Template improvements
Each template update records a version row (name, subject, body, tags, timestamp). In the Templates screen you can open **Latest Versions** to see recent snapshots—useful for audit trails and copying content back into the editor. Automated diff and one-click restore are not in the UI yet; the data model is there so we can add them without a breaking migration.
Variable preview now catches missing substitutions before you send. If your template references {{first_name}} but your variable payload does not include it, the preview panel lists **Missing:** variables instead of silently sending a broken email.
Send reliability
Failed sends now store an encrypted retry payload. From the History view, you can retry any failed send without re-entering the content. The retry uses the same encrypted payload, decrypted server-side at send time — no plaintext content is persisted.
- Retry eligibility is checked before attempting resend
- Each retry creates a new log record rather than mutating the original
- Failure reasons are surfaced with actionable error codes
Compliance hardening
MIME header values now strip CRLF sequences before encoding. Attachment filenames are quote-sanitized. Content-Type tokens are validated against the allowed MIME type list.
Security response headers were tightened: HSTS is now enforced in production, and the CSP no longer allows unsafe-eval outside of development.