← Back to all sparks
E

Ever Gauzy

HR
Velocity6.3

Open-source ERP, CRM and people management platform

Ever Gauzy ships many builds a day, hardening security and folding in a Plane PM integration

erptime trackingsecuritymulti-tenancyplane integrationhigh cadence
Current state
Ever Gauzy, an open-source ERP/HR and time-tracking suite, is releasing at an extreme cadence — several versions (109.x through 111.x) on a single day. The substantive threads are a breaking JWT change that now embeds organizationId, a string of security fixes (JWT-secret injection, GitHub App state nonce, CORP hardening), and ongoing integration of Plane (project management) with SSO and email. Much of the rest is CI/Electron build plumbing.
Where it's heading
Two directions stand out: a move toward stronger multi-organization architecture (org-scoped JWTs) and security hardening across deploys, and an expansion of scope by absorbing Plane as a PM module. Together they point at Gauzy consolidating into a broader, multi-tenant business suite.
Prediction
Expect the rapid release train to continue, with further Plane integration depth and security follow-ups. Clients should prepare for the new org-scoped token structure as it propagates through the 111.x line.

Recent moves

  1. 20h ago

    Plane proxy 0.1.3 with SSO/email; Electron CI fixes

    Consumes Plane proxy 0.1.3 with shared/custom UI, SSO, an email fix, and pm.* env wiring, plus CI fixes that unblock production Electron builds. Advances the Plane-as-PM-module integration that's a recurring theme this cycle.

    View source ↗
  2. 22h ago

    Release plumbing: staging branch merges

    A rollup release composed almost entirely of staging-branch merges. Release plumbing with no distinct user-facing change of its own.

    View source ↗
  3. 1d ago

    v111.0.0

    ⚡ SPARK

    A breaking major release: JWT tokens now include organizationId, a removed organization-selector permission check is restored, and a SQLite migration constraint is fixed. The token change is an architectural step toward cleaner multi-organization support.

    View source ↗
  4. 1d ago

    Plane integration: proxy 0.1.3 with SSO and email

    A feature release wiring in Plane proxy 0.1.3 with shared/custom UI, SSO, and email fixes. Another increment in the steady Plane integration buildout.

    View source ↗
  5. 1d ago

    Fix: unblock production Electron builds

    A bug-fix release pinning snapcraft 7.x and Python 3.11 to unblock production Electron builds. Pure CI/build maintenance.

    View source ↗
  6. 1d ago

    Security: JWT secret injection and GitHub App nonce

    Security-focused release: inject the JWT verification secret across prod/stage deploys, require a server-minted state nonce for GitHub App installs, and relax CORP to same-site for asset embedding. Concrete hardening tied to specific advisories.

    View source ↗