KamoCRM

Live Change Log

See what we're building, in real-time. Every feature, fix, and improvement shipped across the platform.

July 18, 2026
FixSecurityService

LoanTransactionService ctor gained LeadRealtimePublisher param

assignLoanOfficer now publishes the chat-routing event, so the service ctor takes a 10th arg (LeadRealtimePublisher). Update the unit test's direct instantiatio...

Kamo·4h ago
Fixkamo-internal

Resolve the k1m1 npm registry host inside the build container

kamo-internal has not deployed since 2026-07-16: every build died in npm ci with ENOTFOUND k1m1 while fetching the private @kamo/* packages, which package-lock....

kamo·4h ago
FeatureSecurityService

Auto-provision platform-managed MLOS chat + serve site key by host

- ManagedChatIntegrationService: lazily mint the org's platform-managed SPECIFIC_AGENT WebChatIntegration on first access. KamoMLOS is first-party: org resolv...

Kamo·5h ago
FeatureMediaService

Verify routing token, persist leadUid, reassign chat on lead move

- createSupportSession takes a signed routingToken (not preferredAgentMemberId); verified via ChatRoutingTokenCodec + cluster internal.auth.secret, enforces ...

Kamo·5h ago
Featurekamo-shared-library

Signed agent-routing token + lead-reassignment propagation

Foundation for making the reusable public-chat widget handle the KamoMLOS borrower->loan-officer variant securely, and for propagating lead reassignment into an...

Kamo·5h ago
FixAIService

Try the next model when a vision model rejects the image

Probing production again after the modality fix, routing moved from a text-to-speech model to o3-mini — an o-series reasoning model that also takes no image inp...

Kamo·5h ago
FixAIService

Stop routing vision to text-to-speech models

Found by probing production: org 1188756624575266822's vision calls resolved to gpt-4o-mini-tts-2025-03-20 — a TEXT-TO-SPEECH model — so every vision call retur...

Kamo·5h ago
Refactorkamo-internal

Use next-intl keys for the Mobile Devices strings

Swaps the literal labels added with the Devices sub-tabs for **************** and .mobileDevices.* keys, now published in the translation dictionary (CI fans th...

kamo·5h ago
Refactorkamo-internal

Fold Document QC into Documents & Conditions; PDF ingest notices

Document QC had its own steward screen for work that is the same documents, on the same loans, done by the same reviewer. Splitting it across two tabs made some...

kamo·5h ago
FeatureSecurityService

Expose vision capability so the console can explain a missing provider

PDF rate sheets are read by the org's configured vision provider. When none is configured the AI call fails the same way a model error does, so the console had ...

Kamo·5h ago
FeatureAIService

Inline image vision + tier fallback that prefers stronger over weaker

Two limits made org-configured vision unusable for whole classes of caller. 1. Vision was URL-ONLY. Every caller had to stand up public, provider-fetchable ser...

Kamo·5h ago
Featurekamo-internal

Split Devices into "Phone System(s) Devices" + "Mobile Devices"

The Devices tab now has two sub-tabs. The existing PBX/softphone hardware table moves under "Phone System(s) Devices" unchanged; the new "Mobile Devices" tab M...

kamo·5h ago
FeatureSecurityService

Org-admin endpoints for mobile device policy + enrolled devices

Backs the new "Mobile Devices" sub-tab under Settings → Features → Phone → Devices (its sibling "Phone System(s) Devices" stays on VOIPService and covers - GET...

Kamo·5h ago
Featurekamo-internal

Ingestion panel accepts spreadsheets, not just CSV

The extractor now reads .xlsx/.xls and sniffs the format from the file itself, so the picker no longer restricts to CSV and the copy says plainly what is readab...

kamo·6h ago
Featurekamo-internal

Steward Ingestion tab + the Catalog/Identifier proxy routes that were missing

Rate-sheet ingestion existed end-to-end in the backend and none of it was reachable. This adds the one surface that walks the whole chain: upload an investor's ...

kamo·6h ago
FixConversionService

A bad assocType index is a 400, not a 500

The upload/register paths indexed ImageAssocType.values() with the client's raw index, so an out-of-range value surfaced as an ArrayIndexOutOfBoundsException (5...

Kamo·6h ago
Featurekamo-shared-library

CATALOG_SOURCE assoc type for MLOS catalog source documents

Investor rate sheets / LLPA + eligibility matrices / lock policies need somewhere to live: the ingest extracts from the blob, and the published rate-sheet versi...

Kamo·6h ago
FeatureSecurityService

Gateway for candidate review + rate-sheet promotion

Exposes the two new catalog promotion writes to the steward console under the existing MLOS steward gate, with organizationId server-stamped from the operator s...

Kamo·6h ago
Featurekamo-shared-library

MobileDevicePolicy — org default + per-member override

personal phone or must be on a company-managed (Android Device Owner enrolled) device: - MobileDevicePolicy enum: PERSONAL_ALLOWED | COMPANY_MANAGED_REQUIRED. ...

Kamo·6h ago
FeatureSecurityService

Steward gateway for ingestion (intake + staging area were unreachable)

MLOSIngestionService had no gateway presence, so no tenant could hand a rate sheet to the extractor and the candidates it stages had no reader on any reachable ...

Kamo·6h ago
Featurekamo-internal

Steward Identifiers tab — resolve an external number to its loan

New Identifiers tab in the mortgage steward console: paste an external number (loan number, MERS MIN, DU/LP/GUS case file, e-sign envelope...) and resolve it ba...

kamo·6h ago
FeatureSecurityService

Identifier gateway — steward can resolve an external number to its loan

MLOSIdentifierService had no gateway, so the typed identifier plane (the routing gate every inbound vendor/agency/AUS/e-sign callback uses) was unreachable from...

Kamo·6h ago
Featurekamo-shared-library

Value-keyed AUS case-file + e-sign envelope finders for identifier owner-delegation

Completes the owner-column lookups the MLOS identifier plane needs to route inbound callbacks: **************** (DU/LP/GUS run handle) and **************** Both...

Kamo·6h ago
Featurekamo-shared-library

Value-keyed loan-identity finders for identifier owner-delegation

The MLOS identifier plane resolves an inbound vendor/agency callback back to a loan; for OWNED_ELSEWHERE types the authoritative value lives on the OWNER's colu...

Kamo·7h ago
Featurekamo-shared-library

CONDITION_ADDED / CONDITION_CLEARED canonical email templates

The borrower-facing half of the conditions loop: two generic checklist templates for the new condition notification consumer. Added to CANONICAL_KEYS with their...

Kamo·8h ago
July 17, 2026
Fixkamo-internal

Filter non-ACTIVE members from live-participant pickers

Defense-in-depth behind the SecurityService gates: never render a non-ACTIVE team member as a selectable/live participant. Add teamMembershipStatus to the membe...

kamo·1d ago
FixMediaService

Exclude non-ACTIVE members from chat participation & routing

A non-ACTIVE **************** member must not appear as, or be targeted as, a live chat participant. Gate every chat path on the shared-lib **************** pre...

Kamo·1d ago
FixSecurityService

Enforce ACTIVE member status on every session & off-boarding path

The ACTIVE-member login gate previously lived only in the password-login controller. Extend it to every session-minting path via the shared-lib ****************...

Kamo·1d ago
Fixkamo-shared-library

Gate live sessions & participation on ACTIVE member status

Add **************** as the single source of truth for the "only ACTIVE members may sign in or appear as a live participant" invariant: base members must be rec...

Kamo·1d ago
FeatureSecurityService

Public pre-auth trial-status endpoint for login/register pill

GET **************** resolves the org by hostname (alias-fallback) and reports whether its account is in an active native trial, reusing **************** (now p...

Kamo·1d ago
Featurekamo-register

Show TRIAL USE ONLY pill above Powered-by for trial orgs

Refactors PoweredByKamo into a fixed column stack and self-fetches /api/trial-status/{host} (proxy to SecurityService public trial-status endpoint), rendering a...

Kamo·1d ago
Featurekamo-login

Show TRIAL USE ONLY pill above Powered-by for trial orgs

Self-fetches /api/trial-status (proxy to SecurityService public trial-status endpoint, resolved by login host) and renders an amber pill above the Powered-by pi...

Kamo·1d ago
Featurekamo-internal

View third-party (loan) documents in the steward requirements review

A steward reviewing a THIRD_PARTY requirement (appraisal/title/flood) can now open the satisfying document. New binary Next.js route streams the per-loan authz'...

kamo·1d ago
FeatureSecurityService

Per-loan third-party (LOAN) document viewer — appraisal/title/flood

Completes the doc-review byte path started with the vault viewer. LOAN-collection imgs (appraisal/title/flood) are refused by the generic imaging endpoints (per...

Kamo·1d ago
Featurekamo-internal

View/Download vault documents in the account docs tab

Turns the conditions/docs stage into a real review loop. The member-documents proxy route now passes through non-JSON (binary) upstream responses instead of tex...

kamo·1d ago
FeatureSecurityService

Per-party vault document viewer — bytes were write-only, now review-able

Uploaded vault documents (pay stub / Gov ID / bank statement) were write-only: the generic imaging byte endpoints refuse ACCOUNT_MEMBER_VAULT (per-party PII loc...

Kamo·1d ago
Featurekamo-internal

Steward Catalog tab — seed a priceable bundle + inspect the catalog

New Catalog tab in the mortgage steward console: seed a tenant's first priceable bundle with REAL investor + product identities (unblocks pricing), and inspect ...

kamo·1d ago
FeatureSecurityService

Catalog gateway — the missing proxy that blocked tenant pricing

Catalog was the ONLY MLOS bounded context with no SecurityService gateway, so a tenant's catalog could never be authored/seeded from the console and BorrowerQuo...

Kamo·1d ago
FixAIService

Load history images via query, not lazy getImages() (WS path)

**************** runs on the WebSocket path (called from AiChatWebSocketHandler), which is NOT an HTTP request, so open-session-in-view does not apply. Iteratin...

Kamo·1d ago
Featurekamo-internal

Loan-sale desk UI — the terminal capital-markets steward screen

LoanSaleDeskPanel in the Capital & Risk Command Center: list investor delivery commitments (status filter), open a commitment **************** and per-commitmen...

kamo·1d ago
FeatureDaemonService

Durable consumer forwards investor purchase to loan-file FUNDED

MlosLoanFundedConsumer subscribes **************** (durable daemon-mlos-loan-funded) and forwards each purchase to SecurityService's /funded pipeline endpoint v...

Kamo·1d ago
FeatureSecurityService

Loan-sale desk proxy + CLOSED->FUNDED pipeline seam

- **************** generalized the eClose seam to a shared advance() + added POST /funded (CLOSED -> FUNDED on investor purchase). Same idempotent/at-least-on...

Kamo·1d ago
Featurekamo-shared-library

Commitment boardedAt + loan-funded event type (loan-sale desk)

- MlosCommitment.boardedAt: in-system marker for a PURCHASED commitment's loans boarded to servicing (the external servicing-system handoff is the blocked leg...

Kamo·1d ago
Featurekamo-shared-library

Commitment/loan-sale desk entities (runtime consumer for the shipped investor config)

Slice 2 foundation for the capital-markets loan-sale desk (doc 08) — the terminal origination stage. The shipped **************** had NO runtime consumer; these...

Kamo·1d ago
FeatureDaemonService

Durable consumer forwards eClose completion to the loan-file pipeline

The DaemonService half of the eClose -> loan-file status seam. New MlosClosingCompletedConsumer subscribes **************** (durable daemon-mlos-closing-complet...

Kamo·1d ago
FeatureSecurityService

EClose completion advances the loan-file status machine (CLEAR_TO_CLOSE -> CLOSED)

Closes the terminal lifecycle seam: a fully executed/notarized/sealed eClose package emitted **************** but NOTHING consumed it, so the loan sat at CLEAR_...

Kamo·1d ago
Featurekamo-shared-library

ClosingArtifact provenance = one-time null->value stamp (enables after-commit eClose dispatch)

Splits the ClosingArtifact @PreUpdate WORM guard so the eClose vendor dispatch can move OUT of the assemble/advance transaction (doc 05 §6): the node commits FI...

Kamo·1d ago
Featurekamo-internal

Per-loan lock recommendation on the lock desk

Surfaces the RCE lock-vs-wait recommendation (Lock / Lock-with-steward-override / Do-not-lock) with rationale + a 'model uncalibrated -> steward decides' note w...

kamo·1d ago
FeatureSecurityService

Proxy the per-loan lock recommendation (read-only)

GET **************** (operator+org gated, org server-stamped) -> the RCE per-loan LOCK/WAIT/BLOCKED recommendation. The commit stays the existing human /locks a...

Kamo·1d ago
Featurekamo-internal

EClose vendor categories on the integrations tab (RON/eNote/eVault/MERS)

Surfaces the four notarized-leg categories with their vendor options (Proof/ DocuSign Notary, DocMagic/Snapdocs, eOriginal/DocMagic, MERS eRegistry/DocMagic) so...

kamo·1d ago
Live Change Log | KamoCRM | KamoCRM