Describe your repair, upload photos for AI diagnosis, receive competitive bids from verified contractors, and pay only when the job is done right — with escrow protection.

How much does Fixt cost for homeowners?

Fixt is free for homeowners. You pay only for the repair work at the bid price you accept. A small 5% platform fee is included in the bid price.

How do fixers get paid?

Fixers receive payment via Stripe Connect once the homeowner verifies job completion. A 5% platform fee is deducted. Fixers pay a $29/month subscription with a 14-day free trial.

Is my payment protected?

Yes. All payments are held in escrow until you confirm the work is complete. If there is a dispute, our AI-assisted resolution team reviews the case and can issue refunds.

Current deployed app version is 0.3.23 (from package.json). For operational status see Help.

Changelog

0.3.23 — 2026-04-27

Added

Per-route SEO — src/lib/seo/marketing-meta.ts, src/lib/seo/marketing-routes.ts, and route layout.tsx files for major use client marketing pages (canonical, Open Graph, Twitter, robots index/follow).
services/[slug]/layout.tsx and guides/[id]/layout.tsx — dynamic titles/descriptions for category and guide pages.
Playwright — tests/e2e/public-interactions-and-seo.spec.ts (meta + navbar mobile/desktop checks).

Changed

src/app/sitemap.ts — base URL defaults to fixt.live; added /, /home, /landing, /compare, /changelog, /guides, /coming-soon, /preview-access, and related marketing URLs for discovery.
src/app/layout.tsx — Open Graph url uses NEXT_PUBLIC_APP_URL (was hardcoded fixt.com).
src/app/blog/[slug]/page.tsx — generateMetadata includes canonical URL and robots: { index, follow }.
data/public-marketing-paths.json — added /, /landing, /guides, /agent, /fixers/leaderboard for E2E coverage.
Privacy / Terms / Business — metadata now includes canonical + social fields via marketingMetadata.

0.3.22 — 2026-04-27

Fixed

scripts/prod-live-qa.mjs — removed insecure default preview password; PREVIEW_PASSWORD is required (match Vercel) before npm run qa:prod-live can unlock Coming Soon on production.

Changed

Docs — docs/GO_LIVE_TRACKER.md now includes a finish-line runbook (ordered steps) and explains “no new product code” vs dashboard work; docs/FLOW_TREE.md and docs/GO_LIVE_STATUS.md corrected for preview password / preview-access wording.

0.3.21 — 2026-04-27

Changed

CI: merged auto Vercel Production deploy on push to main (.github/workflows/trigger-vercel-production.yml).
data/public-marketing-paths.json — removed allow404Provisional now that /preview-access returns 200 on production; Playwright / k6 / qa:prod-beta require 200 for that route again.
Docs: docs/GO_LIVE_TRACKER.md (go-live checklist), docs/GO_LIVE_STATUS.md (preview-access note), docs/CLOUD_CI.md (workflow table).

0.3.20 — 2026-04-27

Changed

/preview-access is included in crawlExtra, loadTestExtra, and httpSmokeGetExtra in data/public-marketing-paths.json.
allow404Provisional — for listed paths, Playwright, k6, and qa:prod-beta treat 200 or 404 as pass (5xx still fails) so checks stay green if Production has not deployed the route yet. Remove /preview-access from that array after Production serves the page.

0.3.19 — 2026-04-27

Changed

data/public-marketing-paths.json — added /privacy, /terms to marketing (E2E link checks, k6, and qa:prod-beta GET smoke). Crawl/k6 seeds stay /coming-soon only so production smoke does not fail on /preview-access until that route is deployed everywhere.
docs/GO_LIVE_ACTION_PLAN.md — PREVIEW_PASSWORD documented as required (no default); matches middleware fail-closed behavior.

0.3.18 — 2026-04-26

Added

data/public-marketing-paths.json — single source of truth for public marketing URLs. Used by Playwright E2E (public-marketing-pages.ts), k6 (scripts/k6/smoke-public.js via PUBLIC_MARKETING_PATHS_FILE from run-k6.mjs), and qa:prod-beta / prod-extended-smoke.mjs (marketing + httpSmokeGetExtra for coming-soon, login, signup).

0.3.17 — 2026-04-26

Added

tests/e2e/public-marketing-pages.ts — single list of public marketing paths shared by public-nav.spec and public-clicks.spec (includes /gallery in nav load + crawl).

Security

PostCSS 8.5.10 — direct dev dependency and overrides so the tree matches the patched version (clears the moderate postcss npm audit advisory that nested under next).

0.3.16 — 2026-04-25

Added

/preview-access page — unlock Coming Soon via the same POST /api/preview-access flow as /coming-soon (fixes “404 on /preview-access” when users bookmark that path).

0.3.15 — 2026-04-25

Added

go-live-full root check — exits with a clear error if not run from the project root (avoids npm in wrong folder / System32).
scripts/run-go-live.cmd and scripts/run-go-live.ps1 — double-click or run from scripts\ to cd to repo root and run npm run go:live:full.
scripts/rebuild-install-go-live.mjs + npm run rebuild:install-go-live — regenerates install-go-live.cjs when go-live-full.mjs changes.

0.3.14 — 2026-04-25

Added

scripts/install-go-live.cjs + npm run install:go-live — writes go-live-full.mjs from embedded base64 (no raw.githubusercontent.com; works when the repo is private and irm returns 404). Run after git pull or copy this file from the repo in the browser.
scripts/windows-sync-go-live.ps1 — optional: downloads from public raw GitHub (fails for private repos).

0.3.13 — 2026-04-25

Added

npm run go:live:full — one script: npm ci → db:ping → db:apply-remote → db:verify → vercel:deploy:production (if VERCEL_TOKEN) → qa:prod-smoke (+ local Playwright when installed). Wrappers: scripts/go-live-full.sh, scripts/go-live-full.ps1. See docs/GO_LIVE_ACTION_PLAN.md.
db:verify — also checks auth_telemetry, stripe_event_log, client_telemetry after migration 013.

0.3.12 — 2026-04-24

Added

Admin observability — migration 013_admin_telemetry.sql adds auth_telemetry, stripe_event_log, and client_telemetry (RLS on, no policies; service role only). POST /api/telemetry/auth and POST /api/telemetry/client record client-safe events. Stripe webhook upserts into stripe_event_log. OAuth callback records exchange success/failure.
GET /api/admin/observability/summary — admin-only aggregates (24h counts + recent rows) for auth, Stripe, client beacons, and agent_operations.
Admin dashboard — "Live observability" panel wiring the summary API.
Optional custom admin URL — set NEXT_PUBLIC_ADMIN_PATH to a path segment (e.g. fxt-ops-abc12); next.config rewrites /<segment>/* → /admin/*, sidebar and login use adminHref(), /admin redirects to the custom path when set. robots.txt disallows both when custom.

0.3.11 — 2026-04-24

Fixed

Remote DB migrations — if public.users already exists (schema from an earlier db push / manual setup) but 001_initial_schema.sql was never recorded in fixt_migrations, the script now backfills that row and skips re-applying 001, avoiding relation "users" already exists in CI.

0.3.10 — 2026-04-24

Added

npm run db:ping — tests DATABASE_URL (connect + select 1) without printing the password; shows host so you can confirm pooler vs direct.

0.3.9 — 2026-04-24

Changed

Apply remote DB migrations (GitHub Actions) — when CI=true, fail immediately if DATABASE_URL uses Supabase Direct host db.*.supabase.co, with instructions to use Connect → Session pooler instead (IPv4). Workflow comment updated.

0.3.7 — 2026-04-24

Fixed

Remote DB migrations in CI — scripts/apply-pending-supabase-migrations.mjs resolves the Postgres hostname to IPv4 when CI=true (or FORCE_DB_IPV4=true) and sets ssl.servername to the original host so TLS still validates. This fixes GitHub Actions failures: connect ENETUNREACH when the client was using an AAAA (IPv6) target.

0.3.6 — 2026-04-23

Added

GitHub Dependabot — .github/dependabot.yml for weekly npm and GitHub Actions update PRs.
GitHub Action: Apply remote DB migrations — manual workflow_dispatch with confirm: APPLY; uses repository secret DATABASE_URL and runs npm run db:apply-remote (idempotent migrations).
docs/GO_LIVE_ACTION_PLAN.md — ordered go-live checklist (secrets, DB, Vercel, smoke, Coming Soon, security).

Changed

Next.js — patch bump 14.2.21 → 14.2.35 and matching eslint-config-next (addresses several published advisories in the 14.2 line; run npm audit after merges).

0.3.5 — 2026-04-23

Changed

Vercel Cron — vercel.json schedule is 0 8 * * * (once per day at 08:00 UTC). Vercel Hobby only allows one cron invocation per day; the previous hourly schedule (0 * * * *) requires Pro for multiple runs. For more frequent ticks, upgrade Vercel or trigger /api/cron/agents/tick from another scheduler (e.g. admin “orchestrator tick”).

0.3.4 — 2026-04-22

Fixed

Coming Soon + APIs — when COMING_SOON_MODE is on, all /api/* routes bypass the marketing lock redirect. This fixes RSC “Failed to fetch” and JSON parse errors (HTML from /coming-soon), and lets Vercel Cron reach /api/cron/agents/tick with 401/503 instead of 307 → /coming-soon. Auth/roles remain enforced in each route handler.

0.3.3 — 2026-04-22

Added

Vercel Cron — hourly GET /api/cron/agents/tick (configure CRON_SECRET; Vercel sends Authorization: Bearer …). Middleware allowlists /api/cron/* during Coming Soon.
Approval notifications — optional AGENT_NOTIFY_EMAIL + RESEND_API_KEY / RESEND_FROM_EMAIL send an ops email when a task is approved (failures logged to agent_operations).
Safe auto-apply — Paperclip digest proposal includes auto_apply_safe: true; on approve, a draft row is inserted into email_broadcasts with status: draft_saved and recipient_count: 0 (no recipients, no send).

Changed

PWA install prompt — listens for fixt-show-pwa-install; shows a desktop install hint when beforeinstallprompt never fires; session dismiss so repeat visits are not spammed; higher z-index.
Footer — “Get the app” buttons (Windows / iOS / Android) under the logo trigger the install prompt.

0.3.2 — 2026-04-22

Added

Admin → Agents (/admin/agents) — oversee logical agent workers, task queue, audit log; run orchestrator tick; assign manual tasks; approve/reject/dismiss tasks (same semantics as workbench).
APIs under /api/admin/agents/* — workers roster + status (activate / suspend / terminate), tasks CRUD-style queue, operations feed, orchestrator tick (admin session).
Migration 012_agent_workers_and_operations.sql — agent_workers, agent_operations, agent_tasks.assigned_worker_id; seeds default Hermes / Paperclip / Core workers.
Orchestrator enqueue — proposals auto-assign an active worker by persona when workers exist; experience bumps on approved tasks (and small penalty on reject).

Important (product + legal)

Zero-human autonomous business (unsupervised money movement, deploys, legal hiring/firing of people, self-modifying production without oversight) is not supported and would be unsafe. This release is a supervised “digital workforce” UI: humans remain accountable; workers are logical agents, not employees.

0.3.1 — 2026-04-21

Added

/changelog — public page that renders root CHANGELOG.md plus current semver from package.json.
Footer build stamp — v{version} + link to Changelog on the marketing footer.
/icon-512 — 512×512 high-contrast favicon / PWA icon; metadata.icons and manifest reference it for clearer tab / home-screen marks.
npm run qa:prod-beta — extended HTTP smoke (scripts/prod-extended-smoke.mjs): more marketing routes + GET /changelog + HEAD /icon + HEAD /icon-512.
NEXT_PUBLIC_SUPPORT_PHONE (optional) — E.164 public line for Footer + Contact; falls back to existing number when unset.
Admin dashboard — version strip + links to Changelog and operator workbench; notes on human-in-the-loop agents vs autonomous self-heal.
/admin/settings — redirects to /admin/dashboard so the sidebar item does not 404 until a real settings page exists.

Changed

Favicon (/icon, /apple-icon) — bolder monogram on dark gold ring for better visibility at small sizes.

0.3.0 — 2026-04-19

Added

5,200+ DIY placeholder rows — migration 010_diy_bulk_seed.sql (tagged fixt-bulk-seed-v1 + CC BY-SA reference links for editorial replacement). Apply with npm run db:apply-remote / supabase db push.
Wikibooks import helper — scripts/import-wikibooks-diy.mjs + npm run diy:wikibooks-sample (MediaWiki API, attribution fields). See docs/DIY_CONTENT_PIPELINE.md.
Supervised Fixt Orchestrator — src/lib/agents/fixt-orchestrator.ts, agent_tasks table (011_agent_tasks.sql), workbench APIs: GET /api/workbench/agent-tasks, PATCH /api/workbench/agent-tasks/:id, POST /api/workbench/agents/tick. UI on /workbench/fxt-a9m2k7 to approve/reject. No autonomous hire/fire, payroll, schema, or deploy paths; FIXT_AGENT_AUTONOMY=destructive is rejected.
Android native project — npx cap add android committed under mobile/android/ (removed android/ from mobile/.gitignore). Store copy drafts in store/.
Store listing drafts — store/android-play-listing.md, store/ios-app-store-listing.md.

Changed

Coming Soon API allowlist prefixes /api/workbench/*.

0.2.1 — 2026-04-19

Added

Capacitor shell in mobile/ (iOS/Android WebView loading the live Next app via server.url). See docs/MOBILE_CAPACITOR.md. Root scripts: mobile:install, mobile:sync, mobile:ios, mobile:android.

Fixed

GET /api/public/profiles/:id for homeowners: when SUPABASE_SERVICE_ROLE_KEY is set on the server, job aggregates use the service client so counts are not under-counted by anonymous RLS. Response includes stats_scope (full | rls_limited).

0.2.0 — 2026-04-19

Added

Social deep links: NEXT_PUBLIC_WHATSAPP_URL and NEXT_PUBLIC_TELEGRAM_URL wired in Footer, Contact, and Agent page.
Fixt DIY Library: /guides and /guides/* require sign-in; /api/guides endpoints require auth. Footer link “Fixt DIY Library”.
Obscured operator workbench at /workbench/fxt-a9m2k7 (not /admin) with env-based username/password and signed cookie (FIXT_WORKBENCH_USER, FIXT_WORKBENCH_PASSWORD, FIXT_WORKBENCH_SECRET). Stub “Hermes / Paperclip” agent panel via GET /api/workbench/agents.
APIs: GET /api/fixers/rankings (city, category, composite score + Fixt experience tier), GET /api/public/profiles/:id (fixer or homeowner analytics), POST /api/jobs/:id/verify-completion (AI before/after advisory before escrow release).
Fixt API CLI: scripts/fixt-api.mjs for scripted HTTP calls with X-Fixt-Client header.
HTTP branding: all /api/* responses get X-Fixt-API: 1 and X-Fixt-Product: Fixt from middleware.
Nav + favicon: Logo supports inline /icon mark; root metadata.icons points at /icon and /apple-icon; desktop nav uses equal-width CSS grid columns.
Homeowner job flow: Chat links to /homeowner/messages?job=… with auto-select; “Run AI before/after check” calls verify-completion.

Changed

Removed duplicate CTAs under “How Fixt Works” (Post job / Apply / Compare) — those actions remain in the hero and platform sections.
Removed /guides from sitemap.xml output (auth-gated content).

Not shipped (by design)

Bulk synthetic DIY content, scraped third-party repair data, fake homeowner emails, or gallery images copied from other sites.
Fully autonomous agents that modify production code, hire or fire staff, or move money without human controls.

Mobile

PWA: existing manifest.webmanifest + install flow.
Native shell (v0.2.1+): Capacitor project under mobile/ for App Store / Play wrappers.