Changelog

Updates, improvements, and fixes.

May 26, 2026Web

Per-bucket storage quotas and a type-update tool for AI assistants

NewStorage quotas are now split into three independent buckets — versions, attachments, and content — so one category's usage never consumes another's headroom.
NewSettings → Statistics shows a labeled progress bar for each storage bucket, making it easy to see which category is approaching its limit.
NewThe plan-status and attachments APIs now return a per-bucket storage breakdown alongside the overall total.
NewConnected AI assistants can now update an existing type — its name, guidance, summary, expiry and staleness durations, and default project — with conflict detection when edits collide.
ImprovedAttachment uploads and content saves are now gated by their respective bucket limits, returning a clearer error than the previous combined-total check.

May 25, 2026Web

Downloadable two-factor recovery codes

NewA download button on the two-factor recovery codes panel saves a dated text file — available at initial setup and after regenerating codes, and works even when clipboard access is blocked.

May 23, 2026Web

Sign-in redirect handoff and signup attribution

FixedExternal apps that route unauthenticated users through sign-in (such as MCP clients starting an OAuth handshake) now return you to the original destination after authentication instead of dropping you on the home page.
FixedVisiting the sign-in page with a destination while already signed in now forwards you to that destination instead of always redirecting to the library.
NewUTM parameters, referrer, and landing page are captured at first touch and stored with new accounts, enabling traffic-source attribution across sign-up funnels.

May 22, 2026Web

MCP OAuth compatibility, instant revocation, and admin console behind a proxy

FixedMCP clients that connect using a non-standard server URL — including ChatGPT's MCP connector — can now authenticate; previously they hit an error during token exchange and could not connect.
FixedRevoking a Connected App now takes effect within milliseconds instead of up to 60 seconds, immediately blocking further requests from that client.
ImprovedOAuth authorization failures now return actionable messages (e.g. "Access token was revoked. Reconnect Symbol in your MCP client to re-authorize.") instead of a generic tool-execution error.
FixedAdmin login no longer returns a forbidden error on deployments behind a reverse proxy, and admin login, MFA, logout, and session elevation now redirect to the correct public URL instead of the server's internal address.
NewA setup script provisions a read-only database role for the admin console, printing credentials only to an interactive terminal so they cannot be captured in logs or CI.

May 21, 2026Web

Pro feature gates and more reliable AI-client OAuth

NewPro-plan enforcement on Projects, Organizations, end-to-end encryption, and revision history — Free users now get a clear upgrade prompt to the pricing page (and a "Pro" badge on the Projects page and workspace switcher) instead of a confusing error.
ImprovedThe pricing page now reflects the runtime gates: revision history is listed as Pro, and end-to-end encryption is correctly shown as Pro-only.
FixedOAuth connections from AI clients (Claude.ai, Cursor, etc.) now complete successfully; a misconfigured resource-server identity in OAuth discovery was causing valid token exchanges to be rejected with an audience-mismatch error.
FixedFailed token exchanges (expired codes, invalid grants, audience mismatches) now return a proper HTTP 400 with the upstream error code instead of an opaque 500.
FixedCookie consent preferences now update without triggering redundant cascading re-renders.

May 20, 2026Web

Homepage and pricing redesign, plus capsule form fixes

ImprovedThe marketing homepage has been redesigned in a warm cream and electric-blue palette with real user photography and a new section flow (Hero → How it works → Types → Why Symbol → Early users → Pricing), and the pricing page was restyled end-to-end to match.
NewA "Why Symbol" section on the homepage and smooth in-page anchor navigation with URL hash updates across all sections.
FixedIn-page navigation links now scroll correctly on repeated clicks and land flush below the fixed header, and mobile menu keyboard navigation and focus handling were improved.
FixedEditing a Type whose default project was a legacy personal project no longer returns a "not found" error that blocked all saves on that Type.
FixedThe capsule creation form now pre-fills the project picker with the Type's default project, and explicitly choosing "No project" now creates the capsule without one.
FixedBlanking a capsule title and saving now shows the specific validation message instead of a generic "Failed to save."

May 19, 2026Web

Consent-gated analytics and edit fixes

NewA cookie consent banner on first visit — no analytics run until you explicitly accept — plus a "Manage cookies" link in the footer to review or change consent anytime.
FixedA capsule's summary no longer resets to empty when you save an edit that also changes the title or body.
FixedCreating a Type no longer accidentally submits the form on the first click of Next, and empty-state text now meets WCAG 2.2 AA contrast.

May 18, 2026Web

Mobile-first dialogs, default projects, and reference hover cards

ImprovedDialogs now expand to full-screen on mobile with action buttons anchored to the bottom, and dialog widths are standardized into small, medium, and large sizes across the app.
NewTypes can now have a default project; new capsules created under that type land in it automatically when no project is specified, and MCP create_type accepts a default project.
NewCross-reference hover cards now show the referenced capsule's summary, and keyboard users can trigger the tooltip by focusing the link.
FixedSwitching workspaces from a capsule detail page now takes effect on the first click instead of silently reverting.
ImprovedDeleting a project now warns when types reference it as their default and how many defaults will be cleared.

May 16, 2026Web

Connected Apps management and OAuth security hardening

NewA "Connected Apps" section in Settings lists each authorized OAuth client separately with its own revoke action, kept distinct from personal API keys.
NewOAuth (PKCE) authentication for the desktop MCP integration as an opt-in alternative to API keys, with a dedicated login command and automatic token refresh on mobile.
NewTokens issued to MCP clients are now bound to the requesting service, refresh-token replay is detected (reuse invalidates the whole token family), and the MCP tool list filters to only the tools your token's scopes can reach.
NewAn MCP_READ_ONLY operator flag locks the MCP server to read-only, hiding write tools and rejecting write calls regardless of token scopes.
FixedAn empty permission scope now correctly denies all actions instead of granting full access, and refreshing a token can no longer silently expand its granted permissions.
FixedAuthorizing multiple OAuth clients on one account now creates a separate connection per client, so revoking one no longer breaks the others.

May 15, 2026Web

Bulk move to project, sign-in history, and archive feedback

NewA bulk "Move to Project" action in the selection bar reassigns multiple selected capsules at once.
NewLast successful sign-in is now recorded across all authentication flows (web password, Google, MFA, and mobile), and each authorized integration tracks its own request count, last-used time, and client label.
NewA confirmation toast after restoring or deleting a single capsule from the archive, and batch failures now name the specific reason (e.g. "Permission denied") rather than only a count.
FixedSelected capsules now highlight immediately after "Select All" instead of requiring a tab switch.
ImprovedAfter a partial batch move, only the successfully moved capsules are deselected so the failed ones stay selected and ready to retry.
ImprovedUpdate responses now always include an evicted_version_nums array, and restoring a historical version enforces the version cap by evicting the oldest entry when full.

May 14, 2026Web

Account deletion grace period and reference fixes

NewA scheduled account-deletion flow now emails a 7-day grace-window notice before permanent removal, with a link to contact support if the request was a mistake.
NewA per-Type option to suppress the orphan-capsules warning banner, set at Type creation or dismissed permanently from the banner itself.
FixedReferences and backlinks now refresh immediately after a capsule edit or version restore, without a hard refresh.
FixedRestoring a version within 60 seconds of a prior edit no longer skips creating the new version entry.
FixedAPI key last-used date and request count now advance correctly when authenticating via MCP.

May 13, 2026Web

Workspace-scoped links, collaboration conflict resolver, and version-history fixes

NewType detail URLs now encode workspace identity directly (/w/[workspace]/types/[name]) so a shared or bookmarked link always opens the correct workspace's Type, with a disambiguation page when a legacy link matches more than one workspace.
NewAn interactive conflict resolver for capsule and type edits: when a collaborator has saved since you opened the editor, keep your draft, accept theirs, or compare side-by-side — and type updates now detect stale-write conflicts instead of silently overwriting.
NewA collapsible "Rate limits" panel and an advanced usage view on the Statistics tab (shareable via ?view=advanced), with Settings tabs now URL-driven so refreshing or sharing a link restores the active tab.
FixedOpening a capsule, type, or project URL from a different workspace now updates the active workspace in the header and scopes content fetches to it.
FixedUploading attachments while drafting a capsule in an organization workspace no longer returns "not found" for members and owners.
FixedVersion history no longer creates a duplicate entry after the first edit, the "Current" badge marks the latest saved version directly, and each version's @-mention references now match that version's content.
FixedA storage-quota false positive that skipped saves when actual usage was a tiny fraction of the plan limit.

May 12, 2026Web

Version history for capsules and types

NewVersion history for capsules and types — open History on any detail page to browse past saves, restore or delete individual versions (each behind a confirmation), and deep-link a specific version via URL.
NewCapsules and types now receive an initial version snapshot at creation, so full history is available from the first save, and version responses carry a change_type field (created, updated, restored) plus strong caching headers.
ImprovedVersion history per capsule is now capped — the oldest version is automatically retired when the limit is reached — and no-op saves (unchanged content, metadata-only, or rapid successive edits) no longer create new versions or count against write limits.
FixedVersion history now records consistently under concurrent edits and recovers gracefully when a bookmarked version no longer exists, falling back to the current version instead of showing a permanent error.
Improved"Type" is now consistently capitalized across filters, labels, tooltips, and error messages, and the Type version-history button moved into the header action row.

May 11, 2026Web

Search by ID, admin email audit log, and accessibility improvements

NewYou can now paste a capsule ID directly into the search bar to jump straight to that capsule.
NewAdmins can now view a full email send log — including which emails were sent, suppressed, or failed — directly from the admin panel, with filters by address, domain, and outcome.
ImprovedPassword fields across sign-in, password reset, and security settings now include a visibility toggle with full keyboard and screen-reader support.
ImprovedEmails to internal and test addresses are now automatically filtered before delivery, reducing noise and preventing unintended messages during testing.
ImprovedConnection errors are now reported more consistently, making network problems easier to identify.

May 10, 2026Web

AI assistant integration, attachments, and reliability fixes

ImprovedThe Symbol integration for AI assistants connects more consistently across all environments and configurations.
ImprovedWhen you reference a capsule using @type/ref notation in an AI assistant, the integration now reliably fetches the capsule content before responding — rather than guessing from memory.
ImprovedReferencing multiple capsules or types in a single message now triggers a single efficient batch lookup instead of multiple round trips.
ImprovedProfile pictures load more reliably — Gravatar is now cached so your avatar appears consistently even when third-party services are slow.
ImprovedLinks inside capsule content now open in a new tab, keeping your current context intact.
FixedImages and file attachments in older capsules now load correctly instead of showing broken links.
FixedDeleting an attachment from a capsule now reliably removes its inline preview from the capsule body.
FixedUsage and rate-limit information on the Statistics page now loads reliably and reflects your actual plan accurately.

May 10, 2026Web

Platform maintenance and reliability improvements

ImprovedStreamlined background automation to keep the platform running reliably.
ImprovedChangelog updates now publish faster after a release — redundant checks are skipped for entries that only touch the changelog, so new entries appear sooner.
ImprovedThe API reference page now automatically matches your dark or light theme preference.
ImprovedSave buttons are disabled when nothing has changed, so accidental no-op saves no longer clutter your edit history.
ImprovedReverting a field back to its original value re-disables the Save button automatically.

April 2, 2026Web

Launch: archive, freshness, edit protection, billing, and more

NewArchive lifecycle: capsules can now be archived and restored without permanent deletion.
NewFreshness and staleness settings on types. Mark capsules as stale after a configurable period so your knowledge base stays current.
NewEdit protection: drafts are saved automatically while you edit, and conflicts are detected if someone else edits the same capsule.
NewBilling settings with Stripe subscription management. Upgrade, downgrade, or manage your plan from the settings page.
NewTeam end-to-end encryption (E2EE) using X25519 key pairs. Encrypted capsules are now shareable across team members.
NewPublic security page documenting Symbol's encryption model and data handling.
NewBlog with articles on how Symbol compares to other knowledge tools.
ImprovedProfile avatars now fall back to Gravatar if no provider image is available.
ImprovedSearch now falls back to partial keyword matches so you find results even with incomplete queries.
ImprovedMCP server updated for Anthropic connector compliance, with tool annotations and improved type name resolution.
ImprovedOpenGraph and social preview metadata added to all public pages.
ImprovedSign-in streamlined to Google and email/password. GitHub OAuth removed.
NewHelp hub with articles and guides, accessible from any page.
NewCloudflare Turnstile CAPTCHA on sign-up, forgot-password, and the contact form to prevent spam.
ImprovedSupport form redesigned with request types: general help, feedback, and team pricing inquiry.
FixedSettings page spacing on mobile fixed.
FixedMobile search button now correctly navigates to the search page.

March 31, 2026Mobile

Freshness tracking, Google sign-up, and recovery key warnings

NewFreshness and staleness indicators now visible in the mobile app.
NewGoogle sign-up added to the create account screen with official branded button.
NewPersistent banner warning when your E2EE recovery key has not been saved.
ImprovedTeams and projects layout redesigned with a mobile-first card layout.
ImprovedShare sheet simplified and now correctly loads existing share tokens on reopen.
FixedPull-to-refresh spinner and avatar loading fixed.
FixedGitHub OAuth removed from mobile login.