter via Plotly. Download chart as PNG.
  • Jupyter Notebook Import β€” Multi-engine storage: DuckDB, PostgreSQL, MySQL. Notebook share toggle with PATCH proxy. Persistent error/success messages.
  • Platform Configuration β€” platformMaxUploadSizeMB global upload cap with frontend file-size warnings and oversized-file blocking. set_platform_upload_max.py install script. 'Clear Default' buttons on DB and AI connection settings.
  • Example User (Read-Only) Mode β€” Read-only access across admin, settings, visualisation, recipes. isExampleUser guards on all mutation endpoints. Auto-logout on auth pages. Banner hidden on auth pages.
  • Mobile Responsive β€” Phases 1–3 β€” Hamburger drawer navigation, responsive sidebars, touch-friendly targets, keyboard padding.
  • Internationalization β€” Japanese (ja) added: 965 frontend + 195 backend keys (now 9 languages: de, en, es, fr, ja, nl, ru, th, zh). Translation strategy upgrade: TranslationKey objects, useTranslate() hook. Memoized t() with useCallback. Chat language context: AI responds in user's language.
  • UI/UX Polish β€” sentuny.com link on login page. 'Existing' sidebar on define dataset page. 'View Schema' button with SchemaViewDialog modal. Dynamic filter operators based on column type. Red "*" on all mandatory fields. About page 'Get Started' opens in new tab.
  • Backend Infrastructure β€” DuckDB Quack protocol: full dataset storage (replaced 10-row snapshot). quack-proxy as git submodule with structured logger. Shared memory manager with UltraDict + TTL expiration. Backend logging with timestamps. Cascade user delete + orphan cleanup. Powerlifting sample data (386K lifters, 8.5K meets). MySQL extract_mysql_schema() and connection test.
  • Workflow & AGENTS.md Rules β€” Bug Fix Workflow, HARD STOP gates, report-don't-extend, no silent simplification, proposal/implementation separation, pre-commit verification (pnpm build required), production commands ('status', 'deploy simple frontend fix', 'deploy simple backend fix'), stored commands ('list commands', 'new session', 'generate context transfer').

Changed

  • Navigation β€” "Datasets" β†’ "My Data", "Upload Dataset" β†’ "Upload Data", "Define Dataset" β†’ "Connect Database", "Prepare" β†’ "Transform", "Chat" β†’ expandable "AI Chat" section (General, Database design, Dataset cleaning, Analysis rules), "About" moved to last position, /tools page deleted.
  • Architecture β€” Backend modular routers: recipes (13 files), datasets (crud/upload/define/schema/describe/preparation), chat (connection/crud/messages/title/language/manager/providers). Recipe architecture: datasetId at recipe level. Dataset storage: sourceType, storageType, sourceConnectionId, DuckDB fields. API proxies for chat + dataset endpoints. model column β†’ defaultModel in UserAIConnection.
  • Translation system β€” extract-translations.py uses parentheses matching. 657 valid keys. Detailed import reporting. 27 extra keys translated across 8 languages.
  • UI refinements β€” Edit button prominent (outline + pencil icon). Save/Cancel in edit mode. Dataset list shows type and origin. Shared resources with "*" prefix and attribution.

Fixed

  • Sharing β€” isShared ambiguous column in recipe JOINs. datasetGroup set correctly on creation. Shared connections viewable by all. Share toggle URL + state refresh. Models route group check for admins. Admin groups dropdown updates on selection.
  • Recipe Execution β€” Shared dataset support. Correct owner name. All stages use same dataset ID. Defined dataset execution. pd.to_datetime warning handled.
  • Default Connections β€” Chat respects default AI. datasets/define uses useDB. datasets/upload, ai/dataclean, ai/recipe respect defaults. Shared connections settable as default. String/int type mismatch. connectionId fallback lookup.
  • Datasets β€” 401 on /api/datasets (proxies). Schema from DuckDB + external DBs. Full DuckDB storage (was 10 rows). Description generation. Missing table error handling.
  • UI β€” Persistent messages at top of recipe page. Cancel resets form. Shared toggle disabled outside edit mode. Admin groups field name. Language change immediate. Login toast language.
  • Backend β€” NaN/JSON sanitization (_sanitize_for_json). MySQL schema scoping. DuckDB Quack: ATTACH, DDL detection, table_exists. connection_id=None for notebooks. statsmodels 0.14.6. psycopg2-binary in requirements. PDF bytearray handling. DB design router registration. Graceful 503. Password decryption. pg_description joins. MS SQL Server removed from dropdown. Powerlifting '+' stripping.
  • Build β€” Multiple pnpm build fixes. TypeScript errors. Missing imports. tw-animate-css. next-env.d.ts in .gitignore. ESM cron compatibility.
  • Example User β€” isExampleUser guards on PATCH/password/profile. Auto-logout on auth pages. Banner hidden on auth pages. Translation memoization prevents render loops. 'More' button enabled for read-only detail.
  • Chat β€” Shared connection support. connection_id type mismatch. Frontend connection_id=0 bug. History persistence with useEffect. Execution auth header. Missing typing imports.

Security

  • Admin users excluded from automated cleanup.
  • Cascade user delete across owned tables prevents orphans.
  • isExampleUser guards on all mutation endpoints.
  • API proxies preserve Authorization header.
  • JWT token authentication on all backend API routes.
  • Upload limits enforced server-side (count + size).

Known Issues

  • Recipe wizard back button on Step 1 (low priority).
  • Title generation endpoint (/chat/{id}/generate-title) returns 400.
  • Dataset detail page may show "Rows: 0" for some datasets.
  • Login toast shows in page language, not user's saved language (cosmetic).
  • UltraDict on Windows not installed (in-memory fallback works).

Migration Notes

# Frontend
cd frontend && pnpm install && npx prisma migrate deploy && npx prisma generate && pnpm build

# Backend
cd backend && source venv/bin/activate && pip install -r requirements.txt && deactivate

# quack-proxy submodule
git submodule update --init

Schema changes: Recipe + RecipeExecution + DataPreparationRule + RecipePreparationRule tables. isShared flag on UserDataset, UserDatabaseConnection, UserAIConnection, Recipe, DataPreparationRule, Notebook. Group fields. DuckDB fields on UserDataset. model β†’ defaultModel. Foreign keys + indexes.

9 languages imported with full key sets. Japanese newly added.

0.0.10 and earlier (click to expand)

0.0.10

2026-06-28

Added

  • User Groups β€” 100 pre-defined records (00–99). userGroup field on User (default "00"). Admin group descriptions page. Group 00 locked from editing.
  • Resource Sharing β€” Group fields on AI Connections, DB Connections, Datasets, Recipes. "*" prefix in dropdowns. "Shared" badge. View-only for non-owners. Owner name displayed.
  • Shared Memory β€” UltraDict-based SharedMemoryManager. TTL expiration. Background cleanup. Singleton pattern. Health check endpoint.
  • Statistics Router β€” Descriptive stats + correlation matrix with caching.
  • Recipe Framework β€” CRUD, execution pipeline, stage-based processing (data_selection, statistics, visualisation, data_preparation). Single dataset per recipe.
  • Recipe UI β€” List page, wizard creation (4 steps), detail/edit/execute/clone/delete, live-polling execution results.
  • Column Schema Fetch β€” Column names, types, sample values, statistics. Frontend type badges.
  • Visualisation Stage β€” Bar, pie, line, scatter via Plotly. PNG download.
  • DuckDB Quack Protocol β€” Full dataset storage (replaced 10-row snapshot). QuackClient, DuckDBManager, quack-proxy systemd service.
  • API Proxies β€” Next.js route proxies for chat + dataset endpoints.
  • Backend Multilingual β€” t() function with JWT + Accept-Language detection. 72 backend keys across 8 languages.
  • Data Preparation Rules β€” CRUD, multiple rules per recipe (junction table), preview endpoint. 8 operation types.
  • Chat Language Context β€” System message sets AI response language per chat.
  • Schema Simplification β€” Foreign keys, indexes, storageType enum, removed Prisma navigation helpers.
  • Dynamic Filter Operators β€” Numeric, boolean, datetime, categorical, text.
  • quack-proxy Enhancements β€” Forked, structured logger, relative paths, git submodule.

Fixed

  • Shared dataset execution in recipes. Recipe detail owner name. TypeScript errors. 401 on dataset API. Quack protocol bugs. Chat shared connections. Preparation rule column dropdowns. Build fixes. 27 missing translation keys.

0.0.9

2026-06-20

Added

  • Password policy enforcement (low/medium/high/custom) with zxcvbn strength meter.
  • Dataset upload (CSV/Excel) with AI-generated descriptions via DSPy.
  • DSPy integration β€” dynamic LM from user's encrypted AI connection.
  • Per-user upload limits (size + count), admin-configurable.
  • Admin user details page with limit/preference editing.
  • Backend restructuring into src/routers/ and src/utils/.

Fixed

  • Dataset upload 404 errors. tabulate dependency. SQLite schema introspection. Controller service logging. Admin group assignment saving.

0.0.8

2026-06-18

Added

  • DuckDB backend β€” DuckDBManager, QuackClient, quack-proxy daemon.
  • Chat with AI β€” modular backend (Anthropic, DeepSeek, Ollama, OpenAI-compatible).
  • DSPy LM utility for on-the-fly encrypted API key usage.
  • Shared in-memory cache via multiprocessing.Manager.

Fixed

  • Chat error message extraction. Streaming cutoff. Upload size limits.

0.0.7

2026-06-18

Added

  • Global AI provider registry β€” admin can define provider metadata.
  • Provider model management β€” enable/disable/delete individual models.
  • Auto-sync models on connection save.

Changed

  • Ollama split into Local (no key) and Remote (key required).
  • AI connection form: API key shown/hidden by provider flag. Provider read-only on edit.
  • Removed UserAIConnectionModel table β€” global ProviderModel only.
  • Model syncing automatic on save. "Fetch Models" button removed.

Fixed

  • Ollama API key handling. Disabled providers in dropdown. TypeScript build. ESM cron.

0.0.6

2026-06-17

Fixed

  • Anthropic test connection (/messages endpoint). Model fetching (anthropic-version header). Model fetch error display. Chat dropdown width. Backend model selection (hardcoded default removed).

0.0.5

2026-06-15

Added

  • FastAPI backend with JWT authentication (shared NEXTAUTH_SECRET).
  • JWT token endpoint (/api/auth/token).
  • Systemd services for production (workbench + workbench-backend).
  • Automated Python dependency management.
  • Admin "Verify" button for unverified users.

Changed

  • Project restructured into frontend/ and backend/ subdirectories.
  • shadcn pinned to 4.9.0. CORS from ALLOWED_ORIGINS env var.

Fixed

  • Layout break after move. TypeScript errors. next-env.d.ts merge conflicts. tw-animate-css. Missing PyJWT.

0.0.4

2025-06-14

Added

  • Multiple DB connections per user (PostgreSQL/MySQL) with default selection.
  • Multiple AI connections per user (all major providers) with default selection.
  • Password visibility toggles. BCC on registration emails. Unified connection forms.
  • Enhanced translation extraction with --verbose flag.

Changed

  • DB and AI Settings β†’ list views. Prisma schema: new connection tables, legacy fields dropped. New CRUD API routes. DB and AI context providers.

Fixed

  • Translation extraction (variable keys). Zod v4 compatibility. Password change button stuck. Build errors. BCC toggle display. Navigation sidebar labels.

0.0.3

2025-06-07

Added

  • Multilingual email templates. Password reset flow. Password change in profile. Email verification on registration. Global email settings. Admin panel enhancements. Recipes and Tools placeholder pages. Language selector. 8 full translations.

Fixed

  • Admin verification status. Password reset tokens. Email link generation. WebSocket warnings. Registration language selection.

0.0.2

2025-06-06

Added

  • Email verification with configurable timeout. Password reset/change. Public URL and email sender settings. Recipes and Tools placeholders. Spanish, Chinese, Russian translations. Admin self-delete prevention.

0.0.1

2025-06-04

Added

  • Initial version β€” NextAuth.js authentication, admin panel, database connection manager (PostgreSQL/MySQL), dark mode, demo mode, translation system, SQLite support, multilingual UI (English, Thai, French, German).