Highlights
Booking watchers (#31)
Team members can now be designated as watchers on a team event type. When a booking lands, watchers get an email with a tokenized "Claim this booking" link — the first watcher to claim it wins. Claimed bookings show up on the watcher's dashboard. Useful for support rotations, account-management teams, and any flow where assignment happens after the customer books.
Cross-timezone booking fix (#33)
A long-standing bug: slot pages showed times correctly in the guest's timezone, but the /book URL carried the host's local time. The booking form re-displayed that host-local time to the guest, and the ICS generator then re-interpreted it as guest-local when emitting UTC — so the confirmed meeting ended up offset by the guest↔host timezone delta. Now the entire flow runs guest-local end-to-end, with a dedicated guest_to_host_local helper on the backend for storage and conflict checks.
Security review hardening
Seven findings from a third-party security review addressed across auth, booking, and token flows.
Event type form redesign
Sections collapsed by default with progressive disclosure, dynamic recaps summarising each section's contents, smooth open/close animations, and pre-filled availability from the user's working-hour defaults.
Collective member exclusion
Opt specific members out of collective team event types from team settings — without removing them from the team.
Other fixes
TRANSP:TRANSPARENTevents no longer block availability- Timezone picker defaults to Midway for unlisted IANA zones; no mismatch banner for equivalent zones
- CalDAV write-back and delete operate on all configured sources per user (not just the first)
- ICS write-back omits
METHODso servers don't double-invite first_slot_onlypersisted correctly on group event type update
See CHANGELOG.md for the full list.