Changelog

New /admin/accounting view shows live MRR, ARR, per-tier revenue breakdown, and a filterable user table with billing status, MRR contribution, and CSV export for bookkeeping.

Fixed a billing edge case where trials that ended with no card on file would silently keep paid features for up to 7 days. Now we listen for customer.subscription.paused and customer.subscription.resumed and update entitlements immediately.

7-day money-back guarantee, governing law (Indiana), AAA arbitration with class waiver + 30-day opt-out, $100/12-month liability cap, indemnification, DMCA designated agent, 72-hour data-breach notification commitment, and explicit account-termination policy.

Default-deny analytics for EU/UK/CA visitors via Google Consent Mode v2. New "Your Privacy Choices" footer link. Privacy Policy rewritten to disclose every backend table and sub-processor with retention windows.

When you reopen a saved calculation, if 2026 tariff rates have changed since you saved, you now see an amber banner showing both your saved total AND the recomputed total side-by-side.

Conversion analytics now track signup, calc_complete, calc_save, hs_classify_select, country_alternative_view, buy_via_affiliate_click, concierge_query, stripe_checkout_complete, shopify_install_complete, and more — so we can finally see where the funnel breaks.

Supabase service-role client + OpenAI client are now module-level singletons (saves 30-80ms per request). USITC retry stack tightened (3×8s → 2×5s) so upstream outages don't pin Vercel concurrency. Drip cron N+1 replaced with single batched profiles SELECT.

Delete Account now hard-deletes email_drip_state and hs_code_feedback rows AND anonymizes the aliexpress_click_log session_id field. GDPR data export expanded to include 7 additional user-data tables.

New /status page probes USITC, OpenAI, AliExpress, Stripe, and Supabase in parallel with 5-second timeouts. Reviewers and curious users get a live read on dependency health instead of guessing.

Saved calculations originally started from a paste-link now restore the Buy on AliExpress affiliate CTA when reopened. Closes the export → re-import revenue gap.

After every calculation, LC Pilot suggests up to 3 alternative origin countries with lower 2026 landed cost — automatically excluding any country with active AD/CVD orders for that HS code. Includes the transshipment-fraud warning per CBP rules.

Calculator now applies Amazon FBA, Walmart WFS, Etsy, TikTok Shop, and Shopify fees on top of the duty math, so the viability score reflects true net margin. AD/CVD detection covers ~120 HS-code prefixes with active orders.

DMARC at p=quarantine, DKIM/SPF aligned, Resend SMTP wired through Supabase Auth so signup confirmations finally land in the inbox (not spam). Mail-tester score 9.9/10.

LC Pilot is officially in review for the Shopify App Store. Embedded admin uses App Bridge v4 + Token Exchange, billing via Shopify Managed Pricing, GDPR webhook chain in place.

New users now receive a 5-email educational drip over 14 days covering Section 122, AD/CVD, country comparison, and the Marcus story — all suppressible at any point via the unsubscribe link.

Stripe and Shopify webhooks now use proper dedup tables; Shopify session jtis are tracked per-request to prevent replay; Stripe checkout sessions for unmapped price IDs go to a quarantine table instead of being silently dropped.