Changelog

All notable changes to Prime Bot are documented here. The latest release is at the top.

2026-04-24

Added

• Telegram spam-report detection — when Telegram flags an account with PEER_FLOOD / spamreported, we now auto-update the account's spam_status to suspected (1st error) or reported (3+ errors/hour). The listener catches these errors at send time and broadcasts SpamStatusChanged over Reverb so the UI flips live.
• Dashboard spam warnings — giant red/amber card at the top of /user/dashboard when any Telegram account is flagged. Inline "SPAM BANNED" / "FLOOD WARNING" badges on the Bot Status card. Updates live without page refresh.
• "What to do?" suggestions modal — step-by-step guide: pause the campaign, message @SpamBot to appeal, wait 24-72 hours, lower rate limits, vary message content with placeholders, spread load across multiple Telegram accounts.
• One-click "Pause all campaigns using this account" — when a banner appears, a single button pauses every running campaign on the flagged account.
• Clear-flag action — user/admin can manually reset spam_status back to clean after resolving with @SpamBot.
• Global Leads page at /user/leads with cross-campaign filters (search, campaign, status, tag, starred, replied-or-not, step range, date range) and bulk operations (delete, tag, star, status-change, CSV/JSON export, move-to-another-campaign). Deleting a lead is non-permanent — if the sender DMs again, a fresh contact row is created at step 0.
• Clear Log button on /admin/monitor/logs — truncates the selected log file to zero bytes while keeping the inode so running daemons continue writing.

Fixed

• config/sentry.php before_send Closure broke php artisan config:cache on production deploys. Moved PII scrubbing into App\Support\SentryScrubber::handle (static callable) so the config is serializable.
• Content Security Policy in local/dev now allows Vite's http(s)://*.test:* + localhost:* origins plus script-src-elem / style-src-elem directives so HMR works. Production stays strict.
• LeadController::destroy redirected to route('leads.index') which doesn't exist — route group has a user. prefix so the correct name is user.leads.index.

2026-04-23

Added

• Real-time Dashboard "Bot Status" card with live counters delivered via Laravel Reverb.
• Admin failed message logs with per-message retry flow.
• Content moderation rules surface for admins, including regex and keyword triggers.
• Live connection indicator in the user header that reflects the Reverb websocket state.
• Public changelog at /changelog, with a "What's new" badge in the app header that remembers the last release the user has seen.

Fixed

• Reverb host lookup now reads from config() instead of env() so cached configs resolve correctly in production.
• Reverb websocket connection on HTTPS pages now negotiates correctly behind the nginx proxy.
• Assorted stability fixes across the bot listener and queue workers.

2026-04-22

Added

• Initial public launch of the Prime Bot platform.
• Multi-account Telegram connection via QR or phone login (MadelineProto under the hood).
• Auto-reply campaigns with keyword, always-on, and tag-based triggers.
• Drip sequences with per-step delays, variants, and A/B testing.
• Message templates, scheduled messages, tags, custom fields, and blocked senders.
• Contact import/export, CSV parsing, and deduplication.
• User dashboard with analytics: conversations, reply rate, conversion funnels.
• Admin panel: users, plans, feature flags, audit logs, announcements, API keys, integrations.
• Billing with plan tiers and metered message limits.
• Public marketing site (home, features, pricing, about, FAQ, contact).
• Webhooks, API tokens, and 2FA.
• Email verification, password resets, and locale switching (i18n).
• Legal pages (privacy, terms) and cookie banner.
• Health, metrics, and simple uptime probes.